Code Coverage
 
Lines
Branches
Paths
Functions and Methods
Classes and Traits
Total
88.89%
8 / 9
80.00%
4 / 5
75.00%
3 / 4
66.67%
2 / 3
 CRAP
0.00%
0 / 1
AltchaService
88.89%
8 / 9
80.00%
4 / 5
75.00%
3 / 4
66.67%
2 / 3
 4.25
0.00%
0 / 1
 __construct
100.00%
1 / 1
100.00%
1 / 1
100.00%
1 / 1
100.00%
1 / 1
 1
 createChallenge
100.00%
5 / 5
100.00%
1 / 1
100.00%
1 / 1
100.00%
1 / 1
 1
 verifySolution
66.67%
2 / 3
66.67%
2 / 3
50.00%
1 / 2
0.00%
0 / 1
 2.50
1<?php
2
3namespace App\Security\Service;
4
5use AltchaOrg\Altcha\Altcha;
6use AltchaOrg\Altcha\Challenge;
7use AltchaOrg\Altcha\ChallengeOptions;
8use Symfony\Component\DependencyInjection\Attribute\Autowire;
9
10/**
11 * ALTCHA is fully disabled when ALTCHA_ENABLED=false
12 * This happens typically in e2e testing in CI/Staging
13 * In that case, backend verification is bypassed and frontend does not request challenges.
14 *
15 * @author Wilhelm Zwertvaegher
16 */
17class AltchaService implements AltchaServiceInterface
18{
19    public function __construct(
20        private readonly Altcha $altcha,
21        #[Autowire('%altcha.token_expiry_seconds%')]
22        private readonly int $altchaTokenExpirySeconds,
23        #[Autowire('%altcha.enabled%')]
24        private readonly bool $altchaEnabled,
25    ) {
26    }
27
28    public function createChallenge(): Challenge
29    {
30        // Create a new challenge
31        $options = new ChallengeOptions(
32            maxNumber: 50000, // the maximum random number
33            expires: new \DateTimeImmutable()->add(new \DateInterval(sprintf('PT%sS', $this->altchaTokenExpirySeconds))),
34        );
35
36        return $this->altcha->createChallenge($options);
37    }
38
39    public function verifySolution(string $data): bool
40    {
41        if (!$this->altchaEnabled) {
42            return true;
43        }
44
45        return $this->altcha->verifySolution($data);
46    }
47}