Inspection of "Merge pull request #51870 from nextcloud/artonge/f..." - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 18d488...e659f2 )

unknown

created 2025-04-02 17:23 UTC

Status

Indentation +75 added lines, -75 removed lines patch added patch discarded remove patch

@@ -26,92 +26,92 @@
 block discarded – undo
 use ReflectionMethod;
 
 class PasswordConfirmationMiddleware extends Middleware {
-	private array $excludedUserBackEnds = ['user_saml' => true, 'user_globalsiteselector' => true];
+    private array $excludedUserBackEnds = ['user_saml' => true, 'user_globalsiteselector' => true];
 
-	public function __construct(
-		private ControllerMethodReflector $reflector,
-		private ISession $session,
-		private IUserSession $userSession,
-		private ITimeFactory $timeFactory,
-		private IProvider $tokenProvider,
-		private readonly LoggerInterface $logger,
-		private readonly IRequest $request,
-		private readonly Manager $userManager,
-	) {
-	}
+    public function __construct(
+        private ControllerMethodReflector $reflector,
+        private ISession $session,
+        private IUserSession $userSession,
+        private ITimeFactory $timeFactory,
+        private IProvider $tokenProvider,
+        private readonly LoggerInterface $logger,
+        private readonly IRequest $request,
+        private readonly Manager $userManager,
+    ) {
+    }
 
-	/**
-	 * @throws NotConfirmedException
-	 */
-	public function beforeController(Controller $controller, string $methodName) {
-		$reflectionMethod = new ReflectionMethod($controller, $methodName);
+    /**
+     * @throws NotConfirmedException
+     */
+    public function beforeController(Controller $controller, string $methodName) {
+        $reflectionMethod = new ReflectionMethod($controller, $methodName);
 
-		if (!$this->needsPasswordConfirmation($reflectionMethod)) {
-			return;
-		}
+        if (!$this->needsPasswordConfirmation($reflectionMethod)) {
+            return;
+        }
 
-		$user = $this->userSession->getUser();
-		$backendClassName = '';
-		if ($user !== null) {
-			$backend = $user->getBackend();
-			if ($backend instanceof IPasswordConfirmationBackend) {
-				if (!$backend->canConfirmPassword($user->getUID())) {
-					return;
-				}
-			}
+        $user = $this->userSession->getUser();
+        $backendClassName = '';
+        if ($user !== null) {
+            $backend = $user->getBackend();
+            if ($backend instanceof IPasswordConfirmationBackend) {
+                if (!$backend->canConfirmPassword($user->getUID())) {
+                    return;
+                }
+            }
 
-			$backendClassName = $user->getBackendClassName();
-		}
+            $backendClassName = $user->getBackendClassName();
+        }
 
-		try {
-			$sessionId = $this->session->getId();
-			$token = $this->tokenProvider->getToken($sessionId);
-		} catch (SessionNotAvailableException|InvalidTokenException|WipeTokenException|ExpiredTokenException) {
-			// States we do not deal with here.
-			return;
-		}
+        try {
+            $sessionId = $this->session->getId();
+            $token = $this->tokenProvider->getToken($sessionId);
+        } catch (SessionNotAvailableException|InvalidTokenException|WipeTokenException|ExpiredTokenException) {
+            // States we do not deal with here.
+            return;
+        }
 
-		$scope = $token->getScopeAsArray();
-		if (isset($scope[IToken::SCOPE_SKIP_PASSWORD_VALIDATION]) && $scope[IToken::SCOPE_SKIP_PASSWORD_VALIDATION] === true) {
-			// Users logging in from SSO backends cannot confirm their password by design
-			return;
-		}
+        $scope = $token->getScopeAsArray();
+        if (isset($scope[IToken::SCOPE_SKIP_PASSWORD_VALIDATION]) && $scope[IToken::SCOPE_SKIP_PASSWORD_VALIDATION] === true) {
+            // Users logging in from SSO backends cannot confirm their password by design
+            return;
+        }
 
