From b669962fe91e4e914b9b29903e54822ea27c3a2f Mon Sep 17 00:00:00 2001 From: "Israel J. Carberry" Date: Tue, 26 Oct 2021 07:51:03 -0500 Subject: [PATCH 01/18] Support authentication manager --- .../Security/Factory/OAuthFactory.php | 19 +++++- .../Security/Factory/OAuthFactoryTest.php | 58 +++++++++++++++++++ 2 files changed, 76 insertions(+), 1 deletion(-) diff --git a/DependencyInjection/Security/Factory/OAuthFactory.php b/DependencyInjection/Security/Factory/OAuthFactory.php index c638bcc3..3a54521a 100644 --- a/DependencyInjection/Security/Factory/OAuthFactory.php +++ b/DependencyInjection/Security/Factory/OAuthFactory.php @@ -13,6 +13,7 @@ namespace FOS\OAuthServerBundle\DependencyInjection\Security\Factory; +use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\AuthenticatorFactoryInterface; use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\SecurityFactoryInterface; use Symfony\Component\Config\Definition\Builder\NodeDefinition; use Symfony\Component\DependencyInjection\ChildDefinition; @@ -24,8 +25,24 @@ * * @author Arnaud Le Blanc */ -class OAuthFactory implements SecurityFactoryInterface +class OAuthFactory implements AuthenticatorFactoryInterface, SecurityFactoryInterface { + /** + * {@inheritdoc} + */ + public function createAuthenticator(ContainerBuilder $container, string $id, array $config, string $userProviderId) + { + $providerId = 'fos_oauth_server.security.authentication.provider.'.$id; + $container + ->setDefinition($providerId, new ChildDefinition('fos_oauth_server.security.authentication.provider')) + ->replaceArgument(0, new Reference($userProviderId)) + ->replaceArgument(1, new Reference('security.user_checker.'.$id)) + ->replaceArgument(2, $id) + ; + + return $providerId; + } + /** * {@inheritdoc} */ diff --git a/Tests/DependencyInjection/Security/Factory/OAuthFactoryTest.php b/Tests/DependencyInjection/Security/Factory/OAuthFactoryTest.php index 301e1712..feb81fc0 100644 --- a/Tests/DependencyInjection/Security/Factory/OAuthFactoryTest.php +++ b/Tests/DependencyInjection/Security/Factory/OAuthFactoryTest.php @@ -113,6 +113,64 @@ public function testCreate(): void ], $this->instance->create($container, $id, $config, $userProvider, $defaultEntryPoint)); } + public function testCreateAuthenticator(): void + { + $container = $this->getMockBuilder(ContainerBuilder::class) + ->disableOriginalConstructor() + ->setMethods([ + 'setDefinition', + ]) + ->getMock() + ; + $id = '12'; + $config = []; + $userProvider = 'mock.user.provider.service'; + + $definition = $this->getMockBuilder(Definition::class) + ->disableOriginalConstructor() + ->getMock() + ; + + $container + ->expects($this->once()) + ->method('setDefinition') + ->with( + 'fos_oauth_server.security.authentication.provider.'.$id, + new ChildDefinition('fos_oauth_server.security.authentication.provider') + ) + ->will($this->returnValue($definition)) + ; + + $definition + ->expects($this->exactly(3)) + ->method('replaceArgument') + ->withConsecutive( + [ + 0, + new Reference($userProvider), + ], + [ + 1, + new Reference('security.user_checker.'.$id), + ], + [ + 2, + $id, + ] + ) + ->willReturnOnConsecutiveCalls( + $definition, + $definition, + $definition + ) + ; + + $this->assertSame( + 'fos_oauth_server.security.authentication.provider.'.