VerifyHmac::for() - Code Metrics - ganbarodigital/php-mv-messaging-pipeline - Measure and Improve Code Quality continuously with Scrutinizer

VerifyHmac::for() A
last analyzed 2017-04-07 21:33 UTC

↳ Parent: VerifyHmac

Complexity

Conditions	2
Paths	2

Size

Total Lines	10
Code Lines	4

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	10
rs	9.4285
c	0
b	0
f	0
cc	2
eloc	4
nc	2
nop	4

<?php

declare(strict_types=1);

/**
 * Copyright (c) 2017-present Ganbaro Digital Ltd
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 *   * Redistributions of source code must retain the above copyright
 *     notice, this list of conditions and the following disclaimer.
 *
 *   * Redistributions in binary form must reproduce the above copyright
 *     notice, this list of conditions and the following disclaimer in
 *     the documentation and/or other materials provided with the
 *     distribution.
 *
 *   * Neither the names of the copyright holders nor the names of his
 *     contributors may be used to endorse or promote products derived
 *     from this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
 * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 *
 * @category  Libraries
 * @package   MessagingPipeline/Operations
 * @author    Stuart Herbert <[email protected]>
 * @copyright 2017-present Ganbaro Digital Ltd www.ganbarodigital.com
 * @license   http://www.opensource.org/licenses/bsd-license.php  BSD License
 * @link      http://ganbarodigital.github.io/php-mv-messaging-pipeline
 */

namespace GanbaroDigital\MessagingPipeline\V1\Operations;

use GanbaroDigital\MessagingPipeline\V1\Exceptions\HmacVerificationFailed;

/**
 * make sure that the message's hashed authentication code (HMAC) is
 * acceptable to us
 */
class VerifyHmac
{
    /**
     * make sure that the message's hashed authentication code (HMAC) is
     * acceptable to us
     *
     * @param  string $message
     *         the message to examine
     * @param  string $expectedHmac
     *         the HMAC that was originally attached to $message
     * @param  string $hashAlgo
     *         the hash algorithm to use to calcuate the HMAC
     * @param  string $key
     *         a shared, secret password
     * @return void
     *
     * @throws UnsupportedHmacAlgorithm
     *         if $hashAlgo isn't supported by our PHP runtime
     * @throws HmacVerificationFailed
     *         if the HMAC attached to $message doesn't match what we expect
     *         (strongly suggests $message has been tampered with)
     */
    public static function for(string $message, $expectedHmac, string $hashAlgo, string $key)

    {
        // has the message been tampered with?
        $actualHmac = CalculateHmac::for($message, $hashAlgo, $key);
// $a must always be passed; it's default value is never used.
function someFunction($a = 5, $b) { }
        if ($expectedHmac !== $actualHmac) {
class A {
    var $property;
}
            throw HmacVerificationFailed::newFromInputParameter($message, '$message');
        }

        // if we get here, then the signature is verified
    }
}

1			<?php
2
3			declare(strict_types=1);
4
5			/**
6			* Copyright (c) 2017-present Ganbaro Digital Ltd
7			* All rights reserved.
8			*
9			* Redistribution and use in source and binary forms, with or without
10			* modification, are permitted provided that the following conditions
11			* are met:
12			*
13			* * Redistributions of source code must retain the above copyright
14			* notice, this list of conditions and the following disclaimer.
15			*
16			* * Redistributions in binary form must reproduce the above copyright
17			* notice, this list of conditions and the following disclaimer in
18			* the documentation and/or other materials provided with the
19			* distribution.
20			*
21			* * Neither the names of the copyright holders nor the names of his
22			* contributors may be used to endorse or promote products derived
23			* from this software without specific prior written permission.
24			*
25			* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
26			* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
27			* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
28			* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
29			* COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
30			* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
31			* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
32			* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
33			* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34			* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
35			* ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
36			* POSSIBILITY OF SUCH DAMAGE.
37			*
38			* @category Libraries
39			* @package MessagingPipeline/Operations
40			* @author Stuart Herbert <[email protected]>
41			* @copyright 2017-present Ganbaro Digital Ltd www.ganbarodigital.com
42			* @license http://www.opensource.org/licenses/bsd-license.php BSD License
43			* @link http://ganbarodigital.github.io/php-mv-messaging-pipeline
44			*/
45
46			namespace GanbaroDigital\MessagingPipeline\V1\Operations;
47
48			use GanbaroDigital\MessagingPipeline\V1\Exceptions\HmacVerificationFailed;
49
50			/**
51			* make sure that the message's hashed authentication code (HMAC) is
52			* acceptable to us
53			*/
54			class VerifyHmac
55			{
56			/**
57			* make sure that the message's hashed authentication code (HMAC) is
58			* acceptable to us
59			*
60			* @param string $message
61			* the message to examine
62			* @param string $expectedHmac
63			* the HMAC that was originally attached to $message
64			* @param string $hashAlgo
65			* the hash algorithm to use to calcuate the HMAC
66			* @param string $key
67			* a shared, secret password
68			* @return void
69			*
70			* @throws UnsupportedHmacAlgorithm
71			* if $hashAlgo isn't supported by our PHP runtime
72			* @throws HmacVerificationFailed
73			* if the HMAC attached to $message doesn't match what we expect
74			* (strongly suggests $message has been tampered with)
75			*/
76			public static function for(string $message, $expectedHmac, string $hashAlgo, string $key)
			0 ignored issues – show Coding Style introduced 2017-04-05 14:26 UTC by Report Bug Copy Issue Report Possible parse error: non-abstract method defined as abstract Loading history... Coding Style introduced 2017-04-05 14:26 UTC by Report Bug Copy Issue Report It is generally advisable to only define one property per statement. Only declaring a single property per statement allows you to later on add doc comments more easily. It is also recommended by PSR2, so it is a common style that many people expect. Loading history...
77			{
78			// has the message been tampered with?
79			$actualHmac = CalculateHmac::for($message, $hashAlgo, $key);
			0 ignored issues – show Coding Style introduced 2017-04-05 18:22 UTC by Report Bug Copy Issue Report Parameters which have default values should be placed at the end. If you place a parameter with a default value before a parameter with a default value, the default value of the first parameter will never be used as it will always need to be passed anyway: // $a must always be passed; it's default value is never used. function someFunction($a = 5, $b) { } Loading history...
80			if ($expectedHmac !== $actualHmac) {
			0 ignored issues – show Coding Style introduced 2017-04-05 14:26 UTC by Report Bug Copy Issue Report It is generally advisable to only define one property per statement. Only declaring a single property per statement allows you to later on add doc comments more easily. It is also recommended by PSR2, so it is a common style that many people expect. Loading history... Coding Style introduced 2017-04-05 14:26 UTC by Report Bug Copy Issue Report The visibility should be declared for property `$expectedHmac`. The PSR-2 coding standard requires that all properties in a class have their visibility explicitly declared. If you declare a property using class A { var $property; } the property is implicitly global. To learn more about the PSR-2, please see the PHP-FIG site on the PSR-2. Loading history...
81			throw HmacVerificationFailed::newFromInputParameter($message, '$message');
82			}
83
84			// if we get here, then the signature is verified
85			}
86			}

ganbarodigital / php-mv-messaging-pipeline

VerifyHmac::for() A last analyzed 2017-04-07 21:33 UTC

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like

VerifyHmac::for() A
last analyzed 2017-04-07 21:33 UTC