Authorize::forbidden() - Code Metrics - simplesamlphp/simplesamlphp-module-authorize - Measure and Improve Code Quality continuously with Scrutinizer

Authorize::forbidden() C
last analyzed 2025-09-08 10:55 UTC

↳ Parent: Authorize

Complexity

Conditions	12
Paths	145

Size

Total Lines	56
Code Lines	36

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
eloc	36
c	0
b	0
f	0
dl	0
loc	56
rs	6.5916
cc	12
nc	145
nop	1

How to fix Long Method Complexity

<?php

declare(strict_types=1);

namespace SimpleSAML\Module\authorize\Controller;

use SimpleSAML\Auth;
use SimpleSAML\Configuration;
use SimpleSAML\Error;
use SimpleSAML\Module;
use SimpleSAML\Session;
use SimpleSAML\XHTML\Template;
use Symfony\Component\HttpFoundation\Request;

/**
 * Controller class for the authorize module.
 *
 * This class serves the different views available in the module.
 *
 * @package SimpleSAML\Module\authorize
 */
class Authorize
{
    /**
     * Controller constructor.
     *
     * It initializes the global configuration and auth source configuration for the controllers implemented here.
     *
     * @param \SimpleSAML\Configuration              $config The configuration to use by the controllers.
     * @param \SimpleSAML\Session                    $session The session to use by the controllers.
     */
    public function __construct(
        protected Configuration $config,
        protected Session $session,
    ) {
    }


    /**
     * Show a 403 Forbidden page about not authorized to access an application.
     *
     * @param \Symfony\Component\HttpFoundation\Request $request
     * @return \SimpleSAML\XHTML\Template
     */
    public function forbidden(Request $request): Template
    {
        $stateId = $request->query->get('StateId', false);
        if (!is_string($stateId)) {
            throw new Error\BadRequest('Missing required StateId query parameter.');
        }

        /** @var array<mixed> $state */
        $state = Auth\State::loadState($stateId, 'authorize:Authorize');

        $t = new Template($this->config, 'authorize:authorize_403.twig');
        if (isset($state['Source']['auth'])) {
            $t->data['source'] = $state['Source']['auth'];
        }
        if (isset($state['authprocAuthorize_reject_msg'])) {
            $t->data['reject_msg'] = $state['authprocAuthorize_reject_msg'];
        }

        if (isset($state['Source']['auth'])) {
            $t->data['LogoutURL'] = Module::getModuleURL(
                'core/logout/' . urlencode($state['Source']['auth']),
            );
        }
        if (isset($state['authprocAuthorize_user_attribute'])) {
            $t->data['user_attribute'] = $state['authprocAuthorize_user_attribute'];
        }

        $t->data['allow_reauthentication'] = $state['authprocAuthorize_allow_re_authenticate_on_unauthorized'] ?? false;
        $stateId = Auth\State::saveState($state, 'authorize:Authorize');
        $t->data['url_reauthentication'] =
            Module::getModuleURL('authorize/error/reauthenticate', ['StateId' => $stateId]);

        if (
            isset($state['authprocAuthorize_errorURL'])
            && $state['authprocAuthorize_errorURL'] === true
            && isset($state['Source']['errorURL'])
        ) {
            $errorURL = $state['Source']['errorURL'];
            $errorURL = str_replace('ERRORURL_CODE', 'AUTHORIZATION_FAILURE', $errorURL);
            if (isset($state['saml:sp:State']['core:SP'])) {
                $errorURL = str_replace('ERRORURL_RP', urlencode($state['saml:sp:State']['core:SP']), $errorURL);
            }
            if (isset($state['saml:AuthnInstant'])) {
                $errorURL = str_replace('ERRORURL_TS', $state['saml:AuthnInstant'], $errorURL);
            } else {
                $errorURL = str_replace('ERRORURL_TS', strval(time()), $errorURL);
            }
            $errorURL = str_replace('ERRORURL_TID', urlencode($this->session->getTrackID()), $errorURL);
            if (isset($state['authprocAuthorize_ctx'])) {
                $errorURL = str_replace('ERRORURL_CTX', urlencode($state['authprocAuthorize_ctx']), $errorURL);
            }
            $t->data['errorURL'] = $errorURL;
        }

        $t->setStatusCode(403);
        return $t;
    }

    public function reauthenticate(Request $request): void
    {
        $stateId = $request->query->get('StateId', false);
        if (!is_string($stateId)) {
            throw new Error\BadRequest('Missing required StateId query parameter.');
        }
        /** @var array<mixed> $state */
        $state = Auth\State::loadState($stateId, 'authorize:Authorize');

        $authSource = $state['Source']['auth'];
        if (empty($authSource)) {
            throw new Error\BadRequest('Missing required auth source.');
        }
        $parameters = ['ForceAuthn' => true];

        if (isset($state['\\SimpleSAML\\Auth\\State.restartURL'])) {
            $returnToUrl = $state['\\SimpleSAML\\Auth\\State.restartURL'] ;
            $parameters['ReturnTo'] = $returnToUrl;
        }