-		if ($this->isPasswordConfirmationStrict($reflectionMethod)) {
-			$authHeader = $this->request->getHeader('Authorization');
-			[, $password] = explode(':', base64_decode(substr($authHeader, 6)), 2);
-			$loginName = $this->session->get('loginname');
-			$loginResult = $this->userManager->checkPassword($loginName, $password);
-			if ($loginResult === false) {
-				throw new NotConfirmedException();
-			}
+        if ($this->isPasswordConfirmationStrict($reflectionMethod)) {
+            $authHeader = $this->request->getHeader('Authorization');
+            [, $password] = explode(':', base64_decode(substr($authHeader, 6)), 2);
+            $loginName = $this->session->get('loginname');
+            $loginResult = $this->userManager->checkPassword($loginName, $password);
+            if ($loginResult === false) {
+                throw new NotConfirmedException();
+            }
 
-			$this->session->set('last-password-confirm', $this->timeFactory->getTime());
-		} else {
-			$lastConfirm = (int)$this->session->get('last-password-confirm');
-			// TODO: confirm excludedUserBackEnds can go away and remove it
-			if (!isset($this->excludedUserBackEnds[$backendClassName]) && $lastConfirm < ($this->timeFactory->getTime() - (30 * 60 + 15))) { // allow 15 seconds delay
-				throw new NotConfirmedException();
-			}
-		}
-	}
+            $this->session->set('last-password-confirm', $this->timeFactory->getTime());
+        } else {
+            $lastConfirm = (int)$this->session->get('last-password-confirm');
+            // TODO: confirm excludedUserBackEnds can go away and remove it
+            if (!isset($this->excludedUserBackEnds[$backendClassName]) && $lastConfirm < ($this->timeFactory->getTime() - (30 * 60 + 15))) { // allow 15 seconds delay
+                throw new NotConfirmedException();
+            }
+        }
+    }
 
-	private function needsPasswordConfirmation(ReflectionMethod $reflectionMethod): bool {
-		$attributes = $reflectionMethod->getAttributes(PasswordConfirmationRequired::class);
-		if (!empty($attributes)) {
-			return true;
-		}
+    private function needsPasswordConfirmation(ReflectionMethod $reflectionMethod): bool {
+        $attributes = $reflectionMethod->getAttributes(PasswordConfirmationRequired::class);
+        if (!empty($attributes)) {
+            return true;
+        }
 
-		if ($this->reflector->hasAnnotation('PasswordConfirmationRequired')) {
-			$this->logger->debug($reflectionMethod->getDeclaringClass()->getName() . '::' . $reflectionMethod->getName() . ' uses the @' . 'PasswordConfirmationRequired' . ' annotation and should use the #[PasswordConfirmationRequired] attribute instead');
-			return true;
-		}
+        if ($this->reflector->hasAnnotation('PasswordConfirmationRequired')) {
+            $this->logger->debug($reflectionMethod->getDeclaringClass()->getName() . '::' . $reflectionMethod->getName() . ' uses the @' . 'PasswordConfirmationRequired' . ' annotation and should use the #[PasswordConfirmationRequired] attribute instead');
+            return true;
+        }
 
-		return false;
-	}
+        return false;
+    }
 
-	private function isPasswordConfirmationStrict(ReflectionMethod $reflectionMethod): bool {
-		$attributes = $reflectionMethod->getAttributes(PasswordConfirmationRequired::class);
-		return !empty($attributes) && ($attributes[0]->newInstance()->getStrict());
-	}
+    private function isPasswordConfirmationStrict(ReflectionMethod $reflectionMethod): bool {
+        $attributes = $reflectionMethod->getAttributes(PasswordConfirmationRequired::class);
+        return !empty($attributes) && ($attributes[0]->newInstance()->getStrict());
+    }
 }

Please login to merge, or discard this patch.

