simplesamlphp /
simplesamlphp-module-casserver
| Conditions | 14 |
| Paths | 42 |
| Total Lines | 84 |
| Code Lines | 53 |
| Lines | 0 |
| Ratio | 0 % |
| Changes | 2 | ||
| Bugs | 0 | Features | 0 |
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
| 1 | <?php |
||
| 64 | public function validate(Request $request): Response |
||
| 65 | { |
||
| 66 | // Check if any of the required query parameters are missing |
||
| 67 | if (!$request->query->has('service')) { |
||
| 68 | Logger::debug('casserver: Missing service parameter: [service]'); |
||
| 69 | return new Response( |
||
| 70 | $this->cas10Protocol->getValidateFailureResponse(), |
||
| 71 | Response::HTTP_BAD_REQUEST, |
||
| 72 | ); |
||
| 73 | } elseif (!$request->query->has('ticket')) { |
||
| 74 | Logger::debug('casserver: Missing service parameter: [ticket]'); |
||
| 75 | return new Response( |
||
| 76 | $this->cas10Protocol->getValidateFailureResponse(), |
||
| 77 | Response::HTTP_BAD_REQUEST, |
||
| 78 | ); |
||
| 79 | } |
||
| 80 | |||
| 81 | // Check if we are required to force an authentication |
||
| 82 | $forceAuthn = $request->query->has('renew') && $request->query->get('renew'); |
||
| 83 | // Get the ticket |
||
| 84 | $ticket = $request->query->get('ticket'); |
||
| 85 | // Get the service |
||
| 86 | $service = $request->query->get('service'); |
||
| 87 | |||
| 88 | try { |
||
| 89 | // Get the service ticket |
||
| 90 | $serviceTicket = $this->ticketStore->getTicket($ticket); |
||
| 91 | // Delete the ticket |
||
| 92 | $this->ticketStore->deleteTicket($ticket); |
||
| 93 | } catch (\Exception $e) { |
||
| 94 | Logger::error('casserver:validate: internal server error. ' . var_export($e->getMessage(), true)); |
||
| 95 | return new Response( |
||
| 96 | $this->cas10Protocol->getValidateFailureResponse(), |
||
| 97 | Response::HTTP_INTERNAL_SERVER_ERROR, |
||
| 98 | ); |
||
| 99 | } |
||
| 100 | |||
| 101 | $failed = false; |
||
| 102 | $message = ''; |
||
| 103 | // No ticket |
||
| 104 | if ($serviceTicket === null) { |
||
| 105 | $message = 'ticket: ' . var_export($ticket, true) . ' not recognized'; |
||
| 106 | $failed = true; |
||
| 107 | // This is not a service ticket |
||
| 108 | } elseif (!$this->ticketFactory->isServiceTicket($serviceTicket)) { |
||
| 109 | $message = 'ticket: ' . var_export($ticket, true) . ' is not a service ticket'; |
||
| 110 | $failed = true; |
||
| 111 | // the ticket has expired |
||
| 112 | } elseif ($this->ticketFactory->isExpired($serviceTicket)) { |
||
| 113 | $message = 'Ticket has ' . var_export($ticket, true) . ' expired'; |
||
| 114 | $failed = true; |
||
| 115 | } elseif ($this->sanitize($serviceTicket['service']) === $this->sanitize($service)) { |
||
| 116 | $message = 'Mismatching service parameters: expected ' . |
||
| 117 | var_export($serviceTicket['service'], true) . |
||
| 118 | ' but was: ' . var_export($service, true); |
||
| 119 | $failed = true; |
||
| 120 | } elseif ($forceAuthn && isset($serviceTicket['forceAuthn']) && $serviceTicket['forceAuthn']) { |
||
| 121 | $message = 'Ticket was issued from single sign on session'; |
||
| 122 | $failed = true; |
||
| 123 | } |
||
| 124 | |||
| 125 | if ($failed) { |
||
| 126 | Logger::error('casserver:validate: ' . $message, true); |
||
| 127 | return new Response( |
||
| 128 | $this->cas10Protocol->getValidateFailureResponse(), |
||
| 129 | Response::HTTP_BAD_REQUEST, |
||
| 130 | ); |
||
| 131 | } |
||
| 132 | |||
| 133 | // Get the username field |
||
| 134 | $usernameField = $this->casConfig->getOptionalValue('attrname', 'eduPersonPrincipalName'); |
||
| 135 | |||
| 136 | // Fail if the username field is not present in the attribute list |
||
| 137 | if (!\array_key_exists($usernameField, $serviceTicket['attributes'])) { |
||
| 138 | Logger::error( |
||
| 139 | 'casserver:validate: internal server error. Missing user name attribute: ' |
||
| 140 | . var_export($usernameField, true), |
||
| 141 | ); |
||
| 142 | } |
||
| 143 | |||
| 144 | // Successful validation |
||
| 145 | return new Response( |
||
| 146 | $this->cas10Protocol->getValidateSuccessResponse($serviceTicket['attributes'][$usernameField][0]), |
||
| 147 | Response::HTTP_OK, |
||
| 148 | ); |
||
| 151 |
Loading history...