Sign upLogin

YetiForceCompany/YetiForceCRM

View on GitHub
Star
api/webservice/Core/Auth/Basic.php

Summary

Maintainability
A
0 mins
Test Coverage
C
77%

setServer accesses the super-global variable $_SERVER.
Open

    public function setServer(): self
    {
        $this->api->app = [];
        $userName = $_SERVER['PHP_AUTH_USER'] ?? '';
        $type = $this->api->request->getByType('_container', \App\Purifier::STANDARD);
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

authenticate accesses the super-global variable $_SERVER.
Open

    public function authenticate(string $realm): bool
    {
        if (!isset($_SERVER['PHP_AUTH_USER'])) {
            $this->api->response->addHeader('WWW-Authenticate', 'Basic realm="' . $realm . '"');
            throw new \Api\Core\Exception('Web service - Applications: Unauthorized', 401);
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

authenticate accesses the super-global variable $_SERVER.
Open

    public function authenticate(string $realm): bool
    {
        if (!isset($_SERVER['PHP_AUTH_USER'])) {
            $this->api->response->addHeader('WWW-Authenticate', 'Basic realm="' . $realm . '"');
            throw new \Api\Core\Exception('Web service - Applications: Unauthorized', 401);
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

Missing class import via use statement (line '45', column '17').
Open

        $query = (new \App\Db\Query())->from('w_#__servers')->where(['type' => $type, 'name' => $userName, 'status' => 1]);
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpmd

MissingImport

Since: 2.7.0

Importing all external classes in a file through use statements makes them clearly visible.

Example

function make() {
    return new \stdClass();
}

Source http://phpmd.org/rules/cleancode.html#MissingImport

Missing class import via use statement (line '33', column '14').
Open

            throw new \Api\Core\Exception('Invalid api key', 401);
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpmd

MissingImport

Since: 2.7.0

Importing all external classes in a file through use statements makes them clearly visible.

Example

function make() {
    return new \stdClass();
}

Source http://phpmd.org/rules/cleancode.html#MissingImport

Missing class import via use statement (line '25', column '14').
Open

            throw new \Api\Core\Exception('Web service - Applications: Unauthorized', 401);
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpmd

MissingImport

Since: 2.7.0

Importing all external classes in a file through use statements makes them clearly visible.

Example

function make() {
    return new \stdClass();
}

Source http://phpmd.org/rules/cleancode.html#MissingImport

Missing class import via use statement (line '29', column '14').
Open

            throw new \Api\Core\Exception('Web service - Applications: Wrong Credentials', 401);
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpmd

MissingImport

Since: 2.7.0

Importing all external classes in a file through use statements makes them clearly visible.

Example

function make() {
    return new \stdClass();
}

Source http://phpmd.org/rules/cleancode.html#MissingImport

Avoid assigning values to variables in if clauses and the like (line '46', column '20').
Open

    public function setServer(): self
    {
        $this->api->app = [];
        $userName = $_SERVER['PHP_AUTH_USER'] ?? '';
        $type = $this->api->request->getByType('_container', \App\Purifier::STANDARD);
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpmd

IfStatementAssignment

Since: 2.7.0

Assignments in if clauses and the like are considered a code smell. Assignments in PHP return the right operand as their result. In many cases, this is an expected behavior, but can lead to many difficult to spot bugs, especially when the right operand could result in zero, null or an empty string and the like.

Example

class Foo
{
    public function bar($flag)
    {
        if ($foo = 'bar') { // possible typo
            // ...
        }
        if ($baz = 0) { // always false
            // ...
        }
    }
}

Source http://phpmd.org/rules/cleancode.html#ifstatementassignment

Declaration of function setServer() : \Api\Core\Auth\Basic should be compatible with function setServer() : \Api\Core\Auth\AbstractAuth (method returning '\Api\Core\Auth\Basic' cannot override method returning '\Api\Core\Auth\AbstractAuth') defined in /code/api/webservice/Core/Auth/AbstractAuth.php:51
Open

    public function setServer(): self
Severity: Critical
Found in api/webservice/Core/Auth/Basic.php by phan

Call to method getInstance from undeclared class \App\Encryption (Did you mean class \Tests\App\Encryption)
Open

        if (!$apiKey || $apiKey !== \App\Encryption::getInstance()->decrypt($this->api->app['api_key'])) {
Severity: Critical
Found in api/webservice/Core/Auth/Basic.php by phan

Call to method getInstance from undeclared class \App\Encryption (Did you mean class \Tests\App\Encryption)
Open

        return $this->api->app && $password === \App\Encryption::getInstance()->decrypt($this->api->app['pass']);
Severity: Critical
Found in api/webservice/Core/Auth/Basic.php by phan

Call to undeclared method \App\Db\Query::from
Open

        $query = (new \App\Db\Query())->from('w_#__servers')->where(['type' => $type, 'name' => $userName, 'status' => 1]);
Severity: Critical
Found in api/webservice/Core/Auth/Basic.php by phan

Spaces must be used to indent lines; tabs are not allowed
Open

        }
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

        if (!$apiKey || $apiKey !== \App\Encryption::getInstance()->decrypt($this->api->app['api_key'])) {
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

            throw new \Api\Core\Exception('Web service - Applications: Wrong Credentials', 401);
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    {
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

     * Validate pwd.
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    {
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

            throw new \Api\Core\Exception('Web service - Applications: Unauthorized', 401);
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

        $userName = $_SERVER['PHP_AUTH_USER'] ?? '';
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

            $row['id'] = (int) $row['id'];
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

     *
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

        }
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    }
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

     * @param string $password
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

            $this->api->response->addHeader('WWW-Authenticate', 'Basic realm="' . $realm . '"');
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

        if (!$this->api->app || !$this->validatePwd($_SERVER['PHP_AUTH_PW'])) {
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

        }
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

        $apiKey = $this->api->request->getHeaders()['x-api-key'] ?? null;
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

        $query = (new \App\Db\Query())->from('w_#__servers')->where(['type' => $type, 'name' => $userName, 'status' => 1]);
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

            $this->api->app = $row;
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

     * @return bool
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    public function authenticate(string $realm): bool
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

        }
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

            throw new \Api\Core\Exception('Invalid api key', 401);
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    }
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

     */
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

        if (!isset($_SERVER['PHP_AUTH_USER'])) {
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    /**
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

        return $this->api->app && $password === \App\Encryption::getInstance()->decrypt($this->api->app['pass']);
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    /** {@inheritdoc}  */
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    public function validatePwd(string $password): bool
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    {
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

     *
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

        $this->api->app = [];
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    public function setServer(): self
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

        $type = $this->api->request->getByType('_container', \App\Purifier::STANDARD);
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

            $this->api->response->addHeader('WWW-Authenticate', 'Basic realm="' . $realm . '"');
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

        return true;
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    /** {@inheritdoc} */
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Line exceeds 120 characters; contains 123 characters
Open

        $query = (new \App\Db\Query())->from('w_#__servers')->where(['type' => $type, 'name' => $userName, 'status' => 1]);
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

        if ($userName && $row = $query->one()) {
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

        return $this;
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    }
Severity: Minor
Found in api/webservice/Core/Auth/Basic.php by phpcodesniffer

There are no issues that match your filters.

Category
Status