Webauthn::validateRequest() - Code Metrics - Inspection of "Merge pull request #350 from gyselroth/v2.6" - gyselroth/balloon - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( b97427...e235cc )

by Raffael

created 2019-06-25 09:06 UTC

Webauthn::validateRequest() B

↳ Parent: Webauthn

Complexity

Conditions	6
Paths	4

Size

Total Lines

Duplication

Lines	5
Ratio	9.62 %

Code Coverage

Tests	0
CRAP Score	42

Importance

Changes

Metric	Value
dl	5
loc	52
ccs	0
cts	38
cp	0
rs	8.425
c	0
b	0
f	0
cc	6
nc	4
nop	2
crap	42

How to fix Long Method

<?php

declare(strict_types=1);

/**
 * balloon
 *
 * @copyright   Copryright (c) 2012-2019 gyselroth GmbH (https://gyselroth.com)
 * @license     GPL-3.0 https://opensource.org/licenses/GPL-3.0
 */

namespace Balloon\App\Webauthn\GrantType;

use Balloon\App\Webauthn\RequestChallenge\RequestChallengeFactory;
use Balloon\Hook;
use Balloon\Server;
use Micro\Auth\Adapter\None as AdapterNone;
use Micro\Auth\Auth;
use MongoDB\BSON\ObjectId;
use OAuth2\GrantType\GrantTypeInterface;
use OAuth2\RequestInterface;
use OAuth2\ResponseInterface;
use OAuth2\ResponseType\AccessTokenInterface;
use Psr\Log\LoggerInterface;
use Webauthn\AuthenticatorAssertionResponse;
use Webauthn\AuthenticatorAssertionResponseValidator;
use Webauthn\PublicKeyCredentialLoader;

class Webauthn implements GrantTypeInterface
{
    /**
     * Challenge factory.
     *
     * @var RequestChallengeFactory
     */
    protected $request_challenge_factory;

    /**
     * Server.
     *
     * @var Server
     */
    protected $server;

    /**
     * Validator.
     *
     * @var AuthenticatorAssertionResponseValidator
     */
    protected $validator;

    /**
     * Publickey load.
     *
     * @var PublicKeyCredentialLoader
     */
    protected $loader;

    /**
     * Hook.
     *
     * @var Hook
     */
    protected $hook;

    /**
     * Logger.
     *
     * @var LoggerInterface
     */
    protected $logger;

    /**
     * Auth.
     *
     * @var Auth
     */
    protected $auth;

    /**
     * User details.
     *
     * @var array
     */
    protected $user = [];

    /**
     * Init.
     */
    public function __construct(RequestChallengeFactory $request_challenge_factory, Server $server, Auth $auth, PublicKeyCredentialLoader $loader, AuthenticatorAssertionResponseValidator $validator, Hook $hook, LoggerInterface $logger)
    {
        $this->request_challenge_factory = $request_challenge_factory;
        $this->server = $server;
        $this->validator = $validator;
        $this->loader = $loader;
        $this->auth = $auth;
        $this->hook = $hook;
        $this->logger = $logger;
    }

    /**
     * {@inheritdoc}
     */
    public function getQueryStringIdentifier()
    {
        return 'webauthn';
    }

    /**
     * {@inheritdoc}
     */
    public function validateRequest(RequestInterface $request, ResponseInterface $response)
    {
        if (!$request->request('user') || !$request->request('public_key') || !$request->request('challenge')) {

            $response->setError(400, 'invalid_request', 'Missing parameters: "user", "public_key" and "challenge" required');

            return null;
        }

        $user = $request->request('user');
        $data = $request->request('public_key');

        // Retrieve the Options passed to the device
        $publicKeyCredentialRequestOptions = $this->request_challenge_factory->getOne(new ObjectId($request->request('challenge')));

        $psr7Request = \Zend\Diactoros\ServerRequestFactory::fromGlobals();

        // Load the data
        $publicKeyCredential = $this->loader->load(json_encode($data));
        $result = $publicKeyCredential->getResponse();

