Code Coverage for /__w/eappointment/eappointment/zmsadmin/src/Zmsadmin/Index.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	100.00% covered (success)	100.00%	100 / 100	100.00% covered (success)	100.00%	3 / 3	CRAP	100.00% covered (success)	100.00%	1 / 1
Index	100.00% covered (success)	100.00%	100 / 100	100.00% covered (success)	100.00%	3 / 3	16	100.00% covered (success)	100.00%	1 / 1
readResponse	100.00% covered (success)	100.00%	35 / 35	100.00% covered (success)	100.00%	1 / 1	5
testLogin	100.00% covered (success)	100.00%	57 / 57	100.00% covered (success)	100.00%	1 / 1	6
getProviderList	100.00% covered (success)	100.00%	8 / 8	100.00% covered (success)	100.00%	1 / 1	5

1	<?php
2
3	/**
4	* @package Zmsadmin
5	* @copyright BerlinOnline Stadtportal GmbH & Co. KG
6	**/
7
8	namespace BO\Zmsadmin;
9
10	use BO\Zmsentities\Workstation;
11	use BO\Zmsadmin\Helper\LoginForm;
12	use BO\Mellon\Validator;
13
14	class Index extends BaseController
15	{
16	/**
17	* @SuppressWarnings(Param)
18	* @return String
19	*/
20	public function readResponse(
21	\Psr\Http\Message\RequestInterface $request,
22	\Psr\Http\Message\ResponseInterface $response,
23	array $args
24	) {
25	try {
26	$workstation = \App::$http->readGetResult('/workstation/')->getEntity();
27	} catch (\Exception $workstationexception) {
28	$workstation = null;
29	}
30	$config = \App::$http->readGetResult('/config/', [], \App::CONFIG_SECURE_TOKEN)->getEntity();
31	$input = $request->getParsedBody();
32	$oidclogin = $request->getAttribute('validator')->getParameter('oidclogin')->isString()->getValue();
33	if ($request->getMethod() === 'POST') {
34	$loginData = $this->testLogin($input);
35	if ($loginData instanceof Workstation && $loginData->offsetExists('authkey')) {
36	\BO\Zmsclient\Auth::setKey($loginData->authkey, time() + \App::SESSION_DURATION);
37	return \BO\Slim\Render::redirect('workstationSelect', array(), array());
38	}
39	return \BO\Slim\Render::withHtml(
40	$response,
41	'page/index.twig',
42	array(
43	'title' => 'Anmeldung gescheitert',
44	'loginfailed' => true,
45	'workstation' => null,
46	'exception' => $loginData,
47	'showloginform' => true,
48	'oidcproviderlist' => $this->getProviderList($config)
49	)
50	);
51	}
52	return \BO\Slim\Render::withHtml(
53	$response,
54	'page/index.twig',
55	array(
56	'title' => 'Anmeldung',
57	'config' => $config,
58	'workstation' => $workstation,
59	'oidcproviderlist' => $this->getProviderList($config),
60	'oidclogin' => $oidclogin,
61	'showloginform' => (! $oidclogin)
62	)
63	);
64	}
65
66	protected function testLogin($input)
67	{
68	$userAccount = new \BO\Zmsentities\Useraccount(array(
69	'id' => $input['loginName'],
70	'password' => $input['password'],
71	'departments' => array('id' => 0) // required in schema validation
72	));
73	try {
74	/** @var \BO\Zmsentities\Workstation $workstation */
75	$workstation = \App::$http->readPostResult('/workstation/login/', $userAccount)->getEntity();
76
77	$sessionHash = hash('sha256', $workstation->authkey);
78	\App::$log->info('Login successful', [
79	'event' => 'auth_login_success',
80	'timestamp' => date('c'),
81	'username' => $userAccount->id,
82	'hashed_session_token' => $sessionHash,
83	'application' => 'zmsadmin'
84	]);
85
86	return $workstation;
87	} catch (\BO\Zmsclient\Exception $exception) {
88	$template = Helper\TwigExceptionHandler::getExceptionTemplate($exception);
89	if ('BO\Zmsentities\Exception\SchemaValidation' == $exception->template) {
90	$exceptionData = [
91	'template' => 'exception/bo/zmsapi/exception/useraccount/invalidcredentials.twig'
92	];
93	$exceptionData['data']['password']['messages'] = [
94	'Der Nutzername oder das Passwort wurden falsch eingegeben'
95	];
96	\App::$log->info('Login failed - invalid credentials', [
97	'event' => 'auth_login_failed',
98	'timestamp' => date('c'),
99	'username' => $userAccount->id,
100	'error_type' => 'invalid_credentials',
101	'application' => 'zmsadmin'
102	]);
103	} elseif ('BO\Zmsapi\Exception\Useraccount\UserAlreadyLoggedIn' == $exception->template) {
104	\BO\Zmsclient\Auth::setKey($exception->data['authkey'], time() + \App::SESSION_DURATION);
105	\App::$log->info('User already logged in - reusing existing session', [
106	'event' => 'auth_session_reuse',
107	'timestamp' => date('c'),
108	'username' => $userAccount->id,
109	'hashed_session_token' => hash('sha256', $exception->data['authkey']),
110	'application' => 'zmsadmin'
111	]);
112	throw $exception;
113	} elseif (
114	'' != $exception->template
115	&& \App::$slim->getContainer()->get('view')->getLoader()->exists($template)
116	) {
117	$exceptionData = [
118	'template' => $template,
119	'data' => $exception->data
120	];
121	\App::$log->info('Login failed - other error', [
122	'event' => 'auth_login_failed',
123	'timestamp' => date('c'),
124	'username' => $userAccount->id,
125	'error_type' => 'other',
126	'error_message' => $exception->getMessage(),
127	'application' => 'zmsadmin'
128	]);
129	} else {
130	throw $exception;
131	}
132	}
133	return $exceptionData;
134	}
135
136	protected function getProviderList($config)
137	{
138	$allowedProviderList = explode(',', $config->getPreference('oidc', 'provider') ?? '');
139	$oidcproviderlist = [];
140	foreach (\BO\Slim\Middleware\OAuthMiddleware::$authInstances as $provider => $authInstance) {
141	if (
142	0 < count($allowedProviderList) &&
143	class_exists($authInstance) &&
144	in_array($provider, $allowedProviderList)
145	) {
146	$oidcproviderlist[] = $provider;
147	}
148	}
149	return $oidcproviderlist;
150	}
151	}