SenecaAuthenticatorService::checkUserCredentials() - Code Metrics - iesoretania/atica-fct - Measure and Improve Code Quality continuously with Scrutinizer

SenecaAuthenticatorService::checkUserCredentials() C
last analyzed 2018-12-05 08:49 UTC

↳ Parent: SenecaAuthenticatorService

Complexity

Conditions	11
Paths	12

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	59
rs	6.7478
c	0
b	0
f	0
cc	11
nc	12
nop	2

How to fix Long Method Complexity

<?php
/*
  ÁTICA - Aplicación web para la gestión documental de centros educativos

  Copyright (C) 2015-2017: Luis Ramón López López

  This program is free software: you can redistribute it and/or modify
  it under the terms of the GNU Affero General Public License as published by
  the Free Software Foundation, either version 3 of the License, or
  (at your option) any later version.

  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU Affero General Public License for more details.

  You should have received a copy of the GNU Affero General Public License
  along with this program.  If not, see [http://www.gnu.org/licenses/].
*/

namespace AppBundle\Service;

class SenecaAuthenticatorService
{
    const STATUS_NOT_AVAILABLE = 0;
    const STATUS_USER_AUTHENTICATED = 1;
    const STATUS_WRONG_USER_OR_PASSWORD = 2;
    const STATUS_USER_BLOCKED = 3;

    /** @var string */
    private $url;

    /** @var boolean */
    private $forceSecurity;

    /** @var boolean */
    private $enabled;

    public function __construct($url, $forceSecurity, $enabled)
    {
        $this->url = $url;
        $this->forceSecurity = $forceSecurity;
        $this->enabled = $enabled;
    }

    /**
     * @param string $user
     * @param string $password
     * @return bool
     */
    public function checkUserCredentials($user, $password)
    {
        // devolver error si no está habilitado
        if (false === $this->enabled) {
            return self::STATUS_NOT_AVAILABLE;
        }

        // obtener URL de entrada
        $str = $this->getUrl($this->url, $this->forceSecurity);
        if (!$str) {
            return self::STATUS_NOT_AVAILABLE;
        }

        $dom = new \DOMDocument();
        libxml_use_internal_errors(true);
        $dom->loadHTML($str);
        $xpath = new \DOMXPath($dom);
        $form = $xpath->query('//form')->item(0);
        $hidden = $xpath->query('//input[@name="N_V_"]')->item(0);

        if (!$form || !$hidden) {
            return self::STATUS_NOT_AVAILABLE;
        }

        // enviar datos del formulario
        $postUrl = $form->getAttribute('action');
        $hiddenValue = $hidden->getAttribute('value');

        $fields = array(
            'USUARIO' => urlencode($user),
            'CLAVE' => urlencode($password),
            'N_V_' => urlencode($hiddenValue)
        );

        $str = $this->postToUrl($fields, $postUrl, $this->url, $this->forceSecurity);

        if (!$str) {
            return self::STATUS_NOT_AVAILABLE;
        }

        $dom = new \DOMDocument();
        libxml_use_internal_errors(true);
        $dom->loadHTML($str);
        $xpath = new \DOMXPath($dom);
        $nav = $xpath->query('//nav');
        $error = $xpath->query('//p[@class="text-danger"]');
        $message = $error->length > 0 ? $error->item(0)->firstChild->nodeValue : '';

        if ($nav->length === 1 && $error->length === 0) {
            $result = self::STATUS_USER_AUTHENTICATED;
        } elseif (false !== strpos($message, 'Usuario bloqueado')) {
            $result = self::STATUS_USER_BLOCKED;
        } elseif (false !== strpos($message, 'Usuario incorrecto')) {
            $result = self::STATUS_WRONG_USER_OR_PASSWORD;
        } else {
            $result = self::STATUS_NOT_AVAILABLE;
        }
        return $result;
    }