$id, + $this->instance->createAuthenticator($container, $id, $config, $userProvider) + ); + } + public function testAddConfigurationDoesNothing(): void { $nodeDefinition = $this->getMockBuilder(NodeDefinition::class) From 68851da9c31faffadfad7d2d86eeb6ff29ae211b Mon Sep 17 00:00:00 2001 From: "Israel J. Carberry" Date: Tue, 26 Oct 2021 19:08:19 -0500 Subject: [PATCH 02/18] Add passport credentials and authenticator --- .../Security/Factory/OAuthFactory.php | 10 +- Resources/config/security.xml | 8 + .../Authenticator/OAuthAuthenticator.php | 199 +++++++++++ .../Passport/OAuthCredentials.php | 80 +++++ .../Security/Factory/OAuthFactoryTest.php | 15 +- .../Authenticator/OAuthAuthenticatorTest.php | 326 ++++++++++++++++++ .../Passport/OAuthCredentialsTest.php | 69 ++++ 7 files changed, 694 insertions(+), 13 deletions(-) create mode 100644 Security/Authentication/Authenticator/OAuthAuthenticator.php create mode 100644 Security/Authentication/Passport/OAuthCredentials.php create mode 100644 Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php create mode 100644 Tests/Security/Authentication/Passport/OAuthCredentialsTest.php diff --git a/DependencyInjection/Security/Factory/OAuthFactory.php b/DependencyInjection/Security/Factory/OAuthFactory.php index 3a54521a..54af33cb 100644 --- a/DependencyInjection/Security/Factory/OAuthFactory.php +++ b/DependencyInjection/Security/Factory/OAuthFactory.php @@ -32,12 +32,12 @@ class OAuthFactory implements AuthenticatorFactoryInterface, SecurityFactoryInte */ public function createAuthenticator(ContainerBuilder $container, string $id, array $config, string $userProviderId) { - $providerId = 'fos_oauth_server.security.authentication.provider.'.$id; + $providerId = 'fos_oauth_server.security.authentication.authenticator.'.$id; $container - ->setDefinition($providerId, new ChildDefinition('fos_oauth_server.security.authentication.provider')) - ->replaceArgument(0, new Reference($userProviderId)) - ->replaceArgument(1, new Reference('security.user_checker.'.$id)) - ->replaceArgument(2, $id) + ->setDefinition($providerId, new ChildDefinition('fos_oauth_server.security.authentication.authenticator')) + ->replaceArgument(0, new Reference('fos_oauth_server.server')) + ->replaceArgument(1, new Reference('security.token_storage')) + ->replaceArgument(2, new Reference('security.user_checker.'.$id)) ; return $providerId; diff --git a/Resources/config/security.xml b/Resources/config/security.xml index ff0aae12..a6b355e7 100644 --- a/Resources/config/security.xml +++ b/Resources/config/security.xml @@ -5,12 +5,20 @@ xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd"> + FOS\OAuthServerBundle\Security\Authentication\Authenticator\OAuthAuthenticator FOS\OAuthServerBundle\Security\Authentication\Provider\OAuthProvider FOS\OAuthServerBundle\Security\Firewall\OAuthListener FOS\OAuthServerBundle\Security\EntryPoint\OAuthEntryPoint + + + + + + + diff --git a/Security/Authentication/Authenticator/OAuthAuthenticator.php b/Security/Authentication/Authenticator/OAuthAuthenticator.php new file mode 100644 index 00000000..f9089f9d --- /dev/null +++ b/Security/Authentication/Authenticator/OAuthAuthenticator.php @@ -0,0 +1,199 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace FOS\OAuthServerBundle\Security\Authentication\Authenticator; + +use FOS\OAuthServerBundle\Security\Authentication\Passport\OAuthCredentials; +use FOS\OAuthServerBundle\Security\Authentication\Token\OAuthToken; +use OAuth2\OAuth2; +use OAuth2\OAuth2AuthenticateException; +use OAuth2\OAuth2ServerException; +use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; +use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; +use Symfony\Component\Security\Core\Exception\AccountStatusException; +use Symfony\Component\Security\Core\Exception\AuthenticationException; +use Symfony\Component\Security\Core\User\UserCheckerInterface; +use Symfony\Component\Security\Core\User\UserProviderInterface; +use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface; +use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge; +use