Inspection of "Mark APR1 as insecure" - simplesamlphp/simplesamlphp-module-authcrypt - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 634ec1...ffcd29 )

by Tim

created 2022-09-26 16:24 UTC

Status

Spacing +6 added lines, -6 removed lines patch added patch discarded remove patch

@@ -48,7 +48,7 @@  discard block
 block discarded – undo
         $this->users = [];
 
         if (!$htpasswd = file_get_contents($config['htpasswd_file'])) {
-            throw new Exception('Could not read ' . $config['htpasswd_file']);
+            throw new Exception('Could not read '.$config['htpasswd_file']);
         }
 
         $this->users = explode("\n", trim($htpasswd));
@@ -57,8 +57,8 @@  discard block
 block discarded – undo
             $attrUtils = new Utils\Attributes();
             $this->attributes = $attrUtils->normalizeAttributesArray($config['static_attributes']);
         } catch (Exception $e) {
-            throw new Exception('Invalid static_attributes in authentication source ' .
-                $this->authId . ': ' . $e->getMessage());
+            throw new Exception('Invalid static_attributes in authentication source '.
+                $this->authId.': '.$e->getMessage());
         }
     }
 
@@ -92,7 +92,7 @@  discard block
 block discarded – undo
 
                 // Traditional crypt(3)
                 if ($cryptoUtils->secureCompare($crypted, crypt($password, $crypted))) {
-                    Logger::debug('User ' . $username . ' authenticated successfully');
+                    Logger::debug('User '.$username.' authenticated successfully');
                     Logger::warning(
                         'CRYPT authentication is insecure. Please consider using something else.'
                     );
@@ -101,7 +101,7 @@  discard block
 block discarded – undo
 
                 // Apache's custom MD5
                 if (APR1_MD5::check($password, $crypted)) {
-                    Logger::debug('User ' . $username . ' authenticated successfully');
+                    Logger::debug('User '.$username.' authenticated successfully');
                     Logger::warning(
                         'APR1 authentication is insecure. Please consider using something else.'
                     );
@@ -110,7 +110,7 @@  discard block
 block discarded – undo
 
                 // PASSWORD_BCRYPT
                 if ($cryptoUtils->pwValid($crypted, $password)) {
-                    Logger::debug('User ' . $username . ' authenticated successfully');
+                    Logger::debug('User '.$username.' authenticated successfully');
                     return $attributes;
                 }
                 throw new Error\Error('WRONGUSERPASS');

Please login to merge, or discard this patch.

		@@ -48,7 +48,7 @@ discard block
		block discarded – undo
48	48	$this->users = [];
49	49
50	50	if (!$htpasswd = file_get_contents($config['htpasswd_file'])) {
51		- throw new Exception('Could not read ' . $config['htpasswd_file']);
	51	+ throw new Exception('Could not read '.$config['htpasswd_file']);
52	52	}
53	53
54	54	$this->users = explode("\n", trim($htpasswd));
		@@ -57,8 +57,8 @@ discard block
		block discarded – undo
57	57	$attrUtils = new Utils\Attributes();
58	58	$this->attributes = $attrUtils->normalizeAttributesArray($config['static_attributes']);
59	59	} catch (Exception $e) {
60		- throw new Exception('Invalid static_attributes in authentication source ' .
61		- $this->authId . ': ' . $e->getMessage());
	60	+ throw new Exception('Invalid static_attributes in authentication source '.
	61	+ $this->authId.': '.$e->getMessage());
62	62	}
63	63	}
64	64
		@@ -92,7 +92,7 @@ discard block
		block discarded – undo
92	92
93	93	// Traditional crypt(3)
94	94	if ($cryptoUtils->secureCompare($crypted, crypt($password, $crypted))) {
95		- Logger::debug('User ' . $username . ' authenticated successfully');
	95	+ Logger::debug('User '.$username.' authenticated successfully');
96	96	Logger::warning(
97	97	'CRYPT authentication is insecure. Please consider using something else.'
98	98	);
		@@ -101,7 +101,7 @@ discard block
		block discarded – undo
101	101
102	102	// Apache's custom MD5
103	103	if (APR1_MD5::check($password, $crypted)) {
104		- Logger::debug('User ' . $username . ' authenticated successfully');
	104	+ Logger::debug('User '.$username.' authenticated successfully');
105	105	Logger::warning(
106	106	'APR1 authentication is insecure. Please consider using something else.'
107	107	);
		@@ -110,7 +110,7 @@ discard block
		block discarded – undo
110	110
111	111	// PASSWORD_BCRYPT
112	112	if ($cryptoUtils->pwValid($crypted, $password)) {
113		- Logger::debug('User ' . $username . ' authenticated successfully');
	113	+ Logger::debug('User '.$username.' authenticated successfully');
114	114	return $attributes;
115	115	}
116	116	throw new Error\Error('WRONGUSERPASS');

simplesamlphp / simplesamlphp-module-authcrypt

Push — master ( 634ec1...ffcd29 )

Status

Category

Spacing +6 added lines, -6 removed lines patch added patch discarded remove patch