public function callbackAction()

in pp3/module/Application/src/Application/Controller/LoginController.php [106:225]

• 103 lines of code
• 19 McCabe index (conditional complexity)

    public function callbackAction() {
        $response = $this->getResponse();
        $response->getHeaders()->addHeaderLine('Content-Type', 'application/json');

        $parameters = $this->params()->fromQuery();
        $state = $this->params()->fromQuery('state');
        $code = $this->params()->fromQuery('code');

        if((!array_key_exists('oauthState', $_SESSION)) || $_SESSION['oauthState'] != $state) {
            error_log('Invalid / no state was transfered - received: ' . json_encode($parameters));
            $response->setStatusCode(400);
            $response->setContent(json_encode(array('success' => false, 'reason' => 'INVALID_STATE')));
            return $response;
        }

        $loginConfig = $this->findLoginConfig($_SESSION['oauthConfig']);

        if (!$loginConfig) {
            error_log("Login Config was not found for: " . $_SESSION['oauthConfig'] . " received: " . json_encode($parameters));
            $response->setStatusCode(400);
            $response->setContent(json_encode(array('success' => false, 'reason' => 'INVALID_LOGIN_CONFIG')));
            return $response;
        }

        if($loginConfig['type'] == 'apache') {
            $queryProfileResult = file_get_contents("https://oauth.apache.org/token?code=" . $_GET['code'], false, stream_context_create([
                'http' => [
                    'header' => ['Accept: application/json', 'User-Agent: Netbeans Plugin Portal'],
                    "ignore_errors" => true,
                ]
            ]));
        } else {
            $tokenRequest = self::tokenRequest($code, $loginConfig);
            $queryTokenResult = file_get_contents(self::tokenUrlFromType($loginConfig['type']), false, stream_context_create([
                'http' => [
                    'method' => 'POST',
                    'header' => ["Content-type: application/json", "Accept: application/json"],
                    'content' => json_encode($tokenRequest)
                ]
            ]));

            if(!$queryTokenResult) {
                error_log("Empty response");
                $response->setStatusCode(500);
                $response->setContent(json_encode(array('success' => false, 'reason' => 'INVALID_TOKEN')));
                return $response;
            }

            $tokenData = json_decode($queryTokenResult, true);

            if((! $tokenData) || (! $tokenData['access_token']) || (strtolower($tokenData['token_type']) != 'bearer')) {
                error_log("Failed to decode token data: " . $queryTokenResult);
                $response->setStatusCode(500);
                $response->setContent(json_encode(array('success' => false, 'reason' => 'INVALID_TOKEN')));
                return $response;
            }

            $queryProfileResult = file_get_contents(self::profileUrlFromType($loginConfig['type']), false, stream_context_create([
                'http' => [
                    'header' => ['Accept: application/json', 'Authorization: Bearer ' . $tokenData['access_token'], 'User-Agent: Netbeans Plugin Portal'],
                    "ignore_errors" => true,
                ]
            ]));
        }

        $userinfo = $this->extractUserInfo($loginConfig['type'], $loginConfig['id'], $queryProfileResult, $_SESSION['oauthState']);

        if($userinfo == null) {
            error_log("Failed to parse: " . $queryProfileResult);
            $response->setStatusCode(500);
            $response->setContent(json_encode(array('success' => false, 'reason' => 'INVALID_USERINFO')));
            return $response;
        }

        if(!$userinfo['email']) {
            $emailQueryUrl = self::emailQueryUrl($loginConfig['type']);
            if ($emailQueryUrl) {
                $queryEmailResult = file_get_contents($emailQueryUrl, false, stream_context_create([
                    'http' => [
                        'header' => ['Accept: application/json', 'Authorization: Bearer ' . $tokenData['access_token'], 'User-Agent: Netbeans Plugin Portal'],
                        "ignore_errors" => true,
                    ]
                ]));
                $queryEmail = json_decode($queryEmailResult, true);
                foreach($queryEmail as $emailInfo) {
                    if(array_key_exists('email', $emailInfo) && $emailInfo['email']) {
                        $userinfo['email'] = $emailInfo['email'];
                        break;
                    }
                }
            }

            if (!$userinfo['email']) {
                error_log("Userinfo did not contain email");
                $response->setStatusCode(500);
                $response->setContent(json_encode(array('success' => false, 'reason' => 'NO_EMAIL')));
                return $response;
            }
        }

        $user = $this->_userRepository->findByIdpData($userinfo['providerId'], $userinfo['id']);
        if($user == null) {
            $user = new User();
        }

        $user->setEmail($userinfo['email']);
        $user->setIdpProviderId($userinfo['providerId']);
        $user->setIdpUserId($userinfo['id']);
        $user->setName($userinfo['name']);
        $this->_userRepository->persist($user);

        $_SESSION['sessionUserId'] = $user->getId();
        $_SESSION['sessionUserEmail'] = $user->getEmail();
        $_SESSION['sessionIdpProviderId'] = $user->getIdpProviderId();
        $_SESSION['sessionUserName'] = $user->getName();
        $_SESSION['isVerifier'] = $user->isVerifier() || $userinfo['committer'];
        $_SESSION['isAdmin'] = $user->isAdmin() || $userinfo['pmc'];

        return $this->redirect()->toRoute("home");
    }