class PhpAuthTagger

Defined in:

tagger/framework_taggers/php/php_auth.cr

Constant Summary

CAKEPHP_PATTERNS = [{/\$this->Authentication->/, "CakePHP Authentication component"}, {/\$this->Authorization->authorize/, "CakePHP Authorization"}, {/\$this->loadComponent\s*\(\s*['"]Authentication['"]/, "CakePHP Authentication component"}]

CakePHP auth patterns

GENERIC_PATTERNS = [{/session_start\s*\(\).*\$_SESSION\[['"]user/, "PHP session auth"}, {/\$_SERVER\[['"]PHP_AUTH_USER['"]/, "PHP HTTP Basic Auth"}]

Generic PHP auth patterns

LARAVEL_AUTH_CHECKS = [{/Gate::allows\s*\(/, "Laravel Gate authorization"}, {/Gate::authorize\s*\(/, "Laravel Gate authorization"}, {/\$this->authorize\s*\(/, "Laravel Policy authorization"}, {/auth\(\)->check\(\)/, "Laravel auth check"}, {/Auth::check\(\)/, "Laravel Auth::check"}, {/\$request->user\(\)/, "Laravel request user check"}]

Laravel Gate/Policy checks in action body

LARAVEL_CONTROLLER_MIDDLEWARE = [{/\$this->middleware\s*\(\s*['"]auth['"]/, "Laravel controller auth middleware"}, {/\$this->middleware\s*\(\s*['"]auth:/, "Laravel controller auth middleware"}, {/\$this->authorizeResource\s*\(/, "Laravel authorizeResource"}]

Laravel controller middleware

LARAVEL_ROUTE_MIDDLEWARE = [{/->middleware\s*\(\s*['"]auth['"]/, "Laravel auth middleware"}, {/->middleware\s*\(\s*['"]auth:api['"]/, "Laravel auth:api middleware"}, {/->middleware\s*\(\s*['"]auth:sanctum['"]/, "Laravel Sanctum auth"}, {/->middleware\s*\(\s*['"]auth:web['"]/, "Laravel web auth"}, {/->middleware\s*\(\s*['"]verified['"]/, "Laravel verified middleware"}, {/->middleware\s*\(\s*\[.*['"]auth['"]/, "Laravel auth middleware"}]

Laravel middleware patterns

SYMFONY_PATTERNS = [{/#\[IsGranted\s*\(/, "Symfony #[IsGranted]"}, {/#\[Security\s*\(/, "Symfony #[Security]"}, {/@Security\s*\(/, "Symfony @Security annotation"}, {/@IsGranted\s*\(/, "Symfony @IsGranted annotation"}, {/\$this->denyAccessUnlessGranted\s*\(/, "Symfony denyAccessUnlessGranted"}, {/\$this->isGranted\s*\(/, "Symfony isGranted check"}]

Symfony security attributes/annotations

Constructors

Class Method Summary

Instance Method Summary

Instance methods inherited from class FrameworkTagger

read_file(path : String) : String | Nil read_file, read_source_context(endpoint : Endpoint) : Array(SourceContext) read_source_context

Constructor methods inherited from class FrameworkTagger

new(options : Hash(String, YAML::Any)) new

Class methods inherited from class FrameworkTagger

target_techs : Array(String) target_techs

Instance methods inherited from module FileHelper

all_files : Array(String) all_files, get_files_by_extension(extension : String) : Array(String) get_files_by_extension, get_files_by_prefix(prefix : String) : Array(String) get_files_by_prefix, get_files_by_prefix_and_extension(prefix : String, extension : String) : Array(String) get_files_by_prefix_and_extension, get_public_dir_files(base_path : String, folder : String) : Array(String) get_public_dir_files, get_public_files(base_path : String) : Array(String) get_public_files, populate_channel_with_files(channel : Channel(String)) populate_channel_with_files, populate_channel_with_filtered_files(channel : Channel(String), extension : String)
populate_channel_with_filtered_files(channel : Channel(String), extensions : Array(String)) populate_channel_with_filtered_files

Instance methods inherited from class Tagger

name : String name, perform(endpoints : Array(Endpoint)) : Array(Endpoint) perform

Constructor methods inherited from class Tagger

new(options : Hash(String, YAML::Any)) new

Constructor Detail

def self.new(options : Hash(String, YAML::Any)) #

[View source]

Class Method Detail

def self.target_techs : Array(String) #

[View source]

Instance Method Detail

def perform(endpoints : Array(Endpoint)) : Array(Endpoint) #

[View source]