        $auth = new Auth\Simple($authSource);
        $auth->login($parameters);
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace SimpleSAML\Module\authorize\Controller;
6
7			use SimpleSAML\Auth;
8			use SimpleSAML\Configuration;
9			use SimpleSAML\Error;
10			use SimpleSAML\Module;
11			use SimpleSAML\Session;
12			use SimpleSAML\XHTML\Template;
13			use Symfony\Component\HttpFoundation\Request;
14
15			/**
16			* Controller class for the authorize module.
17			*
18			* This class serves the different views available in the module.
19			*
20			* @package SimpleSAML\Module\authorize
21			*/
22			class Authorize
23			{
24			/**
25			* Controller constructor.
26			*
27			* It initializes the global configuration and auth source configuration for the controllers implemented here.
28			*
29			* @param \SimpleSAML\Configuration $config The configuration to use by the controllers.
30			* @param \SimpleSAML\Session $session The session to use by the controllers.
31			*/
32			public function __construct(
33			protected Configuration $config,
34			protected Session $session,
35			) {
36			}
37
38
39			/**
40			* Show a 403 Forbidden page about not authorized to access an application.
41			*
42			* @param \Symfony\Component\HttpFoundation\Request $request
43			* @return \SimpleSAML\XHTML\Template
44			*/
45			public function forbidden(Request $request): Template
46			{
47			$stateId = $request->query->get('StateId', false);
48			if (!is_string($stateId)) {
49			throw new Error\BadRequest('Missing required StateId query parameter.');
50			}
51
52			/** @var array<mixed> $state */
53			$state = Auth\State::loadState($stateId, 'authorize:Authorize');
54
55			$t = new Template($this->config, 'authorize:authorize_403.twig');
56			if (isset($state['Source']['auth'])) {
57			$t->data['source'] = $state['Source']['auth'];
58			}
59			if (isset($state['authprocAuthorize_reject_msg'])) {
60			$t->data['reject_msg'] = $state['authprocAuthorize_reject_msg'];
61			}
62
63			if (isset($state['Source']['auth'])) {
64			$t->data['LogoutURL'] = Module::getModuleURL(
65			'core/logout/' . urlencode($state['Source']['auth']),
66			);
67			}
68			if (isset($state['authprocAuthorize_user_attribute'])) {
69			$t->data['user_attribute'] = $state['authprocAuthorize_user_attribute'];
70			}
71
72			$t->data['allow_reauthentication'] = $state['authprocAuthorize_allow_re_authenticate_on_unauthorized'] ?? false;
73			$stateId = Auth\State::saveState($state, 'authorize:Authorize');
74			$t->data['url_reauthentication'] =
75			Module::getModuleURL('authorize/error/reauthenticate', ['StateId' => $stateId]);
76
77			if (
78			isset($state['authprocAuthorize_errorURL'])
79			&& $state['authprocAuthorize_errorURL'] === true
80			&& isset($state['Source']['errorURL'])
81			) {
82			$errorURL = $state['Source']['errorURL'];
83			$errorURL = str_replace('ERRORURL_CODE', 'AUTHORIZATION_FAILURE', $errorURL);
84			if (isset($state['saml:sp:State']['core:SP'])) {
85			$errorURL = str_replace('ERRORURL_RP', urlencode($state['saml:sp:State']['core:SP']), $errorURL);
86			}
87			if (isset($state['saml:AuthnInstant'])) {
88			$errorURL = str_replace('ERRORURL_TS', $state['saml:AuthnInstant'], $errorURL);
89			} else {
90			$errorURL = str_replace('ERRORURL_TS', strval(time()), $errorURL);
91			}
92			$errorURL = str_replace('ERRORURL_TID', urlencode($this->session->getTrackID()), $errorURL);
93			if (isset($state['authprocAuthorize_ctx'])) {
94			$errorURL = str_replace('ERRORURL_CTX', urlencode($state['authprocAuthorize_ctx']), $errorURL);
95			}
96			$t->data['errorURL'] = $errorURL;
97			}
98
99			$t->setStatusCode(403);
100			return $t;
101			}
102
103			public function reauthenticate(Request $request): void
104			{
105			$stateId = $request->query->get('StateId', false);
106			if (!is_string($stateId)) {
107			throw new Error\BadRequest('Missing required StateId query parameter.');
108			}
109			/** @var array<mixed> $state */
110			$state = Auth\State::loadState($stateId, 'authorize:Authorize');
111
112			$authSource = $state['Source']['auth'];
113			if (empty($authSource)) {
114			throw new Error\BadRequest('Missing required auth source.');
115			}
116			$parameters = ['ForceAuthn' => true];
117
118			if (isset($state['\\SimpleSAML\\Auth\\State.restartURL'])) {
119			$returnToUrl = $state['\\SimpleSAML\\Auth\\State.restartURL'] ;
120			$parameters['ReturnTo'] = $returnToUrl;
121			}
122
123			$auth = new Auth\Simple($authSource);
124			$auth->login($parameters);
125			}
126			}
127

simplesamlphp / simplesamlphp-module-authorize

Authorize::forbidden() C last analyzed 2025-09-08 10:55 UTC

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like

Authorize::forbidden() C
last analyzed 2025-09-08 10:55 UTC