Authorize::forbidden() - Code Metrics - Inspection of "feat(reauthenticate): Add flag to allow re-authent..." - simplesamlphp/simplesamlphp-module-authorize - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#18)

unknown

created 2024-08-05 22:09 UTC

Authorize::forbidden() B

↳ Parent: Authorize

Complexity

Conditions	11
Paths	73

Size

Total Lines	53
Code Lines	34

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
eloc	34
c	0
b	0
f	0
dl	0
loc	53
rs	7.3166
cc	11
nc	73
nop	1

How to fix Long Method Complexity

<?php

declare(strict_types=1);

namespace SimpleSAML\Module\authorize\Controller;

use SimpleSAML\Auth;
use SimpleSAML\Configuration;
use SimpleSAML\Error;
use SimpleSAML\Module;
use SimpleSAML\Session;
use SimpleSAML\XHTML\Template;
use Symfony\Component\HttpFoundation\Request;

/**
 * Controller class for the authorize module.
 *
 * This class serves the different views available in the module.
 *
 * @package SimpleSAML\Module\authorize
 */
class Authorize
{
    /**
     * Controller constructor.
     *
     * It initializes the global configuration and auth source configuration for the controllers implemented here.
     *
     * @param \SimpleSAML\Configuration              $config The configuration to use by the controllers.
     * @param \SimpleSAML\Session                    $session The session to use by the controllers.
     *
     * @throws \Exception
     */
    public function __construct(
        protected Configuration $config,
        protected Session $session,
    ) {
    }


    /**
     * Show a 403 Forbidden page about not authorized to access an application.
     *
     * @param \Symfony\Component\HttpFoundation\Request $request
     * @return \SimpleSAML\XHTML\Template
     */
    public function forbidden(Request $request): Template
    {
        $stateId = $request->query->get('StateId', false);
        if (!is_string($stateId)) {
            throw new Error\BadRequest('Missing required StateId query parameter.');
        }

        /** @var array $state */
        $state = Auth\State::loadState($stateId, 'authorize:Authorize');

        $t = new Template($this->config, 'authorize:authorize_403.twig');
        if (isset($state['Source']['auth'])) {
            $t->data['source'] = $state['Source']['auth'];
        }
        if (isset($state['authprocAuthorize_reject_msg'])) {
            $t->data['reject_msg'] = $state['authprocAuthorize_reject_msg'];
        }

        if (isset($state['Source']['auth'])) {
            $t->data['LogoutURL'] = Module::getModuleURL(
                'core/logout/' . urlencode($state['Source']['auth']),
            );
        }

        $t->data['allow_reauthentication'] = $state['authprocAuthorize_allow_re_authenticate_on_unauthorized'] ?? false;
        $stateId = Auth\State::saveState($state, 'authorize:Authorize');
        $t->data['url_reauthentication'] =
            Module::getModuleURL('authorize/error/reauthenticate', ['StateId' => $stateId]);

        if (
            isset($state['authprocAuthorize_errorURL'])
            && $state['authprocAuthorize_errorURL'] === true
            && isset($state['Source']['errorURL'])
        ) {
            $errorURL = $state['Source']['errorURL'];
            $errorURL = str_replace('ERRORURL_CODE', 'AUTHORIZATION_FAILURE', $errorURL);
            if (isset($state['saml:sp:State']['core:SP'])) {
                $errorURL = str_replace('ERRORURL_RP', urlencode($state['saml:sp:State']['core:SP']), $errorURL);
            }
            if (isset($state['saml:AuthnInstant'])) {
                $errorURL = str_replace('ERRORURL_TS', $state['saml:AuthnInstant'], $errorURL);
            } else {
                $errorURL = str_replace('ERRORURL_TS', strval(time()), $errorURL);
            }
            $errorURL = str_replace('ERRORURL_TID', urlencode($this->session->getTrackID()), $errorURL);
            if (isset($state['authprocAuthorize_ctx'])) {
                $errorURL = str_replace('ERRORURL_CTX', urlencode($state['authprocAuthorize_ctx']), $errorURL);
            }
            $t->data['errorURL'] = $errorURL;
        }

        $t->setStatusCode(403);
        return $t;
    }

    public function reauthenticate(Request $request): void
    {
        $stateId = $request->query->get('StateId', false);
        if (!is_string($stateId)) {
            throw new Error\BadRequest('Missing required StateId query parameter.');
        }
        /** @var array $state */
        $state = Auth\State::loadState($stateId, 'authorize:Authorize');

        $authSource = $state['Source']['auth'];
        if (empty($authSource)) {
            throw new Error\BadRequest('Missing required auth source.');
        }
        $parameters = ['ForceAuthn' => true];

        if (isset($state['\\SimpleSAML\\Auth\\State.restartURL'])) {
            $returnToUrl = $state['\\SimpleSAML\\Auth\\State.restartURL'] ;
            $parameters['ReturnTo'] = $returnToUrl;
        }

