ConsentController - Code Metrics - simplesamlphp/simplesamlphp-module-consent - Measure and Improve Code Quality continuously with Scrutinizer

ConsentController A
last analyzed 2025-04-16 20:51 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	287
Duplicated Lines	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
eloc	136
c	1
b	0
f	0
dl	0
loc	287
rs	9.0399
wmc	42

7 Methods

Rating	Name	Size	Complexity
F	getconsent()	143	28
B	noconsent()	41	7
A	setAuthState()	3	1
A	logoutcompleted()	3	1
A	logout()	15	3
A	__construct()	4	1
A	setLogger()	3	1

How to fix Complexity

<?php

declare(strict_types=1);

namespace SimpleSAML\Module\consent\Controller;

use Exception;
use SimpleSAML\Auth;
use SimpleSAML\Configuration;
use SimpleSAML\Error;
use SimpleSAML\HTTP\RunnableResponse;
use SimpleSAML\IdP;
use SimpleSAML\Logger;
use SimpleSAML\Module;
use SimpleSAML\Session;
use SimpleSAML\Stats;
use SimpleSAML\XHTML\Template;
use Symfony\Component\HttpFoundation\Request;

/**
 * Controller class for the consent module.
 *
 * This class serves the consent views available in the module.
 *
 * @package SimpleSAML\Module\consent
 */
class ConsentController
{
    /** @var \SimpleSAML\Configuration */
    protected $config;

    /** @var \SimpleSAML\Session */
    protected $session;

    /**
     * @var \SimpleSAML\Auth\State|string
     * @psalm-var \SimpleSAML\Auth\State|class-string
     */
    protected $authState = Auth\State::class;

    /**
     * @var \SimpleSAML\Logger|string
     * @psalm-var \SimpleSAML\Logger|class-string
     */
    protected $logger = Logger::class;


    /**
     * ConsentController constructor.
     *
     * @param \SimpleSAML\Configuration $config The configuration to use.
     * @param \SimpleSAML\Session $session The current user session.
     */
    public function __construct(Configuration $config, Session $session)
    {
        $this->config = $config;
        $this->session = $session;
    }


    /**
     * Inject the \SimpleSAML\Auth\State dependency.
     *
     * @param \SimpleSAML\Auth\State $authState
     */
    public function setAuthState(Auth\State $authState): void
    {
        $this->authState = $authState;
    }


    /**
     * Inject the \SimpleSAML\Logger dependency.
     *
     * @param \SimpleSAML\Logger $logger
     */
    public function setLogger(Logger $logger): void
    {
        $this->logger = $logger;
    }


    /**
     * Display consent form.
     *
     * @param \Symfony\Component\HttpFoundation\Request $request The current request.
     *
     * @return \SimpleSAML\XHTML\Template|\SimpleSAML\HTTP\RunnableResponse
     */
    public function getconsent(Request $request)
    {
        $this->logger::info('Consent - getconsent: Accessing consent interface');

        $stateId = $request->query->get('StateId');
        if ($stateId === null) {
            throw new Error\BadRequest('Missing required StateId query parameter.');
        }

        $state = $this->authState::loadState($stateId, 'consent:request');

        if (is_null($state)) {
            throw new Error\NoState();
        } elseif (array_key_exists('core:SP', $state)) {
            $spentityid = $state['core:SP'];
        } elseif (array_key_exists('saml:sp:State', $state)) {
            $spentityid = $state['saml:sp:State']['core:SP'];
        } else {
            $spentityid = 'UNKNOWN';
        }

        // The user has pressed the yes-button
        if ($request->query->get('yes') !== null) {
            if ($request->query->get('saveconsent') !== null) {
                $this->logger::stats('consentResponse remember');
            } else {
                $this->logger::stats('consentResponse rememberNot');
            }

            $statsInfo = [
                'remember' => $request->query->get('saveconsent'),
            ];
            if (isset($state['Destination']['entityid'])) {
                $statsInfo['spEntityID'] = $state['Destination']['entityid'];
            }
            Stats::log('consent:accept', $statsInfo);

            if (
                array_key_exists('consent:store', $state)
                && $request->query->get('saveconsent') === '1'
            ) {
                // Save consent
                $store = $state['consent:store'];
                $userId = $state['consent:store.userId'];
                $targetedId = $state['consent:store.destination'];
                $attributeSet = $state['consent:store.attributeSet'];

