LdapGuardAuthenticator - Code Metrics - Inspection of "Do not require a domain config username/password f..." - ldaptools/ldaptools-bundle - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 577d0b...396fc4 )

by Chad

created 2017-06-18 22:20 UTC

LdapGuardAuthenticator C

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	305
Duplicated Lines	14.75 %

Coupling/Cohesion

Components	1
Dependencies	21

Importance

Changes

Metric	Value
wmc	34
lcom	1
cbo	21
dl	45
loc	305
rs	5.6222
c	0
b	0
f	0

14 Methods

Rating	Name	Duplication	Size	Complexity
A	__construct()	0	11	1
A	getCredentials()	0	14	2
B	getUser()	0	23	5
B	checkCredentials()	10	36	4
A	onAuthenticationSuccess()	13	13	1
A	onAuthenticationFailure()	11	11	1
A	start()	11	11	1
A	supportsRememberMe()	0	4	1
A	createAuthenticatedToken()	0	7	1
A	getRequestParameter()	0	10	3
B	setLdapCredentialsIfNeeded()	0	16	5
A	switchDomainIfNeeded()	0	6	3
A	switchDomainBackIfNeeded()	0	6	2
A	hideOrThrow()	0	12	4

How to fix Duplicated Code

<?php
/**
 * This file is part of the LdapToolsBundle package.
 *
 * (c) Chad Sikorra <[email protected]>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace LdapTools\Bundle\LdapToolsBundle\Security;

use LdapTools\Bundle\LdapToolsBundle\Event\AuthenticationHandlerEvent;
use LdapTools\Bundle\LdapToolsBundle\Event\LdapLoginEvent;
use LdapTools\Bundle\LdapToolsBundle\Security\User\LdapUserChecker;
use LdapTools\Bundle\LdapToolsBundle\Security\User\LdapUserProvider;
use LdapTools\Exception\Exception;
use LdapTools\Exception\LdapConnectionException;
use LdapTools\Operation\AuthenticationOperation;
use LdapTools\LdapManager;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Core\Security;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;

/**
 * LDAP Guard Authenticator.
 *
 * @author Chad Sikorra <[email protected]>
 */
class LdapGuardAuthenticator extends AbstractGuardAuthenticator
{
    /**
     * @var LdapManager
     */
    protected $ldap;

    /**
     * @var LdapUserChecker
     */
    protected $userChecker;

    /**
     * @var string
     */
    protected $domain;

    /**
     * @var EventDispatcherInterface
     */
    protected $dispatcher;

    /**
     * @var AuthenticationSuccessHandlerInterface
     */
    protected $successHandler;

    /**
     * @var AuthenticationFailureHandlerInterface
     */
    protected $failureHandler;

    /**
     * @var AuthenticationEntryPointInterface
     */
    protected $entryPoint;

    /**
     * @var array
     */
    protected $options = [
        'hide_user_not_found_exceptions' => true,
        'username_parameter' => '_username',
        'password_parameter' => '_password',
        'domain_parameter' => '_ldap_domain',
        'post_only' => false,
        'remember_me' => false,
    ];

    /**
     * @param bool $hideUserNotFoundExceptions
     * @param LdapUserChecker $userChecker
     * @param LdapManager $ldap
     * @param AuthenticationEntryPointInterface $entryPoint
     * @param EventDispatcherInterface $dispatcher
     * @param AuthenticationSuccessHandlerInterface $successHandler
     * @param AuthenticationFailureHandlerInterface $failureHandler
     * @param array $options
     */
    public function __construct($hideUserNotFoundExceptions = true, LdapUserChecker $userChecker, LdapManager $ldap, AuthenticationEntryPointInterface $entryPoint, EventDispatcherInterface $dispatcher, AuthenticationSuccessHandlerInterface $successHandler, AuthenticationFailureHandlerInterface $failureHandler, array $options)
    {
        $this->userChecker = $userChecker;
        $this->ldap = $ldap;
        $this->entryPoint = $entryPoint;
        $this->dispatcher = $dispatcher;
        $this->successHandler = $successHandler;
        $this->failureHandler = $failureHandler;
        $this->options['hide_user_not_found_exceptions'] = $hideUserNotFoundExceptions;
        $this->options = array_merge($this->options, $options);
    }

