SslCertificate - Code Metrics - Inspection of "Expose the remote address that served the certific..." - spatie/ssl-certificate - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 4fdfe3...3b1798 )

by Freek

created 2019-09-30 20:33 UTC

SslCertificate B

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	265
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	4

Importance

Changes

Metric	Value
dl	0
loc	265
rs	8.64
c	0
b	0
f	0
wmc	47
lcom	1
cbo	4

27 Methods

Rating	Name	Size	Complexity
A	download()	4	1
A	createForHostName()	4	1
A	__construct()	14	1
A	getRawCertificateFields()	4	1
A	getIssuer()	4	1
A	getDomain()	16	4
A	getSignatureAlgorithm()	4	1
A	getFingerprint()	4	1
A	getFingerprintSha256()	4	1
A	getAdditionalDomains()	8	1
A	validFromDate()	4	1
A	expirationDate()	4	1
A	isExpired()	4	1
A	isValid()	12	3
A	isSelfSigned()	4	1
A	usesSha1Hash()	14	3
A	isValidUntil()	8	2
A	daysUntilExpirationDate()	8	1
A	getDomains()	8	1
A	appliesToUrl()	23	5
A	wildcardHostCoversHost()	20	4
A	getRawCertificateFieldsJson()	4	1
A	getHash()	4	1
A	getRemoteAddress()	4	1
A	__toString()	4	1
A	containsDomain()	16	4
A	isPreCertificate()	12	3

How to fix Complexity

<?php

namespace Spatie\SslCertificate;

use Carbon\Carbon;
use Spatie\Macroable\Macroable;

class SslCertificate
{
    use Macroable;

    /** @var array */
    protected $rawCertificateFields = [];

    /** @var string */
    protected $fingerprint = '';

    /** @var string */
    private $fingerprintSha256 = '';

    /** @var string */
    private $remoteAddress = '';

    public static function download(): Downloader
    {
        return new Downloader();
    }

    public static function createForHostName(string $url, int $timeout = 30): self
    {
        return Downloader::downloadCertificateFromUrl($url, $timeout);
    }

    public function __construct(
        array $rawCertificateFields,
        string $fingerprint = '',
        string $fingerprintSha256 = '',
        string $remoteAddress = '')
    {
        $this->rawCertificateFields = $rawCertificateFields;

        $this->fingerprint = $fingerprint;

        $this->fingerprintSha256 = $fingerprintSha256;

        $this->remoteAddress = $remoteAddress;
    }

    public function getRawCertificateFields(): array
    {
        return $this->rawCertificateFields;
    }

    public function getIssuer(): string
    {
        return $this->rawCertificateFields['issuer']['CN'] ?? '';
    }

    public function getDomain(): string
    {
        if (! array_key_exists('CN', $this->rawCertificateFields['subject'])) {
            return '';
        }

        if (is_string($this->rawCertificateFields['subject']['CN'])) {
            return $this->rawCertificateFields['subject']['CN'];
        }

        if (is_array($this->rawCertificateFields['subject']['CN'])) {
            return $this->rawCertificateFields['subject']['CN'][0];
        }

        return '';
    }

    public function getSignatureAlgorithm(): string
    {
        return $this->rawCertificateFields['signatureTypeSN'] ?? '';
    }

    public function getFingerprint(): string
    {
        return $this->fingerprint;
    }

    /**
     * @return string
     */
    public function getFingerprintSha256(): string
    {
        return $this->fingerprintSha256;
    }

    public function getAdditionalDomains(): array
    {
        $additionalDomains = explode(', ', $this->rawCertificateFields['extensions']['subjectAltName'] ?? '');

        return array_map(function (string $domain) {
            return str_replace('DNS:', '', $domain);
        }, $additionalDomains);
    }

    public function validFromDate(): Carbon
    {
        return Carbon::createFromTimestampUTC($this->rawCertificateFields['validFrom_time_t']);
    }

    public function expirationDate(): Carbon
    {
        return Carbon::createFromTimestampUTC($this->rawCertificateFields['validTo_time_t']);
    }

    public function isExpired(): bool
    {
        return $this->expirationDate()->isPast();
    }

    public function isValid(string $url = null)
    {
        if (! Carbon::now()->between($this->validFromDate(), $this->expirationDate())) {
            return false;
        }

        if (! empty($url)) {
            return $this->appliesToUrl($url ?? $this->getDomain());
        }

        return true;
    }

    public function isSelfSigned(): bool
    {
        return $this->getIssuer() === $this->getDomain();
    }

    public function usesSha1Hash(): bool
    {
        $certificateFields = $this->getRawCertificateFields();

        if ($certificateFields['signatureTypeSN'] === 'RSA-SHA1') {
            return true;
        }

        if ($certificateFields['signatureTypeLN'] === 'sha1WithRSAEncryption') {
            return true;
        }

        return false;
    }

    public function isValidUntil(Carbon $carbon, string $url = null): bool
    {
        if ($this->expirationDate()->lte($carbon)) {
            return false;
        }

        return $this->isValid($url);
    }

    public function daysUntilExpirationDate(): int
    {
        $endDate = $this->expirationDate();