                $this->logger::debug(
                    'Consent - saveConsent() : [' . $userId . '|' . $targetedId . '|' . $attributeSet . ']',
                );
                try {
                    $store->saveConsent($userId, $targetedId, $attributeSet);
                } catch (Exception $e) {
                    $this->logger::error('Consent: Error writing to storage: ' . $e->getMessage());
                }
            }

            return new RunnableResponse([Auth\ProcessingChain::class, 'resumeProcessing'], [$state]);
        }

        // Prepare attributes for presentation
        $attributes = $state['Attributes'];
        $noconsentattributes = $state['consent:noconsentattributes'];

        // Remove attributes that do not require consent
        foreach ($attributes as $attrkey => $attrval) {
            if (in_array($attrkey, $noconsentattributes, true)) {
                unset($attributes[$attrkey]);
            }
        }
        $para = [
            'attributes' => &$attributes,
        ];

        // Reorder attributes according to attributepresentation hooks
        Module::callHooks('attributepresentation', $para);

        // Unset the values for attributes that need to be hidden
        if (array_key_exists('consent:hiddenAttributes', $state)) {
            foreach ($state['consent:hiddenAttributes'] as $hidden) {
                if (array_key_exists($hidden, $attributes)) {
                    $attributes[$hidden] = null;
                }
            }
        }

        // Make, populate and layout consent form
        $t = new Template($this->config, 'consent:consentform.twig');
        $l = $t->getLocalization();
        $l->addAttributeDomains();
        $t->data['attributes'] = $attributes;
        $t->data['checked'] = $state['consent:checked'];
        $t->data['stateId'] = $stateId;
        $t->data['source'] = $state['Source'];
        $t->data['destination'] = $state['Destination'];

        if (isset($state['Destination']['description'])) {
            $t->data['descr_purpose'] = $state['Destination']['description'];
        } elseif (isset($state['Destination']['UIInfo']['Description'])) {
            $t->data['descr_purpose'] = $state['Destination']['UIInfo']['Description'];
        }

        // Fetch privacy policy
        if (
            array_key_exists('UIInfo', $state['Destination']) &&
            array_key_exists('PrivacyStatementURL', $state['Destination']['UIInfo']) &&
            (!empty($state['Destination']['UIInfo']['PrivacyStatementURL']))
        ) {
            $privacypolicy = reset($state['Destination']['UIInfo']['PrivacyStatementURL']);
        } elseif (
            array_key_exists('UIInfo', $state['Source']) &&
            array_key_exists('PrivacyStatementURL', $state['Source']['UIInfo']) &&
            (!empty($state['Source']['UIInfo']['PrivacyStatementURL']))
        ) {
            $privacypolicy = reset($state['Source']['UIInfo']['PrivacyStatementURL']);
        } else {
            $privacypolicy = false;
        }
        if ($privacypolicy !== false) {
            $privacypolicy = str_replace(
                '%SPENTITYID%',
                urlencode($spentityid),
                $privacypolicy,
            );
        }
        $t->data['sppp'] = $privacypolicy;

        // Set focus element
        switch ($state['consent:focus']) {
            case 'yes':
                $t->data['autofocus'] = 'yesbutton';
                break;
            case 'no':
                $t->data['autofocus'] = 'nobutton';
                break;
            case null:
            default:
                break;
        }

        $t->data['usestorage'] = array_key_exists('consent:store', $state);

        return $t;
    }


    /**
     * @param \Symfony\Component\HttpFoundation\Request $request The current request.
     *
     * @return \SimpleSAML\XHTML\Template
     */
    public function noconsent(Request $request): Template
    {
        $stateId = $request->query->get('StateId');
        if ($stateId === null) {
            throw new Error\BadRequest('Missing required StateId query parameter.');
        }

        $state = $this->authState::loadState($stateId, 'consent:request');
        if (is_null($state)) {
            throw new Error\NoState();
        }

        $resumeFrom = Module::getModuleURL(
            'consent/getconsent',
            ['StateId' => $stateId],
        );

        $logoutLink = Module::getModuleURL(
            'consent/logout',
            ['StateId' => $stateId],
        );

