simplesamlphp /
simplesamlphp-module-exampleattributeserver
| Conditions | 9 |
| Paths | 6 |
| Total Lines | 96 |
| Code Lines | 62 |
| Lines | 0 |
| Ratio | 0 % |
| Changes | 0 | ||
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
| 1 | <?php |
||
| 68 | public function main(/** @scrutinizer ignore-unused */ Request $request): RunnableResponse |
||
| 69 | { |
||
| 70 | $binding = Binding::getCurrentBinding(); |
||
| 71 | $query = $binding->receive(); |
||
| 72 | if (!($query instanceof AttributeQuery)) { |
||
| 73 | throw new Error\BadRequest('Invalid message received to AttributeQuery endpoint.'); |
||
| 74 | } |
||
| 75 | |||
| 76 | $idpEntityId = $this->metadataHandler->getMetaDataCurrentEntityID('saml20-idp-hosted'); |
||
|
|
|||
| 77 | |||
| 78 | $issuer = $query->getIssuer(); |
||
| 79 | if ($issuer === null) { |
||
| 80 | throw new Error\BadRequest('Missing <saml:Issuer> in <samlp:AttributeQuery>.'); |
||
| 81 | } else { |
||
| 82 | $spEntityId = $issuer->getValue(); |
||
| 83 | if ($spEntityId === '') { |
||
| 84 | throw new Error\BadRequest('Empty <saml:Issuer> in <samlp:AttributeQuery>.'); |
||
| 85 | } |
||
| 86 | } |
||
| 87 | |||
| 88 | $idpMetadata = $this->metadataHandler->getMetaDataConfig($idpEntityId, 'saml20-idp-hosted'); |
||
| 89 | $spMetadata = $this->metadataHandler->getMetaDataConfig($spEntityId, 'saml20-sp-remote'); |
||
| 90 | |||
| 91 | // The endpoint we should deliver the message to |
||
| 92 | $endpoint = $spMetadata->getString('testAttributeEndpoint'); |
||
| 93 | |||
| 94 | // The attributes we will return |
||
| 95 | $attributes = [ |
||
| 96 | 'name' => ['value1', 'value2', 'value3'], |
||
| 97 | 'test' => ['test'], |
||
| 98 | ]; |
||
| 99 | |||
| 100 | // The name format of the attributes |
||
| 101 | $attributeNameFormat = Constants::NAMEFORMAT_UNSPECIFIED; |
||
| 102 | |||
| 103 | // Determine which attributes we will return |
||
| 104 | $returnAttributes = array_keys($query->getAttributes()); |
||
| 105 | if (count($returnAttributes) === 0) { |
||
| 106 | Logger::debug('No attributes requested - return all attributes.'); |
||
| 107 | $returnAttributes = $attributes; |
||
| 108 | } elseif ($query->getAttributeNameFormat() !== $attributeNameFormat) { |
||
| 109 | Logger::debug('Requested attributes with wrong NameFormat - no attributes returned.'); |
||
| 110 | $returnAttributes = []; |
||
| 111 | } else { |
||
| 112 | /** @var array $values */ |
||
| 113 | foreach ($returnAttributes as $name => $values) { |
||
| 114 | if (!array_key_exists($name, $attributes)) { |
||
| 115 | // We don't have this attribute |
||
| 116 | unset($returnAttributes[$name]); |
||
| 117 | continue; |
||
| 118 | } |
||
| 119 | if (count($values) === 0) { |
||
| 120 | // Return all attributes |
||
| 121 | $returnAttributes[$name] = $attributes[$name]; |
||
| 122 | continue; |
||
| 123 | } |
||
| 124 | |||
| 125 | // Filter which attribute values we should return |
||
| 126 | $returnAttributes[$name] = array_intersect($values, $attributes[$name]); |
||
| 127 | } |
||
| 128 | } |
||
| 129 | |||
| 130 | // $returnAttributes contains the attributes we should return. Send them |
||
| 131 | $issuer = new Issuer(); |
||
| 132 | $issuer->setValue($idpEntityId); |
||
| 133 | |||
| 134 | $assertion = new Assertion(); |
||
| 135 | $assertion->setIssuer($issuer); |
||
| 136 | $assertion->setNameId($query->getNameId()); |
||
| 137 | $assertion->setNotBefore(time()); |
||
| 138 | $assertion->setNotOnOrAfter(time() + 300); // 60*5 = 5min |
||
| 139 | $assertion->setValidAudiences([$spEntityId]); |
||
| 140 | $assertion->setAttributes($returnAttributes); |
||
| 141 | $assertion->setAttributeNameFormat($attributeNameFormat); |
||
| 142 | |||
| 143 | $sc = new SubjectConfirmation(); |
||
| 144 | $sc->setMethod(Constants::CM_BEARER); |
||
| 145 | |||
| 146 | $scd = new SubjectConfirmationData(); |
||
| 147 | $scd->setNotOnOrAfter(time() + 300); // 60*5 = 5min |
||
| 148 | $scd->setRecipient($endpoint); |
||
| 149 | $scd->setInResponseTo($query->getId()); |
||
| 150 | $sc->setSubjectConfirmationData($scd); |
||
| 151 | $assertion->setSubjectConfirmation([$sc]); |
||
| 152 | |||
| 153 | Message::addSign($idpMetadata, $spMetadata, $assertion); |
||
| 154 | |||
| 155 | $response = new Response(); |
||
| 156 | $response->setRelayState($query->getRelayState()); |
||
| 157 | $response->setDestination($endpoint); |
||
| 158 | $response->setIssuer($issuer); |
||
| 159 | $response->setInResponseTo($query->getId()); |
||
| 160 | $response->setAssertions([$assertion]); |
||
| 161 | Message::addSign($idpMetadata, $spMetadata, $response); |
||
| 162 | |||
| 163 | return new RunnableResponse([new HTTPPost(), 'send'], [$response]); |
||
| 164 | } |
||
| 166 |
This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces.
This is most likely a typographical error or the method has been renamed.