    /**
     * Get URL contents
     *
     * @param string $url
     * @param boolean $forceSecurity
     * @return string
     */
    private function getUrl($url, $forceSecurity)
    {
        $curl = curl_init();
        curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, $forceSecurity);
        curl_setopt($curl, CURLOPT_HEADER, false);
        curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
        curl_setopt($curl, CURLOPT_MAXREDIRS, 2);
        curl_setopt($curl, CURLOPT_URL, $url);
        curl_setopt($curl, CURLOPT_REFERER, $url);
        curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
        curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.125 Safari/533.4");
        $str = curl_exec($curl);
        curl_close($curl);
        return $str === false ? '' : (string) $str;
    }

    /**
     * Gets the content after POSTing into an URL
     *
     * @param array $fields
     * @param string $postUrl
     * @param string $refererUrl
     * @param boolean $forceSecurity
     * @return string
     */
    private function postToUrl($fields, $postUrl, $refererUrl, $forceSecurity)
    {
        $fieldsString = '';
        foreach ($fields as $key => $value) {
            $fieldsString .= $key . '=' . $value . '&';
        }
        $fieldsString = rtrim($fieldsString, '&');

        $curl = curl_init();
        curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, $forceSecurity);
        curl_setopt($curl, CURLOPT_HEADER, false);
        curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
        curl_setopt($curl, CURLOPT_URL, $postUrl);
        curl_setopt($curl, CURLOPT_REFERER, $refererUrl);
        curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
        curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.125 Safari/533.4");
        curl_setopt($curl, CURLOPT_POST, count($fields));
        curl_setopt($curl, CURLOPT_POSTFIELDS, $fieldsString);
        $str = curl_exec($curl);
        curl_close($curl);
        return $str === false ? '' : (string) $str;
    }
}


