lightsaml2 /
lightSAML
| Conditions | 7 |
| Paths | 5 |
| Total Lines | 52 |
| Code Lines | 37 |
| Lines | 0 |
| Ratio | 0 % |
| Changes | 1 | ||
| Bugs | 0 | Features | 0 |
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
| 1 | <?php |
||
| 42 | protected function doExecute(ProfileContext $context) |
||
| 43 | { |
||
| 44 | $response = MessageContextHelper::asResponse($context->getInboundContext()); |
||
| 45 | |||
| 46 | if (0 === count($response->getAllEncryptedAssertions())) { |
||
| 47 | $this->logger->debug('Response has no encrypted assertions', LogHelper::getActionContext($context, $this)); |
||
| 48 | |||
| 49 | return; |
||
| 50 | } |
||
| 51 | |||
| 52 | $ownEntityDescriptor = $context->getOwnEntityDescriptor(); |
||
| 53 | |||
| 54 | $query = $this->credentialResolver->query(); |
||
| 55 | $query |
||
| 56 | ->add(new EntityIdCriteria($ownEntityDescriptor->getEntityID())) |
||
| 57 | ->add(new MetadataCriteria( |
||
| 58 | ProfileContext::ROLE_IDP === $context->getOwnRole() |
||
| 59 | ? MetadataCriteria::TYPE_IDP |
||
| 60 | : MetadataCriteria::TYPE_SP, |
||
| 61 | SamlConstants::PROTOCOL_SAML2 |
||
| 62 | )) |
||
| 63 | ->add(new UsageCriteria(UsageType::ENCRYPTION)) |
||
| 64 | ; |
||
| 65 | $query->resolve(); |
||
| 66 | $privateKeys = $query->getPrivateKeys(); |
||
| 67 | if (empty($privateKeys)) { |
||
| 68 | $message = 'No credentials resolved for assertion decryption'; |
||
| 69 | $this->logger->emergency($message, LogHelper::getActionErrorContext($context, $this)); |
||
| 70 | throw new LightSamlContextException($context, $message); |
||
| 71 | } |
||
| 72 | $this->logger->info('Trusted decryption candidates', LogHelper::getActionContext($context, $this, [ |
||
| 73 | 'credentials' => array_map(function (CredentialInterface $credential) { |
||
| 74 | return sprintf( |
||
| 75 | "Entity: '%s'; PK X509 Thumb: '%s'", |
||
| 76 | $credential->getEntityId(), |
||
| 77 | $credential->getPublicKey() ? $credential->getPublicKey()->getX509Thumbprint() : '' |
||
| 78 | ); |
||
| 79 | }, $privateKeys), |
||
| 80 | ])); |
||
| 81 | |||
| 82 | foreach ($response->getAllEncryptedAssertions() as $index => $encryptedAssertion) { |
||
| 83 | if ($encryptedAssertion instanceof EncryptedAssertionReader) { |
||
| 84 | $name = sprintf('assertion_encrypted_%s', $index); |
||
| 85 | /** @var DeserializationContext $deserializationContext */ |
||
| 86 | $deserializationContext = $context->getInboundContext()->getSubContext($name, DeserializationContext::class); |
||
| 87 | $assertion = $encryptedAssertion->decryptMultiAssertion($privateKeys, $deserializationContext); |
||
| 88 | $response->addAssertion($assertion); |
||
| 89 | |||
| 90 | $this->logger->info( |
||
| 91 | 'Assertion decrypted', |
||
| 92 | LogHelper::getActionContext($context, $this, [ |
||
| 93 | 'assertion' => $deserializationContext->getDocument()->saveXML(), |
||
| 94 | ]) |
||
| 100 |
