1 | <?php |
||||
2 | |||||
3 | namespace SimpleSAML\Module\Monitor\TestCase; |
||||
4 | |||||
5 | use SimpleSAML\Module\Monitor\State; |
||||
6 | use SimpleSAML\Module\Monitor\TestData; |
||||
7 | use SimpleSAML\Module\Monitor\TestResult; |
||||
8 | |||||
9 | class Cert extends \SimpleSAML\Module\Monitor\TestCaseFactory |
||||
10 | { |
||||
11 | /** @var array */ |
||||
12 | private $certInfo = []; |
||||
13 | |||||
14 | /** @var integer */ |
||||
15 | private $expiration; |
||||
16 | |||||
17 | /** @var integer|null */ |
||||
18 | private $certExpirationWarning = null; |
||||
19 | |||||
20 | |||||
21 | /** |
||||
22 | * @var \SimpleSAML\Module\Monitor\TestData $testData |
||||
23 | * |
||||
24 | * @return void |
||||
25 | */ |
||||
26 | protected function initialize(TestData $testData): void |
||||
27 | { |
||||
28 | $this->setCategory($testData->getInputItem('category')); |
||||
0 ignored issues
–
show
Bug
introduced
by
![]() |
|||||
29 | $this->setCertInfo($testData->getInputItem('certData')); |
||||
0 ignored issues
–
show
It seems like
$testData->getInputItem('certData') can also be of type null ; however, parameter $certInfo of SimpleSAML\Module\Monito...ase\Cert::setCertInfo() does only seem to accept array , maybe add an additional type check?
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
![]() |
|||||
30 | $this->setCertExpirationWarning($testData->getInputItem('certExpirationWarning')); |
||||
0 ignored issues
–
show
It seems like
$testData->getInputItem('certExpirationWarning') can also be of type null ; however, parameter $certExpirationWarning of SimpleSAML\Module\Monito...CertExpirationWarning() does only seem to accept integer , maybe add an additional type check?
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
![]() |
|||||
31 | |||||
32 | parent::initialize($testData); |
||||
33 | } |
||||
34 | |||||
35 | |||||
36 | /** |
||||
37 | * @return string |
||||
38 | */ |
||||
39 | public function getSubject(): string |
||||
40 | { |
||||
41 | $certInfo = $this->getCertInfo(); |
||||
42 | if ( |
||||
43 | isset($certInfo['subject']) |
||||
44 | && !empty($certInfo['subject']) |
||||
45 | && array_key_exists('CN', $certInfo['subject']) |
||||
46 | ) { |
||||
47 | return 'CN=' . $certInfo['subject']['CN']; |
||||
48 | } elseif (isset($certInfo['serialNumber'])) { |
||||
49 | return 'SN=' . $certInfo['serialNumber']; |
||||
50 | } else { |
||||
51 | return 'UNKNOWN'; |
||||
52 | } |
||||
53 | } |
||||
54 | |||||
55 | |||||
56 | /** |
||||
57 | * @param array $certInfo |
||||
58 | * |
||||
59 | * @return void |
||||
60 | */ |
||||
61 | protected function setCertInfo(array $certInfo): void |
||||
62 | { |
||||
63 | $this->certInfo = $certInfo; |
||||
64 | } |
||||
65 | |||||
66 | |||||
67 | /** |
||||
68 | * @return array |
||||
69 | */ |
||||
70 | protected function getCertInfo(): array |
||||
71 | { |
||||
72 | return $this->certInfo; |
||||
73 | } |
||||
74 | |||||
75 | |||||
76 | /** |
||||
77 | * @param int $certExpirationWarning |
||||
78 | * |
||||
79 | * @return void |
||||
80 | */ |
||||
81 | protected function setCertExpirationWarning(int $certExpirationWarning): void |
||||
82 | { |
||||
83 | $this->certExpirationWarning = $certExpirationWarning; |
||||
84 | } |
||||
85 | |||||
86 | |||||
87 | /** |
||||
88 | * @return int|null |
||||
89 | */ |
||||
90 | protected function getCertExpirationWarning(): ?int |
||||
91 | { |
||||
92 | return $this->certExpirationWarning; |
||||
93 | } |
||||
94 | |||||
95 | |||||
96 | /** |
||||
97 | * @return int |
||||
98 | */ |
||||
99 | protected function getExpiration(): int |
||||
100 | { |
||||
101 | return $this->expiration; |
||||
102 | } |
||||
103 | |||||
104 | |||||
105 | /** |
||||
106 | * @param integer $expiration |
||||
107 | * |
||||
108 | * @return void |
||||
109 | */ |
||||
110 | private function setExpiration(int $expiration): void |
||||
111 | { |
||||
112 | $this->expiration = $expiration; |
||||
113 | } |
||||
114 | |||||
115 | |||||
116 | /** |
||||
117 | * @return void |
||||
118 | */ |
||||
119 | protected function calculateExpiration(): void |
||||
120 | { |
||||
121 | $certInfo = $this->getCertInfo(); |
||||
122 | $expiration = (int)(($certInfo['validTo_time_t'] - time()) / 86400); |
||||
123 | $this->setExpiration($expiration); |
||||
124 | } |
||||
125 | |||||
126 | |||||
127 | /** |
||||
128 | * @return void |
||||
129 | */ |
||||
130 | public function invokeTest(): void |
||||
131 | { |
||||
132 | $this->calculateExpiration(); |
||||
133 | |||||
134 | $threshold = $this->getCertExpirationWarning(); |
||||
135 | $expiration = $this->getExpiration(); |
||||
136 | |||||
137 | $days = abs($expiration); |
||||
138 | $daysStr = $days . ' ' . (($days === 1) ? 'day' : 'days'); |
||||
139 | |||||
140 | $testResult = new TestResult($this->getCategory(), $this->getSubject()); |
||||
141 | |||||
142 | if ($expiration < 0) { |
||||
143 | $testResult->setState(State::ERROR); |
||||
144 | $testResult->setMessage('Certificate has expired ' . $daysStr . ' ago'); |
||||
145 | } elseif ($expiration <= $threshold) { |
||||
146 | $testResult->setState(State::WARNING); |
||||
147 | $testResult->setMessage('Certificate will expire in ' . $daysStr); |
||||
148 | } else { |
||||
149 | $testResult->setState(State::OK); |
||||
150 | $testResult->setMessage('Certificate valid for another ' . $daysStr); |
||||
151 | } |
||||
152 | |||||
153 | $testResult->addOutput($expiration, 'expiration'); |
||||
154 | $this->setTestResult($testResult); |
||||
155 | } |
||||
156 | } |
||||
157 |