    /**
     * {@inheritdoc}
     */
    public function getCredentials(Request $request)
    {
        $credentials = [
            'username' => $this->getRequestParameter($this->options['username_parameter'], $request),
            'password' => $this->getRequestParameter($this->options['password_parameter'], $request),
            'ldap_domain' => $this->getRequestParameter($this->options['domain_parameter'], $request),
        ];
        if (empty($credentials['username'])) {
            return null;
        }
        $request->getSession()->set(Security::LAST_USERNAME, $credentials['username']);

        return $credentials;
    }

    /**
     * {@inheritdoc}
     */
    public function getUser($credentials, UserProviderInterface $userProvider)
    {
        $domain = $this->ldap->getDomainContext();

        try {
            $this->switchDomainIfNeeded($credentials);
            $this->setLdapCredentialsIfNeeded($credentials, $userProvider);
            $user = $userProvider->loadUserByUsername($credentials['username']);
            $this->userChecker->checkPreAuth($user);

            return $user;
        } catch (UsernameNotFoundException $e) {
            $this->hideOrThrow($e);
        } catch (BadCredentialsException $e) {
            $this->hideOrThrow($e);
        } catch (LdapConnectionException $e) {
            $this->hideOrThrow($e);
        } catch (\Exception $e) {
            $this->hideOrThrow($e);
        } finally {
            $this->switchDomainBackIfNeeded($domain);
        }
    }

    /**
     * {@inheritdoc}
     */
    public function checkCredentials($credentials, UserInterface $user)
    {
        $domain = $this->ldap->getDomainContext();

        try {
            $this->switchDomainIfNeeded($credentials);
            /** @var \LdapTools\Operation\AuthenticationResponse $response */
            $response = $this->ldap->getConnection()->execute(
                new AuthenticationOperation($user->getUsername(), $credentials['password'])
            );
            if (!$response->isAuthenticated()) {

                $this->userChecker->checkLdapErrorCode(
                    $user,
                    $response->getErrorCode(),
                    $this->ldap->getConnection()->getConfig()->getLdapType()
                );
                throw new CustomUserMessageAuthenticationException(
                    $response->getErrorMessage(), [], $response->getErrorCode()
                );
            }
            // No way to get the token from the Guard, need to create one to pass...
            $token = new UsernamePasswordToken($user, $credentials['password'], 'ldap-tools', $user->getRoles());
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
            $token->setAttribute('ldap_domain', isset($credentials['ldap_domain']) ? $credentials['ldap_domain'] : '');
            $this->dispatcher->dispatch(
                LdapLoginEvent::SUCCESS,
                new LdapLoginEvent($user, $token)
            );
        } catch (\Exception $e) {
            $this->hideOrThrow($e);
        } finally {
            $this->domain = $this->ldap->getDomainContext();
            $this->switchDomainBackIfNeeded($domain);
        }

        return true;
    }

    /**
     * {@inheritdoc}
     */
    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)

    {
        $event = new AuthenticationHandlerEvent(
            $this->successHandler->onAuthenticationSuccess($request, $token),
            $request,
            null,
            $token,
            $providerKey
        );
        $this->dispatcher->dispatch(AuthenticationHandlerEvent::SUCCESS, $event);

        return $event->getResponse();
    }

    /**
     * {@inheritdoc}
     */
    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)

    {
        $event = new AuthenticationHandlerEvent(
            $this->failureHandler->onAuthenticationFailure($request, $exception),
            $request,
            $exception
        );
        $this->dispatcher->dispatch(AuthenticationHandlerEvent::FAILURE, $event);

        return $event->getResponse();
    }

    /**
     * {@inheritdoc}
     */
    public function start(Request $request, AuthenticationException $authException = null)

