BearerAuth::validateBearerToken() - Code Metrics - Inspection of "Merge pull request #5383 from nextcloud/revert-525..." - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( e7b5c5...c4bb37 )

by Morris

created 2017-06-13 19:39 UTC

BearerAuth::validateBearerToken() A

↳ Parent: BearerAuth

Complexity

Conditions	3
Paths	4

Size

Total Lines	12
Code Lines	7

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	3
eloc	7
nc	4
nop	1
dl	0
loc	12
rs	9.4285
c	0
b	0
f	0

<?php
/**
 * @copyright Copyright (c) 2017 Lukas Reschke <[email protected]>
 *
 * @license GNU AGPL version 3 or any later version
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 *
 */

namespace OCA\DAV\Connector\Sabre;

use OCP\IRequest;
use OCP\ISession;
use OCP\IUserSession;
use Sabre\DAV\Auth\Backend\AbstractBearer;
use Sabre\HTTP\RequestInterface;
use Sabre\HTTP\ResponseInterface;

class BearerAuth extends AbstractBearer {
	/** @var IUserSession */
	private $userSession;
	/** @var ISession */
	private $session;
	/** @var IRequest */
	private $request;
	/** @var string */
	private $principalPrefix;

	/**
	 * @param IUserSession $userSession
	 * @param ISession $session
	 * @param string $principalPrefix
	 * @param IRequest $request
	 */
	public function __construct(IUserSession $userSession,

								ISession $session,
								IRequest $request,
								$principalPrefix = 'principals/users/') {
		$this->userSession = $userSession;
		$this->session = $session;
		$this->request = $request;
		$this->principalPrefix = $principalPrefix;

		// setup realm
		$defaults = new \OCP\Defaults();
		$this->realm = $defaults->getName();
	}

	private function setupUserFs($userId) {
		\OC_Util::setupFS($userId);
		$this->session->close();
		return $this->principalPrefix . $userId;
	}

	/**
	 * {@inheritdoc}
	 */
	public function validateBearerToken($bearerToken) {
		\OC_Util::setupFS();

		if(!$this->userSession->isLoggedIn()) {
			$this->userSession->tryTokenLogin($this->request);
interface User
{
    /** @return string */
    public function getPassword();
}

class MyUser implements User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
		}
		if($this->userSession->isLoggedIn()) {
			return $this->setupUserFs($this->userSession->getUser()->getUID());
		}

		return false;
	}

	/**
	 * \Sabre\DAV\Auth\Backend\AbstractBearer::challenge sets an WWW-Authenticate
	 * header which some DAV clients can't handle. Thus we override this function
	 * and make it simply return a 401.
	 *
	 * @param RequestInterface $request
	 * @param ResponseInterface $response
	 */
	public function challenge(RequestInterface $request, ResponseInterface $response) {
		$response->setStatus(401);
	}
}


1		<?php
2		/**
3		* @copyright Copyright (c) 2017 Lukas Reschke <[email protected]>
4		*
5		* @license GNU AGPL version 3 or any later version
6		*
7		* This program is free software: you can redistribute it and/or modify
8		* it under the terms of the GNU Affero General Public License as
9		* published by the Free Software Foundation, either version 3 of the
10		* License, or (at your option) any later version.
11		*
12		* This program is distributed in the hope that it will be useful,
13		* but WITHOUT ANY WARRANTY; without even the implied warranty of
14		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15		* GNU Affero General Public License for more details.
16		*
17		* You should have received a copy of the GNU Affero General Public License
18		* along with this program. If not, see <http://www.gnu.org/licenses/>.
19		*
20		*/
21
22		namespace OCA\DAV\Connector\Sabre;
23
24		use OCP\IRequest;
25		use OCP\ISession;
26		use OCP\IUserSession;
27		use Sabre\DAV\Auth\Backend\AbstractBearer;
28		use Sabre\HTTP\RequestInterface;
29		use Sabre\HTTP\ResponseInterface;
30
31		class BearerAuth extends AbstractBearer {
32		/** @var IUserSession */
33		private $userSession;
34		/** @var ISession */
35		private $session;
36		/** @var IRequest */
37		private $request;
38		/** @var string */
39		private $principalPrefix;
40
41		/**
42		* @param IUserSession $userSession
43		* @param ISession $session
44		* @param string $principalPrefix
45		* @param IRequest $request
46		*/
47	View Code Duplication	public function __construct(IUserSession $userSession,
		0 ignored issues – show Duplication introduced 2017-06-13 12:09 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
48		ISession $session,
49		IRequest $request,
50		$principalPrefix = 'principals/users/') {
51		$this->userSession = $userSession;
52		$this->session = $session;
53		$this->request = $request;
54		$this->principalPrefix = $principalPrefix;
55
56		// setup realm
57		$defaults = new \OCP\Defaults();
58		$this->realm = $defaults->getName();
59		}
60
61		private function setupUserFs($userId) {
62		\OC_Util::setupFS($userId);
63		$this->session->close();
64		return $this->principalPrefix . $userId;
65		}
66
67		/**
68		* {@inheritdoc}
69		*/
70		public function validateBearerToken($bearerToken) {
71		\OC_Util::setupFS();
72
73		if(!$this->userSession->isLoggedIn()) {
74		$this->userSession->tryTokenLogin($this->request);
		0 ignored issues – show Bug introduced 2017-05-18 18:23 UTC by Report Bug Copy Issue Report It seems like you code against a concrete implementation and not the interface `OCP\IUserSession` as the method `tryTokenLogin()` does only exist in the following implementations of said interface: `OC\User\Session`. Let’s take a look at an example: interface User { /** @return string / public function getPassword(); } class MyUser implements User { public function getPassword() { // return something } public function getDisplayName() { // return some name. } } class AuthSystem { public function authenticate(User $user) { $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName())); // do something. } } In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different implementation of User which does not have a getDisplayName() method, the code will break. Available Fixes Change the type-hint for the parameter: class AuthSystem { public function authenticate(MyUser $user) { / ... / } } Add an additional type-check: class AuthSystem { public function authenticate(User $user) { if ($user instanceof MyUser) { $this->logger->info(/* ... /); } // or alternatively if ( ! $user instanceof MyUser) { throw new \LogicException( '$user must be an instance of MyUser, ' .'other instances are not supported.' ); } } } Note:* PHP Analyzer uses reverse abstract interpretation to narrow down the types inside the if block in such a case. Add the method to the interface: interface User { /** @return string / public function getPassword(); /* @return string */ public function getDisplayName(); } Loading history...
75		}
76		if($this->userSession->isLoggedIn()) {
77		return $this->setupUserFs($this->userSession->getUser()->getUID());
78		}
79
80		return false;
81		}
82
83		/**
84		* \Sabre\DAV\Auth\Backend\AbstractBearer::challenge sets an WWW-Authenticate
85		* header which some DAV clients can't handle. Thus we override this function
86		* and make it simply return a 401.
87		*
88		* @param RequestInterface $request
89		* @param ResponseInterface $response
90		*/
91		public function challenge(RequestInterface $request, ResponseInterface $response) {
92		$response->setStatus(401);
93		}
94		}
95

nextcloud / server

Push — master ( e7b5c5...c4bb37 )

BearerAuth::validateBearerToken() A

Complexity

Size

Duplication

Importance

Available Fixes

Duplication Side-by-Side

Filter issues like