Inspection of "Merge pull request #36562 from nextcloud/debug/ses..." - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( d4a9da...674f4e )

by Julius

created 2023-02-09 15:08 UTC

Status

Spacing +17 added lines, -17 removed lines patch added patch discarded remove patch

@@ -99,13 +99,13 @@  discard block
 block discarded – undo
 								  int $type = IToken::TEMPORARY_TOKEN,
 								  int $remember = IToken::DO_NOT_REMEMBER): IToken {
 		if (mb_strlen($name) > 128) {
-			$name = mb_substr($name, 0, 120) . '…';
+			$name = mb_substr($name, 0, 120).'…';
 		}
 
 		// We need to check against one old token to see if there is a password
 		// hash that we can reuse for detecting outdated passwords
 		$randomOldToken = $this->mapper->getFirstTokenForUser($uid);
-		$oldTokenMatches = $randomOldToken && $this->hasher->verify(sha1($password) . $password, $randomOldToken->getPasswordHash());
+		$oldTokenMatches = $randomOldToken && $this->hasher->verify(sha1($password).$password, $randomOldToken->getPasswordHash());
 
 		$dbToken = $this->newToken($token, $uid, $loginName, $password, $name, $type, $remember);
 
@@ -131,7 +131,7 @@  discard block
 block discarded – undo
 		if (isset($this->cache[$tokenHash])) {
 			if ($this->cache[$tokenHash] instanceof DoesNotExistException) {
 				$ex = $this->cache[$tokenHash];
-				throw new InvalidTokenException("Token does not exist: " . $ex->getMessage(), 0, $ex);
+				throw new InvalidTokenException("Token does not exist: ".$ex->getMessage(), 0, $ex);
 			}
 			$token = $this->cache[$tokenHash];
 		} else {
@@ -145,12 +145,12 @@  discard block
 block discarded – undo
 					$this->rotate($token, $tokenId, $tokenId);
 				} catch (DoesNotExistException $ex2) {
 					$this->cache[$tokenHash] = $ex2;
-					throw new InvalidTokenException("Token does not exist: " . $ex->getMessage(), 0, $ex);
+					throw new InvalidTokenException("Token does not exist: ".$ex->getMessage(), 0, $ex);
 				}
 			}
 		}
 
-		if ((int)$token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) {
+		if ((int) $token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) {
 			throw new ExpiredTokenException($token);
 		}
 
@@ -170,10 +170,10 @@  discard block
 block discarded – undo
 		try {
 			$token = $this->mapper->getTokenById($tokenId);
 		} catch (DoesNotExistException $ex) {
-			throw new InvalidTokenException("Token with ID $tokenId does not exist: " . $ex->getMessage(), 0, $ex);
+			throw new InvalidTokenException("Token with ID $tokenId does not exist: ".$ex->getMessage(), 0, $ex);
 		}
 
-		if ((int)$token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) {
+		if ((int) $token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) {
 			throw new ExpiredTokenException($token);
 		}
 
@@ -192,7 +192,7 @@  discard block
 block discarded – undo
 	public function renewSessionToken(string $oldSessionId, string $sessionId): IToken {
 		$this->cache->clear();
 
-		return $this->atomic(function () use ($oldSessionId, $sessionId) {
+		return $this->atomic(function() use ($oldSessionId, $sessionId) {
 			$token = $this->getToken($oldSessionId);
 
 			if (!($token instanceof PublicKeyToken)) {
@@ -237,10 +237,10 @@  discard block
 block discarded – undo
 		$this->cache->clear();
 