    {
        $event = new AuthenticationHandlerEvent(
            $this->entryPoint->start($request, $authException),
            $request,
            $authException
        );
        $this->dispatcher->dispatch(AuthenticationHandlerEvent::START, $event);

        return $event->getResponse();
    }

    /**
     * {@inheritdoc}
     */
    public function supportsRememberMe()
    {
        return $this->options['remember_me'];
    }

    /**
     * {@inheritdoc}
     */
    public function createAuthenticatedToken(UserInterface $user, $providerKey)
    {
        $token = parent::createAuthenticatedToken($user, $providerKey);
        $token->setAttribute('ldap_domain', $this->domain);

        return $token;
    }

    /**
     * @param string $param
     * @param Request $request
     * @return string|null
     */
    protected function getRequestParameter($param, Request $request)
    {
        if ($this->options['post_only']) {
            $value = $request->request->get($param);
        } else {
            $value = $request->request->get($param) ?: $request->get($param);
        }

        return $value;
    }

    /**
     * If no LDAP credentials are in the config then attempt to use the user supplied credentials from the login. But
     * only if we are using the LdapUserProvider.
     *
     * @param array $credentials
     * @param UserProviderInterface $userProvider
     */
    protected function setLdapCredentialsIfNeeded(array $credentials, UserProviderInterface $userProvider)
    {
        // Only care about this in the context of the LDAP user provider...
        if (!$userProvider instanceof LdapUserProvider) {
            return;
        }

        // Only if the username/password are not defined in the config....
        $config = $this->ldap->getConnection()->getConfig();
        if (!(empty($config->getUsername()) && (empty($config->getPassword() && $config->getPassword() !== '0')))) {
            return;
        }

        $config->setUsername($credentials['username']);
        $config->setPassword($credentials['password']);
    }

    /**
     * If the domain needs to a different context for the request, then switch it.
     *
     * @param array $credentials
     */
    protected function switchDomainIfNeeded(array $credentials)
    {
        if (!empty($credentials['ldap_domain']) && $this->ldap->getDomainContext() !== $credentials['ldap_domain']) {
            $this->ldap->switchDomain($credentials['ldap_domain']);
        }
    }

    /**
     * If the passed domain is not the current context, then switch back to it.
     *
     * @param string $domain
     */
    protected function switchDomainBackIfNeeded($domain)
    {
        if ($domain !== $this->ldap->getDomainContext()) {
            $this->ldap->switchDomain($domain);
        }
    }

    /**
     * Determine whether or not the exception should be masked with a BadCredentials or not.
     *
     * @param \Exception $e
     * @throws \Exception
     */
    protected function hideOrThrow(\Exception $e)
    {
        if ($this->options['hide_user_not_found_exceptions']) {
            throw new BadCredentialsException('Bad credentials.', 0, $e);
        }
        // Specifically show LdapTools related exceptions, ignore others.
        if (!$this->options['hide_user_not_found_exceptions'] && $e instanceof Exception) {
            throw new CustomUserMessageAuthenticationException($e->getMessage(), [], $e->getCode());
        }

