From a5273bd127e1a2c2f5c823621a649f127e8d36d6 Mon Sep 17 00:00:00 2001 From: Santhosh Raju Date: Mon, 23 Dec 2024 19:08:39 +0100 Subject: [PATCH 1/2] Fix more lint issues. --- src/Config/ConfigInterface.php | 2 +- src/Config/HelloConfig.php | 8 ++++---- src/Config/HelloConfigBuilder.php | 4 ++-- src/Handler/Callback.php | 1 + src/Handler/Login.php | 2 +- src/Lib/AuthHelper.php | 3 ++- src/Lib/Crypto.php | 4 ++-- src/Lib/TokenFetcher.php | 8 +++++++- src/Type/OIDC.php | 2 +- tests/Lib/TokenFetcherTest.php | 1 + 10 files changed, 22 insertions(+), 13 deletions(-) diff --git a/src/Config/ConfigInterface.php b/src/Config/ConfigInterface.php index 921d25b..021def6 100644 --- a/src/Config/ConfigInterface.php +++ b/src/Config/ConfigInterface.php @@ -28,6 +28,6 @@ public function getHost(): string; public function getRedirectURI(): ?string; public function getHelloDomain(): string; public function getHelloWallet(): ?string; - public function getSecret(): ?string; + public function getSecret(): string; public function getLogDebug(): ?bool; } diff --git a/src/Config/HelloConfig.php b/src/Config/HelloConfig.php index fd04895..bac88ed 100644 --- a/src/Config/HelloConfig.php +++ b/src/Config/HelloConfig.php @@ -15,7 +15,7 @@ class HelloConfig implements ConfigInterface private string $helloDomain; private ?string $helloWallet = null; private string $host; - private ?string $secret = null; + private string $secret; private ?bool $logDebug = null; /** @var array|null */ private ?array $error = null; @@ -42,7 +42,7 @@ class HelloConfig implements ConfigInterface * @param string|null $clientId * @param string|null $redirectURI * @param string $host - * @param string|null $secret + * @param string $secret * @param callable|null $loginSync * @param callable|null $logoutSync * @param array $cookies @@ -65,7 +65,7 @@ public function __construct( ?string $clientId = null, ?string $redirectURI = null, string $host = '', - ?string $secret = null, + string $secret = '', ?callable $loginSync = null, ?callable $logoutSync = null, array $cookies = [ @@ -219,7 +219,7 @@ public function getHelloWallet(): ?string return $this->helloWallet; } - public function getSecret(): ?string + public function getSecret(): string { return $this->secret; } diff --git a/src/Config/HelloConfigBuilder.php b/src/Config/HelloConfigBuilder.php index 1266a4d..4f82296 100644 --- a/src/Config/HelloConfigBuilder.php +++ b/src/Config/HelloConfigBuilder.php @@ -12,7 +12,7 @@ class HelloConfigBuilder private ?string $clientId = null; private ?string $redirectURI = null; private string $host = ''; - private ?string $secret = null; + private string $secret = ''; /** @var array */ private array $cookies = [ 'authName' => 'hellocoop_auth', @@ -88,7 +88,7 @@ public function setHost(string $host): self return $this; } - public function setSecret(?string $secret): self + public function setSecret(string $secret): self { $this->secret = $secret; return $this; diff --git a/src/Handler/Callback.php b/src/Handler/Callback.php index b7b7f1f..34a33d1 100644 --- a/src/Handler/Callback.php +++ b/src/Handler/Callback.php @@ -145,6 +145,7 @@ public function handleCallback(): ?string 'client_id' => $this->config->getClientId() ]); + /** @var array $payload */ $payload = $this->getTokenParser()->parseToken($token)['payload']; if ($payload['aud'] != $this->config->getClientId()) { diff --git a/src/Handler/Login.php b/src/Handler/Login.php index 753da61..62ebdaa 100644 --- a/src/Handler/Login.php +++ b/src/Handler/Login.php @@ -127,6 +127,6 @@ public function generateLoginUrl(): ?string 'target_uri' => $params['target_uri'], ])); - return is_string($authResponse['url']) ? $authResponse['url'] : null; + return $authResponse['url']; } } diff --git a/src/Lib/AuthHelper.php b/src/Lib/AuthHelper.php