CompositeAuth::authenticate() - Code Metrics - Inspection of "Update branch `2.2` to `2.0.52`." - yiisoft/yii2 - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — 2.2 (#20357)

by Wilmer

created 2025-04-26 13:27 UTC

CompositeAuth::authenticate() D

↳ Parent: CompositeAuth

Complexity

Conditions	18
Paths	50

Size

Total Lines	51
Code Lines	32

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	25
CRAP Score	21.3891

Importance

Changes	3
Bugs	0	Features	0

Metric	Value
cc	18
eloc	32
c	3
b	0
f	0
nc	50
nop	3
dl	0
loc	51
ccs	25
cts	32
cp	0.7813
crap	21.3891
rs	4.8666

How to fix Long Method Complexity

<?php
/**
 * @link https://www.yiiframework.com/
 * @copyright Copyright (c) 2008 Yii Software LLC
 * @license https://www.yiiframework.com/license/
 */

namespace yii\filters\auth;

use Yii;
use yii\base\ActionFilter;
use yii\base\Controller;
use yii\base\InvalidConfigException;

/**
 * CompositeAuth is an action filter that supports multiple authentication methods at the same time.
 *
 * The authentication methods contained by CompositeAuth are configured via [[authMethods]],
 * which is a list of supported authentication class configurations.
 *
 * The following example shows how to support three authentication methods:
 *
 * ```php
 * public function behaviors()
 * {
 *     return [
 *         'compositeAuth' => [
 *             'class' => \yii\filters\auth\CompositeAuth::class,
 *             'authMethods' => [
 *                 \yii\filters\auth\HttpBasicAuth::class,
 *                 \yii\filters\auth\QueryParamAuth::class,
 *             ],
 *         ],
 *     ];
 * }
 * ```
 *
 * @author Qiang Xue <[email protected]>
 * @since 2.0
 */
class CompositeAuth extends AuthMethod
{
    /**
     * @var array the supported authentication methods. This property should take a list of supported
     * authentication methods, each represented by an authentication class or configuration.
     *
     * If this property is empty, no authentication will be performed.
     *
     * Note that an auth method class must implement the [[\yii\filters\auth\AuthInterface]] interface.
     */
    public $authMethods = [];


    /**
     * {@inheritdoc}
     */
    public function beforeAction($action)
    {
        return empty($this->authMethods) ? true : parent::beforeAction($action);
    }

    /**
     * {@inheritdoc}
     */
    public function authenticate($user, $request, $response)
    {
        foreach ($this->authMethods as $i => $auth) {
            if (!$auth instanceof AuthInterface) {
                $this->authMethods[$i] = $auth = Yii::createObject($auth);
                if (!$auth instanceof AuthInterface) {
                    throw new InvalidConfigException(get_class($auth) . ' must implement yii\filters\auth\AuthInterface');
                }
            }

            if (
                $this->owner instanceof Controller
                && (
                    !isset($this->owner->action)
                    || (
                        $auth instanceof ActionFilter
                        && !$auth->isActive($this->owner->action)
                    )
                )
            ) {
                continue;
            }

            $authUser = $auth->user;

            if ($authUser != null && !$authUser instanceof \yii\web\User) {
                throw new InvalidConfigException(get_class($authUser) . ' must implement yii\web\User');
            } elseif ($authUser != null) {
                $user = $authUser;
            }

            $authRequest = $auth->request;

            if ($authRequest != null && !$authRequest instanceof \yii\web\Request) {
                throw new InvalidConfigException(get_class($authRequest) . ' must implement yii\web\Request');
            } elseif ($authRequest != null) {
                $request = $authRequest;
            }

            $authResponse = $auth->response;

            if ($authResponse != null && !$authResponse instanceof \yii\web\Response) {
                throw new InvalidConfigException(get_class($authResponse) . ' must implement yii\web\Response');
            } elseif ($authResponse != null) {
                $response = $authResponse;
            }

            $identity = $auth->authenticate($user, $request, $response);
            if ($identity !== null) {
                return $identity;
            }
        }

        return null;
    }

    /**
     * {@inheritdoc}
     */
    public function challenge($response)
    {
        foreach ($this->authMethods as $method) {
            /** @var AuthInterface $method */
            $method->challenge($response);
        }
    }
}