        $aboutService = null;
        if (!isset($state['consent:showNoConsentAboutService']) || $state['consent:showNoConsentAboutService']) {
            if (isset($state['Destination']['UIInfo']['InformationURL'])) {
                $aboutService = reset($state['Destination']['UIInfo']['InformationURL']);
            }
        }

        $statsInfo = [];
        if (isset($state['Destination']['entityid'])) {
            $statsInfo['spEntityID'] = $state['Destination']['entityid'];
        }
        Stats::log('consent:reject', $statsInfo);

        $t = new Template($this->config, 'consent:noconsent.twig');
        $t->data['dstMetadata'] = $state['Destination'];
        $t->data['resumeFrom'] = $resumeFrom;
        $t->data['aboutService'] = $aboutService;
        $t->data['logoutLink'] = $logoutLink;
        return $t;
    }


    /**
     * @param \Symfony\Component\HttpFoundation\Request $request The current request.
     *
     * @return \SimpleSAML\HTTP\RunnableResponse
     */
    public function logout(Request $request): RunnableResponse
    {
        $stateId = $request->query->get('StateId', null);
        if ($stateId === null) {
            throw new Error\BadRequest('Missing required StateId query parameter.');
        }

        $state = $this->authState::loadState($stateId, 'consent:request');
        if (is_null($state)) {
            throw new Error\NoState();
        }
        $state['Responder'] = ['\SimpleSAML\Module\consent\Logout', 'postLogout'];

        $idp = IdP::getByState($state);
        return new RunnableResponse([$idp, 'handleLogoutRequest'], [&$state, $stateId]);
    }


