SensiolabHelper - Code Metrics - Inspection of "commit 101" - padosoft/laravel-composer-security - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 8b982b...991834 )

by Alessandro

created 2016-01-13 14:33 UTC

SensiolabHelper A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	194
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	7

Test Coverage

Coverage

97.98%

Importance

Changes	5
Bugs	2	Features	1

Metric	Value
wmc	21
c	5
b	2
f	1
lcom	1
cbo	7
dl	0
loc	194
ccs	97
cts	99
cp	0.9798
rs	10

7 Methods

Rating	Name	Size	Complexity
A	__construct()	5	1
B	getSensiolabVulnerabilties()	52	4
A	getColorTagForStatusCode()	10	3
B	parseVulnerability()	27	2
A	checkResponse()	10	2
A	addVerboseLog()	11	3
B	printMessage()	20	6

<?php
/**
 * Created by PhpStorm.
 * User: Alessandro
 * Date: 02/12/2015
 * Time: 13:47
 */

namespace Padosoft\LaravelComposerSecurity;

use Illuminate\Console\Command;
use GuzzleHttp\Client;

class SensiolabHelper
{

    protected $guzzle;

    protected $command;

    protected $tableVulnerabilities = [];

    /**
     * SensiolabHelper constructor.
     * @param Client $objguzzle
     * @param Command $objcommand
     */
    public function __construct(Client $objguzzle, Command $objcommand)
    {
        $this->guzzle = $objguzzle;
        $this->command = $objcommand;
    }

    /**
     *
     * Send Request to sensiolab and return array of sensiolab vulnerabilities.
     * Empty array if here is no vulnerabilities.
     *
     * @param $fileLock path to composer.lock file.
     *
     * @return array
     */
    public function getSensiolabVulnerabilties($fileLock)
    {
        $this->addVerboseLog('Send request to sensiolab: <info>' . $fileLock . '</info>');

        $debug = false;//set to true to log into console output
        $headers = [
            //OPTIONS
            'allow_redirects' => [
                'max' => 3,        // allow at most 10 redirects.
                'strict' => true,      // use "strict" RFC compliant redirects.
                'referer' => true,      // add a Referer header
                'protocols' => ['http', 'https'], // only allow http and https URLs
                'track_redirects' => false
            ],
            'connect_timeout' => 20,//Use 0 to wait connection indefinitely
            'timeout' => 30, //Use 0 to wait response indefinitely
            'debug' => $debug,
            //HEADERS
            'headers' => [
                'Accept' => 'application/json'
            ],
            //UPLOAD FORM FILE
            'multipart' => [
                [
                    'name' => 'lock',
                    'contents' => fopen($fileLock, 'r')
                ]
            ]
        ];
        $response = null;

        try {
            $iResponse = $this->guzzle->request('POST', 'https://security.sensiolabs.org/check_lock', $headers);
            $responseBody = $iResponse->getBody()->getContents();
            $response = json_decode($responseBody, true);
        } catch (\GuzzleHttp\Exception\ClientException $e) {
            $this->command->error("ClientException!\nMessage: " . $e->getMessage());
            $colorTag = $this->getColorTagForStatusCode($e->getResponse()->getStatusCode());
            $this->command->line("HTTP StatusCode: <{$colorTag}>" . $e->getResponse()->getStatusCode() . "<{$colorTag}>");
            $this->printMessage($e->getResponse());
            $this->printMessage($e->getRequest());
        } catch (\GuzzleHttp\Exception\RequestException $e) {
            $this->command->error("RequestException!\nMessage: " . $e->getMessage());
            $this->printMessage($e->getRequest());
            if ($e->hasResponse()) {
                $colorTag = $this->getColorTagForStatusCode($e->getResponse()->getStatusCode());
                $this->command->line("HTTP StatusCode: <{$colorTag}>" . $e->getResponse()->getStatusCode() . "<{$colorTag}>");
                $this->printMessage($e->getResponse());
            }
        }
        return $response;
    }

    /**
     * @param $name
     * @param $vulnerability
     * @return array
     */
    public function parseVulnerability($name, $vulnerability)
    {
        $data = [
            'name' => $name,
            'version' => $vulnerability['version'],
            'advisories' => array_values($vulnerability['advisories'])
        ];
        unset($this->tableVulnerabilities);
        foreach ($data['advisories'] as $key2 => $advisory) {
            $data2 = [
                'title' => $advisory['title'],
                'link' => $advisory['link'],
                'cve' => $advisory['cve']
            ];

            $dataTable = [
                'name' => $data['name'],
                'version' => $data['version'],
                'advisories' => $data2["title"]
            ];