        $interval = Carbon::now()->diff($endDate);

        return (int) $interval->format('%r%a');
    }

    public function getDomains(): array
    {
        $allDomains = $this->getAdditionalDomains();
        $allDomains[] = $this->getDomain();
        $uniqueDomains = array_unique($allDomains);

        return array_values(array_filter($uniqueDomains));
    }

    public function appliesToUrl(string $url): bool
    {
        if (filter_var($url, FILTER_VALIDATE_IP)) {
            $host = $url;
        } else {
            $host = (new Url($url))->getHostName();
        }

        $certificateHosts = $this->getDomains();

        foreach ($certificateHosts as $certificateHost) {
            $certificateHost = str_replace('ip address:', '', strtolower($certificateHost));
            if ($host === $certificateHost) {
                return true;
            }

            if ($this->wildcardHostCoversHost($certificateHost, $host)) {
                return true;
            }
        }

        return false;
    }

    protected function wildcardHostCoversHost(string $wildcardHost, string $host): bool
    {
        if ($host === $wildcardHost) {
            return true;
        }

        if (! starts_with($wildcardHost, '*')) {
            return false;
        }

        if (substr_count($wildcardHost, '.') < substr_count($host, '.')) {
            return false;
        }

        $wildcardHostWithoutWildcard = substr($wildcardHost, 1);

        $hostWithDottedPrefix = ".{$host}";

        return ends_with($hostWithDottedPrefix, $wildcardHostWithoutWildcard);
    }

    public function getRawCertificateFieldsJson(): string
    {
        return json_encode($this->getRawCertificateFields());
    }

    public function getHash(): string
    {
        return md5($this->getRawCertificateFieldsJson());
    }

    public function getRemoteAddress(): string
    {
        return $this->remoteAddress;
    }

    public function __toString(): string
    {
        return $this->getRawCertificateFieldsJson();
    }

    public function containsDomain(string $domain): bool
    {
        $certificateHosts = $this->getDomains();

        foreach ($certificateHosts as $certificateHost) {
            if ($certificateHost == $domain) {
                return true;
            }

            if (ends_with($domain, '.'.$certificateHost)) {
                return true;
            }
        }

        return false;
    }

    public function isPreCertificate(): bool
    {
        if (! array_key_exists('extensions', $this->rawCertificateFields)) {
            return false;
        }

        if (! array_key_exists('ct_precert_poison', $this->rawCertificateFields['extensions'])) {
            return false;
        }

        return true;
    }
}


GitHub Access Token became invalid

Push — master ( 4fdfe3...3b1798 )

