AbstractHttpStrategy::validateField() - Code Metrics - Inspection of "Minor refactoring to have a cleaner inplementation" - libgraviton/graviton - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — feature/evo-2472-whoami ( 01f6e4...aca89f )

by Bastian

created 2016-01-27 14:21 UTC

AbstractHttpStrategy::validateField() B

↳ Parent: AbstractHttpStrategy

Complexity

Conditions	4
Paths	3

Size

Total Lines	22
Code Lines	10

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	11
CRAP Score	4

Importance

Changes	2
Bugs	0	Features	0

Metric	Value
dl	0
loc	22
rs	8.9197
c	2
b	0
f	0
ccs	11
cts	11
cp	1
cc	4
eloc	10
nc	3
nop	2
crap	4

<?php
/**
 * abstract strategy for checking auth against parts of the request
 */

namespace Graviton\SecurityBundle\Authentication\Strategies;

use Symfony\Component\HttpFoundation\HeaderBag;
use Symfony\Component\HttpFoundation\ParameterBag;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Exception\HttpException;

/**
 * Class AbstractHttpStrategy
 *
 * @author   List of contributors <https://github.com/libgraviton/graviton/graphs/contributors>
 * @license  http://opensource.org/licenses/gpl-license.php GNU Public License
 * @link     http://swisscom.ch
 */
abstract class AbstractHttpStrategy implements StrategyInterface
{

    protected $strategyMatch;
    /**
     * Extracts information from the a request header field.
     *
     * @param ParameterBag|HeaderBag $header    object representation of the request header.
     * @param string                 $fieldname Name of the field to be read.
     *
     * @return string
     */
    protected function extractFieldInfo($header, $fieldname)
    {
        if ($header instanceof ParameterBag || $header instanceof HeaderBag) {
            $this->validateField($header, $fieldname);
            return $header->get($fieldname, '');
        }

        throw new \InvalidArgumentException('Provided request information are not valid.');
    }

    /**
     * Verifies that the provided header has the expected/mandatory fields.
     *
     * @param ParameterBag|HeaderBag $header    object representation of the request header.
     * @param string                 $fieldName Name of the header field to be validated.
     *
     * @return void
     * @throws \Symfony\Component\HttpKernel\Exception\HttpException
     */
    protected function validateField($header, $fieldName)
    {
        $passed = $header->has($fieldName);

        // return without exception so we can return a dummy user
        if (true === $passed) {
            // get rid of anything not a valid character
            $authInfo = filter_var($header->get($fieldName), FILTER_SANITIZE_STRING);

            // get rid of whitespaces
            $patterns = array("\r\n", "\n", "\r", "\s", "\t");
            $authInfo = str_replace($patterns, "", trim($authInfo));

            // get rid of control characters
            if (empty($authInfo) || $authInfo !== preg_replace('#[[:cntrl:]]#i', '', $authInfo)) {
                throw new HttpException(
                    Response::HTTP_NETWORK_AUTHENTICATION_REQUIRED,
                    'Mandatory header field (' . $fieldName . ') not provided or invalid.'
                );
            }
        }
    }
}


1		<?php
2		/**
3		* abstract strategy for checking auth against parts of the request
4		*/
5
6		namespace Graviton\SecurityBundle\Authentication\Strategies;
7
8		use Symfony\Component\HttpFoundation\HeaderBag;
9		use Symfony\Component\HttpFoundation\ParameterBag;
10		use Symfony\Component\HttpFoundation\Response;
11		use Symfony\Component\HttpKernel\Exception\HttpException;
12
13		/**
14		* Class AbstractHttpStrategy
15		*
16		* @author List of contributors <https://github.com/libgraviton/graviton/graphs/contributors>
17		* @license http://opensource.org/licenses/gpl-license.php GNU Public License
18		* @link http://swisscom.ch
19		*/
20		abstract class AbstractHttpStrategy implements StrategyInterface
21		{
22
23		protected $strategyMatch;
24		/**
25		* Extracts information from the a request header field.
26		*
27		* @param ParameterBag\|HeaderBag $header object representation of the request header.
28		* @param string $fieldname Name of the field to be read.
29		*
30		* @return string
31		*/
32	11	protected function extractFieldInfo($header, $fieldname)
33		{
34	11	if ($header instanceof ParameterBag \|\| $header instanceof HeaderBag) {
35	10	$this->validateField($header, $fieldname);
36	10	return $header->get($fieldname, '');
37		}
38
39	1	throw new \InvalidArgumentException('Provided request information are not valid.');
40		}
41
42		/**
43		* Verifies that the provided header has the expected/mandatory fields.
44		*
45		* @param ParameterBag\|HeaderBag $header object representation of the request header.
46		* @param string $fieldName Name of the header field to be validated.
47		*
48		* @return void
49		* @throws \Symfony\Component\HttpKernel\Exception\HttpException
50		*/
51	13	protected function validateField($header, $fieldName)
52		{
53	13	$passed = $header->has($fieldName);
54
55	13	// return without exception so we can return a dummy user
56	6	if (true === $passed) {
57		// get rid of anything not a valid character
58		$authInfo = filter_var($header->get($fieldName), FILTER_SANITIZE_STRING);
59
60	11	// get rid of whitespaces
61		$patterns = array("\r\n", "\n", "\r", "\s", "\t");
62		$authInfo = str_replace($patterns, "", trim($authInfo));
63	11
64	11	// get rid of control characters
65		if (empty($authInfo) \|\| $authInfo !== preg_replace('#[[:cntrl:]]#i', '', $authInfo)) {
66	11	throw new HttpException(
67	8	Response::HTTP_NETWORK_AUTHENTICATION_REQUIRED,
68	8	'Mandatory header field (' . $fieldName . ') not provided or invalid.'
69	3	);
70		}
71		}
72		}
73		}
74

libgraviton / graviton

Push — feature/evo-2472-whoami ( 01f6e4...aca89f )

AbstractHttpStrategy::validateField() B

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like