            $this->addVerboseLog($data['name'] . " " . $data['version'] . " " . $data2["title"], true);
            $this->tableVulnerabilities[] = $dataTable;
        }

        return $this->tableVulnerabilities;
    }

    /**
     * @param $key
     * @param $vulnerability
     * @param $tuttoOk
     * @return array
     */
    public function checkResponse($key, $vulnerability, $tuttoOk)
    {
        $tableVulnerabilities = array();

        foreach ($this->parseVulnerability($key, $vulnerability) as $vul) {
            $tableVulnerabilities[] = array_merge($vul, array('isOk' => $tuttoOk));
        }

        return $tableVulnerabilities;
    }

    /**
     * @param            $msg
     * @param bool|false $error
     */
    private function addVerboseLog($msg, $error = false)
    {
        $verbose = $this->command->option('verbose');
        if ($verbose) {
            if ($error) {
                $this->command->error($msg);
            } else {
                $this->command->line($msg);
            }
        }
    }

    /**
     * @param \Psr\Http\Message\MessageInterface $message
     *
     */
    private function printMessage(\Psr\Http\Message\MessageInterface $message)
    {
        $type = '';
        if (is_a($message, '\Psr\Http\Message\RequestInterface')) {
            $type = 'REQUEST';
        } else if (is_a($message, '\Psr\Http\Message\ResponseInterface')) {
            $type = 'RESPONSE';
        }
        $this->command->info("$type:");
        $headers = '';
        foreach ($message->getHeaders() as $name => $values) {
            $headers .= $name . ': ' . implode(', ', $values) . "\r\n";
        }
        $this->command->comment($headers);
        if ($type == 'REQUEST') {
            $this->command->comment($message->getBody());
        } else if ($type == 'RESPONSE') {
            $this->command->comment($message->getBody()->getContents());
        }
    }


    /**
     * Get the color tag for the given status code.
     *
     * @param string $code
     *
     * @return string
     *
     * @see https://github.com/spatie/http-status-check/blob/master/src/CrawlLogger.php#L96
     */
    protected function getColorTagForStatusCode($code)
    {
        if (starts_with($code, '2')) {
            return 'info';
        }
        if (starts_with($code, '3')) {
            return 'comment';
        }
        return 'error';
    }
}