SslCertificate B

Complexity

Size/Duplication

Coupling/Cohesion

Importance

27 Methods

How to fix Complexity

Complex Class

1			<?php
2
3			namespace Spatie\SslCertificate;
4
5			use Carbon\Carbon;
6			use Spatie\Macroable\Macroable;
7
8			class SslCertificate
9			{
10			use Macroable;
11
12			/** @var array */
13			protected $rawCertificateFields = [];
14
15			/** @var string */
16			protected $fingerprint = '';
17
18			/** @var string */
19			private $fingerprintSha256 = '';
20
21			/** @var string */
22			private $remoteAddress = '';
23
24			public static function download(): Downloader
25			{
26			return new Downloader();
27			}
28
29			public static function createForHostName(string $url, int $timeout = 30): self
30			{
31			return Downloader::downloadCertificateFromUrl($url, $timeout);
32			}
33
34			public function __construct(
35			array $rawCertificateFields,
36			string $fingerprint = '',
37			string $fingerprintSha256 = '',
38			string $remoteAddress = '')
39			{
40			$this->rawCertificateFields = $rawCertificateFields;
41
42			$this->fingerprint = $fingerprint;
43
44			$this->fingerprintSha256 = $fingerprintSha256;
45
46			$this->remoteAddress = $remoteAddress;
47			}
48
49			public function getRawCertificateFields(): array
50			{
51			return $this->rawCertificateFields;
52			}
53
54			public function getIssuer(): string
55			{
56			return $this->rawCertificateFields['issuer']['CN'] ?? '';
57			}
58
59			public function getDomain(): string
60			{
61			if (! array_key_exists('CN', $this->rawCertificateFields['subject'])) {
62			return '';
63			}
64
65			if (is_string($this->rawCertificateFields['subject']['CN'])) {
66			return $this->rawCertificateFields['subject']['CN'];
67			}
68
69			if (is_array($this->rawCertificateFields['subject']['CN'])) {
70			return $this->rawCertificateFields['subject']['CN'][0];
71			}
72
73			return '';
74			}
75
76			public function getSignatureAlgorithm(): string
77			{
78			return $this->rawCertificateFields['signatureTypeSN'] ?? '';
79			}
80
81			public function getFingerprint(): string
82			{
83			return $this->fingerprint;
84			}
85
86			/**
87			* @return string
88			*/
89			public function getFingerprintSha256(): string
90			{
91			return $this->fingerprintSha256;
92			}
93
94			public function getAdditionalDomains(): array
95			{
96			$additionalDomains = explode(', ', $this->rawCertificateFields['extensions']['subjectAltName'] ?? '');
97
98			return array_map(function (string $domain) {
99			return str_replace('DNS:', '', $domain);
100			}, $additionalDomains);
101			}
102
103			public function validFromDate(): Carbon
104			{
105			return Carbon::createFromTimestampUTC($this->rawCertificateFields['validFrom_time_t']);
106			}
107
108			public function expirationDate(): Carbon
109			{
110			return Carbon::createFromTimestampUTC($this->rawCertificateFields['validTo_time_t']);
111			}
112
113			public function isExpired(): bool
114			{
115			return $this->expirationDate()->isPast();
116			}
117
118			public function isValid(string $url = null)
119			{
120			if (! Carbon::now()->between($this->validFromDate(), $this->expirationDate())) {
121			return false;
122			}
123
124			if (! empty($url)) {
125			return $this->appliesToUrl($url ?? $this->getDomain());
126			}
127
128			return true;
129			}
130
131			public function isSelfSigned(): bool
132			{
133			return $this->getIssuer() === $this->getDomain();
134			}
135
136			public function usesSha1Hash(): bool
137			{
138			$certificateFields = $this->getRawCertificateFields();
139
140			if ($certificateFields['signatureTypeSN'] === 'RSA-SHA1') {
141			return true;
142			}
143
144			if ($certificateFields['signatureTypeLN'] === 'sha1WithRSAEncryption') {
145			return true;
146			}
147
148			return false;
149			}
150
151			public function isValidUntil(Carbon $carbon, string $url = null): bool
152			{
153			if ($this->expirationDate()->lte($carbon)) {
154			return false;
155			}
156
157			return $this->isValid($url);
158			}
159
160			public function daysUntilExpirationDate(): int
161			{
162			$endDate = $this->expirationDate();
163
164			$interval = Carbon::now()->diff($endDate);
165
166			return (int) $interval->format('%r%a');
167			}
168
169			public function getDomains(): array
170			{
171			$allDomains = $this->getAdditionalDomains();
172			$allDomains[] = $this->getDomain();
173			$uniqueDomains = array_unique($allDomains);
174
175			return array_values(array_filter($uniqueDomains));
176			}
177
178			public function appliesToUrl(string $url): bool
179			{
180			if (filter_var($url, FILTER_VALIDATE_IP)) {
181			$host = $url;
182			} else {
183			$host = (new Url($url))->getHostName();
184			}
185
186			$certificateHosts = $this->getDomains();
187
188			foreach ($certificateHosts as $certificateHost) {
189			$certificateHost = str_replace('ip address:', '', strtolower($certificateHost));
190			if ($host === $certificateHost) {
191			return true;
192			}
193
194			if ($this->wildcardHostCoversHost($certificateHost, $host)) {
195			return true;
196			}
197			}
198
199			return false;
200			}
201
202			protected function wildcardHostCoversHost(string $wildcardHost, string $host): bool
203			{
204			if ($host === $wildcardHost) {
205			return true;
206			}
207
208			if (! starts_with($wildcardHost, '*')) {
209			return false;
210			}
211
212			if (substr_count($wildcardHost, '.') < substr_count($host, '.')) {
213			return false;
214			}
215
216			$wildcardHostWithoutWildcard = substr($wildcardHost, 1);
217
218			$hostWithDottedPrefix = ".{$host}";
219
220			return ends_with($hostWithDottedPrefix, $wildcardHostWithoutWildcard);
221			}
222
223			public function getRawCertificateFieldsJson(): string
224			{
225			return json_encode($this->getRawCertificateFields());
226			}
227
228			public function getHash(): string
229			{
230			return md5($this->getRawCertificateFieldsJson());
231			}
232
233			public function getRemoteAddress(): string
234			{
235			return $this->remoteAddress;
236			}
237
238			public function __toString(): string
239			{
240			return $this->getRawCertificateFieldsJson();
241			}
242
243			public function containsDomain(string $domain): bool
244			{
245			$certificateHosts = $this->getDomains();
246
247			foreach ($certificateHosts as $certificateHost) {
248			if ($certificateHost == $domain) {
249			return true;
250			}
251
252			if (ends_with($domain, '.'.$certificateHost)) {
253			return true;
254			}
255			}
256
257			return false;
258			}
259
260			public function isPreCertificate(): bool
261			{
262			if (! array_key_exists('extensions', $this->rawCertificateFields)) {
263			return false;
264			}
265
266			if (! array_key_exists('ct_precert_poison', $this->rawCertificateFields['extensions'])) {
267			return false;
268			}
269
270			return true;
271			}
272			}
273

spatie / ssl-certificate

GitHub Access Token became invalid

Push — master ( 4fdfe3...3b1798 )

SslCertificate B

Complexity

Size/Duplication

Coupling/Cohesion

Importance

27 Methods

How to fix Complexity

Complex Class

Duplication Side-by-Side

Filter issues like