TokenController::generateToken() - Code Metrics - Inspection of "Revert "Downstream 2016-06-08"" - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#32)

by Blizzz

created 2016-06-09 16:06 UTC

TokenController::generateToken() A

↳ Parent: TokenController

Complexity

Conditions	4
Paths	3

Size

Total Lines	18
Code Lines	14

Duplication

Lines	0
Ratio	0 %

Importance

Changes	2
Bugs	0	Features	0

Metric	Value
cc	4
eloc	14
c	2
b	0
f	0
nc	3
nop	3
dl	0
loc	18
rs	9.2

<?php
/**
 * @author Christoph Wurst <[email protected]>
 *
 * @copyright Copyright (c) 2016, ownCloud, Inc.
 * @license AGPL-3.0
 *
 * This code is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License, version 3,
 * as published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License, version 3,
 * along with this program.  If not, see <http://www.gnu.org/licenses/>
 *
 */

namespace OC\Core\Controller;

use OC\AppFramework\Http;
use OC\Authentication\Token\DefaultTokenProvider;
use OC\Authentication\Token\IToken;
use OC\User\Manager;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\JSONResponse;
use OCP\AppFramework\Http\Response;
use OCP\IRequest;
use OCP\Security\ISecureRandom;

class TokenController extends Controller {

	/** @var Manager */
	private $userManager;

	/** @var DefaultTokenProvider */
	private $tokenProvider;

	/** @var ISecureRandom */
	private $secureRandom;

	/**
	 * @param string $appName
	 * @param IRequest $request
	 * @param Manager $userManager
	 * @param DefaultTokenProvider $tokenProvider
	 * @param ISecureRandom $secureRandom
	 */
	public function __construct($appName, IRequest $request, Manager $userManager, DefaultTokenProvider $tokenProvider,
		ISecureRandom $secureRandom) {
		parent::__construct($appName, $request);
		$this->userManager = $userManager;
		$this->tokenProvider = $tokenProvider;
		$this->secureRandom = $secureRandom;
	}

	/**
	 * Generate a new access token clients can authenticate with
	 *
	 * @PublicPage
	 * @NoCSRFRequired
	 *
	 * @param string $user
	 * @param string $password
	 * @param string $name the name of the client
	 * @return JSONResponse
	 */
	public function generateToken($user, $password, $name = 'unknown client') {
		if (is_null($user) || is_null($password)) {
			$response = new Response();
			$response->setStatus(Http::STATUS_UNPROCESSABLE_ENTITY);
			return $response;
		}
		$loginResult = $this->userManager->checkPassword($user, $password);
		if ($loginResult === false) {
			$response = new Response();
			$response->setStatus(Http::STATUS_UNAUTHORIZED);
			return $response;
		}
		$token = $this->secureRandom->generate(128);
		$this->tokenProvider->generateToken($token, $loginResult->getUID(), $user, $password, $name, IToken::PERMANENT_TOKEN);
		return [
class Author {
    private $name;

    public function __construct($name) {
        $this->name = $name;
    }

    public function getName() {
        return $this->name;
    }
}

abstract class Post {
    public function getAuthor() {
        return 'Johannes';
    }
}

class BlogPost extends Post {
    public function getAuthor() {
        return new Author('Johannes');
    }
}

class ForumPost extends Post { /* ... */ }

function my_function(Post $post) {
    echo strtoupper($post->getAuthor());
}
			'token' => $token,
		];
	}