        // Check if the response is an Authenticator Assertion Response
        if (!$result instanceof AuthenticatorAssertionResponse) {
if ($x instanceof DoesNotExist) {
    // Do something.
}
            throw new \RuntimeException('Not an authenticator assertion response');
        }

        try {
            $this->validator->check(
                $publicKeyCredential->getRawId(),
                $publicKeyCredential->getResponse(),
                $publicKeyCredentialRequestOptions,
                $psr7Request,
                $user
            );
        } catch (\Exception $e) {
            $this->logger->error('failed to authenticate device', [
                'category' => get_class($this),
                'exception' => $e,
            ]);

            $response->setError(401, 'invalid_grant', 'device could not be authenticated: '.$e->getMessage());
        }

        $identity = $this->auth->createIdentity(new AdapterNone());
        $user = $this->server->getUserById(new ObjectId($request->request('user')));
        $this->hook->run('preServerIdentity', [$identity, &$user]);

        $user = $user->getAttributes();
        $user['user_id'] = $user['username'];
        $this->user = $user;

        return true;
    }

    /**
     * {@inheritdoc}
     */
    public function getClientId()
    {
        return null;
    }

    /**
     * {@inheritdoc}
     */
    public function getUserId()
    {
        return $this->user['user_id'];
    }

    /**
     * {@inheritdoc}
     */
    public function getScope()
    {
        return isset($this->user['scope']) ? $this->user['scope'] : null;
    }

    /**
     * {@inheritdoc}
     */
    public function createAccessToken(AccessTokenInterface $accessToken, $client_id, $user_id, $scope)
    {
        return $accessToken->createAccessToken($client_id, $user_id, $scope);
    }
}


