AuthController::authenticateAction() - Code Metrics - Inspection of "Merge tag 'v1.1.0' into 1.0" - superdesk/web-publisher - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — 1.0 ( 046da8...d5bf3f )

by Paweł

created 2017-07-19 13:37 UTC

AuthController::authenticateAction() B

↳ Parent: AuthController

Complexity

Conditions	5
Paths	7

Size

Total Lines	24
Code Lines	16

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	24
rs	8.5125
c	0
b	0
f	0
cc	5
eloc	16
nc	7
nop	1

<?php

/*
 * This file is part of the Superdesk Web Publisher Core Bundle.
 *
 * Copyright 2016 Sourcefabric z.ú. and contributors.
 *
 * For the full copyright and license information, please see the
 * AUTHORS and LICENSE files distributed with this source code.
 *
 * @copyright 2016 Sourcefabric z.ú
 * @license http://www.superdesk.org/license
 */

namespace SWP\Bundle\CoreBundle\Controller;

use GuzzleHttp;
use Nelmio\ApiDocBundle\Annotation\ApiDoc;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use SWP\Bundle\CoreBundle\Form\Type\SuperdeskCredentialAuthenticationType;
use SWP\Bundle\CoreBundle\Form\Type\UserAuthenticationType;
use SWP\Bundle\CoreBundle\Model\UserInterface;
use SWP\Component\Common\Response\ResponseContext;
use SWP\Component\Common\Response\SingleResourceResponse;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;

class AuthController extends Controller
{
    /**
     * Look for user matching provided credentials.
     *
     * @ApiDoc(
     *     resource=true,
     *     description="Look for user matching provided credentials",
     *     statusCodes={
     *         200="Returned on success.",
     *         401="No user found or not authorized."
     *     },
     *     input="SWP\Bundle\CoreBundle\Form\Type\UserAuthenticationType"
     * )
     * @Route("/api/{version}/auth/", options={"expose"=true}, defaults={"version"="v1"}, name="swp_api_auth")
     * @Method("POST")
     */
    public function authenticateAction(Request $request)
    {
        $form = $this->createForm(UserAuthenticationType::class, []);
        $form->handleRequest($request);
        if ($form->isValid()) {
            $formData = $form->getData();
            try {
                $user = $this->get('swp.security.user_provider')->loadUserByUsername($formData['username']);
            } catch (UsernameNotFoundException $e) {
                $user = null;
            }

            if (null !== $user) {
                if ($this->get('security.password_encoder')->isPasswordValid($user, $formData['password'])) {
                    return $this->getApiToken($user, null);
                }
            }
        }

        return new SingleResourceResponse([
            'status' => 401,
            'message' => 'Unauthorized',
        ], new ResponseContext(401));
    }

    /**
     * Ask Superdesk server for user with those credentials and tries to authorize.
     *
     * @ApiDoc(
     *     resource=true,
     *     description="Authorize using Superdesk credentials",
     *     statusCodes={
     *         200="Returned on success.",
     *         401="No user found or not authorized."
     *     },
     *     input="SWP\Bundle\CoreBundle\Form\Type\SuperdeskCredentialAuthenticationType"
     * )
     * @Route("/api/{version}/auth/superdesk/", options={"expose"=true}, defaults={"version"="v1"}, name="swp_api_auth_superdesk")
     * @Method("POST")
     */
    public function authenticateWithSuperdeskAction(Request $request)
    {
        $form = $this->createForm(SuperdeskCredentialAuthenticationType::class, []);
        $form->handleRequest($request);
        if ($form->isValid()) {
            $formData = $form->getData();
            $authorizedSuperdeskHosts = $this->container->getParameter('superdesk_servers');
            $superdeskUser = null;
            $client = new GuzzleHttp\Client();