 		$olderThan = $this->time->getTime() - (int) $this->config->getSystemValue('session_lifetime', 60 * 60 * 24);
-		$this->logger->debug('Invalidating session tokens older than ' . date('c', $olderThan), ['app' => 'cron']);
+		$this->logger->debug('Invalidating session tokens older than '.date('c', $olderThan), ['app' => 'cron']);
 		$this->mapper->invalidateOld($olderThan, IToken::DO_NOT_REMEMBER);
 		$rememberThreshold = $this->time->getTime() - (int) $this->config->getSystemValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15);
-		$this->logger->debug('Invalidating remembered session tokens older than ' . date('c', $rememberThreshold), ['app' => 'cron']);
+		$this->logger->debug('Invalidating remembered session tokens older than '.date('c', $rememberThreshold), ['app' => 'cron']);
 		$this->mapper->invalidateOld($rememberThreshold, IToken::REMEMBER);
 	}
 
@@ -313,7 +313,7 @@  discard block
 block discarded – undo
 	}
 
 	private function hashPassword(string $password): string {
-		return $this->hasher->hash(sha1($password) . $password);
+		return $this->hasher->hash(sha1($password).$password);
 	}
 
 	public function rotate(IToken $token, string $oldTokenId, string $newTokenId): IToken {
@@ -336,7 +336,7 @@  discard block
 block discarded – undo
 
 	private function encrypt(string $plaintext, string $token): string {
 		$secret = $this->config->getSystemValue('secret');
-		return $this->crypto->encrypt($plaintext, $token . $secret);
+		return $this->crypto->encrypt($plaintext, $token.$secret);
 	}
 
 	/**
@@ -345,7 +345,7 @@  discard block
 block discarded – undo
 	private function decrypt(string $cipherText, string $token): string {
 		$secret = $this->config->getSystemValue('secret');
 		try {
-			return $this->crypto->decrypt($cipherText, $token . $secret);
+			return $this->crypto->decrypt($cipherText, $token.$secret);
 		} catch (\Exception $ex) {
 			// Retry with empty secret as a fallback for instances where the secret might not have been set by accident
 			try {
@@ -353,7 +353,7 @@  discard block
 block discarded – undo
 			} catch (\Exception $ex2) {
 				// Delete the invalid token
 				$this->invalidateToken($token);
-				throw new InvalidTokenException("Could not decrypt token password: " . $ex->getMessage(), 0, $ex2);
+				throw new InvalidTokenException("Could not decrypt token password: ".$ex->getMessage(), 0, $ex2);
 			}
 		}
 	}
@@ -374,7 +374,7 @@  discard block
 block discarded – undo
 
 	private function hashToken(string $token): string {
 		$secret = $this->config->getSystemValue('secret');
-		return hash('sha512', $token . $secret);
+		return hash('sha512', $token.$secret);
 	}
 
 	/**
@@ -476,7 +476,7 @@  discard block
 block discarded – undo
 			if (!isset($hashNeedsUpdate[$t->getPasswordHash()])) {
 				if ($t->getPasswordHash() === null) {
 					$hashNeedsUpdate[$t->getPasswordHash() ?: ''] = true;
-				} elseif (!$this->hasher->verify(sha1($password) . $password, $t->getPasswordHash())) {
+				} elseif (!$this->hasher->verify(sha1($password).$password, $t->getPasswordHash())) {
 					$hashNeedsUpdate[$t->getPasswordHash() ?: ''] = true;
 				} else {
 					$hashNeedsUpdate[$t->getPasswordHash() ?: ''] = false;
@@ -510,6 +510,6 @@  discard block
 block discarded – undo
 		while ($error = openssl_error_string()) {
 			$errors[] = $error;
 		}
-		$this->logger->critical('Something is wrong with your openssl setup: ' . implode(', ', $errors));
+		$this->logger->critical('Something is wrong with your openssl setup: '.implode(', ', $errors));
 	}
 }

Please login to merge, or discard this patch.