        $auth = new Auth\Simple($authSource);
        $auth->login($parameters);
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace SimpleSAML\Module\authorize\Controller;
6
7			use SimpleSAML\Auth;
8			use SimpleSAML\Configuration;
9			use SimpleSAML\Error;
10			use SimpleSAML\Module;
11			use SimpleSAML\Session;
12			use SimpleSAML\XHTML\Template;
13			use Symfony\Component\HttpFoundation\Request;
14
15			/**
16			* Controller class for the authorize module.
17			*
18			* This class serves the different views available in the module.
19			*
20			* @package SimpleSAML\Module\authorize
21			*/
22			class Authorize
23			{
24			/**
25			* Controller constructor.
26			*
27			* It initializes the global configuration and auth source configuration for the controllers implemented here.
28			*
29			* @param \SimpleSAML\Configuration $config The configuration to use by the controllers.
30			* @param \SimpleSAML\Session $session The session to use by the controllers.
31			*
32			* @throws \Exception
33			*/
34			public function __construct(
35			protected Configuration $config,
36			protected Session $session,
37			) {
38			}
39
40
41			/**
42			* Show a 403 Forbidden page about not authorized to access an application.
43			*
44			* @param \Symfony\Component\HttpFoundation\Request $request
45			* @return \SimpleSAML\XHTML\Template
46			*/
47			public function forbidden(Request $request): Template
48			{
49			$stateId = $request->query->get('StateId', false);
50			if (!is_string($stateId)) {
51			throw new Error\BadRequest('Missing required StateId query parameter.');
52			}
53
54			/** @var array $state */
55			$state = Auth\State::loadState($stateId, 'authorize:Authorize');
56
57			$t = new Template($this->config, 'authorize:authorize_403.twig');
58			if (isset($state['Source']['auth'])) {
59			$t->data['source'] = $state['Source']['auth'];
60			}
61			if (isset($state['authprocAuthorize_reject_msg'])) {
62			$t->data['reject_msg'] = $state['authprocAuthorize_reject_msg'];
63			}
64
65			if (isset($state['Source']['auth'])) {
66			$t->data['LogoutURL'] = Module::getModuleURL(
67			'core/logout/' . urlencode($state['Source']['auth']),
68			);
69			}
70
71			$t->data['allow_reauthentication'] = $state['authprocAuthorize_allow_re_authenticate_on_unauthorized'] ?? false;
72			$stateId = Auth\State::saveState($state, 'authorize:Authorize');
73			$t->data['url_reauthentication'] =
74			Module::getModuleURL('authorize/error/reauthenticate', ['StateId' => $stateId]);
75
76			if (
77			isset($state['authprocAuthorize_errorURL'])
78			&& $state['authprocAuthorize_errorURL'] === true
79			&& isset($state['Source']['errorURL'])
80			) {
81			$errorURL = $state['Source']['errorURL'];
82			$errorURL = str_replace('ERRORURL_CODE', 'AUTHORIZATION_FAILURE', $errorURL);
83			if (isset($state['saml:sp:State']['core:SP'])) {
84			$errorURL = str_replace('ERRORURL_RP', urlencode($state['saml:sp:State']['core:SP']), $errorURL);
85			}
86			if (isset($state['saml:AuthnInstant'])) {
87			$errorURL = str_replace('ERRORURL_TS', $state['saml:AuthnInstant'], $errorURL);
88			} else {
89			$errorURL = str_replace('ERRORURL_TS', strval(time()), $errorURL);
90			}
91			$errorURL = str_replace('ERRORURL_TID', urlencode($this->session->getTrackID()), $errorURL);
92			if (isset($state['authprocAuthorize_ctx'])) {
93			$errorURL = str_replace('ERRORURL_CTX', urlencode($state['authprocAuthorize_ctx']), $errorURL);
94			}
95			$t->data['errorURL'] = $errorURL;
96			}
97
98			$t->setStatusCode(403);
99			return $t;
100			}
101
102			public function reauthenticate(Request $request): void
103			{
104			$stateId = $request->query->get('StateId', false);
105			if (!is_string($stateId)) {
106			throw new Error\BadRequest('Missing required StateId query parameter.');
107			}
108			/** @var array $state */
109			$state = Auth\State::loadState($stateId, 'authorize:Authorize');
110
111			$authSource = $state['Source']['auth'];
112			if (empty($authSource)) {
113			throw new Error\BadRequest('Missing required auth source.');
114			}
115			$parameters = ['ForceAuthn' => true];
116
117			if (isset($state['\\SimpleSAML\\Auth\\State.restartURL'])) {
118			$returnToUrl = $state['\\SimpleSAML\\Auth\\State.restartURL'] ;
119			$parameters['ReturnTo'] = $returnToUrl;
120			}
121
122			$auth = new Auth\Simple($authSource);
123			$auth->login($parameters);
124			}
125			}
126

simplesamlphp / simplesamlphp-module-authorize

Pull Request — master (#18)

Authorize::forbidden() B

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like