index 43f3a5c..8fa02d6 100644 --- a/src/Lib/AuthHelper.php +++ b/src/Lib/AuthHelper.php @@ -17,7 +17,7 @@ public function __construct(PKCE $pkce) /** * @param array $config - * @return array + * @return array */ public function createAuthRequest(array $config): array { @@ -43,6 +43,7 @@ public function createAuthRequest(array $config): array $scopes = implode(' ', array_unique(array_merge($scopes, ['openid']))); } + /** @var string $nonce */ $nonce = $config['nonce'] ?? $this->generateUuid(); // Prepare parameters $params = [ diff --git a/src/Lib/Crypto.php b/src/Lib/Crypto.php index 66da349..a3f614c 100644 --- a/src/Lib/Crypto.php +++ b/src/Lib/Crypto.php @@ -47,7 +47,7 @@ public function encrypt(array $data): string } /** - * @return array|null + * @return array|null * @throws DecryptionFailedException */ public function decrypt(string $encryptedStr): ?array @@ -65,7 +65,7 @@ public function decrypt(string $encryptedStr): ?array throw new DecryptionFailedException(); } - /** @var array|null $jsonData */ + /** @var array|null $jsonData */ $jsonData = json_decode($decryptedData, true); return $jsonData; } catch (Exception $e) { diff --git a/src/Lib/TokenFetcher.php b/src/Lib/TokenFetcher.php index 601dc16..1b31586 100644 --- a/src/Lib/TokenFetcher.php +++ b/src/Lib/TokenFetcher.php @@ -42,14 +42,20 @@ public function fetchToken(array $config): string try { $ch = $this->curl->init($tokenEndpoint); + if (!$ch) { + throw new \Exception('Curl error: initializing ' . $tokenEndpoint); + } + $this->curl->setOpt($ch, CURLOPT_POST, true); $this->curl->setOpt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/x-www-form-urlencoded']); $this->curl->setOpt($ch, CURLOPT_POSTFIELDS, $body); $this->curl->setOpt($ch, CURLOPT_RETURNTRANSFER, true); + /** @var string $response */ $response = $this->curl->exec($ch); - $httpCode = $this->curl->getInfo($ch, CURLINFO_HTTP_CODE); + /** @var int $httpCode */ + $httpCode = $this->curl->getInfo($ch, CURLINFO_HTTP_CODE); if ($this->curl->error($ch)) { throw new \Exception('Curl error: ' . $this->curl->error($ch)); } diff --git a/src/Type/OIDC.php b/src/Type/OIDC.php index 06c6c73..92fbfe2 100644 --- a/src/Type/OIDC.php +++ b/src/Type/OIDC.php @@ -20,7 +20,7 @@ public function __construct(string $codeVerifier, string $nonce, string $redirec } /** - * @param array $data + * @param array $data * @return self */ public static function fromArray(array $data): self diff --git a/tests/Lib/TokenFetcherTest.php b/tests/Lib/TokenFetcherTest.php index df86e77..2bdaef7 100644 --- a/tests/Lib/TokenFetcherTest.php +++ b/tests/Lib/TokenFetcherTest.php @@ -33,6 +33,7 @@ public function testFetchTokenSuccess(): void public function testFetchTokenErrorResponse(): void { $curlMock = $this->createMock(CurlWrapper::class); + $curlMock->method('init')->willReturn(json_encode(['error' => 'mock_error'])); $curlMock->method('exec')->willReturn(json_encode(['error' => 'mock_error'])); $curlMock->method('getInfo')->willReturn(400); From e6f25f47553b5503481dda5aa74a38cead8cca2c Mon Sep 17 00:00:00 2001 From: Santhosh Raju Date: Mon, 23 Dec 2024 19:41:55 +0100 Subject: [PATCH 2/2] Fix lint issues in src. --- src/Exception/CallbackException.php | 6 +++--- src/Handler/Auth.php | 4 ++-- src/Handler/Callback.php | 24 +++++++++------------- src/Handler/Login.php | 2 +- src/HelloClient.php | 17 ++++++++++++--- src/HelloRequest/HelloRequest.php | 4 ++-- src/HelloRequest/HelloRequestInterface.php | 4 ++-- 7 files changed, 34 insertions(+), 27 deletions(-) diff --git a/src/Exception/CallbackException.php b/src/Exception/CallbackException.php index 840e6a7..9142f3f 100644 --- a/src/Exception/CallbackException.php +++ b/src/Exception/CallbackException.php @@ -7,11 +7,11 @@ class CallbackException extends Exception { - /** @var