SSOBroker::getSessionId() - Code Metrics - zefy/php-simple-sso - Measure and Improve Code Quality continuously with Scrutinizer

SSOBroker::getSessionId() A
last analyzed 2018-03-20 08:29 UTC

↳ Parent: SSOBroker

Complexity

Conditions	1
Paths	1

Size

Total Lines	4
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	1
eloc	2
nc	1
nop	0
dl	0
loc	4
rs	10
c	0
b	0
f	0

<?php

namespace Zefy\SimpleSSO;

use Zefy\SimpleSSO\Interfaces\SSOBrokerInterface;

/**
 * Class SSOBroker. This class is only a skeleton.
 * First of all, you need to implement abstract functions in your own class.
 * Secondly, you should create a page which will be your SSO server.
 *
 * @package Zefy\SimpleSSO
 */
abstract class SSOBroker implements SSOBrokerInterface
{
    /**
     * SSO server url.
     *
     * @var string
     */
    protected $ssoServerUrl;

    /**
     * Broker name.
     *
     * @var string
     */
    protected $brokerName;

    /**
     * Broker secret token.
     *
     * @var string
     */
    protected $brokerSecret;

    /**
     * User info retrieved from the SSO server.
     *
     * @var array
     */
    protected $userInfo;

    /**
     * Random token generated for the client and broker.
     *
     * @var string|null
     */
    protected $token;


    public function __construct()
    {
        $this->setOptions();
        $this->saveToken();
    }

    /**
     * Attach client session to broker session in SSO server.
     *
     * @return void
     */
    public function attach()
    {
        $parameters = [
            'return_url' => $this->getCurrentUrl(),
            'broker' => $this->brokerName,
            'token' => $this->token,
            'checksum' => hash('sha256', 'attach' . $this->token . $this->brokerSecret)
        ];

        $attachUrl = $this->generateCommandUrl('attach', $parameters);

        $this->redirect($attachUrl);
    }

    /**
     * Getting user info from SSO based on client session.
     *
     * @return array
     */
    public function getUserInfo()
    {
        if (!isset($this->userInfo) || empty($this->userInfo)) {
            $this->userInfo = $this->makeRequest('GET', 'userInfo');
        }

        return $this->userInfo;
    }

    /**
     * Login client to SSO server with user credentials.
     *
     * @param string $username
     * @param string $password
     *
     * @return bool
     */
    public function login(string $username, string $password)
    {
        $this->userInfo = $this->makeRequest('POST', 'login', compact('username', 'password'));

        if (!isset($this->userInfo['error']) && isset($this->userInfo['data']['id'])) {
            return true;
        }

        return false;
    }

    /**
     * Logout client from SSO server.
     *
     * @return void
     */
    public function logout()
    {
        $this->makeRequest('POST', 'logout');
    }

    /**
     * Generate request url.
     *
     * @param string $command
     * @param array $parameters
     *
     * @return string
     */
    protected function generateCommandUrl(string $command, array $parameters = [])
    {
        $query = '';
        if (!empty($parameters)) {
            $query = '?' . http_build_query($parameters);
        }

        return $this->ssoServerUrl . '/sso/' . $command . $query;
    }

    /**
     * Generate session key with broker name, broker secret and unique client token.
     *
     * @return string
     */
    protected function getSessionId()
    {
        $checksum = hash('sha256', 'session' . $this->token . $this->brokerSecret);
        return "SSO-{$this->brokerName}-{$this->token}-$checksum";
    }

    /**
     * Set base class options (sso server url, broker name and secret, etc).
     *
     * @return void
     */
    abstract protected function setOptions();

    /**
     * Somehow save random token for client.
     *
     * @return void
     */
    abstract protected function saveToken();

    /**
     * Delete saved token.
     *
     * @return void
     */
    abstract protected function deleteToken();

    /**
     * Make request to SSO server.
     *
     * @param string $method Request method 'post' or 'get'.
     * @param string $command Request command name.
     * @param array $parameters Parameters for URL query string if GET request and form parameters if it's POST request.
     *
     * @return array
     */
    abstract protected function makeRequest(string $method, string $command, array $parameters = []);

    /**
     * Redirect client to specified url.
     *
     * @param string $url URL to be redirected.
     * @param array $parameters HTTP query string.
     * @param int $httpResponseCode HTTP response code for redirection.
     *
     * @return void
     */
    abstract protected function redirect(string $url, array $parameters = [], int $httpResponseCode = 307);

    /**
     * Getting current url which can be used as return to url.
     *
     * @return string
     */
    abstract protected function getCurrentUrl();
}


