ApiKeyAuthenticator::onAuthenticationFailure() - Code Metrics - Inspection of "Admin customers" - geekhub-php/CheTheatre - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#144)

by Serhii

created 2017-05-29 07:35 UTC

ApiKeyAuthenticator::onAuthenticationFailure() B

↳ Parent: ApiKeyAuthenticator

Complexity

Conditions	2
Paths	2

Size

Total Lines	28
Code Lines	20

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	4
CRAP Score	2.1481

Importance

Changes	2
Bugs	1	Features	1

Metric	Value
cc	2
eloc	20
c	2
b	1
f	1
nc	2
nop	2
dl	0
loc	28
rs	8.8571
ccs	4
cts	6
cp	0.6667
crap	2.1481

<?php

namespace AppBundle\Security;

use AppBundle\Entity\Client;
use Monolog\Logger;
use Doctrine\Common\Persistence\ManagerRegistry;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\User\UserProviderInterface;

class ApiKeyAuthenticator extends AbstractGuardAuthenticator
{
    /**
     * @var ManagerRegistry
     */
    private $registry;
    /**
     * @var Logger
     */
    private $logger;

    public function __construct(ManagerRegistry $registry, Logger $logger)
    {
        $this->registry = $registry;
        $this->logger = $logger;
    }

    /**
     * {@inheritdoc}
     */
    public function getCredentials(Request $request)
    {
        if (!$token = $request->headers->get('API-Key-Token')) {
            return null;
        }

        return array(
            'token' => $token,
        );
    }

    /**
     * {@inheritdoc}
     */
    public function getUser($credentials, UserProviderInterface $userProvider)
    {
        $apiKey = $credentials['token'];

        $user = $this->registry->getRepository('AppBundle:User')
            ->findOneBy(['apiKey' => $apiKey]);

        return $user;
    }

    /**
     * {@inheritdoc}
     */
    public function checkCredentials($credentials, UserInterface $user)
    {
        return true;
    }

    /**
     * {@inheritdoc}
     */
    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
    {
        return null;
    }

    /**
     * {@inheritdoc}
     */
    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
    {
        $data = [
            'code' => '403',
            'message' => 'Forbidden. You don\'t have necessary permissions for the resource',
        ];
        $client = $this->registry->getRepository('AppBundle:Client')
            ->findOneBy(['ip' => $request->getClientIp()]);

        if ($client) {
            $countAttempts = $client->getCountAttempts();
            $client->setCountAttempts(++$countAttempts);
            $this->registry->getManager()->flush();
            $this->writeLogger($client);

            return new JsonResponse($data, Response::HTTP_FORBIDDEN);
        }

        $client = new Client();
        $client->setCountAttempts(1);
        $client->setIp($request->getClientIp());
        $client->setBanned(false);
        $this->registry->getManager()->persist($client);
        $this->registry->getManager()->flush();
        $this->writeLogger($client);

        return new JsonResponse($data, Response::HTTP_FORBIDDEN);
    }

    /**
     * {@inheritdoc}
     */
    public function start(Request $request, AuthenticationException $authException = null)
    {
        $data = [
            'code' => '401',
            'message' => 'Authentication required',
        ];

        return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
    }

    /**
     * {@inheritdoc}
     */
    public function supportsRememberMe()
    {
        return false;
    }

    /**
     * {@inheritdoc}
     */
    private function writeLogger($client)
    {
        if ($client->getCountAttempts() % 50 == 0 || $client->getCountAttempts() == 1) {
            $this->logger->err('403. api_key not valid!');
        }
    }
}


1		<?php
2
3		namespace AppBundle\Security;
4
5		use AppBundle\Entity\Client;
6		use Monolog\Logger;
7		use Doctrine\Common\Persistence\ManagerRegistry;
8		use Symfony\Component\HttpFoundation\Request;
9		use Symfony\Component\HttpFoundation\JsonResponse;
10		use Symfony\Component\HttpFoundation\Response;
11		use Symfony\Component\Security\Core\User\UserInterface;
12		use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
13		use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
14		use Symfony\Component\Security\Core\Exception\AuthenticationException;
15		use Symfony\Component\Security\Core\User\UserProviderInterface;
16
17		class ApiKeyAuthenticator extends AbstractGuardAuthenticator
18		{
19		/**
20		* @var ManagerRegistry
21		*/
22		private $registry;
23		/**
24		* @var Logger
25	87	*/
26		private $logger;
27	87
28	87	public function __construct(ManagerRegistry $registry, Logger $logger)
29		{
30		$this->registry = $registry;
31		$this->logger = $logger;
32		}
33	82
34		/**
35	82	* {@inheritdoc}
36	61	*/
37		public function getCredentials(Request $request)
38		{
39		if (!$token = $request->headers->get('API-Key-Token')) {
40	21	return null;
41		}
42
43		return array(
44		'token' => $token,
45		);
46		}
47	21
48		/**
49	21	* {@inheritdoc}
50		*/
51	21	public function getUser($credentials, UserProviderInterface $userProvider)
52	21	{
53		$apiKey = $credentials['token'];
54	21
55		$user = $this->registry->getRepository('AppBundle:User')
56		->findOneBy(['apiKey' => $apiKey]);
57
58		return $user;
59		}
60	14
61		/**
62	14	* {@inheritdoc}
63		*/
64		public function checkCredentials($credentials, UserInterface $user)
65		{
66		return true;
67		}
68	14
69		/**
70	14	* {@inheritdoc}
71		*/
72		public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
73		{
74		return null;
75		}
76	8
77		/**
78		* {@inheritdoc}
79	8	*/
80		public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
81		{
82		$data = [
83	8	'code' => '403',
84		'message' => 'Forbidden. You don\'t have necessary permissions for the resource',
85		];
86		$client = $this->registry->getRepository('AppBundle:Client')
87		->findOneBy(['ip' => $request->getClientIp()]);
88
89	6	if ($client) {
90		$countAttempts = $client->getCountAttempts();
91		$client->setCountAttempts(++$countAttempts);
92	6	$this->registry->getManager()->flush();
93		$this->writeLogger($client);
94
95		return new JsonResponse($data, Response::HTTP_FORBIDDEN);
96	6	}
97
98		$client = new Client();
99		$client->setCountAttempts(1);
100		$client->setIp($request->getClientIp());
101		$client->setBanned(false);
102		$this->registry->getManager()->persist($client);
103		$this->registry->getManager()->flush();
104		$this->writeLogger($client);
105
106		return new JsonResponse($data, Response::HTTP_FORBIDDEN);
107		}
108
109		/**
110		* {@inheritdoc}
111		*/
112		public function start(Request $request, AuthenticationException $authException = null)
113		{
114		$data = [
115		'code' => '401',
116		'message' => 'Authentication required',
117		];
118
119		return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
120		}
121
122		/**
123		* {@inheritdoc}
124		*/
125		public function supportsRememberMe()
126		{
127		return false;
128		}
129
130		/**
131		* {@inheritdoc}
132		*/
133		private function writeLogger($client)
134		{
135		if ($client->getCountAttempts() % 50 == 0 \|\| $client->getCountAttempts() == 1) {
136		$this->logger->err('403. api_key not valid!');
137		}
138		}
139		}
140

geekhub-php / CheTheatre

Pull Request — master (#144)

ApiKeyAuthenticator::onAuthenticationFailure() B

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like