ApiKeyAuthenticator::onAuthenticationFailure() - Code Metrics - Inspection of "Admin customers" - geekhub-php/CheTheatre - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#144)

unknown

created 2017-06-27 03:41 UTC

ApiKeyAuthenticator::onAuthenticationFailure() B

↳ Parent: ApiKeyAuthenticator

Complexity

Conditions	2
Paths	2

Size

Total Lines	27
Code Lines	20

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	4
CRAP Score	2.1481

Importance

Changes	2
Bugs	1	Features	1

Metric	Value
cc	2
eloc	20
c	2
b	1
f	1
nc	2
nop	2
dl	0
loc	27
ccs	4
cts	6
cp	0.6667
crap	2.1481
rs	8.8571

<?php

namespace AppBundle\Security;

use AppBundle\Entity\Client;
use Monolog\Logger;
use Doctrine\Common\Persistence\ManagerRegistry;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\User\UserProviderInterface;

class ApiKeyAuthenticator extends AbstractGuardAuthenticator
{
    /**
     * @var ManagerRegistry
     */
    private $registry;
    /**
     * @var Logger
     */
    private $logger;

    public function __construct(ManagerRegistry $registry, Logger $logger)
    {
        $this->registry = $registry;
        $this->logger = $logger;
    }

    /**
     * {@inheritdoc}
     */
    public function getCredentials(Request $request)
    {
        if (!$token = $request->headers->get('API-Key-Token')) {
            return null;
        }

        return array(
            'token' => $token,
        );
    }

    /**
     * {@inheritdoc}
     */
    public function getUser($credentials, UserProviderInterface $userProvider)
    {
        $apiKey = $credentials['token'];

        $user = $this->registry->getRepository('AppBundle:User')
            ->findOneBy(['apiKey' => $apiKey]);

        return $user;
    }

    /**
     * {@inheritdoc}
     */
    public function checkCredentials($credentials, UserInterface $user)
    {
        return true;
    }

    /**
     * {@inheritdoc}
     */
    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
    {
        return null;
    }

    /**
     * {@inheritdoc}
     */
    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
    {
        $data = [
            'code' => '403',
            'message' => 'Forbidden. You don\'t have necessary permissions for the resource',
        ];
        $client = $this->registry->getRepository('AppBundle:Client')
            ->findOneBy(['ip' => $request->getClientIp()]);
        if ($client) {
            $countAttempts = $client->getCountAttempts();
            $client->setCountAttempts(++$countAttempts);
            $this->registry->getManager()->flush();
            $this->writeLogger($client);

            return new JsonResponse($data, Response::HTTP_FORBIDDEN);
        }

        $client = new Client();
        $client->setCountAttempts(1);
        $client->setIp($request->getClientIp());
        $client->setBanned(false);
        $this->registry->getManager()->persist($client);
        $this->registry->getManager()->flush();
        $this->writeLogger($client);

        return new JsonResponse($data, Response::HTTP_FORBIDDEN);
    }

    /**
     * {@inheritdoc}
     */
    public function start(Request $request, AuthenticationException $authException = null)
    {
        $data = [
            'code' => '401',
            'message' => 'Authentication required',
        ];

        return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
    }

    /**
     * {@inheritdoc}
     */
    public function supportsRememberMe()
    {
        return false;
    }

    /**
     * {@inheritdoc}
     */
    private function writeLogger($client)
    {
        if ($client->getCountAttempts() % 50 == 0 || $client->getCountAttempts() == 1) {
            $this->logger->err('403. api_key not valid!');
        }
    }
}


1		<?php
2
3		namespace AppBundle\Security;
4
5		use AppBundle\Entity\Client;
6		use Monolog\Logger;
7		use Doctrine\Common\Persistence\ManagerRegistry;
8		use Symfony\Component\HttpFoundation\Request;
9		use Symfony\Component\HttpFoundation\JsonResponse;
10		use Symfony\Component\HttpFoundation\Response;
11		use Symfony\Component\Security\Core\User\UserInterface;
12		use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
13		use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
14		use Symfony\Component\Security\Core\Exception\AuthenticationException;
15		use Symfony\Component\Security\Core\User\UserProviderInterface;
16
17		class ApiKeyAuthenticator extends AbstractGuardAuthenticator
18		{
19		/**
20		* @var ManagerRegistry
21		*/
22		private $registry;
23		/**
24		* @var Logger
25	87	*/
26		private $logger;
27	87
28	87	public function __construct(ManagerRegistry $registry, Logger $logger)
29		{
30		$this->registry = $registry;
31		$this->logger = $logger;
32		}
33	82
34		/**
35	82	* {@inheritdoc}
36	61	*/
37		public function getCredentials(Request $request)
38		{
39		if (!$token = $request->headers->get('API-Key-Token')) {
40	21	return null;
41		}
42
43		return array(
44		'token' => $token,
45		);
46		}
47	21
48		/**
49	21	* {@inheritdoc}
50		*/
51	21	public function getUser($credentials, UserProviderInterface $userProvider)
52	21	{
53		$apiKey = $credentials['token'];
54	21
55		$user = $this->registry->getRepository('AppBundle:User')
56		->findOneBy(['apiKey' => $apiKey]);
57
58		return $user;
59		}
60	14
61		/**
62	14	* {@inheritdoc}
63		*/
64		public function checkCredentials($credentials, UserInterface $user)
65		{
66		return true;
67		}
68	14
69		/**
70	14	* {@inheritdoc}
71		*/
72		public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
73		{
74		return null;
75		}
76	8
77		/**
78		* {@inheritdoc}
79	8	*/
80		public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
81		{
82		$data = [
83	8	'code' => '403',
84		'message' => 'Forbidden. You don\'t have necessary permissions for the resource',
85		];
86		$client = $this->registry->getRepository('AppBundle:Client')
87		->findOneBy(['ip' => $request->getClientIp()]);
88		if ($client) {
89	6	$countAttempts = $client->getCountAttempts();
90		$client->setCountAttempts(++$countAttempts);
91		$this->registry->getManager()->flush();
92	6	$this->writeLogger($client);
93
94		return new JsonResponse($data, Response::HTTP_FORBIDDEN);
95		}
96	6
97		$client = new Client();
98		$client->setCountAttempts(1);
99		$client->setIp($request->getClientIp());
100		$client->setBanned(false);
101		$this->registry->getManager()->persist($client);
102		$this->registry->getManager()->flush();
103		$this->writeLogger($client);
104
105		return new JsonResponse($data, Response::HTTP_FORBIDDEN);
106		}
107
108		/**
109		* {@inheritdoc}
110		*/
111		public function start(Request $request, AuthenticationException $authException = null)
112		{
113		$data = [
114		'code' => '401',
115		'message' => 'Authentication required',
116		];
117
118		return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
119		}
120
121		/**
122		* {@inheritdoc}
123		*/
124		public function supportsRememberMe()
125		{
126		return false;
127		}
128
129		/**
130		* {@inheritdoc}
131		*/
132		private function writeLogger($client)
133		{
134		if ($client->getCountAttempts() % 50 == 0 \|\| $client->getCountAttempts() == 1) {
135		$this->logger->err('403. api_key not valid!');
136		}
137		}
138		}
139

geekhub-php / CheTheatre

Pull Request — master (#144)

ApiKeyAuthenticator::onAuthenticationFailure() B

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like