            foreach ($authorizedSuperdeskHosts as $baseUrl) {
                try {
                    $apiRequest = new GuzzleHttp\Psr7\Request('GET', sprintf('%s/api/sessions/%s', $baseUrl, $formData['session_id']), [
                        'Authorization' => $formData['token'],
                    ]);
                    $apiResponse = $client->send($apiRequest);
                } catch (GuzzleHttp\Exception\ClientException $e) {
                    if ($e->getResponse()->getStatusCode() !== 200) {
                        continue;
                    }
                }

                if ($apiResponse->getStatusCode() !== 200) {
function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;

        case 'bar':
            $x = 2;
            break;
    }

    // $x is potentially undefined here.
    echo $x;
}
                    continue;
                }

                $content = json_decode($apiResponse->getBody()->getContents(), true);
                if (is_array($content) && array_key_exists('user', $content)) {
                    $superdeskUser = $content['user'];

                    break;
                }
            }

            if (null == $superdeskUser) {
                return new SingleResourceResponse([
                    'status' => 401,
                    'message' => 'Unauthorized (user not found in Superdesk)',
                ], new ResponseContext(401));
            }

            $userProvider = $this->get('swp.security.user_provider');
            $publisherUser = $userProvider->findOneByEmail($superdeskUser['email']);
            if (null === $publisherUser) {
                try {
                    $publisherUser = $userProvider->loadUserByUsername($superdeskUser['username']);
                } catch (UsernameNotFoundException $e) {
                    $publisherUser = null;
                }
            }

            if (null === $publisherUser) {
                $userManager = $this->get('fos_user.user_manager');
                /** @var UserInterface $publisherUser */
                $publisherUser = $userManager->createUser();
                $publisherUser->setUsername($superdeskUser['username']);
                $publisherUser->setEmail($superdeskUser['email']);
                $publisherUser->setRoles(['ROLE_INTERNAL_API', 'ROLE_USER']);
                $publisherUser->setFirstName($superdeskUser['first_name']);
                $publisherUser->setLastName($superdeskUser['last_name']);
                $publisherUser->setPlainPassword(password_hash(random_bytes(36), PASSWORD_BCRYPT));
                $publisherUser->setEnabled(true);
                $userManager->updateUser($publisherUser);
            }

            if (null !== $publisherUser) {
                return $this->getApiToken($publisherUser, str_replace('Basic ', '', $formData['token']));
            }
        }

        return new SingleResourceResponse([
            'status' => 401,
            'message' => 'Unauthorized',
        ], new ResponseContext(401));
    }

    private function getApiToken($user, $token)
    {
        $apiKey = null;
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
        $apiKeyRepository = $this->get('swp.repository.api_key');
        if (null !== $token) {
            $apiKey = $apiKeyRepository
                ->getValidToken($token)
                ->getQuery()
                ->getOneOrNullResult();
        } else {
            $apiKey = $apiKeyRepository->getValidTokenForUser($user)->getQuery()->getOneOrNullResult();
        }

        if (null === $apiKey) {
            $apiKey = $this->get('swp.factory.api_key')->create($user, $token);
            $apiKeyRepository->add($apiKey);
        }

        return new SingleResourceResponse([
            'token' => [
                'api_key' => $apiKey->getApiKey(),
                'valid_to' => $apiKey->getValidTo(),
            ],
            'user' => $user,
        ]);
    }
}


