VerifyCsrfToken::init() - Code Metrics - Inspection of "Update CrudOrgaCest.php" - phpMv/ubiquity - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( e8f56b...3a2a94 )

by Jean-Christophe

created 2022-04-12 12:31 UTC

VerifyCsrfToken::init() A

↳ Parent: VerifyCsrfToken

Complexity

Conditions	1
Paths	1

Size

Total Lines	4
Code Lines	3

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	4
CRAP Score	1

Importance

Changes

Metric	Value
eloc	3
dl	0
loc	4
ccs	4
cts	4
cp	1
rs	10
c	0
b	0
f	0
cc	1
nc	1
nop	0
crap	1

<?php

namespace Ubiquity\utils\http\session\protection;

use Ubiquity\utils\http\session\AbstractSession;
use Ubiquity\utils\http\UCookie;
use Ubiquity\log\Logger;

/**
 * Ubiquity\utils\http\session\protection$VerifyCsrfToken
 * This class is part of Ubiquity
 *
 * @author jc
 * @version 1.0.1
 *
 */
class VerifyCsrfToken implements VerifySessionCsrfInterface {
	private AbstractSession $sessionInstance;
	private const TOKEN_KEY = 'X-XSRF-TOKEN';

	public function __construct(AbstractSession $sessionInstance) {
		$this->sessionInstance = $sessionInstance;
	}

	protected function csrfErrorLog() {
		$context = [];
		$context ['HOST'] = $_SERVER ['HTTP_HOST'];
		$context ['REQUEST_URI'] = $_SERVER ['REQUEST_URI'];
		$context ['REQUEST_METHOD'] = $_SERVER ['REQUEST_METHOD'];
		$context ['cookie'] = $_COOKIE;
		Logger::error ( 'Session', 'CSRF protector validation failure!', 'startSession', $context );
	}

	public function init(): void {
		$token = new CsrfToken ();
		$this->sessionInstance->set ( self::TOKEN_KEY, $token );
		UCookie::set ( $token->getName (), $token->getValue (), null );
	}

	public function clear(): void {
		$token = $this->sessionInstance->get ( self::TOKEN_KEY );
		$this->sessionInstance->delete ( self::TOKEN_KEY );
		if (isset ( $token )) {
			UCookie::delete ( $token->getName () );
		}
	}

	public function start(): void {
		$token = $this->sessionInstance->get ( self::TOKEN_KEY );
		if (isset ( $token )) {
			if (! $token instanceof CsrfToken || ! hash_equals ( $token->getValue (), '' . UCookie::get ( $token->getName () ) )) {
				if (Logger::isActive ()) {
					$this->csrfErrorLog ();
				}
				$this->clear();
				$this->sessionInstance->terminate ();
			}
			return;
		}
		$this->init ();
	}

	public static function getLevel(): int {
		return 1;
	}
}



1		<?php
2
3		namespace Ubiquity\utils\http\session\protection;
4
5		use Ubiquity\utils\http\session\AbstractSession;
6		use Ubiquity\utils\http\UCookie;
7		use Ubiquity\log\Logger;
8
9		/**
10		* Ubiquity\utils\http\session\protection$VerifyCsrfToken
11		* This class is part of Ubiquity
12		*
13		* @author jc
14		* @version 1.0.1
15		*
16		*/
17		class VerifyCsrfToken implements VerifySessionCsrfInterface {
18		private AbstractSession $sessionInstance;
19		private const TOKEN_KEY = 'X-XSRF-TOKEN';
20
21	41	public function __construct(AbstractSession $sessionInstance) {
22	41	$this->sessionInstance = $sessionInstance;
23		}
24
25		protected function csrfErrorLog() {
26		$context = [];
27		$context ['HOST'] = $_SERVER ['HTTP_HOST'];
28		$context ['REQUEST_URI'] = $_SERVER ['REQUEST_URI'];
29		$context ['REQUEST_METHOD'] = $_SERVER ['REQUEST_METHOD'];
30		$context ['cookie'] = $_COOKIE;
31		Logger::error ( 'Session', 'CSRF protector validation failure!', 'startSession', $context );
32		}
33
34	4	public function init(): void {
35	4	$token = new CsrfToken ();
36	4	$this->sessionInstance->set ( self::TOKEN_KEY, $token );
37	4	UCookie::set ( $token->getName (), $token->getValue (), null );
38		}
39
40	3	public function clear(): void {
41	3	$token = $this->sessionInstance->get ( self::TOKEN_KEY );
42	3	$this->sessionInstance->delete ( self::TOKEN_KEY );
43	3	if (isset ( $token )) {
44	2	UCookie::delete ( $token->getName () );
45		}
46		}
47
48	41	public function start(): void {
49	41	$token = $this->sessionInstance->get ( self::TOKEN_KEY );
50	41	if (isset ( $token )) {
51	39	if (! $token instanceof CsrfToken \|\| ! hash_equals ( $token->getValue (), '' . UCookie::get ( $token->getName () ) )) {
52		if (Logger::isActive ()) {
53		$this->csrfErrorLog ();
54		}
55		$this->clear();
56		$this->sessionInstance->terminate ();
57		}
58	39	return;
59		}
60	4	$this->init ();
61		}
62
63		public static function getLevel(): int {
64		return 1;
65		}
66		}
67
68

phpMv / ubiquity

Push — master ( e8f56b...3a2a94 )

VerifyCsrfToken::init() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like