modules/Users/authmethods/Ldap.php
Function process has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring. Open
Open
public function process($auth, $password)
{
\App\Log::trace('Start LDAP authentication', 'UserAuthentication');
if (!empty($password) && ('PLL_LDAP' === $this->userRecordModel->get('login_method') || 'PLL_LDAP_2FA' === $this->userRecordModel->get('login_method'))) {
$port = '' == $auth['port'] ? 389 : $auth['port'];- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Avoid using static access to class '\App\Log' in method 'process'. Open
Open
\App\Log::error('Error LDAP authentication: Could not connect to LDAP server.', 'UserAuthentication');- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class '\App\Log' in method 'process'. Open
Open
\App\Log::trace($this->userRecordModel->get('user_name') . ' user does not belong to the LDAP', 'UserAuthentication');- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class '\App\Log' in method 'process'. Open
Open
\App\Log::error('LDAP authentication: LDAP bind failed. |' . ldap_errno($ds) . '|' . ldap_error($ds), 'UserAuthentication');- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class '\App\Session' in method 'process'. Open
Open
\App\Session::set('UserAuthType', 'LDAP');- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class '\App\Log' in method 'process'. Open
Open
\App\Log::trace('End LDAP authentication', 'UserAuthentication');- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class '\App\Log' in method 'process'. Open
Open
\App\Log::trace('Start LDAP authentication', 'UserAuthentication');- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}Source https://phpmd.org/rules/cleancode.html#staticaccess
Define a constant instead of duplicating this literal "UserAuthentication" 5 times. Open
Open
\App\Log::trace('Start LDAP authentication', 'UserAuthentication');- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() {
prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times
execute('action1');
release('action1');
}
Compliant Solution
ACTION_1 = 'action1';
function run() {
prepare(ACTION_1);
execute(ACTION_1);
release(ACTION_1);
}
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Call to method error from undeclared class \App\Log Open
Open
\App\Log::error('Error LDAP authentication: Could not connect to LDAP server.', 'UserAuthentication');- Exclude checks
Call to method trace from undeclared class \App\Log Open
Open
\App\Log::trace('Start LDAP authentication', 'UserAuthentication');- Exclude checks
Call to method error from undeclared class \App\Log Open
Open
\App\Log::error('LDAP authentication: LDAP bind failed. |' . ldap_errno($ds) . '|' . ldap_error($ds), 'UserAuthentication');- Exclude checks
Call to method trace from undeclared class \App\Log Open
Open
\App\Log::trace($this->userRecordModel->get('user_name') . ' user does not belong to the LDAP', 'UserAuthentication');- Exclude checks
Call to method trace from undeclared class \App\Log Open
Open
\App\Log::trace('End LDAP authentication', 'UserAuthentication');- Exclude checks
Each class must be in a namespace of at least one level (a top-level vendor name) Open
Open
class Users_Ldap_Authmethod- Exclude checks
The class Users_Ldap_Authmethod is not named in CamelCase. Open
Open
class Users_Ldap_Authmethod
{
/**
* Users record model.
*- Read upRead up
- Exclude checks
CamelCaseClassName
Since: 0.2
It is considered best practice to use the CamelCase notation to name classes.
Example
class class_name {
}Source
Avoid variables with short names like $ds. Configured minimum length is 3. Open
Open
$ds = ldap_connect($auth['server'], $port);- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}Source https://phpmd.org/rules/naming.html#shortvariable
Spaces must be used to indent lines; tabs are not allowed Open
Open
*- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
* @param string $password- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
\App\Log::trace('End LDAP authentication', 'UserAuthentication');- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
*- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
}- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
}- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$bind = ldap_bind($ds, $this->userRecordModel->get('user_name') . $auth['domain'], $password);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
\App\Log::trace('Start LDAP authentication', 'UserAuthentication');- Exclude checks
Line exceeds 120 characters; contains 140 characters Open
Open
\App\Log::error('LDAP authentication: LDAP bind failed. |' . ldap_errno($ds) . '|' . ldap_error($ds), 'UserAuthentication');- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
\App\Session::set('UserAuthType', 'LDAP');- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
return $bind;- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
/**- Exclude checks
Line exceeds 120 characters; contains 162 characters Open
Open
if (!empty($password) && ('PLL_LDAP' === $this->userRecordModel->get('login_method') || 'PLL_LDAP_2FA' === $this->userRecordModel->get('login_method'))) {- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$port = '' == $auth['port'] ? 389 : $auth['port'];- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
/**- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
if (!$ds) {- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
}- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
}- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
/**- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
* Construct.- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
{- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
* @param array $auth- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
*/- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
return null;- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
public function process($auth, $password)- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
* @return bool|null- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
if (!empty($password) && ('PLL_LDAP' === $this->userRecordModel->get('login_method') || 'PLL_LDAP_2FA' === $this->userRecordModel->get('login_method'))) {- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
}- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); // Try version 3. Will fail and default to v2.- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
ldap_set_option($ds, LDAP_OPT_NETWORK_TIMEOUT, 5);- Exclude checks
Line exceeds 120 characters; contains 126 characters Open
Open
\App\Log::trace($this->userRecordModel->get('user_name') . ' user does not belong to the LDAP', 'UserAuthentication');- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
* @param Users_Record_Model $recordModel- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
if (!$bind) {- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
\App\Log::error('LDAP authentication: LDAP bind failed. |' . ldap_errno($ds) . '|' . ldap_error($ds), 'UserAuthentication');- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
* Users record model.- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$this->userRecordModel = $recordModel;- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
*- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
*- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
* Ldap process.- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
ldap_set_option($ds, LDAP_OPT_TIMEOUT, 5);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
* @var Users_Record_Model- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
*/- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
protected $userRecordModel;- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
*/- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
{- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$ds = ldap_connect($auth['server'], $port);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
ldap_set_option($ds, LDAP_OPT_TIMELIMIT, 5);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
public function __construct($recordModel)- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
}- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
\App\Log::error('Error LDAP authentication: Could not connect to LDAP server.', 'UserAuthentication');- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
\App\Log::trace($this->userRecordModel->get('user_name') . ' user does not belong to the LDAP', 'UserAuthentication');- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
if ('tls' === parse_url($auth['server'])['scheme']) {- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
ldap_start_tls($ds);- Exclude checks
Class name "Users_Ldap_Authmethod" is not in camel caps format Open
Open
class Users_Ldap_Authmethod- Exclude checks