AuthToken - Code Metrics - Inspection of "phpcbf" - locomotivemtl/charcoal-base - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( b6640d...1255af )

by Mathieu

created 2016-07-06 16:36 UTC

AuthToken B

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	369
Duplicated Lines	2.71 %

Coupling/Cohesion

Components	1
Dependencies	3

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
wmc	42
c	1
b	0
f	0
lcom	1
cbo	3
dl	10
loc	369
rs	8.295

22 Methods

Rating	Name	Duplication	Size	Complexity
A	key()	0	4	1
A	setIdent()	0	5	1
A	ident()	0	4	1
A	setToken()	0	5	1
A	token()	0	4	1
A	setUsername()	10	10	2
A	username()	0	4	1
A	setExpiry()	0	17	4
A	expiry()	0	4	1
A	setCreated()	0	17	4
A	created()	0	4	1
A	setLastModified()	0	17	4
A	lastModified()	0	4	1
A	generate()	0	9	1
A	sendCookie()	0	11	1
A	preSave()	0	12	2
A	preUpdate()	0	8	1
A	getTokenDataFromCookie()	0	19	4
A	getUserId()	0	4	1
B	getUsernameFromToken()	0	26	5
A	panic()	0	21	2
A	createMetadata()	0	8	2

How to fix Duplicated Code Complexity

Duplicated Code

Duplicate code is one of the most pungent code smells. A rule that is often used is to re-structure code once it is duplicated in three or more places.

Common duplication problems, and corresponding solutions are:

If you have the same expression in different places: Extract expression to a method
If you have the same method in different sub-classes: Extract method, and pull up field to the parent class
If you have the same code in unrelated classes: Consider extracting the code to a new class, and injecting that class

Complex Class

Tip: Before tackling complexity, make sure that you eliminate any duplication first. This often can reduce the size of classes significantly.

Complex classes like AuthToken often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes. You can also have a look at the cohesion graph to spot any un-connected, or weakly-connected components.

Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.

While breaking up the class, it is a good idea to analyze how other classes use AuthToken, and based on these observations, apply Extract Interface, too.

<?php

namespace Charcoal\User;

use \DateTime;
use \DateTimeInterface;
use \InvalidArgumentException;

use \Charcoal\Model\AbstractModel;

use \Charcoal\User\AuthTokenMetadata;

/**
 * Authorization token; to keep a user logged in
 */
class AuthToken extends AbstractModel
{

    /**
     * @var string $ident
     */
    private $ident;

    /**
     * @var string $token
     */
    private $token;

    /**
     * The username should be unique and mandatory.
     * @var string $username
     */
    private $username;

    /**
     * @var Datetime $expiry
     */
    private $expiry;

    /**
     * Token creation date (set automatically on save)
     * @var DateTime $Created
     */
    private $created;

    /**
     * Token last modified date (set automatically on save and update)
     * @var DateTime $LastModified
     */
    private $lastModified;

    /**
     * @return string
     */
    public function key()
    {
        return 'ident';
    }

    /**
     * @param string $ident The token ident.
     * @return AuthToken Chainable
     */
    public function setIdent($ident)
    {
        $this->ident = $ident;
        return $this;
    }

    /**
     * @return string
     */
    public function ident()
    {
        return $this->ident;
    }

    /**
     * @param string $token The token.
     * @return AuthToken Chainable
     */
    public function setToken($token)
    {
        $this->token = $token;
        return $this;
    }

    /**
     * @return string
     */
    public function token()
    {
        return $this->token;
    }


    /**
     * Force a lowercase username
     *
     * @param string $username The username (also the login name).
     * @throws InvalidArgumentException If the username is not a string.
     * @return User Chainable
     */
    public function setUsername($username)

    {
        if (!is_string($username)) {
            throw new InvalidArgumentException(
                'Set user username: Username must be a string'
            );
        }
        $this->username = mb_strtolower($username);
        return $this;
    }

