Code Coverage for /__w/eappointment/eappointment/zmsstatistic/src/Zmsstatistic/Index.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	85.15% covered (warning)	85.15%	86 / 101	33.33% covered (danger)	33.33%	1 / 3	CRAP	0.00% covered (danger)	0.00%	0 / 1
Index	85.15% covered (warning)	85.15%	86 / 101	33.33% covered (danger)	33.33%	1 / 3	16.84	0.00% covered (danger)	0.00%	0 / 1
readResponse	100.00% covered (success)	100.00%	36 / 36	100.00% covered (success)	100.00%	1 / 1	5
testLogin	75.44% covered (warning)	75.44%	43 / 57	0.00% covered (danger)	0.00%	0 / 1	6.53
getProviderList	87.50% covered (warning)	87.50%	7 / 8	0.00% covered (danger)	0.00%	0 / 1	5.05

1	<?php
2
3	/**
4	* @package Zmsstatistic
5	* @copyright BerlinOnline Stadtportal GmbH & Co. KG
6	**/
7
8	namespace BO\Zmsstatistic;
9
10	use BO\Zmsentities\Workstation;
11
12	class Index extends BaseController
13	{
14	protected $withAccess = false;
15
16	/**
17	* @SuppressWarnings(Param)
18	* @return String
19	*/
20	public function readResponse(
21	\Psr\Http\Message\RequestInterface $request,
22	\Psr\Http\Message\ResponseInterface $response,
23	array $args
24	) {
25	try {
26	$workstation = \App::$http->readGetResult('/workstation/')->getEntity();
27	} catch (\Exception $workstationexception) {
28	$workstation = null;
29	}
30
31	$config = \App::$http->readGetResult('/config/', [], \App::CONFIG_SECURE_TOKEN)->getEntity();
32	$input = $request->getParsedBody();
33	$oidclogin = $request->getAttribute('validator')->getParameter('oidclogin')->isString()->getValue();
34	if ($request->getMethod() === 'POST') {
35	$loginData = $this->testLogin($input);
36	if ($loginData instanceof Workstation && $loginData->offsetExists('authkey')) {
37	\BO\Zmsclient\Auth::setKey($loginData->authkey);
38	return \BO\Slim\Render::redirect('workstationSelect', array(), array());
39	}
40
41	return \BO\Slim\Render::withHtml(
42	$response,
43	'page/index.twig',
44	array(
45	'title' => 'Anmeldung gescheitert',
46	'loginfailed' => true,
47	'workstation' => null,
48	'exception' => $loginData,
49	'oidcproviderlist' => $this->getProviderList($config),
50	'oidclogin' => $oidclogin,
51	'showloginform' => (! $oidclogin)
52	)
53	);
54	} else {
55	return \BO\Slim\Render::withHtml(
56	$response,
57	'page/index.twig',
58	array(
59	'title' => 'Anmeldung',
60	'config' => $config,
61	'workstation' => $workstation,
62	'oidcproviderlist' => $this->getProviderList($config),
63	'oidclogin' => $oidclogin,
64	'showloginform' => (! $oidclogin)
65	)
66	);
67	}
68	}
69
70	protected function testLogin($input)
71	{
72	$userAccount = new \BO\Zmsentities\Useraccount(array(
73	'id' => $input['loginName'],
74	'password' => $input['password'],
75	'departments' => array('id' => 0) // required in schema validation
76	));
77	try {
78	/** @var \BO\Zmsentities\Workstation $workstation */
79	$workstation = \App::$http->readPostResult('/workstation/login/', $userAccount)->getEntity();
80
81	$sessionHash = hash('sha256', $workstation->authkey);
82	\App::$log->info('Login successful', [
83	'event' => 'auth_login_success',
84	'timestamp' => date('c'),
85	'username' => $userAccount->id,
86	'hashed_session_token' => $sessionHash,
87	'application' => 'zmsstatistic'
88	]);
89
90	return $workstation;
91	} catch (\BO\Zmsclient\Exception $exception) {
92	$template = Helper\TwigExceptionHandler::getExceptionTemplate($exception);
93	if ('BO\Zmsentities\Exception\SchemaValidation' == $exception->template) {
94	$exceptionData = [
95	'template' => 'exception/bo/zmsapi/exception/useraccount/invalidcredentials.twig'
96	];
97	$exceptionData['data']['password']['messages'] = [
98	'Der Nutzername oder das Passwort wurden falsch eingegeben'
99	];
100	\App::$log->info('Login failed - invalid credentials', [
101	'event' => 'auth_login_failed',
102	'timestamp' => date('c'),
103	'username' => $userAccount->id,
104	'error_type' => 'invalid_credentials',
105	'application' => 'zmsstatistic'
106	]);
107	} elseif ('BO\Zmsapi\Exception\Useraccount\UserAlreadyLoggedIn' == $exception->template) {
108	\BO\Zmsclient\Auth::setKey($exception->data['authkey'], time() + \App::SESSION_DURATION);
109	\App::$log->info('User already logged in - reusing existing session', [
110	'event' => 'auth_session_reuse',
111	'timestamp' => date('c'),
112	'username' => $userAccount->id,
113	'hashed_session_token' => hash('sha256', $exception->data['authkey']),
114	'application' => 'zmsstatistic'
115	]);
116	throw $exception;
117	} elseif (
118	'' != $exception->template
119	&& \App::$slim->getContainer()->get('view')->getLoader()->exists($template)
120	) {
121	$exceptionData = [
122	'template' => $template,
123	'data' => $exception->data
124	];
125	\App::$log->info('Login failed - other error', [
126	'event' => 'auth_login_failed',
127	'timestamp' => date('c'),
128	'username' => $userAccount->id,
129	'error_type' => 'other',
130	'error_message' => $exception->getMessage(),
131	'application' => 'zmsstatistic'
132	]);
133	} else {
134	throw $exception;
135	}
136	}
137	return $exceptionData;
138	}
139	protected function getProviderList($config)
140	{
141	$allowedProviderList = explode(',', $config->getPreference('oidc', 'provider') ?? '');
142	$oidcproviderlist = [];
143	foreach (\BO\Slim\Middleware\OAuthMiddleware::$authInstances as $provider => $authInstance) {
144	if (
145	0 < count($allowedProviderList) &&
146	class_exists($authInstance) &&
147	in_array($provider, $allowedProviderList)
148	) {
149	$oidcproviderlist[] = $provider;
150	}
151	}
152	return $oidcproviderlist;
153	}
154	}