		@@ -26,92 +26,92 @@
		block discarded – undo
26	26	use ReflectionMethod;
27	27
28	28	class PasswordConfirmationMiddleware extends Middleware {
29		- private array $excludedUserBackEnds = ['user_saml' => true, 'user_globalsiteselector' => true];
	29	+ private array $excludedUserBackEnds = ['user_saml' => true, 'user_globalsiteselector' => true];
30	30
31		- public function __construct(
32		- private ControllerMethodReflector $reflector,
33		- private ISession $session,
34		- private IUserSession $userSession,
35		- private ITimeFactory $timeFactory,
36		- private IProvider $tokenProvider,
37		- private readonly LoggerInterface $logger,
38		- private readonly IRequest $request,
39		- private readonly Manager $userManager,
40		- ) {
41		- }
	31	+ public function __construct(
	32	+ private ControllerMethodReflector $reflector,
	33	+ private ISession $session,
	34	+ private IUserSession $userSession,
	35	+ private ITimeFactory $timeFactory,
	36	+ private IProvider $tokenProvider,
	37	+ private readonly LoggerInterface $logger,
	38	+ private readonly IRequest $request,
	39	+ private readonly Manager $userManager,
	40	+ ) {
	41	+ }
42	42
43		- /**
44		- * @throws NotConfirmedException
45		- */
46		- public function beforeController(Controller $controller, string $methodName) {
47		- $reflectionMethod = new ReflectionMethod($controller, $methodName);
	43	+ /**
	44	+ * @throws NotConfirmedException
	45	+ */
	46	+ public function beforeController(Controller $controller, string $methodName) {
	47	+ $reflectionMethod = new ReflectionMethod($controller, $methodName);
48	48
49		- if (!$this->needsPasswordConfirmation($reflectionMethod)) {
50		- return;
51		- }
	49	+ if (!$this->needsPasswordConfirmation($reflectionMethod)) {
	50	+ return;
	51	+ }
52	52
53		- $user = $this->userSession->getUser();
54		- $backendClassName = '';
55		- if ($user !== null) {
56		- $backend = $user->getBackend();
57		- if ($backend instanceof IPasswordConfirmationBackend) {
58		- if (!$backend->canConfirmPassword($user->getUID())) {
59		- return;
60		- }
61		- }
	53	+ $user = $this->userSession->getUser();
	54	+ $backendClassName = '';
	55	+ if ($user !== null) {
	56	+ $backend = $user->getBackend();
	57	+ if ($backend instanceof IPasswordConfirmationBackend) {
	58	+ if (!$backend->canConfirmPassword($user->getUID())) {
	59	+ return;
	60	+ }
	61	+ }
62	62
63		- $backendClassName = $user->getBackendClassName();
64		- }
	63	+ $backendClassName = $user->getBackendClassName();
	64	+ }
65	65
66		- try {
67		- $sessionId = $this->session->getId();
68		- $token = $this->tokenProvider->getToken($sessionId);
69		- } catch (SessionNotAvailableException\|InvalidTokenException\|WipeTokenException\|ExpiredTokenException) {
70		- // States we do not deal with here.
71		- return;
72		- }
	66	+ try {
	67	+ $sessionId = $this->session->getId();
	68	+ $token = $this->tokenProvider->getToken($sessionId);
	69	+ } catch (SessionNotAvailableException\|InvalidTokenException\|WipeTokenException\|ExpiredTokenException) {
	70	+ // States we do not deal with here.
	71	+ return;
	72	+ }
73	73
74		- $scope = $token->getScopeAsArray();
75		- if (isset($scope[IToken::SCOPE_SKIP_PASSWORD_VALIDATION]) && $scope[IToken::SCOPE_SKIP_PASSWORD_VALIDATION] === true) {
76		- // Users logging in from SSO backends cannot confirm their password by design
77		- return;
78		- }
	74	+ $scope = $token->getScopeAsArray();
	75	+ if (isset($scope[IToken::SCOPE_SKIP_PASSWORD_VALIDATION]) && $scope[IToken::SCOPE_SKIP_PASSWORD_VALIDATION] === true) {
	76	+ // Users logging in from SSO backends cannot confirm their password by design
	77	+ return;
	78	+ }
79	79
80		- if ($this->isPasswordConfirmationStrict($reflectionMethod)) {
