Issues in BackupCodeGenerator.php (master) - Issues in master - silverstripe/silverstripe-mfa - Measure and Improve Code Quality continuously with Scrutinizer

Issues (102)

src/Service/BackupCodeGenerator.php (2 issues)

Severity

Unknown 2

<?php

declare(strict_types=1);

namespace SilverStripe\MFA\Service;

use SilverStripe\Core\Config\Configurable;
use SilverStripe\Core\Extensible;
use SilverStripe\Core\Injector\Injectable;
use SilverStripe\MFA\State\BackupCode;
use SilverStripe\Security\Security;

class BackupCodeGenerator implements BackupCodeGeneratorInterface
{
    use Configurable;
    use Extensible;
    use Injectable;

    /**
     * The number of back-up codes that should be generated for a user. Note that changing this value will not
     * regenerate or generate new codes to meet the new number. The user will have to manually regenerate codes to
     * receive the new number of codes.
     *
     * @config
     * @var int
     */
    private static $backup_code_count = 15;


    /**
     * The length of each individual backup code.
     *
     * @config
     * @var int
     */
    private static $backup_code_length = 12;


    /**
     * Generates a list of backup codes
     *
     * {@inheritDoc}
     */
    public function generate(): array
    {
        $codeCount = (int) $this->config()->get('backup_code_count');
        $codeLength = (int) $this->config()->get('backup_code_length');
        $charset = $this->getCharacterSet();

        $codes = [];
        while (count($codes) < $codeCount) {
            $code = $this->generateCode($charset, $codeLength);

            if (!in_array($code, $codes)) {
                $hashData = Security::encrypt_password($code);
                $codes[] = BackupCode::create($code, $hashData['password'], $hashData['algorithm'], $hashData['salt']);
            }
        }

        return $codes;
    }

    public function getCharacterSet(): array
    {
        $characterSet = range('a', 'z');

        $this->extend('updateCharacterSet', $characterSet);

        return $characterSet;
    }

    /**
     * Generates a backup code at the specified string length, using a mixture of digits and mixed case letters
     *
     * @param array $charset
     * @param int $codeLength
     * @return string
     */
    protected function generateCode(array $charset, int $codeLength): string
    {
        $characters = [];
        $numberOfOptions = count($charset);
        while (count($characters) < $codeLength) {
            $key = random_int(0, $numberOfOptions - 1); // zero based array
            $characters[] = $charset[$key];
        }
        return implode($characters);
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace SilverStripe\MFA\Service;
6
7			use SilverStripe\Core\Config\Configurable;
8			use SilverStripe\Core\Extensible;
9			use SilverStripe\Core\Injector\Injectable;
10			use SilverStripe\MFA\State\BackupCode;
11			use SilverStripe\Security\Security;
12
13			class BackupCodeGenerator implements BackupCodeGeneratorInterface
14			{
15			use Configurable;
16			use Extensible;
17			use Injectable;
18
19			/**
20			* The number of back-up codes that should be generated for a user. Note that changing this value will not
21			* regenerate or generate new codes to meet the new number. The user will have to manually regenerate codes to
22			* receive the new number of codes.
23			*
24			* @config
25			* @var int
26			*/
27			private static $backup_code_count = 15;
			0 ignored issues – show introduced 2019-03-06 02:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this The private property `$backup_code_count` is not used, and could be removed. Loading history...
28
29			/**
30			* The length of each individual backup code.
31			*
32			* @config
33			* @var int
34			*/
35			private static $backup_code_length = 12;
			0 ignored issues – show introduced 2019-03-06 02:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this The private property `$backup_code_length` is not used, and could be removed. Loading history...
36
37			/**
38			* Generates a list of backup codes
39			*
40			* {@inheritDoc}
41			*/
42			public function generate(): array
43			{
44			$codeCount = (int) $this->config()->get('backup_code_count');
45			$codeLength = (int) $this->config()->get('backup_code_length');
46			$charset = $this->getCharacterSet();
47
48			$codes = [];
49			while (count($codes) < $codeCount) {
50			$code = $this->generateCode($charset, $codeLength);
51
52			if (!in_array($code, $codes)) {
53			$hashData = Security::encrypt_password($code);
54			$codes[] = BackupCode::create($code, $hashData['password'], $hashData['algorithm'], $hashData['salt']);
55			}
56			}
57
58			return $codes;
59			}
60
61			public function getCharacterSet(): array
62			{
63			$characterSet = range('a', 'z');
64
65			$this->extend('updateCharacterSet', $characterSet);
66
67			return $characterSet;
68			}
69
70			/**
71			* Generates a backup code at the specified string length, using a mixture of digits and mixed case letters
72			*
73			* @param array $charset
74			* @param int $codeLength
75			* @return string
76			*/
77			protected function generateCode(array $charset, int $codeLength): string
78			{
79			$characters = [];
80			$numberOfOptions = count($charset);
81			while (count($characters) < $codeLength) {
82			$key = random_int(0, $numberOfOptions - 1); // zero based array
83			$characters[] = $charset[$key];
84			}
85			return implode($characters);
86			}
87			}
88

silverstripe / silverstripe-mfa

Issues (102)

src/Service/BackupCodeGenerator.php (2 issues)

Severity

Introduced By

Duplication Side-by-Side

Filter issues like