        throw $e;
    }
}


1		<?php
2		/**
3		* This file is part of the LdapToolsBundle package.
4		*
5		* (c) Chad Sikorra <[email protected]>
6		*
7		* For the full copyright and license information, please view the LICENSE
8		* file that was distributed with this source code.
9		*/
10
11		namespace LdapTools\Bundle\LdapToolsBundle\Security;
12
13		use LdapTools\Bundle\LdapToolsBundle\Event\AuthenticationHandlerEvent;
14		use LdapTools\Bundle\LdapToolsBundle\Event\LdapLoginEvent;
15		use LdapTools\Bundle\LdapToolsBundle\Security\User\LdapUserChecker;
16		use LdapTools\Bundle\LdapToolsBundle\Security\User\LdapUserProvider;
17		use LdapTools\Exception\Exception;
18		use LdapTools\Exception\LdapConnectionException;
19		use LdapTools\Operation\AuthenticationOperation;
20		use LdapTools\LdapManager;
21		use Symfony\Component\EventDispatcher\EventDispatcherInterface;
22		use Symfony\Component\HttpFoundation\Request;
23		use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
24		use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
25		use Symfony\Component\Security\Core\Exception\AuthenticationException;
26		use Symfony\Component\Security\Core\Exception\BadCredentialsException;
27		use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
28		use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
29		use Symfony\Component\Security\Core\Security;
30		use Symfony\Component\Security\Core\User\UserInterface;
31		use Symfony\Component\Security\Core\User\UserProviderInterface;
32		use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
33		use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
34		use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
35		use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
36
37		/**
38		* LDAP Guard Authenticator.
39		*
40		* @author Chad Sikorra <[email protected]>
41		*/
42		class LdapGuardAuthenticator extends AbstractGuardAuthenticator
43		{
44		/**
45		* @var LdapManager
46		*/
47		protected $ldap;
48
49		/**
50		* @var LdapUserChecker
51		*/
52		protected $userChecker;
53
54		/**
55		* @var string
56		*/
57		protected $domain;
58
59		/**
60		* @var EventDispatcherInterface
61		*/
62		protected $dispatcher;
63
64		/**
65		* @var AuthenticationSuccessHandlerInterface
66		*/
67		protected $successHandler;
68
69		/**
70		* @var AuthenticationFailureHandlerInterface
71		*/
72		protected $failureHandler;
73
74		/**
75		* @var AuthenticationEntryPointInterface
76		*/
77		protected $entryPoint;
78
79		/**
80		* @var array
81		*/
82		protected $options = [
83		'hide_user_not_found_exceptions' => true,
84		'username_parameter' => '_username',
85		'password_parameter' => '_password',
86		'domain_parameter' => '_ldap_domain',
87		'post_only' => false,
88		'remember_me' => false,
89		];
90
91		/**
92		* @param bool $hideUserNotFoundExceptions
93		* @param LdapUserChecker $userChecker
94		* @param LdapManager $ldap
95		* @param AuthenticationEntryPointInterface $entryPoint
96		* @param EventDispatcherInterface $dispatcher
97		* @param AuthenticationSuccessHandlerInterface $successHandler
98		* @param AuthenticationFailureHandlerInterface $failureHandler
99		* @param array $options
100		*/
101		public function __construct($hideUserNotFoundExceptions = true, LdapUserChecker $userChecker, LdapManager $ldap, AuthenticationEntryPointInterface $entryPoint, EventDispatcherInterface $dispatcher, AuthenticationSuccessHandlerInterface $successHandler, AuthenticationFailureHandlerInterface $failureHandler, array $options)
102		{
103		$this->userChecker = $userChecker;
104		$this->ldap = $ldap;
105		$this->entryPoint = $entryPoint;
106		$this->dispatcher = $dispatcher;
107		$this->successHandler = $successHandler;
108		$this->failureHandler = $failureHandler;
109		$this->options['hide_user_not_found_exceptions'] = $hideUserNotFoundExceptions;
110		$this->options = array_merge($this->options, $options);
111		}
112
113		/**
114		* {@inheritdoc}
115		*/
116		public function getCredentials(Request $request)
117		{
118		$credentials = [
119		'username' => $this->getRequestParameter($this->options['username_parameter'], $request),