array */ + /** @var array */ private array $errorDetails; /** - * @param array $errorDetails + * @param array $errorDetails * @param string $message * @param int $code * @param Throwable|null $previous @@ -27,7 +27,7 @@ public function __construct( } /** - * @return array + * @return array */ public function getErrorDetails(): array { diff --git a/src/Handler/Auth.php b/src/Handler/Auth.php index 8a28473..08f07f1 100644 --- a/src/Handler/Auth.php +++ b/src/Handler/Auth.php @@ -35,12 +35,12 @@ private function getAuthLib(): AuthLib ); } - public function handleAuth(): ?AuthType + public function handleAuth(): AuthType { return $this->getAuthLib()->getAuthfromCookies(); } - public function updateAuth(AuthUpdates $authUpdates): ?AuthType + public function updateAuth(AuthUpdates $authUpdates): AuthType { $auth = $this->getAuthLib()->getAuthfromCookies(); if ($auth->isLoggedIn === false) { diff --git a/src/Handler/Callback.php b/src/Handler/Callback.php index 34a33d1..6fc2d15 100644 --- a/src/Handler/Callback.php +++ b/src/Handler/Callback.php @@ -71,7 +71,7 @@ private function getTokenParser(): TokenParser return $this->tokenParser ??= new TokenParser(); } - public function handleCallback(): ?string + public function handleCallback(): string { try { $params = $this->helloRequest->fetchMultiple([ @@ -82,10 +82,13 @@ public function handleCallback(): ?string 'app_name' ]); + /** @var string $code */ $code = $params['code'] ?? null; $error = $params['error'] ?? null; $sameSite = $params['same_site'] ?? null; + /** @var string $code */ $wildcardDomain = $params['wildcard_domain'] ?? null; + /** @var string $code */ $appName = $params['app_name'] ?? null; if ($this->config->getSameSiteStrict() && !$sameSite) { @@ -103,8 +106,10 @@ public function handleCallback(): ?string } $codeVerifier = $oidcState['code_verifier'] ?? null; - $targetUri = $oidcState['target_uri'] ?? null; - $redirectUri = $oidcState['redirect_uri'] ?? null; + /** @var string $targetUri */ + $targetUri = $oidcState['target_uri'] ?? ''; + /** @var string $redirectUri */ + $redirectUri = $oidcState['redirect_uri'] ?? ''; $nonce = $oidcState['nonce'] ?? null; if ($error) { @@ -119,14 +124,6 @@ public function handleCallback(): ?string ], 'Missing code parameter in callback request.'); } - if (is_array($code)) { - return $this->sendErrorPage([ - 'error' => 'invalid_request', - 'error_description' => 'Received more than one code', - 'target_uri' => $targetUri, - ], 'Received multiple codes in callback request.'); - } - if (!$codeVerifier) { return $this->sendErrorPage([ 'error' => 'invalid_request', @@ -230,11 +227,10 @@ public function handleCallback(): ?string if ($wildcardDomain) { // the redirect_uri is not registered at Hellō - prompt to add - $appName = is_array($appName) ? $appName[0] : $appName; $appName = $appName ?: 'Your App'; // Default to 'Your App' if $appName is empty $queryParams = [ - 'uri' => is_array($wildcardDomain) ? $wildcardDomain[0] : $wildcardDomain, + 'uri' => $wildcardDomain, 'appName' => $appName, 'redirectURI' => $redirectUri, 'targetURI' => $targetUri, @@ -266,7 +262,7 @@ public function handleCallback(): ?string * Uses the target URI from error details or a fallback error route. Updates the query * string with error information. Throws an exception if no error URI is available. * - * @param array $error Error details including 'target_uri', 'error', and 'error_description'. + * @param array $error Error details including 'target_uri', 'error', and 'error_description'. * @param string $errorMessage A message describing the error. * @param Throwable|null $previous Previous exception for chaining (optional). * diff --git a/src/Handler/Login.php b/src/Handler/Login.php index 62ebdaa..bc1557b 100644 --- a/src/Handler/Login.php +++ b/src/Handler/Login.php @@ -64,7 +64,7 @@ private function getAuthHelper(): AuthHelper /** * @throws CryptoFailedException|InvalidSecretException */ - public function generateLoginUrl(): ?string + public function generateLoginUrl(): string { $params = $this->helloRequest->fetchMultiple([ 'provider_hint', diff --git a/src/HelloClient.php b/src/HelloClient.php index 2465754..3da3253 100644 --- a/src/HelloClient.php +++ b/src/HelloClient.php @@ -95,24 +95,28 @@ private function getLoginHandler(): Login */ public function getAuth(): array { - return $this->getAuthHandler()->handleAuth() ? $this->getAuthHandler()->handleAuth()->toArray() : []; + return$this->getAuthHandler()->handleAuth()->toArray(); } /** - * @throws InvalidSecretException - * @throws CryptoFailedException + * @return mixed|null + * @throws CryptoFailedException | InvalidSecretException */ private function handleLogin() { return $this->helloResponse->redirect($this->getLoginHandler()->generateLoginUrl()); } + /** + * @return mixed|null + */ private function handleLogout() { return $this->helloResponse->redirect($this->getLogoutHandler()->generateLogoutUrl()); } /** + * @return mixed|null * @throws Exception */ private function handleInvite() @@ -128,6 +132,9 @@ private function handleAuth(): string return $this->helloResponse->json($this->getAuthHandler()->handleAuth()->toArray()); } + /** + * @return mixed|string|null + */ private function handleCallback() { try { @@ -144,6 +151,10 @@ private function handleCallback() } } + /** + * @return mixed|string|void|null + * @throws CryptoFailedException | InvalidSecretException + */ public function route() { if (in_array($this->helloRequest->getMethod(), ["POST", "GET"]) === false) { diff --git a/src/HelloRequest/HelloRequest.php b/src/HelloRequest/HelloRequest.php index 3630083..2c68f2d 100644 --- a/src/HelloRequest/HelloRequest.php +++ b/src/HelloRequest/HelloRequest.php @@ -13,7 +13,7 @@ class HelloRequest implements HelloRequestInterface * @param string|null $default Default value if the key is not found. * @return string|null The value of the parameter or default. */ - public function fetch(string $key, string $default = null): ?string + public function fetch(string $key, ?string $default = null): ?string { // First check GET, then POST if not found. return $_GET[$key] ?? $_POST[$key] ?? $default; @@ -41,7 +41,7 @@ public function fetchMultiple(array $keys): array * @param string|null $default Default value if the key is not found. * @return string|null The value of the header or default. */ - public function fetchHeader(string $key, string $default = null): ?string + public function fetchHeader(string $key, ?string $default = null): ?string { $headers = $this->getAllHeaders(); $normalizedKey = strtolower($key); diff --git a/src/HelloRequest/HelloRequestInterface.php b/src/HelloRequest/HelloRequestInterface.php index f073b83..e26da27 100644 --- a/src/HelloRequest/HelloRequestInterface.php +++ b/src/HelloRequest/HelloRequestInterface.php @@ -11,7 +11,7 @@ interface HelloRequestInterface * @param string|null $default Default value if the key is not found. * @return string|null The value of the parameter or default. */ - public function fetch(string $key, string $default = null): ?string; + public function fetch(string $key, ?string $default = null): ?string; /** * Fetch multiple parameters by keys from either GET or POST data. @@ -28,7 +28,7 @@ public function fetchMultiple(array $keys): array; * @param string|null $default Default value if the key is not found. * @return string|null The value of the header or default. */ - public function fetchHeader(string $key, string $default = null): ?string; + public function fetchHeader(string $key, ?string $default = null): ?string; /** * Fetch a cookie value by name.