    /**
     * @return \SimpleSAML\XHTML\Template
     */
    public function logoutcompleted(): Template
    {
        return new Template($this->config, 'consent:logout_completed.twig');
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace SimpleSAML\Module\consent\Controller;
6
7			use Exception;
8			use SimpleSAML\Auth;
9			use SimpleSAML\Configuration;
10			use SimpleSAML\Error;
11			use SimpleSAML\HTTP\RunnableResponse;
12			use SimpleSAML\IdP;
13			use SimpleSAML\Logger;
14			use SimpleSAML\Module;
15			use SimpleSAML\Session;
16			use SimpleSAML\Stats;
17			use SimpleSAML\XHTML\Template;
18			use Symfony\Component\HttpFoundation\Request;
19
20			/**
21			* Controller class for the consent module.
22			*
23			* This class serves the consent views available in the module.
24			*
25			* @package SimpleSAML\Module\consent
26			*/
27			class ConsentController
28			{
29			/** @var \SimpleSAML\Configuration */
30			protected $config;
31
32			/** @var \SimpleSAML\Session */
33			protected $session;
34
35			/**
36			* @var \SimpleSAML\Auth\State\|string
37			* @psalm-var \SimpleSAML\Auth\State\|class-string
38			*/
39			protected $authState = Auth\State::class;
40
41			/**
42			* @var \SimpleSAML\Logger\|string
43			* @psalm-var \SimpleSAML\Logger\|class-string
44			*/
45			protected $logger = Logger::class;
46
47
48			/**
49			* ConsentController constructor.
50			*
51			* @param \SimpleSAML\Configuration $config The configuration to use.
52			* @param \SimpleSAML\Session $session The current user session.
53			*/
54			public function __construct(Configuration $config, Session $session)
55			{
56			$this->config = $config;
57			$this->session = $session;
58			}
59
60
61			/**
62			* Inject the \SimpleSAML\Auth\State dependency.
63			*
64			* @param \SimpleSAML\Auth\State $authState
65			*/
66			public function setAuthState(Auth\State $authState): void
67			{
68			$this->authState = $authState;
69			}
70
71
72			/**
73			* Inject the \SimpleSAML\Logger dependency.
74			*
75			* @param \SimpleSAML\Logger $logger
76			*/
77			public function setLogger(Logger $logger): void
78			{
79			$this->logger = $logger;
80			}
81
82
83			/**
84			* Display consent form.
85			*
86			* @param \Symfony\Component\HttpFoundation\Request $request The current request.
87			*
88			* @return \SimpleSAML\XHTML\Template\|\SimpleSAML\HTTP\RunnableResponse
89			*/
90			public function getconsent(Request $request)
91			{
92			$this->logger::info('Consent - getconsent: Accessing consent interface');
93
94			$stateId = $request->query->get('StateId');
95			if ($stateId === null) {
96			throw new Error\BadRequest('Missing required StateId query parameter.');
97			}
98
99			$state = $this->authState::loadState($stateId, 'consent:request');
100
101			if (is_null($state)) {
102			throw new Error\NoState();
103			} elseif (array_key_exists('core:SP', $state)) {
104			$spentityid = $state['core:SP'];
105			} elseif (array_key_exists('saml:sp:State', $state)) {
106			$spentityid = $state['saml:sp:State']['core:SP'];
107			} else {
108			$spentityid = 'UNKNOWN';
109			}
110
111			// The user has pressed the yes-button
112			if ($request->query->get('yes') !== null) {
113			if ($request->query->get('saveconsent') !== null) {
114			$this->logger::stats('consentResponse remember');
115			} else {
116			$this->logger::stats('consentResponse rememberNot');
117			}
118
119			$statsInfo = [
120			'remember' => $request->query->get('saveconsent'),
121			];
122			if (isset($state['Destination']['entityid'])) {
123			$statsInfo['spEntityID'] = $state['Destination']['entityid'];
124			}
125			Stats::log('consent:accept', $statsInfo);
126
127			if (
128			array_key_exists('consent:store', $state)
129			&& $request->query->get('saveconsent') === '1'
130			) {
131			// Save consent
132			$store = $state['consent:store'];
133			$userId = $state['consent:store.userId'];
134			$targetedId = $state['consent:store.destination'];
135			$attributeSet = $state['consent:store.attributeSet'];
136
137			$this->logger::debug(
138			'Consent - saveConsent() : [' . $userId . '\|' . $targetedId . '\|' . $attributeSet . ']',
139			);
140			try {
141			$store->saveConsent($userId, $targetedId, $attributeSet);
142			} catch (Exception $e) {
143			$this->logger::error('Consent: Error writing to storage: ' . $e->getMessage());
144			}
145			}
146
147			return new RunnableResponse([Auth\ProcessingChain::class, 'resumeProcessing'], [$state]);
148			}
149
150			// Prepare attributes for presentation
151			$attributes = $state['Attributes'];
152			$noconsentattributes = $state['consent:noconsentattributes'];
153
154			// Remove attributes that do not require consent
155			foreach ($attributes as $attrkey => $attrval) {
156			if (in_array($attrkey, $noconsentattributes, true)) {
157			unset($attributes[$attrkey]);
158			}
159			}
160			$para = [
161			'attributes' => &$attributes,
162			];
163
164			// Reorder attributes according to attributepresentation hooks
165			Module::callHooks('attributepresentation', $para);
166
167			// Unset the values for attributes that need to be hidden
