VerifyCsrfToken - Code Metrics - Inspection of "[ci-tests] try remote true" - phpMv/ubiquity - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 7d615b...d4db62 )

by Jean-Christophe

created 2020-09-07 18:22 UTC

VerifyCsrfToken A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	48
Duplicated Lines	0 %

Test Coverage

Coverage

52.94%

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
wmc	11
eloc	27
c	1
b	0
f	0
dl	0
loc	48
ccs	18
cts	34
cp	0.5294
rs	10

6 Methods

Rating	Name	Size	Complexity
A	init()	4	1
A	__construct()	2	1
A	csrfErrorLog()	7	1
A	getLevel()	2	1
A	clear()	5	2
A	start()	13	5

<?php

namespace Ubiquity\utils\http\session\protection;

use Ubiquity\utils\http\session\AbstractSession;
use Ubiquity\utils\http\UCookie;
use Ubiquity\log\Logger;

/**
 * Ubiquity\utils\http\session\protection$VerifyCsrfToken
 * This class is part of Ubiquity
 *
 * @author jc
 * @version 1.0.1
 *
 */
class VerifyCsrfToken implements VerifySessionCsrfInterface {
	private AbstractSession $sessionInstance;
	private const TOKEN_KEY = 'X-XSRF-TOKEN';

	public function __construct(AbstractSession $sessionInstance) {
		$this->sessionInstance = $sessionInstance;
	}

	protected function csrfErrorLog() {
		$context = array ();
		$context ['HOST'] = $_SERVER ['HTTP_HOST'];
		$context ['REQUEST_URI'] = $_SERVER ['REQUEST_URI'];
		$context ['REQUEST_METHOD'] = $_SERVER ['REQUEST_METHOD'];
		$context ['cookie'] = $_COOKIE;
		Logger::error ( 'Session', 'CSRF protector validation failure!', 'startSession', $context );
	}

	public function init() {
		$token = new CsrfToken ();
		$this->sessionInstance->set ( self::TOKEN_KEY, $token );
		UCookie::set ( $token->getName (), $token->getValue (), null );
	}

	public function clear() {
		$token = $this->sessionInstance->get ( self::TOKEN_KEY );
		$this->sessionInstance->delete ( self::TOKEN_KEY );
		if (isset ( $token )) {
			UCookie::delete ( $token->getName () );
		}
	}

	public function start() {
		$token = $this->sessionInstance->get ( self::TOKEN_KEY );
		if (isset ( $token )) {
			if (! $token instanceof CsrfToken || ! hash_equals ( $token->getValue (), '' . UCookie::get ( $token->getName () ) )) {
				if (Logger::isActive ()) {
					$this->csrfErrorLog ();
				}
				$this->sessionInstance->terminate ();
			} else {
				return;
			}
		}
		$this->init ();
	}

	public static function getLevel() {
		return 1;
	}
}



1		<?php
2
3		namespace Ubiquity\utils\http\session\protection;
4
5		use Ubiquity\utils\http\session\AbstractSession;
6		use Ubiquity\utils\http\UCookie;
7		use Ubiquity\log\Logger;
8
9		/**
10		* Ubiquity\utils\http\session\protection$VerifyCsrfToken
11		* This class is part of Ubiquity
12		*
13		* @author jc
14		* @version 1.0.1
15		*
16		*/
17		class VerifyCsrfToken implements VerifySessionCsrfInterface {
18		private AbstractSession $sessionInstance;
19		private const TOKEN_KEY = 'X-XSRF-TOKEN';
20
21	1	public function __construct(AbstractSession $sessionInstance) {
22	1	$this->sessionInstance = $sessionInstance;
23	1	}
24
25		protected function csrfErrorLog() {
26		$context = array ();
27		$context ['HOST'] = $_SERVER ['HTTP_HOST'];
28		$context ['REQUEST_URI'] = $_SERVER ['REQUEST_URI'];
29		$context ['REQUEST_METHOD'] = $_SERVER ['REQUEST_METHOD'];
30		$context ['cookie'] = $_COOKIE;
31		Logger::error ( 'Session', 'CSRF protector validation failure!', 'startSession', $context );
32		}
33
34	2	public function init() {
35	2	$token = new CsrfToken ();
36	2	$this->sessionInstance->set ( self::TOKEN_KEY, $token );
37	2	UCookie::set ( $token->getName (), $token->getValue (), null );
38	2	}
39
40	1	public function clear() {
41	1	$token = $this->sessionInstance->get ( self::TOKEN_KEY );
42	1	$this->sessionInstance->delete ( self::TOKEN_KEY );
43	1	if (isset ( $token )) {
44		UCookie::delete ( $token->getName () );
45		}
46	1	}
47
48	2	public function start() {
49	2	$token = $this->sessionInstance->get ( self::TOKEN_KEY );
50	2	if (isset ( $token )) {
51		if (! $token instanceof CsrfToken \|\| ! hash_equals ( $token->getValue (), '' . UCookie::get ( $token->getName () ) )) {
52		if (Logger::isActive ()) {
53		$this->csrfErrorLog ();
54		}
55		$this->sessionInstance->terminate ();
56		} else {
57		return;
58		}
59		}
60	2	$this->init ();
61	2	}
62
63		public static function getLevel() {
64		return 1;
65		}
66		}
67
68

phpMv / ubiquity

Push — master ( 7d615b...d4db62 )

VerifyCsrfToken A

Complexity

Size/Duplication

Test Coverage

Importance

6 Methods

Duplication Side-by-Side

Filter issues like