diff --git a/.travis.yml b/.travis.yml index be2759a8..f900228a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -21,7 +21,7 @@ install: script: - vendor/bin/phpunit --coverage-clover=coverage.clover - - vendor/bin/phpstan analyse -l 6 -c phpstan.neon src tests + - vendor/bin/phpstan analyse -l 7 -c phpstan.neon src tests after_script: - wget https://scrutinizer-ci.com/ocular.phar diff --git a/CHANGELOG.md b/CHANGELOG.md index 045e54e3..f5afa0ec 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ## [Unreleased] +### Changed +- Upgrade PHPStan checks to level 7 (PR #856) + ### Added - Added event emitters for issued access and refresh tokens (PR #860) - Can now use Defuse\Crypto\Key for encryption/decryption of keys which is faster than the Cryto class (PR #812) diff --git a/README.md b/README.md index b5326742..83fba1fb 100644 --- a/README.md +++ b/README.md @@ -54,7 +54,7 @@ The library uses [PHPUnit](https://phpunit.de/) for unit tests and [PHPStan](htt ``` vendor/bin/phpunit -vendor/bin/phpstan analyse -l 6 -c phpstan.neon src tests +vendor/bin/phpstan analyse -l 7 -c phpstan.neon src tests ``` ## Continous Integration diff --git a/phpstan.neon b/phpstan.neon index 88c21d40..5cd9d80d 100644 --- a/phpstan.neon +++ b/phpstan.neon @@ -3,3 +3,8 @@ includes: - vendor/phpstan/phpstan-phpunit/rules.neon - vendor/phpstan/phpstan-phpunit/strictRules.neon - vendor/phpstan/phpstan-strict-rules/rules.neon +services: + - + class: LeagueTests\PHPStan\AbstractGrantExtension + tags: + - phpstan.broker.dynamicMethodReturnTypeExtension diff --git a/src/Entities/AuthCodeEntityInterface.php b/src/Entities/AuthCodeEntityInterface.php index e71aa2c8..00e939c2 100644 --- a/src/Entities/AuthCodeEntityInterface.php +++ b/src/Entities/AuthCodeEntityInterface.php @@ -12,7 +12,7 @@ namespace League\OAuth2\Server\Entities; interface AuthCodeEntityInterface extends TokenInterface { /** - * @return string + * @return string|null */ public function getRedirectUri(); diff --git a/src/Entities/Traits/AuthCodeTrait.php b/src/Entities/Traits/AuthCodeTrait.php index 5bb9e306..542d3678 100644 --- a/src/Entities/Traits/AuthCodeTrait.php +++ b/src/Entities/Traits/AuthCodeTrait.php @@ -17,7 +17,7 @@ trait AuthCodeTrait protected $redirectUri; /** - * @return string + * @return string|null */ public function getRedirectUri() { diff --git a/src/Grant/AbstractGrant.php b/src/Grant/AbstractGrant.php index 304ba99b..79a1ac47 100644 --- a/src/Grant/AbstractGrant.php +++ b/src/Grant/AbstractGrant.php @@ -386,7 +386,7 @@ abstract class AbstractGrant implements GrantTypeInterface * @param \DateInterval $authCodeTTL * @param ClientEntityInterface $client * @param string $userIdentifier - * @param string $redirectUri + * @param string|null $redirectUri * @param ScopeEntityInterface[] $scopes * * @throws OAuthServerException @@ -407,7 +407,10 @@ abstract class AbstractGrant implements GrantTypeInterface $authCode->setExpiryDateTime((new \DateTime())->add($authCodeTTL)); $authCode->setClient($client); $authCode->setUserIdentifier($userIdentifier); - $authCode->setRedirectUri($redirectUri); + + if ($redirectUri !== null) { + $authCode->setRedirectUri($redirectUri); + } foreach ($scopes as $scope) { $authCode->addScope($scope); diff --git a/src/Grant/AuthCodeGrant.php b/src/Grant/AuthCodeGrant.php index daeb7849..80e1cd0f 100644 --- a/src/Grant/AuthCodeGrant.php +++ b/src/Grant/AuthCodeGrant.php @@ -276,7 +276,11 @@ class AuthCodeGrant extends AbstractAuthorizeGrant $authorizationRequest->setGrantTypeId($this->getIdentifier()); $authorizationRequest->setClient($client); $authorizationRequest->setRedirectUri($redirectUri); - $authorizationRequest->setState($stateParameter); + + if ($stateParameter !== null) { + $authorizationRequest->setState($stateParameter); + } + $authorizationRequest->setScopes($scopes); if ($this->enableCodeExchangeProof === true) { diff --git a/src/Grant/ImplicitGrant.php b/src/Grant/ImplicitGrant.php index 19e3e684..b4157883 100644 --- a/src/Grant/ImplicitGrant.php +++ b/src/Grant/ImplicitGrant.php @@ -177,7 +177,11 @@ class ImplicitGrant extends AbstractAuthorizeGrant $authorizationRequest->setGrantTypeId($this->getIdentifier()); $authorizationRequest->setClient($client); $authorizationRequest->setRedirectUri($redirectUri); - $authorizationRequest->setState($stateParameter); + + if ($stateParameter !== null) { + $authorizationRequest->setState($stateParameter); + } + $authorizationRequest->setScopes($finalizedScopes); return $authorizationRequest; diff --git a/src/RequestTypes/AuthorizationRequest.php b/src/RequestTypes/AuthorizationRequest.php index ce5a0034..5faa45d4 100644 --- a/src/RequestTypes/AuthorizationRequest.php +++ b/src/RequestTypes/AuthorizationRequest.php @@ -60,7 +60,7 @@ class AuthorizationRequest /** * The state parameter on the authorization request * - * @var string + * @var string|null */ protected $state; @@ -175,7 +175,7 @@ class AuthorizationRequest } /** - * @return string + * @return string|null */ public function getState() { diff --git a/tests/PHPStan/AbstractGrantExtension.php b/tests/PHPStan/AbstractGrantExtension.php new file mode 100644 index 00000000..51d77776 --- /dev/null +++ b/tests/PHPStan/AbstractGrantExtension.php @@ -0,0 +1,39 @@ +getName(), [ + 'getRequestParameter', + 'getQueryStringParameter', + 'getCookieParameter', + ], true); + } + + public function getTypeFromMethodCall(MethodReflection $methodReflection, MethodCall $methodCall, Scope $scope): Type + { + return TypeCombinator::union(...[ + new StringType(), + isset($methodCall->args[2]) ? $scope->getType($methodCall->args[2]->value) : new NullType(), + ]); + } +}