1			<?php
2
3			namespace Zefy\SimpleSSO;
4
5			use Zefy\SimpleSSO\Interfaces\SSOBrokerInterface;
6
7			/**
8			* Class SSOBroker. This class is only a skeleton.
9			* First of all, you need to implement abstract functions in your own class.
10			* Secondly, you should create a page which will be your SSO server.
11			*
12			* @package Zefy\SimpleSSO
13			*/
14			abstract class SSOBroker implements SSOBrokerInterface
15			{
16			/**
17			* SSO server url.
18			*
19			* @var string
20			*/
21			protected $ssoServerUrl;
22
23			/**
24			* Broker name.
25			*
26			* @var string
27			*/
28			protected $brokerName;
29
30			/**
31			* Broker secret token.
32			*
33			* @var string
34			*/
35			protected $brokerSecret;
36
37			/**
38			* User info retrieved from the SSO server.
39			*
40			* @var array
41			*/
42			protected $userInfo;
43
44			/**
45			* Random token generated for the client and broker.
46			*
47			* @var string\|null
48			*/
49			protected $token;
50
51
52			public function __construct()
53			{
54			$this->setOptions();
55			$this->saveToken();
56			}
57
58			/**
59			* Attach client session to broker session in SSO server.
60			*
61			* @return void
62			*/
63			public function attach()
64			{
65			$parameters = [
66			'return_url' => $this->getCurrentUrl(),
67			'broker' => $this->brokerName,
68			'token' => $this->token,
69			'checksum' => hash('sha256', 'attach' . $this->token . $this->brokerSecret)
70			];
71
72			$attachUrl = $this->generateCommandUrl('attach', $parameters);
73
74			$this->redirect($attachUrl);
75			}
76
77			/**
78			* Getting user info from SSO based on client session.
79			*
80			* @return array
81			*/
82			public function getUserInfo()
83			{
84			if (!isset($this->userInfo) \|\| empty($this->userInfo)) {
85			$this->userInfo = $this->makeRequest('GET', 'userInfo');
86			}
87
88			return $this->userInfo;
89			}
90
91			/**
92			* Login client to SSO server with user credentials.
93			*
94			* @param string $username
95			* @param string $password
96			*
97			* @return bool
98			*/
99			public function login(string $username, string $password)
100			{
101			$this->userInfo = $this->makeRequest('POST', 'login', compact('username', 'password'));
102
103			if (!isset($this->userInfo['error']) && isset($this->userInfo['data']['id'])) {
104			return true;
105			}
106
107			return false;
108			}
109
110			/**
111			* Logout client from SSO server.
112			*
113			* @return void
114			*/
115			public function logout()
116			{
117			$this->makeRequest('POST', 'logout');
118			}
119
120			/**
121			* Generate request url.
122			*
123			* @param string $command
124			* @param array $parameters
125			*
126			* @return string
127			*/
128			protected function generateCommandUrl(string $command, array $parameters = [])
129			{
130			$query = '';
131			if (!empty($parameters)) {
132			$query = '?' . http_build_query($parameters);
133			}
134
135			return $this->ssoServerUrl . '/sso/' . $command . $query;
136			}
137
138			/**
139			* Generate session key with broker name, broker secret and unique client token.
140			*
141			* @return string
142			*/
143			protected function getSessionId()
144			{
145			$checksum = hash('sha256', 'session' . $this->token . $this->brokerSecret);
146			return "SSO-{$this->brokerName}-{$this->token}-$checksum";
147			}
148
149			/**
150			* Set base class options (sso server url, broker name and secret, etc).
151			*
152			* @return void
153			*/
154			abstract protected function setOptions();
155
156			/**
157			* Somehow save random token for client.
158			*
159			* @return void
160			*/
161			abstract protected function saveToken();
162
163			/**
164			* Delete saved token.
165			*
166			* @return void
167			*/
168			abstract protected function deleteToken();
169
170			/**
171			* Make request to SSO server.
172			*
173			* @param string $method Request method 'post' or 'get'.
174			* @param string $command Request command name.
175			* @param array $parameters Parameters for URL query string if GET request and form parameters if it's POST request.
176			*
177			* @return array
178			*/
179			abstract protected function makeRequest(string $method, string $command, array $parameters = []);
180
181			/**
182			* Redirect client to specified url.
183			*
184			* @param string $url URL to be redirected.
185			* @param array $parameters HTTP query string.
186			* @param int $httpResponseCode HTTP response code for redirection.
187			*
188			* @return void
189			*/
190			abstract protected function redirect(string $url, array $parameters = [], int $httpResponseCode = 307);
191
192			/**
193			* Getting current url which can be used as return to url.
194			*
195			* @return string
196			*/
197			abstract protected function getCurrentUrl();
198			}
199

zefy / php-simple-sso

SSOBroker::getSessionId() A last analyzed 2018-03-20 08:29 UTC

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like

SSOBroker::getSessionId() A
last analyzed 2018-03-20 08:29 UTC