Skip to content

Commit

Permalink
Bump up Psalm to version 5, adjust annotations
Browse files Browse the repository at this point in the history
  • Loading branch information
scheb committed Aug 5, 2023
1 parent ac8ecc7 commit 5bd6698
Show file tree
Hide file tree
Showing 12 changed files with 52 additions and 18 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
fail-fast: false
matrix:
php-version:
- '8.0'
- '8.2'

steps:
- name: 'Checkout code'
Expand Down
2 changes: 1 addition & 1 deletion composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@
"squizlabs/php_codesniffer": "^3.5",
"symfony/mailer": "^5.4 || ^6.0",
"symfony/yaml": "^5.4 || ^6.0",
"vimeo/psalm": "^4.0"
"vimeo/psalm": "^5.0"
},
"autoload": {
"psr-4": {
Expand Down
3 changes: 3 additions & 0 deletions phpcs.xml.dist
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,9 @@
<!-- We actually want to use Yoda comparison -->
<exclude name="SlevomatCodingStandard.ControlStructures.DisallowYodaComparison"/>

<!-- Sometimes necessary to satisfy Psalm types -->
<exclude name="SlevomatCodingStandard.Commenting.InlineDocCommentDeclaration.MissingVariable"/>

<!-- We don't want this -->
<exclude name="Generic.Formatting.MultipleStatementAlignment"/>
</rule>
Expand Down
3 changes: 3 additions & 0 deletions psalm.xml
Original file line number Diff line number Diff line change
@@ -1,7 +1,10 @@
<?xml version="1.0"?>
<psalm
resolveFromConfigFile="true"
findUnusedBaselineEntry="false"
findUnusedCode="false"
errorLevel="2"
phpVersion="8.2"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="https://getpsalm.org/schema/config"
xsi:schemaLocation="https://getpsalm.org/schema/config vendor/vimeo/psalm/config.xsd"
Expand Down
26 changes: 14 additions & 12 deletions src/bundle/DependencyInjection/Configuration.php
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,8 @@ public function getConfigTreeBuilder(): TreeBuilder
$rootNode = $treeBuilder->getRootNode();

/**
* @psalm-suppress PossiblyNullReference
* @psalm-suppress PossiblyUndefinedMethod
* @psalm-suppress UndefinedMethod
* @psalm-suppress UndefinedInterfaceMethod
*/
$rootNode
->children()
Expand Down Expand Up @@ -56,9 +56,6 @@ public function getConfigTreeBuilder(): TreeBuilder
return $treeBuilder;
}

/**
* @psalm-suppress ArgumentTypeCoercion
*/
private function addExtraConfiguration(ArrayNodeDefinition $rootNode): void
{
$this->addTrustedDeviceConfiguration($rootNode);
Expand All @@ -75,14 +72,15 @@ private function addBackupCodeConfiguration(ArrayNodeDefinition $rootNode): void
}

/**
* @psalm-suppress UndefinedMethod
* @psalm-suppress UndefinedInterfaceMethod
* @psalm-suppress PossiblyNullReference
* @psalm-suppress PossiblyUndefinedMethod
*/
$rootNode
->children()
->arrayNode('backup_codes')
->canBeEnabled()
->children()
->canBeEnabled()
->children()
->scalarNode('enabled')->defaultValue(false)->end()
->scalarNode('manager')->defaultValue('scheb_two_factor.default_backup_code_manager')->end()
->end()
Expand All @@ -97,8 +95,9 @@ private function addTrustedDeviceConfiguration(ArrayNodeDefinition $rootNode): v
}

/**
* @psalm-suppress UndefinedMethod
* @psalm-suppress UndefinedInterfaceMethod
* @psalm-suppress PossiblyNullReference
* @psalm-suppress PossiblyUndefinedMethod
*/
$rootNode
->children()
Expand Down Expand Up @@ -133,8 +132,9 @@ private function addEmailConfiguration(ArrayNodeDefinition $rootNode): void
}

/**
* @psalm-suppress UndefinedMethod
* @psalm-suppress UndefinedInterfaceMethod
* @psalm-suppress PossiblyNullReference
* @psalm-suppress PossiblyUndefinedMethod
*/
$rootNode
->children()
Expand All @@ -161,8 +161,9 @@ private function addTotpConfiguration(ArrayNodeDefinition $rootNode): void
}

/**
* @psalm-suppress UndefinedMethod
* @psalm-suppress UndefinedInterfaceMethod
* @psalm-suppress PossiblyNullReference
* @psalm-suppress PossiblyUndefinedMethod
*/
$rootNode
->children()
Expand Down Expand Up @@ -190,8 +191,9 @@ private function addGoogleAuthenticatorConfiguration(ArrayNodeDefinition $rootNo
}

