SessionNotOnOrAfter::validate() - Code Metrics - Inspection of "PSR-20 - Use a clock and replace integer timestamp..." - simplesamlphp/saml2 - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#336)

by Tim

created 2023-05-27 20:55 UTC

SessionNotOnOrAfter::validate() A

↳ Parent: SessionNotOnOrAfter

Complexity

Conditions	3
Paths	2

Size

Total Lines	10
Code Lines	7

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	3
eloc	7
nc	2
nop	2
dl	0
loc	10
rs	10
c	0
b	0
f	0

<?php

declare(strict_types=1);

namespace SimpleSAML\SAML2\Assertion\Validation\ConstraintValidator;

use Beste\Clock;
use DateInterval;
use SimpleSAML\SAML2\XML\saml\Assertion;
use SimpleSAML\SAML2\Assertion\Validation\AssertionConstraintValidator;
use SimpleSAML\SAML2\Assertion\Validation\Result;
use SimpleSAML\SAML2\Utils;

class SessionNotOnOrAfter implements AssertionConstraintValidator
{
    /** @var \Beste\Clock */
    private static Clock $clock;


    /**
     */
    public function __construct()
    {
        self::$clock = Utils::getContainer()->getClock();
    }


    /**
     * @param \SimpleSAML\SAML2\XML\saml\Assertion $assertion
     * @param \SimpleSAML\SAML2\Assertion\Validation\Result $result
     */
    public function validate(Assertion $assertion, Result $result): void
    {
        $sessionNotOnOrAfterTimestamp = $assertion->getAuthnStatements()[0]->getSessionNotOnOrAfter();
        $currentTime = self::$clock->now();
        if (
            ($sessionNotOnOrAfterTimestamp !== null) &&
            ($sessionNotOnOrAfterTimestamp <= ($currentTime->sub(new DateInterval('PT60S'))))
        ) {
            $result->addError(
                'Received an assertion with a session that has expired. Check clock synchronization on IdP and SP.',
            );
        }
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace SimpleSAML\SAML2\Assertion\Validation\ConstraintValidator;
6
7			use Beste\Clock;
8			use DateInterval;
9			use SimpleSAML\SAML2\XML\saml\Assertion;
10			use SimpleSAML\SAML2\Assertion\Validation\AssertionConstraintValidator;
11			use SimpleSAML\SAML2\Assertion\Validation\Result;
12			use SimpleSAML\SAML2\Utils;
13
14			class SessionNotOnOrAfter implements AssertionConstraintValidator
15			{
16			/** @var \Beste\Clock */
17			private static Clock $clock;
18
19
20			/**
21			*/
22			public function __construct()
23			{
24			self::$clock = Utils::getContainer()->getClock();
25			}
26
27
28			/**
29			* @param \SimpleSAML\SAML2\XML\saml\Assertion $assertion
30			* @param \SimpleSAML\SAML2\Assertion\Validation\Result $result
31			*/
32			public function validate(Assertion $assertion, Result $result): void
33			{
34			$sessionNotOnOrAfterTimestamp = $assertion->getAuthnStatements()[0]->getSessionNotOnOrAfter();
35			$currentTime = self::$clock->now();
36			if (
37			($sessionNotOnOrAfterTimestamp !== null) &&
38			($sessionNotOnOrAfterTimestamp <= ($currentTime->sub(new DateInterval('PT60S'))))
39			) {
40			$result->addError(
41			'Received an assertion with a session that has expired. Check clock synchronization on IdP and SP.',
42			);
43			}
44			}
45			}
46

simplesamlphp / saml2

Pull Request — master (#336)

SessionNotOnOrAfter::validate() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like