Issues in AuditHookMFA.php (master) - Issues in master - silverstripe/silverstripe-auditor - Measure and Improve Code Quality continuously with Scrutinizer

Issues (24)

code/AuditHookMFA.php (1 issue)

Labels

Bug 1

Severity

Major 1

<?php

namespace SilverStripe\Auditor;

use Psr\Log\LoggerInterface;
use SilverStripe\Core\Injector\Injector;
use SilverStripe\MFA\Method\MethodInterface;
filter:
    dependency_paths: ["lib/*"]
use SilverStripe\ORM\DataExtension;
use SilverStripe\Security\Member;

/**
 * Provides logging actions on extension hooks from certain silverstripe/mfa actions.
 */
class AuditHookMFA extends DataExtension
{
    /**
     * A successful login using an MFA method
     *
     * @param Member $member
     * @param MethodInterface $method
     */
    public function onMethodVerificationSuccess(Member $member, $method)
    {
        $this->getAuditLogger()->info(
            sprintf(
                '"%s" (ID: %s) successfully verified using MFA method',
                $member->Email ?: $member->Title,
                $member->ID
            ),
            ['method' => get_class($method)]
        );
    }

    /**
     * A failed login using an MFA method
     *
     * @param Member $member
     * @param MethodInterface $method
     */
    public function onMethodVerificationFailure(Member $member, $method)
    {
        $context = [
            'method' => get_class($method),
        ];
        if ($lockOutAfterCount = $member->config()->get('lock_out_after_incorrect_logins')) {
            // Add information about how many attempts have been made
            $context['attempts'] = $member->FailedLoginCount;
            $context['attempt_limit'] = $lockOutAfterCount;
        }

        $this->getAuditLogger()->info(sprintf(
            '"%s" (ID: %s) failed to verify using MFA method',
            $member->Email ?: $member->Title,
            $member->ID
        ), $context);
    }

    /**
     * A user has skipped MFA registration when it is enabled but optional, or within a grace period
     *
     * @param Member $member
     */
    public function onSkipRegistration(Member $member)
    {
        $this->getAuditLogger()->info(sprintf(
            '"%s" (ID: %s) skipped MFA registration',
            $member->Email ?: $member->Title,
            $member->ID
        ));
    }

    /**
     * @param Member $member
     * @param MethodInterface $method
     */
    public function onRegisterMethod(Member $member, $method)
    {
        $context = [
            'method' => get_class($method),
        ];

        $this->getAuditLogger()->info(sprintf(
            '"%s" (ID: %s) registered MFA method',
            $member->Email ?: $member->Title,
            $member->ID
        ), $context);
    }

    /**
     * A user has failed to register an MFA method against their account
     *
     * @param Member $member
     * @param MethodInterface $method
     */
    public function onRegisterMethodFailure(Member $member, $method)
    {
        $context = [
            'method' => get_class($method),
        ];

        $this->getAuditLogger()->info(sprintf(
            '"%s" (ID: %s) failed registering new MFA method',
            $member->Email ?: $member->Title,
            $member->ID
        ), $context);
    }

    /**
     * @return LoggerInterface
     */
    protected function getAuditLogger()
    {
        return Injector::inst()->get('AuditLogger');
    }
}


1			<?php
2
3			namespace SilverStripe\Auditor;
4
5			use Psr\Log\LoggerInterface;
6			use SilverStripe\Core\Injector\Injector;
7			use SilverStripe\MFA\Method\MethodInterface;
			0 ignored issues – show Bug introduced 2019-04-23 22:19 UTC by Report Bug Copy Issue Report Show Similar Issues like this The type `SilverStripe\MFA\Method\MethodInterface` was not found. Maybe you did not declare it correctly or list all dependencies? The issue could also be caused by a filter entry in the build configuration. If the path has been excluded in your configuration, e.g. `excluded_paths: ["lib/"]`, you can move it to the dependency path list as follows: filter: dependency_paths: ["lib/"] For further information see https://scrutinizer-ci.com/docs/tools/php/php-scrutinizer/#list-dependency-paths Loading history...
8			use SilverStripe\ORM\DataExtension;
9			use SilverStripe\Security\Member;
10
11			/**
12			* Provides logging actions on extension hooks from certain silverstripe/mfa actions.
13			*/
14			class AuditHookMFA extends DataExtension
15			{
16			/**
17			* A successful login using an MFA method
18			*
19			* @param Member $member
20			* @param MethodInterface $method
21			*/
22			public function onMethodVerificationSuccess(Member $member, $method)
23			{
24			$this->getAuditLogger()->info(
25			sprintf(
26			'"%s" (ID: %s) successfully verified using MFA method',
27			$member->Email ?: $member->Title,
28			$member->ID
29			),
30			['method' => get_class($method)]
31			);
32			}
33
34			/**
35			* A failed login using an MFA method
36			*
37			* @param Member $member
38			* @param MethodInterface $method
39			*/
40			public function onMethodVerificationFailure(Member $member, $method)
41			{
42			$context = [
43			'method' => get_class($method),
44			];
45			if ($lockOutAfterCount = $member->config()->get('lock_out_after_incorrect_logins')) {
46			// Add information about how many attempts have been made
47			$context['attempts'] = $member->FailedLoginCount;
48			$context['attempt_limit'] = $lockOutAfterCount;
49			}
50
51			$this->getAuditLogger()->info(sprintf(
52			'"%s" (ID: %s) failed to verify using MFA method',
53			$member->Email ?: $member->Title,
54			$member->ID
55			), $context);
56			}
57
58			/**
59			* A user has skipped MFA registration when it is enabled but optional, or within a grace period
60			*
61			* @param Member $member
62			*/
63			public function onSkipRegistration(Member $member)
64			{
65			$this->getAuditLogger()->info(sprintf(
66			'"%s" (ID: %s) skipped MFA registration',
67			$member->Email ?: $member->Title,
68			$member->ID
69			));
70			}
71
72			/**
73			* @param Member $member
74			* @param MethodInterface $method
75			*/
76			public function onRegisterMethod(Member $member, $method)
77			{
78			$context = [
79			'method' => get_class($method),
80			];
81
82			$this->getAuditLogger()->info(sprintf(
83			'"%s" (ID: %s) registered MFA method',
84			$member->Email ?: $member->Title,
85			$member->ID
86			), $context);
87			}
88
89			/**
90			* A user has failed to register an MFA method against their account
91			*
92			* @param Member $member
93			* @param MethodInterface $method
94			*/
95			public function onRegisterMethodFailure(Member $member, $method)
96			{
97			$context = [
98			'method' => get_class($method),
99			];
100
101			$this->getAuditLogger()->info(sprintf(
102			'"%s" (ID: %s) failed registering new MFA method',
103			$member->Email ?: $member->Title,
104			$member->ID
105			), $context);
106			}
107
108			/**
109			* @return LoggerInterface
110			*/
111			protected function getAuditLogger()
112			{
113			return Injector::inst()->get('AuditLogger');
114			}
115			}
116

silverstripe / silverstripe-auditor

Issues (24)

code/AuditHookMFA.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like