AbstractSignatureReader::validateMulti() - Code Metrics - thephplab/lightsaml - Measure and Improve Code Quality continuously with Scrutinizer

AbstractSignatureReader::validateMulti() B
last analyzed 2020-07-28 16:14 UTC

↳ Parent: AbstractSignatureReader

Complexity

Conditions	7
Paths	9

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	8
CRAP Score	13.125

Importance

Changes

Metric	Value
dl	0
loc	31
c	0
b	0
f	0
ccs	8
cts	16
cp	0.5
rs	8.4906
cc	7
nc	9
nop	1
crap	13.125

<?php

/*
 * This file is part of the LightSAML-Core package.
 *
 * (c) Milos Tomic <[email protected]>
 *
 * This source file is subject to the MIT license that is bundled
 * with this source code in the file LICENSE.
 */

namespace LightSaml\Model\XmlDSig;

use LightSaml\Credential\CredentialInterface;
use LightSaml\Credential\KeyHelper;
use LightSaml\Error\LightSamlSecurityException;
use RobRichards\XMLSecLibs\XMLSecurityKey;

abstract class AbstractSignatureReader extends Signature
{
    /** @var XMLSecurityKey|null */
    protected $key;

    /**
     * @param XMLSecurityKey $key
     *
     * @return bool True if validated, False if validation was not performed
     *
     * @throws \LightSaml\Error\LightSamlSecurityException If validation fails
     */
    abstract public function validate(XMLSecurityKey $key);

    /**
     * @return XMLSecurityKey|null
     */
    public function getKey()
    {
        return $this->key;
    }

    /**
     * @param CredentialInterface[] $credentialCandidates
     *
     * @throws \InvalidArgumentException                   If element of $credentialCandidates array is not CredentialInterface
     * @throws \LightSaml\Error\LightSamlSecurityException If validation fails
     *
     * @return CredentialInterface|null Returns credential that validated the signature or null if validation was not performed
     */
    public function validateMulti(array $credentialCandidates)
    {
        $lastException = null;

        foreach ($credentialCandidates as $credential) {
            if (false == $credential instanceof CredentialInterface) {

                throw new \InvalidArgumentException('Expected CredentialInterface');
            }
            if (null == $credential->getPublicKey()) {
                continue;
            }

            try {
                $result = $this->validate($credential->getPublicKey());
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);

                if (false === $result) {
                    return null;
                }

                return $credential;
            } catch (LightSamlSecurityException $ex) {
                $lastException = $ex;
            }
        }

        if ($lastException) {
            throw $lastException;
        } else {
            throw new LightSamlSecurityException('No public key available for signature verification');
        }
    }

    /**
     * @return string
     */
    abstract public function getAlgorithm();

    /**
     * @param XMLSecurityKey $key
     *
     * @return XMLSecurityKey
     */
    protected function castKeyIfNecessary(XMLSecurityKey $key)
    {
        $algorithm = $this->getAlgorithm();

        if (!in_array($algorithm, [
            XMLSecurityKey::RSA_SHA1,
            XMLSecurityKey::RSA_SHA256,
            XMLSecurityKey::RSA_SHA384,
            XMLSecurityKey::RSA_SHA512,
        ])) {
            throw new LightSamlSecurityException(sprintf('Unsupported signing algorithm: "%s"', $algorithm));
        }

        if ($algorithm != $key->type) {
            $key = KeyHelper::castKey($key, $algorithm);
        }

        return $key;
    }
}


1		<?php
2
3		/*
4		* This file is part of the LightSAML-Core package.
5		*
6		* (c) Milos Tomic <[email protected]>
7		*
8		* This source file is subject to the MIT license that is bundled
9		* with this source code in the file LICENSE.
10		*/
11
12		namespace LightSaml\Model\XmlDSig;
13
14		use LightSaml\Credential\CredentialInterface;
15		use LightSaml\Credential\KeyHelper;
16		use LightSaml\Error\LightSamlSecurityException;
17		use RobRichards\XMLSecLibs\XMLSecurityKey;
18
19		abstract class AbstractSignatureReader extends Signature
20		{
21		/** @var XMLSecurityKey\|null */
22		protected $key;
23
24		/**
25		* @param XMLSecurityKey $key
26		*
27		* @return bool True if validated, False if validation was not performed
28		*
29		* @throws \LightSaml\Error\LightSamlSecurityException If validation fails
30		*/
31		abstract public function validate(XMLSecurityKey $key);
32
33		/**
34		* @return XMLSecurityKey\|null
35		*/
36	1	public function getKey()
37		{
38	1	return $this->key;
39		}
40
41		/**
42		* @param CredentialInterface[] $credentialCandidates
43		*
44		* @throws \InvalidArgumentException If element of $credentialCandidates array is not CredentialInterface
45		* @throws \LightSaml\Error\LightSamlSecurityException If validation fails
46		*
47		* @return CredentialInterface\|null Returns credential that validated the signature or null if validation was not performed
48		*/
49	1	public function validateMulti(array $credentialCandidates)
50		{
51	1	$lastException = null;
52
53	1	foreach ($credentialCandidates as $credential) {
54	1	if (false == $credential instanceof CredentialInterface) {
		0 ignored issues – show Coding Style Best Practice introduced 2020-07-28 16:14 UTC by Report Bug Copy Issue Report It seems like you are loosely comparing two booleans. Considering using the strict comparison `===` instead. When comparing two booleans, it is generally considered safer to use the strict comparison operator. Loading history...
55		throw new \InvalidArgumentException('Expected CredentialInterface');
56		}
57	1	if (null == $credential->getPublicKey()) {
58		continue;
59		}
60
61		try {
62	1	$result = $this->validate($credential->getPublicKey());
		0 ignored issues – show Documentation introduced 2020-07-28 16:14 UTC by Report Bug Copy Issue Report `$credential->getPublicKey()` is of type `null`, but the function expects a `object<RobRichards\XMLSecLibs\XMLSecurityKey>`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
63
64	1	if (false === $result) {
65		return null;
66		}
67
68	1	return $credential;
69		} catch (LightSamlSecurityException $ex) {
70		$lastException = $ex;
71		}
72		}
73
74		if ($lastException) {
75		throw $lastException;
76		} else {
77		throw new LightSamlSecurityException('No public key available for signature verification');
78		}
79		}
80
81		/**
82		* @return string
83		*/
84		abstract public function getAlgorithm();
85
86		/**
87		* @param XMLSecurityKey $key
88		*
89		* @return XMLSecurityKey
90		*/
91	8	protected function castKeyIfNecessary(XMLSecurityKey $key)
92		{
93	8	$algorithm = $this->getAlgorithm();
94
95	8	if (!in_array($algorithm, [
96	8	XMLSecurityKey::RSA_SHA1,
97	8	XMLSecurityKey::RSA_SHA256,
98	8	XMLSecurityKey::RSA_SHA384,
99	8	XMLSecurityKey::RSA_SHA512,
100		])) {
101		throw new LightSamlSecurityException(sprintf('Unsupported signing algorithm: "%s"', $algorithm));
102		}
103
104	8	if ($algorithm != $key->type) {
105	1	$key = KeyHelper::castKey($key, $algorithm);
106		}
107
108	8	return $key;
109		}
110		}
111

thephplab / lightsaml

AbstractSignatureReader::validateMulti() B last analyzed 2020-07-28 16:14 UTC

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like

AbstractSignatureReader::validateMulti() B
last analyzed 2020-07-28 16:14 UTC