/**
* @psalm-suppress UndefinedMethod
* @psalm-suppress UndefinedInterfaceMethod
* @psalm-suppress PossiblyNullReference
* @psalm-suppress PossiblyUndefinedMethod
*/
$rootNode
->children()
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -67,8 +67,8 @@ public function addConfiguration(NodeDefinition $builder): void
assert($builder instanceof ParentNodeDefinitionInterface);

/**
* @psalm-suppress UndefinedInterfaceMethod
* @psalm-suppress PossiblyNullReference
* @psalm-suppress PossiblyUndefinedMethod
*/
$builder
->children()
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ public function vote(TokenInterface $token, mixed $subject, array $attributes):
}

// Compatibility for Symfony < 6.0
/** @psalm-suppress UndefinedConstant */
if (
defined(AuthenticatedVoter::class.'::IS_AUTHENTICATED_ANONYMOUSLY')
&& AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY === $attribute
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
use Scheb\TwoFactorBundle\Model\Google\TwoFactorInterface;
use function random_bytes;
use function str_replace;
use function strlen;

/**
* @final
Expand All @@ -16,6 +17,7 @@ class GoogleAuthenticator implements GoogleAuthenticatorInterface
{
public function __construct(
private GoogleTotpFactory $totpFactory,
/** @var 0|positive-int */
private int $window,
) {
}
Expand All @@ -24,7 +26,11 @@ public function checkCode(TwoFactorInterface $user, string $code): bool
{
// Strip any user added spaces
$code = str_replace(' ', '', $code);
if (0 === strlen($code)) {
return false;
}

/** @var non-empty-string $code */
return $this->totpFactory->createTotpForUser($user)->verify($code, null, $this->window);
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
use Scheb\TwoFactorBundle\Model\Totp\TwoFactorInterface;
use function random_bytes;
use function str_replace;
use function strlen;

/**
* @final
Expand All @@ -16,6 +17,7 @@ class TotpAuthenticator implements TotpAuthenticatorInterface
{
public function __construct(
private TotpFactory $totpFactory,
/** @var 0|positive-int */
private int $window,
) {
}
Expand All @@ -24,7 +26,11 @@ public function checkCode(TwoFactorInterface $user, string $code): bool
{
// Strip any user added spaces
$code = str_replace(' ', '', $code);
if (0 === strlen($code)) {
return false;
}

/** @var non-empty-string $code */
return $this->totpFactory->createTotpForUser($user)->verify($code, null, $this->window);
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,9 @@
use Lcobucci\JWT\Configuration;
use Lcobucci\JWT\Exception;
use Lcobucci\JWT\Token\Plain;
use Lcobucci\JWT\UnencryptedToken;
use Lcobucci\JWT\Validation\Constraint;
use function strlen;

/**
* @internal
Expand All @@ -30,7 +32,7 @@ public function __construct(private Configuration $configuration, ?Clock $clock
$this->clock = $clock ?? SystemClock::fromSystemTimezone();
}

public function generateToken(string $username, string $firewallName, int $version, DateTimeImmutable $validUntil): Plain
public function generateToken(string $username, string $firewallName, int $version, DateTimeImmutable $validUntil): UnencryptedToken
{
$builder = $this->configuration->builder()
->issuedAt($this->clock->now())
Expand All @@ -44,7 +46,12 @@ public function generateToken(string $username, string $firewallName, int $versi

public function decodeToken(string $encodedToken): ?Plain
{
if (0 === strlen($encodedToken)) {
return null;
}

try {
/** @var non-empty-string $encodedToken */
$token = $this->configuration->parser()->parse($encodedToken);
} catch (Exception) {
return null; // Could not decode token
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,14 @@
namespace Scheb\TwoFactorBundle\Security\TwoFactor\Trusted;

use DateTimeImmutable;
use Lcobucci\JWT\Token\Plain;
use Lcobucci\JWT\UnencryptedToken;

/**
* @final
*/
class TrustedDeviceToken
{
public function __construct(private Plain $jwtToken)
public function __construct(private UnencryptedToken $jwtToken)
{
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
use DateInterval;
use DateTimeImmutable;
use Lcobucci\JWT\Token\Plain;
use function strlen;

/**
* @final
Expand All @@ -29,6 +30,11 @@ public function generateToken(string $username, string $firewall, int $version):

public function decodeToken(string $trustedTokenEncoded): ?TrustedDeviceToken
{
if (0 === strlen($trustedTokenEncoded)) {
return null;
}

/** @var non-empty-string $trustedTokenEncoded */
$jwtToken = $this->jwtTokenEncoder->decodeToken($trustedTokenEncoded);
if (!$jwtToken instanceof Plain) {
return null;
Expand Down

0 comments on commit 5bd6698

Please sign in to comment.