These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * Created by PhpStorm. |
||
4 | * User: dsmrt |
||
5 | * Date: 1/11/18 |
||
6 | * Time: 8:30 PM |
||
7 | */ |
||
8 | |||
9 | namespace flipbox\saml\sp\services\messages; |
||
10 | |||
11 | |||
12 | use craft\base\Component; |
||
13 | use flipbox\keychain\records\KeyChainRecord; |
||
14 | use flipbox\saml\core\exceptions\InvalidMessage; |
||
15 | use flipbox\saml\core\helpers\SecurityHelper; |
||
16 | use flipbox\saml\sp\Saml; |
||
17 | use LightSaml\Model\Assertion\Assertion; |
||
18 | use LightSaml\Model\Assertion\EncryptedAssertionReader; |
||
19 | use LightSaml\Validator\Model\Assertion\AssertionTimeValidator; |
||
20 | use LightSaml\Validator\Model\Assertion\AssertionValidator; |
||
21 | use LightSaml\Validator\Model\NameId\NameIdValidator; |
||
22 | use LightSaml\Validator\Model\Statement\StatementValidator; |
||
23 | use LightSaml\Validator\Model\Subject\SubjectValidator; |
||
24 | |||
25 | class Response extends Component |
||
26 | { |
||
27 | |||
28 | /** |
||
29 | * @param Assertion $assertion |
||
30 | * @return bool |
||
31 | */ |
||
32 | public function isValidTimeAssertion(Assertion $assertion) |
||
33 | { |
||
34 | $validator = new AssertionTimeValidator(); |
||
35 | $validator->validateTimeRestrictions($assertion, (new \DateTime())->getTimestamp(), 0); |
||
36 | return true; |
||
37 | } |
||
38 | |||
39 | /** |
||
40 | * @param Assertion $assertion |
||
41 | * @return bool |
||
42 | */ |
||
43 | public function isValidAssertion(Assertion $assertion) |
||
44 | { |
||
45 | $nameValidator = new NameIdValidator; |
||
46 | $validator = new AssertionValidator( |
||
47 | $nameValidator, |
||
48 | new SubjectValidator($nameValidator), |
||
49 | new StatementValidator |
||
50 | ); |
||
51 | |||
52 | $validator->validateAssertion($assertion); |
||
53 | |||
54 | return true; |
||
55 | } |
||
56 | |||
57 | |||
58 | /** |
||
59 | * @param KeyChainRecord $chainRecord |
||
0 ignored issues
–
show
|
|||
60 | * @param EncryptedAssertionReader $encryptedAssertion |
||
0 ignored issues
–
show
There is no parameter named
$encryptedAssertion . Was it maybe removed?
This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. Consider the following example. The parameter /**
* @param array $germany
* @param array $island
* @param array $italy
*/
function finale($germany, $island) {
return "2:1";
}
The most likely cause is that the parameter was removed, but the annotation was not.
Loading history...
|
|||
61 | */ |
||
62 | public function decryptAssertions(\LightSaml\Model\Protocol\Response $response, KeyChainRecord $keyChainRecord) |
||
63 | { |
||
64 | $credential = SecurityHelper::createCredential($keyChainRecord); |
||
65 | |||
66 | $decryptDeserializeContext = new \LightSaml\Model\Context\DeserializationContext(); |
||
67 | |||
68 | /** @var \LightSaml\Model\Assertion\EncryptedAssertionReader $encryptedAssertion */ |
||
69 | foreach ($response->getAllEncryptedAssertions() as $encryptedAssertion) { |
||
70 | $response->addAssertion( |
||
71 | $encryptedAssertion->decryptMultiAssertion([$credential], $decryptDeserializeContext) |
||
0 ignored issues
–
show
It seems like you code against a specific sub-type and not the parent class
LightSaml\Model\Assertion\EncryptedElement as the method decryptMultiAssertion() does only exist in the following sub-classes of LightSaml\Model\Assertion\EncryptedElement : LightSaml\Model\Assertion\EncryptedAssertionReader . Maybe you want to instanceof check for one of these explicitly?
Let’s take a look at an example: abstract class User
{
/** @return string */
abstract public function getPassword();
}
class MyUser extends User
{
public function getPassword()
{
// return something
}
public function getDisplayName()
{
// return some name.
}
}
class AuthSystem
{
public function authenticate(User $user)
{
$this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
// do something.
}
}
In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different sub-classes of User which does not have a getDisplayName() method, the code will break. Available Fixes
Note: PHP Analyzer uses reverse abstract interpretation to narrow down the types
inside the if block in such a case.
Loading history...
|
|||
72 | ); |
||
73 | } |
||
74 | |||
75 | } |
||
76 | } |
This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. It has, however, found a similar but not annotated parameter which might be a good fit.
Consider the following example. The parameter
$ireland
is not defined by the methodfinale(...)
.The most likely cause is that the parameter was changed, but the annotation was not.