WebauthnMfa - Code Metrics - Inspection of "Merge pull request #350 from gyselroth/v2.6" - gyselroth/balloon - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( b97427...e235cc )

by Raffael

created 2019-06-25 09:06 UTC

WebauthnMfa A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	58
Duplicated Lines	17.24 %

Coupling/Cohesion

Components	1
Dependencies	1

Test Coverage

Coverage

Importance

Changes

Metric	Value
wmc	9
lcom	1
cbo	1
dl	10
loc	58
ccs	0
cts	25
cp	0
rs	10
c	0
b	0
f	0

3 Methods

Rating	Name	Duplication	Size	Complexity
A	__construct()	0	5	1
A	getQueryStringIdentifier()	0	4	1
B	validateRequest()	10	22	7

How to fix Duplicated Code

<?php

declare(strict_types=1);

/**
 * balloon
 *
 * @copyright   Copryright (c) 2012-2019 gyselroth GmbH (https://gyselroth.com)
 * @license     GPL-3.0 https://opensource.org/licenses/GPL-3.0
 */

namespace Balloon\App\Webauthn\GrantType;

use Balloon\App\Webauthn\RequestChallenge\RequestChallengeFactory;
use Balloon\Hook;
use Balloon\Server;
use Dolondro\GoogleAuthenticator\GoogleAuthenticator;
use Micro\Auth\Auth;
use OAuth2\RequestInterface;
use OAuth2\ResponseInterface;
use Psr\Log\LoggerInterface;
use Webauthn\AuthenticatorAssertionResponseValidator;
use Webauthn\PublicKeyCredentialLoader;

class WebauthnMfa extends Webauthn
{
    /**
     * GoogleAuthenticator.
     *
     * @var GoogleAuthenticator
     */
    protected $authenticator;

    /**
     * User details.
     *
     * @var array
     */

    /**
     * Init.
     */
    public function __construct(RequestChallengeFactory $request_challenge_factory, Server $server, Auth $auth, PublicKeyCredentialLoader $loader, AuthenticatorAssertionResponseValidator $validator, Hook $hook, GoogleAuthenticator $authenticator, LoggerInterface $logger)
    {
        parent::__construct($request_challenge_factory, $server, $auth, $loader, $validator, $hook, $logger);
        $this->authenticator = $authenticator;
    }

    /**
     * {@inheritdoc}
     */
    public function getQueryStringIdentifier()
    {
        return 'webauthn_mfa';
    }

    /**
     * {@inheritdoc}
     */
    public function validateRequest(RequestInterface $request, ResponseInterface $response)
    {
        if (!$request->request('user') || !$request->request('public_key') || !$request->request('challenge') || !$request->request('code')) {

            $response->setError(400, 'invalid_request', 'Missing parameters: "user", "code", "public_key" and "challenge" required');

            return null;
        }

        $result = parent::validateRequest($request, $response);

        if (!isset($this->user['google_auth_secret'])) {
            throw new \LogicException('no google authenticator secret available');
        }

        if ($this->authenticator->authenticate($this->user['google_auth_secret'], $request->request('code')) === false) {

            $response->setError(400, 'invalid_grant', 'Invalid auth code provided');

            return null;
        }

        return $result;
    }
}


1		<?php
2
3		declare(strict_types=1);
4
5		/**
6		* balloon
7		*
8		* @copyright Copryright (c) 2012-2019 gyselroth GmbH (https://gyselroth.com)
9		* @license GPL-3.0 https://opensource.org/licenses/GPL-3.0
10		*/
11
12		namespace Balloon\App\Webauthn\GrantType;
13
14		use Balloon\App\Webauthn\RequestChallenge\RequestChallengeFactory;
15		use Balloon\Hook;
16		use Balloon\Server;
17		use Dolondro\GoogleAuthenticator\GoogleAuthenticator;
18		use Micro\Auth\Auth;
19		use OAuth2\RequestInterface;
20		use OAuth2\ResponseInterface;
21		use Psr\Log\LoggerInterface;
22		use Webauthn\AuthenticatorAssertionResponseValidator;
23		use Webauthn\PublicKeyCredentialLoader;
24
25		class WebauthnMfa extends Webauthn
26		{
27		/**
28		* GoogleAuthenticator.
29		*
30		* @var GoogleAuthenticator
31		*/
32		protected $authenticator;
33
34		/**
35		* User details.
36		*
37		* @var array
38		*/
39
40		/**
41		* Init.
42		*/
43		public function __construct(RequestChallengeFactory $request_challenge_factory, Server $server, Auth $auth, PublicKeyCredentialLoader $loader, AuthenticatorAssertionResponseValidator $validator, Hook $hook, GoogleAuthenticator $authenticator, LoggerInterface $logger)
44		{
45		parent::__construct($request_challenge_factory, $server, $auth, $loader, $validator, $hook, $logger);
46		$this->authenticator = $authenticator;
47		}
48
49		/**
50		* {@inheritdoc}
51		*/
52		public function getQueryStringIdentifier()
53		{
54		return 'webauthn_mfa';
55		}
56
57		/**
58		* {@inheritdoc}
59		*/
60		public function validateRequest(RequestInterface $request, ResponseInterface $response)
61		{
62	View Code Duplication	if (!$request->request('user') \|\| !$request->request('public_key') \|\| !$request->request('challenge') \|\| !$request->request('code')) {
		0 ignored issues – show Duplication introduced 2019-06-25 09:32 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
63		$response->setError(400, 'invalid_request', 'Missing parameters: "user", "code", "public_key" and "challenge" required');
64
65		return null;
66		}
67
68		$result = parent::validateRequest($request, $response);
69
70		if (!isset($this->user['google_auth_secret'])) {
71		throw new \LogicException('no google authenticator secret available');
72		}
73
74	View Code Duplication	if ($this->authenticator->authenticate($this->user['google_auth_secret'], $request->request('code')) === false) {
		0 ignored issues – show Duplication introduced 2019-06-25 09:32 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
75		$response->setError(400, 'invalid_grant', 'Invalid auth code provided');
76
77		return null;
78		}
79
80		return $result;
81		}
82		}
83

gyselroth / balloon

Push — master ( b97427...e235cc )

WebauthnMfa A

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

3 Methods

How to fix Duplicated Code

Duplicated Code

Duplication Side-by-Side

Filter issues like