81		- $authHeader = $this->request->getHeader('Authorization');
82		- [, $password] = explode(':', base64_decode(substr($authHeader, 6)), 2);
83		- $loginName = $this->session->get('loginname');
84		- $loginResult = $this->userManager->checkPassword($loginName, $password);
85		- if ($loginResult === false) {
86		- throw new NotConfirmedException();
87		- }
	80	+ if ($this->isPasswordConfirmationStrict($reflectionMethod)) {
	81	+ $authHeader = $this->request->getHeader('Authorization');
	82	+ [, $password] = explode(':', base64_decode(substr($authHeader, 6)), 2);
	83	+ $loginName = $this->session->get('loginname');
	84	+ $loginResult = $this->userManager->checkPassword($loginName, $password);
	85	+ if ($loginResult === false) {
	86	+ throw new NotConfirmedException();
	87	+ }
88	88
89		- $this->session->set('last-password-confirm', $this->timeFactory->getTime());
90		- } else {
91		- $lastConfirm = (int)$this->session->get('last-password-confirm');
92		- // TODO: confirm excludedUserBackEnds can go away and remove it
93		- if (!isset($this->excludedUserBackEnds[$backendClassName]) && $lastConfirm < ($this->timeFactory->getTime() - (30 * 60 + 15))) { // allow 15 seconds delay
94		- throw new NotConfirmedException();
95		- }
96		- }
97		- }
	89	+ $this->session->set('last-password-confirm', $this->timeFactory->getTime());
	90	+ } else {
	91	+ $lastConfirm = (int)$this->session->get('last-password-confirm');
	92	+ // TODO: confirm excludedUserBackEnds can go away and remove it
	93	+ if (!isset($this->excludedUserBackEnds[$backendClassName]) && $lastConfirm < ($this->timeFactory->getTime() - (30 * 60 + 15))) { // allow 15 seconds delay
	94	+ throw new NotConfirmedException();
	95	+ }
	96	+ }
	97	+ }
98	98
99		- private function needsPasswordConfirmation(ReflectionMethod $reflectionMethod): bool {
100		- $attributes = $reflectionMethod->getAttributes(PasswordConfirmationRequired::class);
101		- if (!empty($attributes)) {
102		- return true;
103		- }
	99	+ private function needsPasswordConfirmation(ReflectionMethod $reflectionMethod): bool {
	100	+ $attributes = $reflectionMethod->getAttributes(PasswordConfirmationRequired::class);
	101	+ if (!empty($attributes)) {
	102	+ return true;
	103	+ }
104	104
105		- if ($this->reflector->hasAnnotation('PasswordConfirmationRequired')) {
106		- $this->logger->debug($reflectionMethod->getDeclaringClass()->getName() . '::' . $reflectionMethod->getName() . ' uses the @' . 'PasswordConfirmationRequired' . ' annotation and should use the #[PasswordConfirmationRequired] attribute instead');
107		- return true;
108		- }
	105	+ if ($this->reflector->hasAnnotation('PasswordConfirmationRequired')) {
	106	+ $this->logger->debug($reflectionMethod->getDeclaringClass()->getName() . '::' . $reflectionMethod->getName() . ' uses the @' . 'PasswordConfirmationRequired' . ' annotation and should use the #[PasswordConfirmationRequired] attribute instead');
	107	+ return true;
	108	+ }
109	109
110		- return false;
111		- }
	110	+ return false;
	111	+ }
112	112
113		- private function isPasswordConfirmationStrict(ReflectionMethod $reflectionMethod): bool {
114		- $attributes = $reflectionMethod->getAttributes(PasswordConfirmationRequired::class);
115		- return !empty($attributes) && ($attributes[0]->newInstance()->getStrict());
116		- }
	113	+ private function isPasswordConfirmationStrict(ReflectionMethod $reflectionMethod): bool {
	114	+ $attributes = $reflectionMethod->getAttributes(PasswordConfirmationRequired::class);
	115	+ return !empty($attributes) && ($attributes[0]->newInstance()->getStrict());
	116	+ }
117	117	}

nextcloud / server

Push — master ( 18d488...e659f2 )

Status

Category

Indentation +75 added lines, -75 removed lines patch added patch discarded remove patch