}


1			<?php
2			/**
3			* @author Christoph Wurst <[email protected]>
4			*
5			* @copyright Copyright (c) 2016, ownCloud, Inc.
6			* @license AGPL-3.0
7			*
8			* This code is free software: you can redistribute it and/or modify
9			* it under the terms of the GNU Affero General Public License, version 3,
10			* as published by the Free Software Foundation.
11			*
12			* This program is distributed in the hope that it will be useful,
13			* but WITHOUT ANY WARRANTY; without even the implied warranty of
14			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15			* GNU Affero General Public License for more details.
16			*
17			* You should have received a copy of the GNU Affero General Public License, version 3,
18			* along with this program. If not, see <http://www.gnu.org/licenses/>
19			*
20			*/
21
22			namespace OC\Core\Controller;
23
24			use OC\AppFramework\Http;
25			use OC\Authentication\Token\DefaultTokenProvider;
26			use OC\Authentication\Token\IToken;
27			use OC\User\Manager;
28			use OCP\AppFramework\Controller;
29			use OCP\AppFramework\Http\JSONResponse;
30			use OCP\AppFramework\Http\Response;
31			use OCP\IRequest;
32			use OCP\Security\ISecureRandom;
33
34			class TokenController extends Controller {
35
36			/** @var Manager */
37			private $userManager;
38
39			/** @var DefaultTokenProvider */
40			private $tokenProvider;
41
42			/** @var ISecureRandom */
43			private $secureRandom;
44
45			/**
46			* @param string $appName
47			* @param IRequest $request
48			* @param Manager $userManager
49			* @param DefaultTokenProvider $tokenProvider
50			* @param ISecureRandom $secureRandom
51			*/
52			public function __construct($appName, IRequest $request, Manager $userManager, DefaultTokenProvider $tokenProvider,
53			ISecureRandom $secureRandom) {
54			parent::__construct($appName, $request);
55			$this->userManager = $userManager;
56			$this->tokenProvider = $tokenProvider;
57			$this->secureRandom = $secureRandom;
58			}
59
60			/**
61			* Generate a new access token clients can authenticate with
62			*
63			* @PublicPage
64			* @NoCSRFRequired
65			*
66			* @param string $user
67			* @param string $password
68			* @param string $name the name of the client
69			* @return JSONResponse
70			*/
71			public function generateToken($user, $password, $name = 'unknown client') {
72			if (is_null($user) \|\| is_null($password)) {
73			$response = new Response();
74			$response->setStatus(Http::STATUS_UNPROCESSABLE_ENTITY);
75			return $response;
76			}
77			$loginResult = $this->userManager->checkPassword($user, $password);
78			if ($loginResult === false) {
79			$response = new Response();
80			$response->setStatus(Http::STATUS_UNAUTHORIZED);
81			return $response;
82			}
83			$token = $this->secureRandom->generate(128);
84			$this->tokenProvider->generateToken($token, $loginResult->getUID(), $user, $password, $name, IToken::PERMANENT_TOKEN);
85			return [
			0 ignored issues – show Bug Best Practice introduced 2016-06-09 12:21 UTC by Report Bug Copy Issue Report The return type of `return array('token' => $token);` (`array<string,string>`) is incompatible with the return type documented by `OC\Core\Controller\TokenController::generateToken` of type `OCP\AppFramework\Http\JSONResponse`. If you return a value from a function or method, it should be a sub-type of the type that is given by the parent type f.e. an interface, or abstract method. This is more formally defined by the Lizkov substitution principle, and guarantees that classes that depend on the parent type can use any instance of a child type interchangably. This principle also belongs to the SOLID principles for object oriented design. Let’s take a look at an example: class Author { private $name; public function __construct($name) { $this->name = $name; } public function getName() { return $this->name; } } abstract class Post { public function getAuthor() { return 'Johannes'; } } class BlogPost extends Post { public function getAuthor() { return new Author('Johannes'); } } class ForumPost extends Post { /* ... */ } function my_function(Post $post) { echo strtoupper($post->getAuthor()); } Our function `my_function` expects a `Post` object, and outputs the author of the post. The base class `Post` returns a simple string and outputting a simple string will work just fine. However, the child class `BlogPost` which is a sub-type of `Post` instead decided to return an `object`, and is therefore violating the SOLID principles. If a `BlogPost` were passed to `my_function`, PHP would not complain, but ultimately fail when executing the `strtoupper` call in its body. Loading history...
86			'token' => $token,
87			];
88			}
89
90			}
91

nextcloud / server

Pull Request — master (#32)

TokenController::generateToken() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like