1		<?php
2		/**
3		* @link https://www.yiiframework.com/
4		* @copyright Copyright (c) 2008 Yii Software LLC
5		* @license https://www.yiiframework.com/license/
6		*/
7
8		namespace yii\filters\auth;
9
10		use Yii;
11		use yii\base\ActionFilter;
12		use yii\base\Controller;
13		use yii\base\InvalidConfigException;
14
15		/**
16		* CompositeAuth is an action filter that supports multiple authentication methods at the same time.
17		*
18		* The authentication methods contained by CompositeAuth are configured via [[authMethods]],
19		* which is a list of supported authentication class configurations.
20		*
21		* The following example shows how to support three authentication methods:
22		*
23		* ```php
24		* public function behaviors()
25		* {
26		* return [
27		* 'compositeAuth' => [
28		* 'class' => \yii\filters\auth\CompositeAuth::class,
29		* 'authMethods' => [
30		* \yii\filters\auth\HttpBasicAuth::class,
31		* \yii\filters\auth\QueryParamAuth::class,
32		* ],
33		* ],
34		* ];
35		* }
36		* ```
37		*
38		* @author Qiang Xue <[email protected]>
39		* @since 2.0
40		*/
41		class CompositeAuth extends AuthMethod
42		{
43		/**
44		* @var array the supported authentication methods. This property should take a list of supported
45		* authentication methods, each represented by an authentication class or configuration.
46		*
47		* If this property is empty, no authentication will be performed.
48		*
49		* Note that an auth method class must implement the [[\yii\filters\auth\AuthInterface]] interface.
50		*/
51		public $authMethods = [];
52
53
54		/**
55		* {@inheritdoc}
56		*/
57	13	public function beforeAction($action)
58		{
59	13	return empty($this->authMethods) ? true : parent::beforeAction($action);
60		}
61
62		/**
63		* {@inheritdoc}
64		*/
65	12	public function authenticate($user, $request, $response)
66		{
67	12	foreach ($this->authMethods as $i => $auth) {
68	12	if (!$auth instanceof AuthInterface) {
69	12	$this->authMethods[$i] = $auth = Yii::createObject($auth);
70	12	if (!$auth instanceof AuthInterface) {
71		throw new InvalidConfigException(get_class($auth) . ' must implement yii\filters\auth\AuthInterface');
72		}
73		}
74
75		if (
76	12	$this->owner instanceof Controller
77		&& (
78	12	!isset($this->owner->action)
79	12	\|\| (
80	12	$auth instanceof ActionFilter
81	12	&& !$auth->isActive($this->owner->action)
82	12	)
83		)
84		) {
85	2	continue;
86		}
87
88	12	$authUser = $auth->user;
		0 ignored issues – show Bug introduced 2025-04-25 11:08 UTC by Report Bug Copy Issue Report Accessing `user` on the interface `yii\filters\auth\AuthInterface` suggest that you code against a concrete implementation. How about adding an `instanceof` check? Loading history...
89	12	if ($authUser != null && !$authUser instanceof \yii\web\User) {
90		throw new InvalidConfigException(get_class($authUser) . ' must implement yii\web\User');
91	12	} elseif ($authUser != null) {
92		$user = $authUser;
93		}
94
95	12	$authRequest = $auth->request;
		0 ignored issues – show Bug introduced 2025-04-25 11:16 UTC by Report Bug Copy Issue Report Accessing `request` on the interface `yii\filters\auth\AuthInterface` suggest that you code against a concrete implementation. How about adding an `instanceof` check? Loading history...
96	12	if ($authRequest != null && !$authRequest instanceof \yii\web\Request) {
97		throw new InvalidConfigException(get_class($authRequest) . ' must implement yii\web\Request');
98	12	} elseif ($authRequest != null) {
99		$request = $authRequest;
100		}
101
102	12	$authResponse = $auth->response;
		0 ignored issues – show Bug introduced 2025-04-25 11:16 UTC by Report Bug Copy Issue Report Accessing `response` on the interface `yii\filters\auth\AuthInterface` suggest that you code against a concrete implementation. How about adding an `instanceof` check? Loading history...
103	12	if ($authResponse != null && !$authResponse instanceof \yii\web\Response) {
104		throw new InvalidConfigException(get_class($authResponse) . ' must implement yii\web\Response');
105	12	} elseif ($authResponse != null) {
106		$response = $authResponse;
107		}
108
109	12	$identity = $auth->authenticate($user, $request, $response);
110	11	if ($identity !== null) {
111	7	return $identity;
112		}
113		}
114
115	4	return null;
116		}
117
118		/**
119		* {@inheritdoc}
120		*/
121	3	public function challenge($response)
122		{
123	3	foreach ($this->authMethods as $method) {
124		/** @var AuthInterface $method */
125	3	$method->challenge($response);
126		}
127		}
128		}
129

yiisoft / yii2

Pull Request — 2.2 (#20357)

CompositeAuth::authenticate() D

Complexity

Size

Duplication

Code Coverage

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like