120		'password' => $this->getRequestParameter($this->options['password_parameter'], $request),
121		'ldap_domain' => $this->getRequestParameter($this->options['domain_parameter'], $request),
122		];
123		if (empty($credentials['username'])) {
124		return null;
125		}
126		$request->getSession()->set(Security::LAST_USERNAME, $credentials['username']);
127
128		return $credentials;
129		}
130
131		/**
132		* {@inheritdoc}
133		*/
134		public function getUser($credentials, UserProviderInterface $userProvider)
135		{
136		$domain = $this->ldap->getDomainContext();
137
138		try {
139		$this->switchDomainIfNeeded($credentials);
140		$this->setLdapCredentialsIfNeeded($credentials, $userProvider);
141		$user = $userProvider->loadUserByUsername($credentials['username']);
142		$this->userChecker->checkPreAuth($user);
143
144		return $user;
145		} catch (UsernameNotFoundException $e) {
146		$this->hideOrThrow($e);
147		} catch (BadCredentialsException $e) {
148		$this->hideOrThrow($e);
149		} catch (LdapConnectionException $e) {
150		$this->hideOrThrow($e);
151		} catch (\Exception $e) {
152		$this->hideOrThrow($e);
153		} finally {
154		$this->switchDomainBackIfNeeded($domain);
155		}
156		}
157
158		/**
159		* {@inheritdoc}
160		*/
161		public function checkCredentials($credentials, UserInterface $user)
162		{
163		$domain = $this->ldap->getDomainContext();
164
165		try {
166		$this->switchDomainIfNeeded($credentials);
167		/** @var \LdapTools\Operation\AuthenticationResponse $response */
168		$response = $this->ldap->getConnection()->execute(
169		new AuthenticationOperation($user->getUsername(), $credentials['password'])
170		);
171	View Code Duplication	if (!$response->isAuthenticated()) {
		0 ignored issues – show Duplication introduced 2016-09-03 15:23 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
172		$this->userChecker->checkLdapErrorCode(
173		$user,
174		$response->getErrorCode(),
175		$this->ldap->getConnection()->getConfig()->getLdapType()
176		);
177		throw new CustomUserMessageAuthenticationException(
178		$response->getErrorMessage(), [], $response->getErrorCode()
179		);
180		}
181		// No way to get the token from the Guard, need to create one to pass...
182		$token = new UsernamePasswordToken($user, $credentials['password'], 'ldap-tools', $user->getRoles());
		0 ignored issues – show Documentation introduced 2017-06-17 18:04 UTC by Report Bug Copy Issue Report `$user->getRoles()` is of type `array<integer,object<Sym...Core\Role\Role>\|string>`, but the function expects a `array<integer,object<Sym...\RoleInterface>\|string>`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
183		$token->setAttribute('ldap_domain', isset($credentials['ldap_domain']) ? $credentials['ldap_domain'] : '');
184		$this->dispatcher->dispatch(
185		LdapLoginEvent::SUCCESS,
186		new LdapLoginEvent($user, $token)
187		);
188		} catch (\Exception $e) {
189		$this->hideOrThrow($e);
190		} finally {
191		$this->domain = $this->ldap->getDomainContext();
192		$this->switchDomainBackIfNeeded($domain);
193		}
194
195		return true;
196		}
197
198		/**
199		* {@inheritdoc}
200		*/
201	View Code Duplication	public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
		0 ignored issues – show Duplication introduced 2017-03-23 23:33 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
202		{
203		$event = new AuthenticationHandlerEvent(
204		$this->successHandler->onAuthenticationSuccess($request, $token),
205		$request,
206		null,
207		$token,
208		$providerKey
209		);
210		$this->dispatcher->dispatch(AuthenticationHandlerEvent::SUCCESS, $event);
211
212		return $event->getResponse();
213		}
214
215		/**
216		* {@inheritdoc}
217		*/
218	View Code Duplication	public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
		0 ignored issues – show Duplication introduced 2017-03-23 23:33 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
219		{
220		$event = new AuthenticationHandlerEvent(
221		$this->failureHandler->onAuthenticationFailure($request, $exception),
222		$request,