1		<?php
2
3		declare(strict_types=1);
4
5		/**
6		* balloon
7		*
8		* @copyright Copryright (c) 2012-2019 gyselroth GmbH (https://gyselroth.com)
9		* @license GPL-3.0 https://opensource.org/licenses/GPL-3.0
10		*/
11
12		namespace Balloon\App\Webauthn\GrantType;
13
14		use Balloon\App\Webauthn\RequestChallenge\RequestChallengeFactory;
15		use Balloon\Hook;
16		use Balloon\Server;
17		use Micro\Auth\Adapter\None as AdapterNone;
18		use Micro\Auth\Auth;
19		use MongoDB\BSON\ObjectId;
20		use OAuth2\GrantType\GrantTypeInterface;
21		use OAuth2\RequestInterface;
22		use OAuth2\ResponseInterface;
23		use OAuth2\ResponseType\AccessTokenInterface;
24		use Psr\Log\LoggerInterface;
25		use Webauthn\AuthenticatorAssertionResponse;
26		use Webauthn\AuthenticatorAssertionResponseValidator;
27		use Webauthn\PublicKeyCredentialLoader;
28
29		class Webauthn implements GrantTypeInterface
30		{
31		/**
32		* Challenge factory.
33		*
34		* @var RequestChallengeFactory
35		*/
36		protected $request_challenge_factory;
37
38		/**
39		* Server.
40		*
41		* @var Server
42		*/
43		protected $server;
44
45		/**
46		* Validator.
47		*
48		* @var AuthenticatorAssertionResponseValidator
49		*/
50		protected $validator;
51
52		/**
53		* Publickey load.
54		*
55		* @var PublicKeyCredentialLoader
56		*/
57		protected $loader;
58
59		/**
60		* Hook.
61		*
62		* @var Hook
63		*/
64		protected $hook;
65
66		/**
67		* Logger.
68		*
69		* @var LoggerInterface
70		*/
71		protected $logger;
72
73		/**
74		* Auth.
75		*
76		* @var Auth
77		*/
78		protected $auth;
79
80		/**
81		* User details.
82		*
83		* @var array
84		*/
85		protected $user = [];
86
87		/**
88		* Init.
89		*/
90		public function __construct(RequestChallengeFactory $request_challenge_factory, Server $server, Auth $auth, PublicKeyCredentialLoader $loader, AuthenticatorAssertionResponseValidator $validator, Hook $hook, LoggerInterface $logger)
91		{
92		$this->request_challenge_factory = $request_challenge_factory;
93		$this->server = $server;
94		$this->validator = $validator;
95		$this->loader = $loader;
96		$this->auth = $auth;
97		$this->hook = $hook;
98		$this->logger = $logger;
99		}
100
101		/**
102		* {@inheritdoc}
103		*/
104		public function getQueryStringIdentifier()
105		{
106		return 'webauthn';
107		}
108
109		/**
110		* {@inheritdoc}
111		*/
112		public function validateRequest(RequestInterface $request, ResponseInterface $response)
113		{
114	View Code Duplication	if (!$request->request('user') \|\| !$request->request('public_key') \|\| !$request->request('challenge')) {
		0 ignored issues – show Duplication introduced 2019-06-25 09:32 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
115		$response->setError(400, 'invalid_request', 'Missing parameters: "user", "public_key" and "challenge" required');
116
117		return null;
118		}
119
120		$user = $request->request('user');
121		$data = $request->request('public_key');
122
123		// Retrieve the Options passed to the device
124		$publicKeyCredentialRequestOptions = $this->request_challenge_factory->getOne(new ObjectId($request->request('challenge')));
125
126		$psr7Request = \Zend\Diactoros\ServerRequestFactory::fromGlobals();
127
128		// Load the data
129		$publicKeyCredential = $this->loader->load(json_encode($data));
130		$result = $publicKeyCredential->getResponse();
131
132		// Check if the response is an Authenticator Assertion Response
133		if (!$result instanceof AuthenticatorAssertionResponse) {
		0 ignored issues – show Bug introduced 2019-06-25 09:37 UTC by Report Bug Copy Issue Report The class `Webauthn\AuthenticatorAssertionResponse` does not exist. Did you forget a USE statement, or did you not list all dependencies? This error could be the result of: 1. Missing dependencies PHP Analyzer uses your `composer.json` file (if available) to determine the dependencies of your project and to determine all the available classes and functions. It expects the `composer.json` to be in the root folder of your repository. Are you sure this class is defined by one of your dependencies, or did you maybe not list a dependency in either the `require` or `require-dev` section? 2. Missing use statement PHP does not complain about undefined classes in `ìnstanceof` checks. For example, the following PHP code will work perfectly fine: if ($x instanceof DoesNotExist) { // Do something. } If you have not tested against this specific condition, such errors might go unnoticed. Loading history...
134		throw new \RuntimeException('Not an authenticator assertion response');
135		}
136
137		try {
138		$this->validator->check(
139		$publicKeyCredential->getRawId(),
140		$publicKeyCredential->getResponse(),
141		$publicKeyCredentialRequestOptions,
142		$psr7Request,
143		$user
144		);
145		} catch (\Exception $e) {
146		$this->logger->error('failed to authenticate device', [
147		'category' => get_class($this),
148		'exception' => $e,
149		]);
150
151		$response->setError(401, 'invalid_grant', 'device could not be authenticated: '.$e->getMessage());
152		}
153
154		$identity = $this->auth->createIdentity(new AdapterNone());
155		$user = $this->server->getUserById(new ObjectId($request->request('user')));
156		$this->hook->run('preServerIdentity', [$identity, &$user]);
157
158		$user = $user->getAttributes();
159		$user['user_id'] = $user['username'];
160		$this->user = $user;
161
162		return true;
163		}
164
165		/**
166		* {@inheritdoc}
167		*/
168		public function getClientId()
169		{
170		return null;
171		}
172
173		/**
174		* {@inheritdoc}
175		*/
176		public function getUserId()
177		{
178		return $this->user['user_id'];
179		}
180
181		/**
182		* {@inheritdoc}
183		*/
184		public function getScope()
185		{
186		return isset($this->user['scope']) ? $this->user['scope'] : null;
187		}
188
189		/**
190		* {@inheritdoc}
191		*/
192		public function createAccessToken(AccessTokenInterface $accessToken, $client_id, $user_id, $scope)
193		{
194		return $accessToken->createAccessToken($client_id, $user_id, $scope);
195		}
196		}
197

gyselroth / balloon

Push — master ( b97427...e235cc )

Webauthn::validateRequest() B

Complexity

Size

Duplication

Code Coverage

Importance

How to fix Long Method

Long Method

1. Missing dependencies

2. Missing use statement

Duplication Side-by-Side

Filter issues like