		@@ -99,13 +99,13 @@ discard block
		block discarded – undo
99	99	int $type = IToken::TEMPORARY_TOKEN,
100	100	int $remember = IToken::DO_NOT_REMEMBER): IToken {
101	101	if (mb_strlen($name) > 128) {
102		- $name = mb_substr($name, 0, 120) . '…';
	102	+ $name = mb_substr($name, 0, 120).'…';
103	103	}
104	104
105	105	// We need to check against one old token to see if there is a password
106	106	// hash that we can reuse for detecting outdated passwords
107	107	$randomOldToken = $this->mapper->getFirstTokenForUser($uid);
108		- $oldTokenMatches = $randomOldToken && $this->hasher->verify(sha1($password) . $password, $randomOldToken->getPasswordHash());
	108	+ $oldTokenMatches = $randomOldToken && $this->hasher->verify(sha1($password).$password, $randomOldToken->getPasswordHash());
109	109
110	110	$dbToken = $this->newToken($token, $uid, $loginName, $password, $name, $type, $remember);
111	111
		@@ -131,7 +131,7 @@ discard block
		block discarded – undo
131	131	if (isset($this->cache[$tokenHash])) {
132	132	if ($this->cache[$tokenHash] instanceof DoesNotExistException) {
133	133	$ex = $this->cache[$tokenHash];
134		- throw new InvalidTokenException("Token does not exist: " . $ex->getMessage(), 0, $ex);
	134	+ throw new InvalidTokenException("Token does not exist: ".$ex->getMessage(), 0, $ex);
135	135	}
136	136	$token = $this->cache[$tokenHash];
137	137	} else {
		@@ -145,12 +145,12 @@ discard block
		block discarded – undo
145	145	$this->rotate($token, $tokenId, $tokenId);
146	146	} catch (DoesNotExistException $ex2) {
147	147	$this->cache[$tokenHash] = $ex2;
148		- throw new InvalidTokenException("Token does not exist: " . $ex->getMessage(), 0, $ex);
	148	+ throw new InvalidTokenException("Token does not exist: ".$ex->getMessage(), 0, $ex);
149	149	}
150	150	}
151	151	}
152	152
153		- if ((int)$token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) {
	153	+ if ((int) $token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) {
154	154	throw new ExpiredTokenException($token);
155	155	}
156	156
		@@ -170,10 +170,10 @@ discard block
		block discarded – undo
170	170	try {
171	171	$token = $this->mapper->getTokenById($tokenId);
172	172	} catch (DoesNotExistException $ex) {
173		- throw new InvalidTokenException("Token with ID $tokenId does not exist: " . $ex->getMessage(), 0, $ex);
	173	+ throw new InvalidTokenException("Token with ID $tokenId does not exist: ".$ex->getMessage(), 0, $ex);
174	174	}
175	175
176		- if ((int)$token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) {
	176	+ if ((int) $token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) {
177	177	throw new ExpiredTokenException($token);
178	178	}
179	179
		@@ -192,7 +192,7 @@ discard block
		block discarded – undo
192	192	public function renewSessionToken(string $oldSessionId, string $sessionId): IToken {
193	193	$this->cache->clear();
194	194
195		- return $this->atomic(function () use ($oldSessionId, $sessionId) {
	195	+ return $this->atomic(function() use ($oldSessionId, $sessionId) {
196	196	$token = $this->getToken($oldSessionId);
197	197
198	198	if (!($token instanceof PublicKeyToken)) {
		@@ -237,10 +237,10 @@ discard block
		block discarded – undo
237	237	$this->cache->clear();
238	238
239	239	$olderThan = $this->time->getTime() - (int) $this->config->getSystemValue('session_lifetime', 60 * 60 * 24);
240		- $this->logger->debug('Invalidating session tokens older than ' . date('c', $olderThan), ['app' => 'cron']);
	240	+ $this->logger->debug('Invalidating session tokens older than '.date('c', $olderThan), ['app' => 'cron']);
241	241	$this->mapper->invalidateOld($olderThan, IToken::DO_NOT_REMEMBER);