223		$exception
224		);
225		$this->dispatcher->dispatch(AuthenticationHandlerEvent::FAILURE, $event);
226
227		return $event->getResponse();
228		}
229
230		/**
231		* {@inheritdoc}
232		*/
233	View Code Duplication	public function start(Request $request, AuthenticationException $authException = null)
		0 ignored issues – show Duplication introduced 2017-03-25 17:45 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
234		{
235		$event = new AuthenticationHandlerEvent(
236		$this->entryPoint->start($request, $authException),
237		$request,
238		$authException
239		);
240		$this->dispatcher->dispatch(AuthenticationHandlerEvent::START, $event);
241
242		return $event->getResponse();
243		}
244
245		/**
246		* {@inheritdoc}
247		*/
248		public function supportsRememberMe()
249		{
250		return $this->options['remember_me'];
251		}
252
253		/**
254		* {@inheritdoc}
255		*/
256		public function createAuthenticatedToken(UserInterface $user, $providerKey)
257		{
258		$token = parent::createAuthenticatedToken($user, $providerKey);
259		$token->setAttribute('ldap_domain', $this->domain);
260
261		return $token;
262		}
263
264		/**
265		* @param string $param
266		* @param Request $request
267		* @return string\|null
268		*/
269		protected function getRequestParameter($param, Request $request)
270		{
271		if ($this->options['post_only']) {
272		$value = $request->request->get($param);
273		} else {
274		$value = $request->request->get($param) ?: $request->get($param);
275		}
276
277		return $value;
278		}
279
280		/**
281		* If no LDAP credentials are in the config then attempt to use the user supplied credentials from the login. But
282		* only if we are using the LdapUserProvider.
283		*
284		* @param array $credentials
285		* @param UserProviderInterface $userProvider
286		*/
287		protected function setLdapCredentialsIfNeeded(array $credentials, UserProviderInterface $userProvider)
288		{
289		// Only care about this in the context of the LDAP user provider...
290		if (!$userProvider instanceof LdapUserProvider) {
291		return;
292		}
293
294		// Only if the username/password are not defined in the config....
295		$config = $this->ldap->getConnection()->getConfig();
296		if (!(empty($config->getUsername()) && (empty($config->getPassword() && $config->getPassword() !== '0')))) {
297		return;
298		}
299
300		$config->setUsername($credentials['username']);
301		$config->setPassword($credentials['password']);
302		}
303
304		/**
305		* If the domain needs to a different context for the request, then switch it.
306		*
307		* @param array $credentials
308		*/
309		protected function switchDomainIfNeeded(array $credentials)
310		{
311		if (!empty($credentials['ldap_domain']) && $this->ldap->getDomainContext() !== $credentials['ldap_domain']) {
312		$this->ldap->switchDomain($credentials['ldap_domain']);
313		}
314		}
315
316		/**
317		* If the passed domain is not the current context, then switch back to it.
318		*
319		* @param string $domain
320		*/
321		protected function switchDomainBackIfNeeded($domain)
322		{
323		if ($domain !== $this->ldap->getDomainContext()) {
324		$this->ldap->switchDomain($domain);
325		}
326		}
327
328		/**
329		* Determine whether or not the exception should be masked with a BadCredentials or not.
330		*
331		* @param \Exception $e
332		* @throws \Exception
333		*/
334		protected function hideOrThrow(\Exception $e)
335		{
336		if ($this->options['hide_user_not_found_exceptions']) {
337		throw new BadCredentialsException('Bad credentials.', 0, $e);
338		}
339		// Specifically show LdapTools related exceptions, ignore others.
340		if (!$this->options['hide_user_not_found_exceptions'] && $e instanceof Exception) {
341		throw new CustomUserMessageAuthenticationException($e->getMessage(), [], $e->getCode());
342		}
343
344		throw $e;
345		}
346		}
347

ldaptools / ldaptools-bundle

Push — master ( 577d0b...396fc4 )

LdapGuardAuthenticator C

Complexity

Size/Duplication

Coupling/Cohesion

Importance

14 Methods

How to fix Duplicated Code

Duplicated Code

Duplication Side-by-Side

Filter issues like