168			if (array_key_exists('consent:hiddenAttributes', $state)) {
169			foreach ($state['consent:hiddenAttributes'] as $hidden) {
170			if (array_key_exists($hidden, $attributes)) {
171			$attributes[$hidden] = null;
172			}
173			}
174			}
175
176			// Make, populate and layout consent form
177			$t = new Template($this->config, 'consent:consentform.twig');
178			$l = $t->getLocalization();
179			$l->addAttributeDomains();
180			$t->data['attributes'] = $attributes;
181			$t->data['checked'] = $state['consent:checked'];
182			$t->data['stateId'] = $stateId;
183			$t->data['source'] = $state['Source'];
184			$t->data['destination'] = $state['Destination'];
185
186			if (isset($state['Destination']['description'])) {
187			$t->data['descr_purpose'] = $state['Destination']['description'];
188			} elseif (isset($state['Destination']['UIInfo']['Description'])) {
189			$t->data['descr_purpose'] = $state['Destination']['UIInfo']['Description'];
190			}
191
192			// Fetch privacy policy
193			if (
194			array_key_exists('UIInfo', $state['Destination']) &&
195			array_key_exists('PrivacyStatementURL', $state['Destination']['UIInfo']) &&
196			(!empty($state['Destination']['UIInfo']['PrivacyStatementURL']))
197			) {
198			$privacypolicy = reset($state['Destination']['UIInfo']['PrivacyStatementURL']);
199			} elseif (
200			array_key_exists('UIInfo', $state['Source']) &&
201			array_key_exists('PrivacyStatementURL', $state['Source']['UIInfo']) &&
202			(!empty($state['Source']['UIInfo']['PrivacyStatementURL']))
203			) {
204			$privacypolicy = reset($state['Source']['UIInfo']['PrivacyStatementURL']);
205			} else {
206			$privacypolicy = false;
207			}
208			if ($privacypolicy !== false) {
209			$privacypolicy = str_replace(
210			'%SPENTITYID%',
211			urlencode($spentityid),
212			$privacypolicy,
213			);
214			}
215			$t->data['sppp'] = $privacypolicy;
216
217			// Set focus element
218			switch ($state['consent:focus']) {
219			case 'yes':
220			$t->data['autofocus'] = 'yesbutton';
221			break;
222			case 'no':
223			$t->data['autofocus'] = 'nobutton';
224			break;
225			case null:
226			default:
227			break;
228			}
229
230			$t->data['usestorage'] = array_key_exists('consent:store', $state);
231
232			return $t;
233			}
234
235
236			/**
237			* @param \Symfony\Component\HttpFoundation\Request $request The current request.
238			*
239			* @return \SimpleSAML\XHTML\Template
240			*/
241			public function noconsent(Request $request): Template
242			{
243			$stateId = $request->query->get('StateId');
244			if ($stateId === null) {
245			throw new Error\BadRequest('Missing required StateId query parameter.');
246			}
247
248			$state = $this->authState::loadState($stateId, 'consent:request');
249			if (is_null($state)) {
250			throw new Error\NoState();
251			}
252
253			$resumeFrom = Module::getModuleURL(
254			'consent/getconsent',
255			['StateId' => $stateId],
256			);
257
258			$logoutLink = Module::getModuleURL(
259			'consent/logout',
260			['StateId' => $stateId],
261			);
262
263			$aboutService = null;
264			if (!isset($state['consent:showNoConsentAboutService']) \|\| $state['consent:showNoConsentAboutService']) {
265			if (isset($state['Destination']['UIInfo']['InformationURL'])) {
266			$aboutService = reset($state['Destination']['UIInfo']['InformationURL']);
267			}
268			}
269
270			$statsInfo = [];
271			if (isset($state['Destination']['entityid'])) {
272			$statsInfo['spEntityID'] = $state['Destination']['entityid'];
273			}
274			Stats::log('consent:reject', $statsInfo);
275
276			$t = new Template($this->config, 'consent:noconsent.twig');
277			$t->data['dstMetadata'] = $state['Destination'];
278			$t->data['resumeFrom'] = $resumeFrom;
279			$t->data['aboutService'] = $aboutService;
280			$t->data['logoutLink'] = $logoutLink;
281			return $t;
282			}
283
284
285			/**
286			* @param \Symfony\Component\HttpFoundation\Request $request The current request.
287			*
288			* @return \SimpleSAML\HTTP\RunnableResponse
289			*/
290			public function logout(Request $request): RunnableResponse
291			{
292			$stateId = $request->query->get('StateId', null);
293			if ($stateId === null) {
294			throw new Error\BadRequest('Missing required StateId query parameter.');
295			}
296
297			$state = $this->authState::loadState($stateId, 'consent:request');
298			if (is_null($state)) {
299			throw new Error\NoState();
300			}
301			$state['Responder'] = ['\SimpleSAML\Module\consent\Logout', 'postLogout'];
302
303			$idp = IdP::getByState($state);
304			return new RunnableResponse([$idp, 'handleLogoutRequest'], [&$state, $stateId]);
305			}
306
307
308			/**
309			* @return \SimpleSAML\XHTML\Template
310			*/
311			public function logoutcompleted(): Template
312			{
313			return new Template($this->config, 'consent:logout_completed.twig');
314			}
315			}
316

simplesamlphp / simplesamlphp-module-consent

ConsentController A last analyzed 2025-04-16 20:51 UTC

Complexity

Size/Duplication

Importance

7 Methods

How to fix Complexity

Complex Class

Duplication Side-by-Side

Filter issues like

ConsentController A
last analyzed 2025-04-16 20:51 UTC