1			<?php
2
3			/*
4			* This file is part of the Superdesk Web Publisher Core Bundle.
5			*
6			* Copyright 2016 Sourcefabric z.ú. and contributors.
7			*
8			* For the full copyright and license information, please see the
9			* AUTHORS and LICENSE files distributed with this source code.
10			*
11			* @copyright 2016 Sourcefabric z.ú
12			* @license http://www.superdesk.org/license
13			*/
14
15			namespace SWP\Bundle\CoreBundle\Controller;
16
17			use GuzzleHttp;
18			use Nelmio\ApiDocBundle\Annotation\ApiDoc;
19			use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
20			use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
21			use SWP\Bundle\CoreBundle\Form\Type\SuperdeskCredentialAuthenticationType;
22			use SWP\Bundle\CoreBundle\Form\Type\UserAuthenticationType;
23			use SWP\Bundle\CoreBundle\Model\UserInterface;
24			use SWP\Component\Common\Response\ResponseContext;
25			use SWP\Component\Common\Response\SingleResourceResponse;
26			use Symfony\Bundle\FrameworkBundle\Controller\Controller;
27			use Symfony\Component\HttpFoundation\Request;
28			use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
29
30			class AuthController extends Controller
31			{
32			/**
33			* Look for user matching provided credentials.
34			*
35			* @ApiDoc(
36			* resource=true,
37			* description="Look for user matching provided credentials",
38			* statusCodes={
39			* 200="Returned on success.",
40			* 401="No user found or not authorized."
41			* },
42			* input="SWP\Bundle\CoreBundle\Form\Type\UserAuthenticationType"
43			* )
44			* @Route("/api/{version}/auth/", options={"expose"=true}, defaults={"version"="v1"}, name="swp_api_auth")
45			* @Method("POST")
46			*/
47			public function authenticateAction(Request $request)
48			{
49			$form = $this->createForm(UserAuthenticationType::class, []);
50			$form->handleRequest($request);
51			if ($form->isValid()) {
52			$formData = $form->getData();
53			try {
54			$user = $this->get('swp.security.user_provider')->loadUserByUsername($formData['username']);
55			} catch (UsernameNotFoundException $e) {
56			$user = null;
57			}
58
59			if (null !== $user) {
60			if ($this->get('security.password_encoder')->isPasswordValid($user, $formData['password'])) {
61			return $this->getApiToken($user, null);
62			}
63			}
64			}
65
66			return new SingleResourceResponse([
67			'status' => 401,
68			'message' => 'Unauthorized',
69			], new ResponseContext(401));
70			}
71
72			/**
73			* Ask Superdesk server for user with those credentials and tries to authorize.
74			*
75			* @ApiDoc(
76			* resource=true,
77			* description="Authorize using Superdesk credentials",
78			* statusCodes={
79			* 200="Returned on success.",
80			* 401="No user found or not authorized."
81			* },
82			* input="SWP\Bundle\CoreBundle\Form\Type\SuperdeskCredentialAuthenticationType"
83			* )
84			* @Route("/api/{version}/auth/superdesk/", options={"expose"=true}, defaults={"version"="v1"}, name="swp_api_auth_superdesk")
85			* @Method("POST")
86			*/
87			public function authenticateWithSuperdeskAction(Request $request)
88			{
89			$form = $this->createForm(SuperdeskCredentialAuthenticationType::class, []);
90			$form->handleRequest($request);
91			if ($form->isValid()) {
92			$formData = $form->getData();
93			$authorizedSuperdeskHosts = $this->container->getParameter('superdesk_servers');
94			$superdeskUser = null;
95			$client = new GuzzleHttp\Client();
96
97			foreach ($authorizedSuperdeskHosts as $baseUrl) {
98			try {
99			$apiRequest = new GuzzleHttp\Psr7\Request('GET', sprintf('%s/api/sessions/%s', $baseUrl, $formData['session_id']), [
100			'Authorization' => $formData['token'],
101			]);
102			$apiResponse = $client->send($apiRequest);
103			} catch (GuzzleHttp\Exception\ClientException $e) {
104			if ($e->getResponse()->getStatusCode() !== 200) {
105			continue;
106			}
107			}
108
109			if ($apiResponse->getStatusCode() !== 200) {