1		<?php
2		/**
3		* Created by PhpStorm.
4		* User: Alessandro
5		* Date: 02/12/2015
6		* Time: 13:47
7		*/
8
9		namespace Padosoft\LaravelComposerSecurity;
10
11		use Illuminate\Console\Command;
12		use GuzzleHttp\Client;
13
14		class SensiolabHelper
15		{
16
17		protected $guzzle;
18
19		protected $command;
20
21		protected $tableVulnerabilities = [];
22
23		/**
24		* SensiolabHelper constructor.
25		* @param Client $objguzzle
26		* @param Command $objcommand
27		*/
28	12	public function __construct(Client $objguzzle, Command $objcommand)
29		{
30	12	$this->guzzle = $objguzzle;
31	12	$this->command = $objcommand;
32	12	}
33
34		/**
35		*
36		* Send Request to sensiolab and return array of sensiolab vulnerabilities.
37		* Empty array if here is no vulnerabilities.
38		*
39		* @param $fileLock path to composer.lock file.
40		*
41		* @return array
42		*/
43	10	public function getSensiolabVulnerabilties($fileLock)
44		{
45	10	$this->addVerboseLog('Send request to sensiolab: <info>' . $fileLock . '</info>');
46
47	10	$debug = false;//set to true to log into console output
48		$headers = [
49		//OPTIONS
50		'allow_redirects' => [
51	10	'max' => 3, // allow at most 10 redirects.
52	10	'strict' => true, // use "strict" RFC compliant redirects.
53	10	'referer' => true, // add a Referer header
54	10	'protocols' => ['http', 'https'], // only allow http and https URLs
55		'track_redirects' => false
56	10	],
57	10	'connect_timeout' => 20,//Use 0 to wait connection indefinitely
58	10	'timeout' => 30, //Use 0 to wait response indefinitely
59	10	'debug' => $debug,
60		//HEADERS
61		'headers' => [
62		'Accept' => 'application/json'
63	10	],
64		//UPLOAD FORM FILE
65		'multipart' => [
66		[
67	10	'name' => 'lock',
68	10	'contents' => fopen($fileLock, 'r')
69	10	]
70	10	]
71	10	];
72	10	$response = null;
73
74		try {
75	10	$iResponse = $this->guzzle->request('POST', 'https://security.sensiolabs.org/check_lock', $headers);
76	4	$responseBody = $iResponse->getBody()->getContents();
77	4	$response = json_decode($responseBody, true);
78	10	} catch (\GuzzleHttp\Exception\ClientException $e) {
79	4	$this->command->error("ClientException!\nMessage: " . $e->getMessage());
80	4	$colorTag = $this->getColorTagForStatusCode($e->getResponse()->getStatusCode());
81	4	$this->command->line("HTTP StatusCode: <{$colorTag}>" . $e->getResponse()->getStatusCode() . "<{$colorTag}>");
82	4	$this->printMessage($e->getResponse());
83	4	$this->printMessage($e->getRequest());
84	6	} catch (\GuzzleHttp\Exception\RequestException $e) {
85	4	$this->command->error("RequestException!\nMessage: " . $e->getMessage());
86	4	$this->printMessage($e->getRequest());
87	4	if ($e->hasResponse()) {
88	2	$colorTag = $this->getColorTagForStatusCode($e->getResponse()->getStatusCode());
89	2	$this->command->line("HTTP StatusCode: <{$colorTag}>" . $e->getResponse()->getStatusCode() . "<{$colorTag}>");
90	2	$this->printMessage($e->getResponse());
91	2	}
92		}
93	10	return $response;
94		}
95
96		/**
97		* @param $name
98		* @param $vulnerability
99		* @return array
100		*/
101	4	public function parseVulnerability($name, $vulnerability)
102		{
103		$data = [
104	4	'name' => $name,
105	4	'version' => $vulnerability['version'],
106	4	'advisories' => array_values($vulnerability['advisories'])
107	4	];
108	4	unset($this->tableVulnerabilities);
109	4	foreach ($data['advisories'] as $key2 => $advisory) {
110		$data2 = [
111	4	'title' => $advisory['title'],
112	4	'link' => $advisory['link'],
113	4	'cve' => $advisory['cve']
114	4	];
115
116		$dataTable = [
117	4	'name' => $data['name'],
118	4	'version' => $data['version'],
119	4	'advisories' => $data2["title"]
120	4	];
121
122	4	$this->addVerboseLog($data['name'] . " " . $data['version'] . " " . $data2["title"], true);
123	4	$this->tableVulnerabilities[] = $dataTable;
124	4	}
125
126	4	return $this->tableVulnerabilities;
127		}
128
129		/**
130		* @param $key
131		* @param $vulnerability
132		* @param $tuttoOk
133		* @return array
134		*/
135	2	public function checkResponse($key, $vulnerability, $tuttoOk)
136		{
137	2	$tableVulnerabilities = array();
138
139	2	foreach ($this->parseVulnerability($key, $vulnerability) as $vul) {
140	2	$tableVulnerabilities[] = array_merge($vul, array('isOk' => $tuttoOk));
141	2	}
142
143	2	return $tableVulnerabilities;
144		}
145
146		/**
147		* @param $msg
148		* @param bool\|false $error
149		*/
150	12	private function addVerboseLog($msg, $error = false)
151		{
152	12	$verbose = $this->command->option('verbose');
153	12	if ($verbose) {
154	10	if ($error) {
155	2	$this->command->error($msg);
156	2	} else {
157	8	$this->command->line($msg);
158		}
159	10	}
160	12	}
161
162		/**
163		* @param \Psr\Http\Message\MessageInterface $message
164		*
165		*/
166	6	private function printMessage(\Psr\Http\Message\MessageInterface $message)
167		{
168	6	$type = '';
169	6	if (is_a($message, '\Psr\Http\Message\RequestInterface')) {
170	6	$type = 'REQUEST';
171	6	} else if (is_a($message, '\Psr\Http\Message\ResponseInterface')) {
172	6	$type = 'RESPONSE';
173	6	}
174	6	$this->command->info("$type:");
175	6	$headers = '';
176	6	foreach ($message->getHeaders() as $name => $values) {
177		$headers .= $name . ': ' . implode(', ', $values) . "\r\n";
178	6	}
179	6	$this->command->comment($headers);
180	6	if ($type == 'REQUEST') {
181	6	$this->command->comment($message->getBody());
182	6	} else if ($type == 'RESPONSE') {
183	6	$this->command->comment($message->getBody()->getContents());
184	6	}
185	6	}
186
187
188		/**
189		* Get the color tag for the given status code.
190		*
191		* @param string $code
192		*
193		* @return string
194		*
195		* @see https://github.com/spatie/http-status-check/blob/master/src/CrawlLogger.php#L96
196		*/
197	6	protected function getColorTagForStatusCode($code)
198		{
199	6	if (starts_with($code, '2')) {
200	2	return 'info';
201		}
202	4	if (starts_with($code, '3')) {
203		return 'comment';
204		}
205	4	return 'error';
206		}
207		}
208

padosoft / laravel-composer-security

Push — master ( 8b982b...991834 )

SensiolabHelper A

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

7 Methods

Duplication Side-by-Side

Filter issues like