Test::rotateAction() - Code Metrics - Inspection of "open ID" - php-guard/oauth-server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 289dee...aec877 )

by Alexandre

created 2018-01-29 17:00 UTC

Test::rotateAction() B

↳ Parent: Test

Complexity

Conditions	6
Paths	2

Size

Total Lines	26
Code Lines	19

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	26
c	0
b	0
f	0
rs	8.439
cc	6
eloc	19
nc	2
nop	0

<?php
/**
 * Created by PhpStorm.
 * User: GCC-MED
 * Date: 29/01/2018
 * Time: 16:58
 */

class Test
namespace YourVendor;

class YourClass { }
{
    public function indexAction() {
        $certsRepository = $this->sqlOauth->getRepository(Cert::class);

        $actualCerts = $certsRepository->findBy([], ['createdAt' => 'DESC'], 2);

        $data = [];
        foreach ($actualCerts as $cert) {
            $data[] = [
                'kty' => 'RSA',
                'alg' => 'RSA256',
                'use' => 'sig',
                'kid' => $cert->getKid(),
                'n' => $cert->getN(),
                'e' => $cert->getE(),
                'x5c' => $this->pemToInline($cert->getPublicKey())
            ];
        }

        return new JsonResponse(json_encode($data, JSON_PRETTY_PRINT), 200, [
            'Access-Control-Allow-Origin' => '*'
        ], true);
    }

    private function pemToInline($pem) {
        $pem = str_replace('-----BEGIN PUBLIC KEY-----', '', $pem);
        $pem = str_replace('-----END PUBLIC KEY-----', '', $pem);
        $pem = str_replace("\n", '', $pem);
        return $pem;
    }

    /**
     * @Route("/oauth/certs/rotate", name="certs_rotate")
     * @return JsonResponse
     */
    public function rotateAction() {
        $certsRepository = $this->sqlOauth->getRepository(Cert::class);

        $actualCerts = $certsRepository->findBy([], ['createdAt' => 'DESC'], 2);
        if(!isset($actualCerts[0])) {
            list('privKey' => $privKey, 'pubKey' => $pubKey, 'rsa' => $rsa) = $this->generateRSAKeys();

            $oldCert = new Cert();
            $oldCert->setPrivateKey($privKey);
            $oldCert->setPublicKey($pubKey);
            $oldCert->setN(isset($rsa['n']) ? base64_encode($rsa['n']) : null);
            $oldCert->setE(isset($rsa['e']) ? base64_encode($rsa['e']) : null);
            $this->sqlOauth->persist($oldCert);
        }

        list('privKey' => $privKey, 'pubKey' => $pubKey, 'rsa' => $rsa) = $this->generateRSAKeys();
        $newCert = new Cert();
        $newCert->setPrivateKey($privKey);
        $newCert->setPublicKey($pubKey);
        $newCert->setN(isset($rsa['n']) ? base64_encode($rsa['n']) : null);
        $newCert->setE(isset($rsa['e']) ? base64_encode($rsa['e']) : null);
        $this->sqlOauth->persist($newCert);

//        VarDumper::dump($oldCert);die;

        $this->sqlOauth->flush();
        return new JsonResponse();
    }

    private function generateRSAKeys() {
        $config = array(
            "digest_alg" => "sha512",
            "private_key_bits" => 4096,
            "private_key_type" => OPENSSL_KEYTYPE_RSA,
        );
        // Create the private and public key
        $res = openssl_pkey_new($config);

        // Extract the private key from $res to $privKey
        openssl_pkey_export($res, $privKey);

        // Extract the public key from $res to $pubKey
        $details = openssl_pkey_get_details($res);

        $pubKey = $details["key"];
        return ['privKey' => $privKey, 'pubKey' => $pubKey, 'rsa' => $details['rsa']];
    }