			0 ignored issues – show Bug introduced 2017-06-09 08:54 UTC by Report Bug Copy Issue Report The variable `$apiResponse` does not seem to be defined for all execution paths leading up to this point. If you define a variable conditionally, it can happen that it is not defined for all execution paths. Let’s take a look at an example: function myFunction($a) { switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; } // $x is potentially undefined here. echo $x; } In the above example, the variable `$x` is defined if you pass “foo” or “bar” as argument for `$a`. However, since the `switch` statement has no default case statement, if you pass any other value, the variable `$x` would be undefined. Available Fixes Check for existence of the variable explicitly: function myFunction($a) { switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; } if (isset($x)) { // Make sure it's always set. echo $x; } } Define a default value for the variable: function myFunction($a) { $x = ''; // Set a default which gets overridden for certain paths. switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; } echo $x; } Add a value for the missing path: function myFunction($a) { switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; // We add support for the missing case. default: $x = ''; break; } echo $x; } Loading history...
110			continue;
111			}
112
113			$content = json_decode($apiResponse->getBody()->getContents(), true);
114			if (is_array($content) && array_key_exists('user', $content)) {
115			$superdeskUser = $content['user'];
116
117			break;
118			}
119			}
120
121			if (null == $superdeskUser) {
122			return new SingleResourceResponse([
123			'status' => 401,
124			'message' => 'Unauthorized (user not found in Superdesk)',
125			], new ResponseContext(401));
126			}
127
128			$userProvider = $this->get('swp.security.user_provider');
129			$publisherUser = $userProvider->findOneByEmail($superdeskUser['email']);
130			if (null === $publisherUser) {
131			try {
132			$publisherUser = $userProvider->loadUserByUsername($superdeskUser['username']);
133			} catch (UsernameNotFoundException $e) {
134			$publisherUser = null;
135			}
136			}
137
138			if (null === $publisherUser) {
139			$userManager = $this->get('fos_user.user_manager');
140			/** @var UserInterface $publisherUser */
141			$publisherUser = $userManager->createUser();
142			$publisherUser->setUsername($superdeskUser['username']);
143			$publisherUser->setEmail($superdeskUser['email']);
144			$publisherUser->setRoles(['ROLE_INTERNAL_API', 'ROLE_USER']);
145			$publisherUser->setFirstName($superdeskUser['first_name']);
146			$publisherUser->setLastName($superdeskUser['last_name']);
147			$publisherUser->setPlainPassword(password_hash(random_bytes(36), PASSWORD_BCRYPT));
148			$publisherUser->setEnabled(true);
149			$userManager->updateUser($publisherUser);
150			}
151
152			if (null !== $publisherUser) {
153			return $this->getApiToken($publisherUser, str_replace('Basic ', '', $formData['token']));
154			}
155			}
156
157			return new SingleResourceResponse([
158			'status' => 401,
159			'message' => 'Unauthorized',
160			], new ResponseContext(401));
161			}
162
163			private function getApiToken($user, $token)
164			{
165			$apiKey = null;
			0 ignored issues – show Unused Code introduced 2017-02-28 10:51 UTC by Report Bug Copy Issue Report `$apiKey` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
166			$apiKeyRepository = $this->get('swp.repository.api_key');
167			if (null !== $token) {
168			$apiKey = $apiKeyRepository
169			->getValidToken($token)
170			->getQuery()
171			->getOneOrNullResult();
172			} else {
173			$apiKey = $apiKeyRepository->getValidTokenForUser($user)->getQuery()->getOneOrNullResult();
174			}
175
176			if (null === $apiKey) {
177			$apiKey = $this->get('swp.factory.api_key')->create($user, $token);
178			$apiKeyRepository->add($apiKey);
179			}
180
181			return new SingleResourceResponse([
182			'token' => [
183			'api_key' => $apiKey->getApiKey(),
184			'valid_to' => $apiKey->getValidTo(),
185			],
186			'user' => $user,
187			]);
188			}
189			}
190

superdesk / web-publisher

Push — 1.0 ( 046da8...d5bf3f )

AuthController::authenticateAction() B

Complexity

Size

Duplication

Importance

Available Fixes

Duplication Side-by-Side

Filter issues like