242	242	$rememberThreshold = $this->time->getTime() - (int) $this->config->getSystemValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15);
243		- $this->logger->debug('Invalidating remembered session tokens older than ' . date('c', $rememberThreshold), ['app' => 'cron']);
	243	+ $this->logger->debug('Invalidating remembered session tokens older than '.date('c', $rememberThreshold), ['app' => 'cron']);
244	244	$this->mapper->invalidateOld($rememberThreshold, IToken::REMEMBER);
245	245	}
246	246
		@@ -313,7 +313,7 @@ discard block
		block discarded – undo
313	313	}
314	314
315	315	private function hashPassword(string $password): string {
316		- return $this->hasher->hash(sha1($password) . $password);
	316	+ return $this->hasher->hash(sha1($password).$password);
317	317	}
318	318
319	319	public function rotate(IToken $token, string $oldTokenId, string $newTokenId): IToken {
		@@ -336,7 +336,7 @@ discard block
		block discarded – undo
336	336
337	337	private function encrypt(string $plaintext, string $token): string {
338	338	$secret = $this->config->getSystemValue('secret');
339		- return $this->crypto->encrypt($plaintext, $token . $secret);
	339	+ return $this->crypto->encrypt($plaintext, $token.$secret);
340	340	}
341	341
342	342	/**
		@@ -345,7 +345,7 @@ discard block
		block discarded – undo
345	345	private function decrypt(string $cipherText, string $token): string {
346	346	$secret = $this->config->getSystemValue('secret');
347	347	try {
348		- return $this->crypto->decrypt($cipherText, $token . $secret);
	348	+ return $this->crypto->decrypt($cipherText, $token.$secret);
349	349	} catch (\Exception $ex) {
350	350	// Retry with empty secret as a fallback for instances where the secret might not have been set by accident
351	351	try {
		@@ -353,7 +353,7 @@ discard block
		block discarded – undo
353	353	} catch (\Exception $ex2) {
354	354	// Delete the invalid token
355	355	$this->invalidateToken($token);
356		- throw new InvalidTokenException("Could not decrypt token password: " . $ex->getMessage(), 0, $ex2);
	356	+ throw new InvalidTokenException("Could not decrypt token password: ".$ex->getMessage(), 0, $ex2);
357	357	}
358	358	}
359	359	}
		@@ -374,7 +374,7 @@ discard block
		block discarded – undo
374	374
375	375	private function hashToken(string $token): string {
376	376	$secret = $this->config->getSystemValue('secret');
377		- return hash('sha512', $token . $secret);
	377	+ return hash('sha512', $token.$secret);
378	378	}
379	379
380	380	/**
		@@ -476,7 +476,7 @@ discard block
		block discarded – undo
476	476	if (!isset($hashNeedsUpdate[$t->getPasswordHash()])) {
477	477	if ($t->getPasswordHash() === null) {
478	478	$hashNeedsUpdate[$t->getPasswordHash() ?: ''] = true;
479		- } elseif (!$this->hasher->verify(sha1($password) . $password, $t->getPasswordHash())) {
	479	+ } elseif (!$this->hasher->verify(sha1($password).$password, $t->getPasswordHash())) {
480	480	$hashNeedsUpdate[$t->getPasswordHash() ?: ''] = true;
481	481	} else {
482	482	$hashNeedsUpdate[$t->getPasswordHash() ?: ''] = false;
		@@ -510,6 +510,6 @@ discard block
		block discarded – undo
510	510	while ($error = openssl_error_string()) {
511	511	$errors[] = $error;
512	512	}
513		- $this->logger->critical('Something is wrong with your openssl setup: ' . implode(', ', $errors));
	513	+ $this->logger->critical('Something is wrong with your openssl setup: '.implode(', ', $errors));
514	514	}
515	515	}

nextcloud / server

Push — master ( d4a9da...674f4e )

Status

Category

Spacing +17 added lines, -17 removed lines patch added patch discarded remove patch