}

1			<?php
2			/**
3			* Created by PhpStorm.
4			* User: GCC-MED
5			* Date: 29/01/2018
6			* Time: 16:58
7			*/
8
9			class Test
			0 ignored issues – show Coding Style Compatibility introduced 2018-01-29 17:03 UTC by Report Bug Copy Issue Report PSR1 recommends that each class must be in a namespace of at least one level to avoid collisions. You can fix this by adding a namespace to your class: namespace YourVendor; class YourClass { } When choosing a vendor namespace, try to pick something that is not too generic to avoid conflicts with other libraries. Loading history...
10			{
11			public function indexAction() {
12			$certsRepository = $this->sqlOauth->getRepository(Cert::class);
13
14			$actualCerts = $certsRepository->findBy([], ['createdAt' => 'DESC'], 2);
15
16			$data = [];
17			foreach ($actualCerts as $cert) {
18			$data[] = [
19			'kty' => 'RSA',
20			'alg' => 'RSA256',
21			'use' => 'sig',
22			'kid' => $cert->getKid(),
23			'n' => $cert->getN(),
24			'e' => $cert->getE(),
25			'x5c' => $this->pemToInline($cert->getPublicKey())
26			];
27			}
28
29			return new JsonResponse(json_encode($data, JSON_PRETTY_PRINT), 200, [
30			'Access-Control-Allow-Origin' => '*'
31			], true);
32			}
33
34			private function pemToInline($pem) {
35			$pem = str_replace('-----BEGIN PUBLIC KEY-----', '', $pem);
36			$pem = str_replace('-----END PUBLIC KEY-----', '', $pem);
37			$pem = str_replace("\n", '', $pem);
38			return $pem;
39			}
40
41			/**
42			* @Route("/oauth/certs/rotate", name="certs_rotate")
43			* @return JsonResponse
44			*/
45			public function rotateAction() {
46			$certsRepository = $this->sqlOauth->getRepository(Cert::class);
47
48			$actualCerts = $certsRepository->findBy([], ['createdAt' => 'DESC'], 2);
49			if(!isset($actualCerts[0])) {
50			list('privKey' => $privKey, 'pubKey' => $pubKey, 'rsa' => $rsa) = $this->generateRSAKeys();
51
52			$oldCert = new Cert();
53			$oldCert->setPrivateKey($privKey);
54			$oldCert->setPublicKey($pubKey);
55			$oldCert->setN(isset($rsa['n']) ? base64_encode($rsa['n']) : null);
56			$oldCert->setE(isset($rsa['e']) ? base64_encode($rsa['e']) : null);
57			$this->sqlOauth->persist($oldCert);
58			}
59
60			list('privKey' => $privKey, 'pubKey' => $pubKey, 'rsa' => $rsa) = $this->generateRSAKeys();
61			$newCert = new Cert();
62			$newCert->setPrivateKey($privKey);
63			$newCert->setPublicKey($pubKey);
64			$newCert->setN(isset($rsa['n']) ? base64_encode($rsa['n']) : null);
65			$newCert->setE(isset($rsa['e']) ? base64_encode($rsa['e']) : null);
66			$this->sqlOauth->persist($newCert);
67
68			// VarDumper::dump($oldCert);die;
			0 ignored issues – show Unused Code Comprehensibility introduced 2018-01-29 17:03 UTC by Report Bug Copy Issue Report `70%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
69			$this->sqlOauth->flush();
70			return new JsonResponse();
71			}
72
73			private function generateRSAKeys() {
74			$config = array(
75			"digest_alg" => "sha512",
76			"private_key_bits" => 4096,
77			"private_key_type" => OPENSSL_KEYTYPE_RSA,
78			);
79			// Create the private and public key
80			$res = openssl_pkey_new($config);
81
82			// Extract the private key from $res to $privKey
83			openssl_pkey_export($res, $privKey);
84
85			// Extract the public key from $res to $pubKey
86			$details = openssl_pkey_get_details($res);
87
88			$pubKey = $details["key"];
89			return ['privKey' => $privKey, 'pubKey' => $pubKey, 'rsa' => $details['rsa']];
90			}
91
92			}

php-guard / oauth-server

Push — master ( 289dee...aec877 )

Test::rotateAction() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like