    /**
     * @return string
     */
    public function username()
    {
        return $this->username;
    }

    /**
     * @param DateTime|string|null $expiry The date/time at object's creation.
     * @throws InvalidArgumentException If the date/time is invalid.
     * @return Content Chainable
     */
    public function setExpiry($expiry)
    {
        if ($expiry === null) {
            $this->expiry = null;
            return $this;
        }
        if (is_string($expiry)) {
            $expiry = new DateTime($expiry);
        }
        if (!($expiry instanceof DateTimeInterface)) {
            throw new InvalidArgumentException(
                'Invalid "Expiry" value. Must be a date/time string or a DateTime object.'
            );
        }
        $this->expiry = $expiry;

        return $this;
    }

    /**
     * @return DateTimeInterface|null
     */
    public function expiry()
    {
        return $this->expiry;
    }

    /**
     * @param DateTime|string|null $created The date/time at object's creation.
     * @throws InvalidArgumentException If the date/time is invalid.
     * @return Content Chainable
     */
    public function setCreated($created)
    {
        if ($created === null) {
            $this->created = null;
            return $this;
        }
        if (is_string($created)) {
            $created = new DateTime($created);
        }
        if (!($created instanceof DateTimeInterface)) {
            throw new InvalidArgumentException(
                'Invalid "Created" value. Must be a date/time string or a DateTime object.'
            );
        }
        $this->created = $created;
        return $this;
    }

    /**
     * @return DateTime|null
     */
    public function created()
    {
        return $this->created;
    }

    /**
     * @param DateTime|string|null $lastModified The last modified date/time.
     * @throws InvalidArgumentException If the date/time is invalid.
     * @return Content Chainable
     */
    public function setLastModified($lastModified)
    {
        if ($lastModified === null) {
            $this->lastModified = null;
            return $this;
        }
        if (is_string($lastModified)) {
            $lastModified = new DateTime($lastModified);
        }
        if (!($lastModified instanceof DateTimeInterface)) {
            throw new InvalidArgumentException(
                'Invalid "Last Modified" value. Must be a date/time string or a DateTime object.'
            );
        }
        $this->lastModified = $lastModified;
        return $this;
    }

    /**
     * @return DateTime
     */
    public function lastModified()
    {
        return $this->lastModified;
    }

    /**
     * Note: the `random_bytes()` function is new to PHP-7. Available in PHP 5 with `compat-random`.
     *
     * @param string $username The username to generate the auth token from.
     * @return AuthToken Chainable
     */
    public function generate($username)
    {
        $this->setIdent(bin2hex(random_bytes(16)));
        $this->setToken(bin2hex(random_bytes(32)));
        $this->setUsername($username);
        $this->setExpiry('now + '.$this->metadata()->cookieDuration());
interface User
{
    /** @return string */
    public function getPassword();
}

class MyUser implements User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}

        return $this;
    }

    /**
     * @return AuthToken Chainable
     */
    public function sendCookie()
    {
        $cookieName = $this->metadata()->cookieName();
interface User
{
    /** @return string */
    public function getPassword();
}

class MyUser implements User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
        $value = $this->ident().';'.$this->token();
        $expiry = $this->expiry()->getTimestamp();
        $secure = $this->metadata()->httpsOnly();
interface User
{
    /** @return string */
    public function getPassword();
}

class MyUser implements User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}

        setcookie($cookieName, $value, $expiry, '', '', $secure);

        return $this;
    }

     /**
      * StorableTrait > preSave(): Called automatically before saving the object to source.
      * @return boolean
      */
    public function preSave()
    {
        parent::preSave();

        if (password_needs_rehash($this->token, PASSWORD_DEFAULT)) {
            $this->token = password_hash($this->token, PASSWORD_DEFAULT);
        }
        $this->setCreated('now');
        $this->setLastModified('now');

        return true;
    }

    /**
     * StorableTrait > preUpdate(): Called automatically before updating the object to source.
     * @param array $properties The properties (ident) set for update.
     * @return boolean
     */
    public function preUpdate(array $properties = null)
    {
        parent::preUpdate($properties);