1			<?php
2			/*
3			ÁTICA - Aplicación web para la gestión documental de centros educativos
4
5			Copyright (C) 2015-2017: Luis Ramón López López
6
7			This program is free software: you can redistribute it and/or modify
8			it under the terms of the GNU Affero General Public License as published by
9			the Free Software Foundation, either version 3 of the License, or
10			(at your option) any later version.
11
12			This program is distributed in the hope that it will be useful,
13			but WITHOUT ANY WARRANTY; without even the implied warranty of
14			MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15			GNU Affero General Public License for more details.
16
17			You should have received a copy of the GNU Affero General Public License
18			along with this program. If not, see [http://www.gnu.org/licenses/].
19			*/
20
21			namespace AppBundle\Service;
22
23			class SenecaAuthenticatorService
24			{
25			const STATUS_NOT_AVAILABLE = 0;
26			const STATUS_USER_AUTHENTICATED = 1;
27			const STATUS_WRONG_USER_OR_PASSWORD = 2;
28			const STATUS_USER_BLOCKED = 3;
29
30			/** @var string */
31			private $url;
32
33			/** @var boolean */
34			private $forceSecurity;
35
36			/** @var boolean */
37			private $enabled;
38
39			public function __construct($url, $forceSecurity, $enabled)
40			{
41			$this->url = $url;
42			$this->forceSecurity = $forceSecurity;
43			$this->enabled = $enabled;
44			}
45
46			/**
47			* @param string $user
48			* @param string $password
49			* @return bool
50			*/
51			public function checkUserCredentials($user, $password)
52			{
53			// devolver error si no está habilitado
54			if (false === $this->enabled) {
55			return self::STATUS_NOT_AVAILABLE;
56			}
57
58			// obtener URL de entrada
59			$str = $this->getUrl($this->url, $this->forceSecurity);
60			if (!$str) {
61			return self::STATUS_NOT_AVAILABLE;
62			}
63
64			$dom = new \DOMDocument();
65			libxml_use_internal_errors(true);
66			$dom->loadHTML($str);
67			$xpath = new \DOMXPath($dom);
68			$form = $xpath->query('//form')->item(0);
69			$hidden = $xpath->query('//input[@name="N_V_"]')->item(0);
70
71			if (!$form \|\| !$hidden) {
72			return self::STATUS_NOT_AVAILABLE;
73			}
74
75			// enviar datos del formulario
76			$postUrl = $form->getAttribute('action');
77			$hiddenValue = $hidden->getAttribute('value');
78
79			$fields = array(
80			'USUARIO' => urlencode($user),
81			'CLAVE' => urlencode($password),
82			'N_V_' => urlencode($hiddenValue)
83			);
84
85			$str = $this->postToUrl($fields, $postUrl, $this->url, $this->forceSecurity);
86
87			if (!$str) {
88			return self::STATUS_NOT_AVAILABLE;
89			}
90
91			$dom = new \DOMDocument();
92			libxml_use_internal_errors(true);
93			$dom->loadHTML($str);
94			$xpath = new \DOMXPath($dom);
95			$nav = $xpath->query('//nav');
96			$error = $xpath->query('//p[@class="text-danger"]');
97			$message = $error->length > 0 ? $error->item(0)->firstChild->nodeValue : '';
98
99			if ($nav->length === 1 && $error->length === 0) {
100			$result = self::STATUS_USER_AUTHENTICATED;
101			} elseif (false !== strpos($message, 'Usuario bloqueado')) {
102			$result = self::STATUS_USER_BLOCKED;
103			} elseif (false !== strpos($message, 'Usuario incorrecto')) {
104			$result = self::STATUS_WRONG_USER_OR_PASSWORD;
105			} else {
106			$result = self::STATUS_NOT_AVAILABLE;
107			}
108			return $result;
109			}
110
111			/**
112			* Get URL contents
113			*
114			* @param string $url
115			* @param boolean $forceSecurity
116			* @return string
117			*/
118			private function getUrl($url, $forceSecurity)
119			{
120			$curl = curl_init();
121			curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, $forceSecurity);
122			curl_setopt($curl, CURLOPT_HEADER, false);
123			curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
124			curl_setopt($curl, CURLOPT_MAXREDIRS, 2);
125			curl_setopt($curl, CURLOPT_URL, $url);
126			curl_setopt($curl, CURLOPT_REFERER, $url);
127			curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
128			curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.125 Safari/533.4");
129			$str = curl_exec($curl);
130			curl_close($curl);
131			return $str === false ? '' : (string) $str;
132			}
133
134			/**
135			* Gets the content after POSTing into an URL
136			*
137			* @param array $fields
138			* @param string $postUrl
139			* @param string $refererUrl
140			* @param boolean $forceSecurity
141			* @return string
142			*/
143			private function postToUrl($fields, $postUrl, $refererUrl, $forceSecurity)
144			{
145			$fieldsString = '';
146			foreach ($fields as $key => $value) {
147			$fieldsString .= $key . '=' . $value . '&';
148			}
149			$fieldsString = rtrim($fieldsString, '&');
150
151			$curl = curl_init();
152			curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, $forceSecurity);
153			curl_setopt($curl, CURLOPT_HEADER, false);
154			curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
155			curl_setopt($curl, CURLOPT_URL, $postUrl);
156			curl_setopt($curl, CURLOPT_REFERER, $refererUrl);
157			curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
158			curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.125 Safari/533.4");
159			curl_setopt($curl, CURLOPT_POST, count($fields));
160			curl_setopt($curl, CURLOPT_POSTFIELDS, $fieldsString);
161			$str = curl_exec($curl);
162			curl_close($curl);
163			return $str === false ? '' : (string) $str;
164			}
165			}
166

iesoretania / atica-fct

GitHub Access Token became invalid

SenecaAuthenticatorService::checkUserCredentials() C last analyzed 2018-12-05 08:49 UTC

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like

SenecaAuthenticatorService::checkUserCredentials() C
last analyzed 2018-12-05 08:49 UTC