AuthenticationProvider::authByToken() - Code Metrics - Inspection of "Introduce initial SubSonic api support" - uxmp/core - Measure and Improve Code Quality continuously with Scrutinizer

Test Setup Failed

Push — main ( 7bb2c5...c5b0e8 )

by Daniel

created 2022-05-01 11:22 UTC

AuthenticationProvider::authByToken() A

↳ Parent: AuthenticationProvider

Complexity

Conditions	3
Paths	2

Size

Total Lines	13
Code Lines	5

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	3
eloc	5
c	1
b	0
f	0
nc	2
nop	3
dl	0
loc	13
rs	10

<?php

declare(strict_types=1);

namespace Uxmp\Core\Component\SubSonic;

use Usox\HyperSonic\Authentication\AuthenticationProviderInterface;
use Usox\HyperSonic\Authentication\Exception\AuthenticationFailedException;
use Uxmp\Core\Component\Authentication\AccessKey\AccessTokenEnum;
use Uxmp\Core\Orm\Repository\AccessKeyRepositoryInterface;
use Uxmp\Core\Orm\Repository\UserRepositoryInterface;

/**
 * Provides auth mechanism for subsonic api auth
 */
final class AuthenticationProvider implements AuthenticationProviderInterface
{
    public function __construct(
        private UserRepositoryInterface $userRepository,
        private AccessKeyRepositoryInterface $accessKeyRepository,
    ) {
    }

    /**
     * Preferred way of auth, using a hashed version of the access token
     *
     * @throws AuthenticationFailedException
     */
    public function authByToken(
        string $userName,
        string $token,
        string $salt,
    ): void {
        $accessKeyFromStorage = $this->retrieveToken($userName);

        // use the provided salt to hash the token
        if (
            $accessKeyFromStorage === null ||
            $token !== md5($accessKeyFromStorage.$salt)
        ) {
            throw new AuthenticationFailedException();
        }
    }

    /**
     * Wah! Support for plaintext/hex encoded auth :(
     */
    public function authByPassword(
        string $userName,
        string $password,
    ): void {
        $accessKeyFromStorage = $this->retrieveToken($userName);

        if (
            $accessKeyFromStorage === null ||
            $password !== $accessKeyFromStorage
        ) {
            throw new AuthenticationFailedException();
        }
    }

    private function retrieveToken(
        string $userName,
    ): ?string {
        $user = $this->userRepository->findOneBy(['name' => $userName]);
        if ($user === null) {
            return null;
        }

        // search for a valid subsonic token
        $accessKey = $this->accessKeyRepository->findOneBy([
            'user' => $user,
            'type_id' => AccessTokenEnum::TYPE_SUBSONIC,
            'active' => true,
        ]);

        return $accessKey?->getConfig()[AccessTokenEnum::CONFIG_KEY_TOKEN] ?? null;
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace Uxmp\Core\Component\SubSonic;
6
7			use Usox\HyperSonic\Authentication\AuthenticationProviderInterface;
8			use Usox\HyperSonic\Authentication\Exception\AuthenticationFailedException;
9			use Uxmp\Core\Component\Authentication\AccessKey\AccessTokenEnum;
10			use Uxmp\Core\Orm\Repository\AccessKeyRepositoryInterface;
11			use Uxmp\Core\Orm\Repository\UserRepositoryInterface;
12
13			/**
14			* Provides auth mechanism for subsonic api auth
15			*/
16			final class AuthenticationProvider implements AuthenticationProviderInterface
17			{
18			public function __construct(
19			private UserRepositoryInterface $userRepository,
20			private AccessKeyRepositoryInterface $accessKeyRepository,
21			) {
22			}
23
24			/**
25			* Preferred way of auth, using a hashed version of the access token
26			*
27			* @throws AuthenticationFailedException
28			*/
29			public function authByToken(
30			string $userName,
31			string $token,
32			string $salt,
33			): void {
34			$accessKeyFromStorage = $this->retrieveToken($userName);
35
36			// use the provided salt to hash the token
37			if (
38			$accessKeyFromStorage === null \|\|
39			$token !== md5($accessKeyFromStorage.$salt)
40			) {
41			throw new AuthenticationFailedException();
42			}
43			}
44
45			/**
46			* Wah! Support for plaintext/hex encoded auth :(
47			*/
48			public function authByPassword(
49			string $userName,
50			string $password,
51			): void {
52			$accessKeyFromStorage = $this->retrieveToken($userName);
53
54			if (
55			$accessKeyFromStorage === null \|\|
56			$password !== $accessKeyFromStorage
57			) {
58			throw new AuthenticationFailedException();
59			}
60			}
61
62			private function retrieveToken(
63			string $userName,
64			): ?string {
65			$user = $this->userRepository->findOneBy(['name' => $userName]);
66			if ($user === null) {
67			return null;
68			}
69
70			// search for a valid subsonic token
71			$accessKey = $this->accessKeyRepository->findOneBy([
72			'user' => $user,
73			'type_id' => AccessTokenEnum::TYPE_SUBSONIC,
74			'active' => true,
75			]);
76
77			return $accessKey?->getConfig()[AccessTokenEnum::CONFIG_KEY_TOKEN] ?? null;
78			}
79			}
80

uxmp / core

Push — main ( 7bb2c5...c5b0e8 )

AuthenticationProvider::authByToken() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like