        $this->setLastModified('now');

        return true;
    }

    /**
     * @return array `['ident'=>'', 'token'=>'']
     */
    public function getTokenDataFromCookie()
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
    {
        $cookieName = $this->metadata()->cookieName();
interface User
{
    /** @return string */
    public function getPassword();
}

class MyUser implements User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}

        if (!isset($_COOKIE[$cookieName])) {
            return null;
        }

        $authCookie = $_COOKIE[$cookieName];
        $vals = explode(';', $authCookie);
        if (!isset($vals[0]) || !isset($vals[1])) {
            return null;
        }

        return [
            'ident' => $vals[0],
            'token' => $vals[1]
        ];
    }

    /**
     * @param mixed  $ident The auth-token identifier.
     * @param string $token The token key to validate against.
     * @return mixed The user id.
     */
    public function getUserId($ident, $token)
    {
        return $this->getUsernameFromToken($ident, $token);
    }

    /**
     * @param mixed  $ident The auth-token identifier (username).
     * @param string $token The token to validate against.
     * @return mixed The user id. An empty string if no token match.
     */
    public function getUsernameFromToken($ident, $token)
    {
        $this->load($ident);
        if (!$this->ident()) {
            $this->logger->warning(sprintf('Auth token not found: "%s"', $ident));
            return '';
        }

        // Expired cookie
        $now = new DateTime('now');
        if (!$this->expiry() || $now > $this->expiry()) {
            $this->logger->warning('Expired auth token');
            $this->delete();
            return '';
        }

        // Validate encrypted token
        if (password_verify($token, $this->token()) !== true) {
            $this->panic();
            $this->delete();
            return '';
        }

        // Success!
        return $this->username();
    }

    /**
     * Something is seriously wrong: a cookie ident was in the database but with a tampered token.
     *
     * @return void
     */
    protected function panic()
    {
        // Todo: delete all user's token.
        // Gve a strongly-worded error message.

        $this->logger->error(
            'Possible security breach: an authentication token was found in the database but its token does not match.'
        );

        if ($this->username) {
            $table = $this->source()->table();
interface User
{
    /** @return string */
    public function getPassword();
}

class MyUser implements User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
            $q = '
            delete from
                '.$table.'
            where
                username = :username';
            $this->source()->dbQuery($q, [
interface User
{
    /** @return string */
    public function getPassword();
}

class MyUser implements User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
                'username'=>$this->username()
            ]);
        }
    }

    /**
     * DescribableTrait > create_metadata().
     *
     * @param array $data Optional data to intialize the Metadata object with.
     * @return MetadataInterface
     */
    protected function createMetadata(array $data = null)
    {
        $metadata = new AuthTokenMetadata();
        if ($data !== null) {
            $metadata->setData($data);
class User
{
    private $email;

    public function getEmail()
    {
        return $this->email;
    }

    public function setEmail($email)
    {
        $this->email = $email;
    }
}
        }
        return $metadata;
    }
}


Push — master ( b6640d...1255af )

AuthToken B

Complexity

Size/Duplication

Coupling/Cohesion

Importance

22 Methods

How to fix Duplicated Code Complexity

Duplicated Code

Complex Class

Available Fixes

Available Fixes

Available Fixes

Available Fixes

Available Fixes

Available Fixes

locomotivemtl / charcoal-base

Push — master ( b6640d...1255af )

AuthToken B

Complexity

Size/Duplication

Coupling/Cohesion

Importance

22 Methods

How to fix Duplicated Code Complexity

Duplicated Code

Complex Class

Available Fixes

Available Fixes

Available Fixes

Available Fixes

Available Fixes

Available Fixes

Duplication Side-by-Side

Filter issues like