SAMLSecurityExtension - Code Metrics - Inspection of "API Remove LDAP code and update for SAML specific" - silverstripe/silverstripe-saml - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 879ca4...d0a2dc )

by Robbie

created 2017-09-27 04:41 UTC

SAMLSecurityExtension A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	44
Duplicated Lines	0 %

Importance

Changes

Metric	Value
wmc	9
dl	0
loc	44
rs	10
c	0
b	0
f	0

1 Method

Rating	Name	Duplication	Size	Complexity
D	onBeforeSecurityLogin()	0	33	9

<?php

namespace SilverStripe\SAML\Authenticators;

use SilverStripe\Control\Session;
use SilverStripe\Core\Extension;
use SilverStripe\Core\Injector\Injector;
use SilverStripe\Security\Authenticator;
use SilverStripe\Security\Member;
use SilverStripe\Security\Security;

/**
 * Class SAMLSecurityExtension
 *
 * Extensions to the {@link Security} controller to support {@link SAMLAuthenticator}
 */
class SAMLSecurityExtension extends Extension
{
    /**
     * Will redirect the user directly to the IdP login endpoint if:
     *
     * 1) There isn't a GET param showloginform set to 1
     * 2) the member is not currently logged in
     * 3) there are no form messages (errors or notices)
     *
     * @return void
     */
    public function onBeforeSecurityLogin()
    {
        // by going to the URL Security/login?showloginform=1 we bypass the auto sign on
        if ($this->owner->request->getVar('showloginform') == 1) {
            return;
        }

        // if member is already logged in, don't auto-sign-on, this is most likely because
        // of insufficient permissions.
        $member = Security::getCurrentUser();
        if ($member && $member->exists()) {
            return;
        }
        $session = $this->owner->getRequest()->getSession();
        // if there are form messages, don't auto-sign-on, this is most likely because of
        // login errors / failures or other notices.
        if ($session->get('FormInfo')) {
            // since FormInfo can be a "nulled" array, we have to check
            foreach ($session->get('FormInfo') as $form => $info) {
                foreach ($info as $name => $value) {
                    if ($value !== null) {
                        return;
                    }
                }
            }
        }

        $backURL = $session->get('BackURL');
        if ($this->owner->request->getVar('BackURL')) {
            $backURL = $this->owner->request->getVar('BackURL');
        }

        $this->owner->getRequest()->getSession()->set('BackURL', $backURL);
    }
}


1			<?php
2
3			namespace SilverStripe\SAML\Authenticators;
4
5			use SilverStripe\Control\Session;
6			use SilverStripe\Core\Extension;
7			use SilverStripe\Core\Injector\Injector;
8			use SilverStripe\Security\Authenticator;
9			use SilverStripe\Security\Member;
10			use SilverStripe\Security\Security;
11
12			/**
13			* Class SAMLSecurityExtension
14			*
15			* Extensions to the {@link Security} controller to support {@link SAMLAuthenticator}
16			*/
17			class SAMLSecurityExtension extends Extension
18			{
19			/**
20			* Will redirect the user directly to the IdP login endpoint if:
21			*
22			* 1) There isn't a GET param showloginform set to 1
23			* 2) the member is not currently logged in
24			* 3) there are no form messages (errors or notices)
25			*
26			* @return void
27			*/
28			public function onBeforeSecurityLogin()
29			{
30			// by going to the URL Security/login?showloginform=1 we bypass the auto sign on
31			if ($this->owner->request->getVar('showloginform') == 1) {
32			return;
33			}
34
35			// if member is already logged in, don't auto-sign-on, this is most likely because
36			// of insufficient permissions.
37			$member = Security::getCurrentUser();
38			if ($member && $member->exists()) {
39			return;
40			}
41			$session = $this->owner->getRequest()->getSession();
42			// if there are form messages, don't auto-sign-on, this is most likely because of
43			// login errors / failures or other notices.
44			if ($session->get('FormInfo')) {
45			// since FormInfo can be a "nulled" array, we have to check
46			foreach ($session->get('FormInfo') as $form => $info) {
47			foreach ($info as $name => $value) {
48			if ($value !== null) {
49			return;
50			}
51			}
52			}
53			}
54
55			$backURL = $session->get('BackURL');
56			if ($this->owner->request->getVar('BackURL')) {
57			$backURL = $this->owner->request->getVar('BackURL');
58			}
59
60			$this->owner->getRequest()->getSession()->set('BackURL', $backURL);
61			}
62			}
63

silverstripe / silverstripe-saml

Push — master ( 879ca4...d0a2dc )

SAMLSecurityExtension A

Complexity

Size/Duplication

Importance

1 Method

Duplication Side-by-Side

Filter issues like