Symfony\Component\Security\Http\Authenticator\Passport\Passport; +use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface; +use Symfony\Component\Security\Http\Authenticator\Passport\UserPassportInterface; + +/** + * OAuthAuthenticator class. + * + * @author Israel J. Carberry + */ +class OAuthAuthenticator implements AuthenticatorInterface +{ + /** + * @var OAuth2 + */ + protected $serverService; + + /** + * @var TokenStorageInterface + */ + private $tokenStorage; + + /** + * @var UserCheckerInterface + */ + protected $userChecker; + + /** + * @var UserProviderInterface + */ + protected $userProvider; + + public function __construct( + OAuth2 $serverService, + TokenStorageInterface $tokenStorage, + UserCheckerInterface $userChecker, + UserProviderInterface $userProvider + ) { + $this->serverService = $serverService; + $this->tokenStorage = $tokenStorage; + $this->userChecker = $userChecker; + $this->userProvider = $userProvider; + } + + /** + * {@inheritdoc} + */ + public function authenticate(Request $request): UserPassportInterface + { + try { + $token = $this->tokenStorage->getToken(); + $tokenString = $token->getToken(); + + $accessToken = $this->serverService->verifyAccessToken($tokenString); + + /** @var \Symfony\Component\Security\Core\User\UserInterface **/ + $user = $accessToken->getUser(); + + if (null === $user) { + throw new AuthenticationException('OAuth2 authentication failed'); + } + + // check the user + try { + $this->userChecker->checkPreAuth($user); + } catch (AccountStatusException $e) { + throw new OAuth2AuthenticateException( + Response::HTTP_UNAUTHORIZED, + OAuth2::TOKEN_TYPE_BEARER, + $this->serverService->getVariable(OAuth2::CONFIG_WWW_REALM), + 'access_denied', + $e->getMessage() + ); + } + + return new Passport( + new UserBadge($user->getUsername()), + new OAuthCredentials($tokenString, $accessToken->getScope()) + ); + } catch (OAuth2ServerException $e) { + throw new AuthenticationException('OAuth2 authentication failed', 0, $e); + } + + // this should never be reached + throw new AuthenticationException('OAuth2 authentication failed'); + } + + /** + * {@inheritdoc} + */ + public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface + { + try { + // expect the badges in the passport from authenticate method above + if (!$passport->hasBadge(OAuthCredentials::class) + || !$passport->hasBadge(UserBadge::class) + ) { + throw new OAuth2AuthenticateException( + Response::HTTP_UNAUTHORIZED, + OAuth2::TOKEN_TYPE_BEARER, + $this->serverService->getVariable(OAuth2::CONFIG_WWW_REALM), + 'access_denied', + 'Unexpected credentials type.' + ); + } + + // get the passport badges + $credentials = $passport->getBadge(OAuthCredentials::class); + $user = $this->userProvider->loadUserByUsername( + $passport->getBadge(UserBadge::class)->getUserIdentifier() + ); + + // check the user + try { + $this->userChecker->checkPostAuth($user); + } catch (AccountStatusException $e) { + throw new OAuth2AuthenticateException( + Response::HTTP_UNAUTHORIZED, + OAuth2::TOKEN_TYPE_BEARER, + $this->serverService->getVariable(OAuth2::CONFIG_WWW_REALM), + 'access_denied', + $e->getMessage() + ); + } + } catch (OAuth2ServerException $e) { + throw new AuthenticationException('OAuth2 authentication failed', 0, $e); + } + + $token = new OAuthToken($credentials->getRoles($user)); + $token->setAuthenticated(true); + $token->setToken($credentials->getTokenString()); + $token->setUser($user); + + $credentials->markResolved(); + + return $token; + } + + /** + * {@inheritdoc} + */ + public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response + { + return null; + } + + /** + * {@inheritdoc} + */ + public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response + { + $responseException = new OAuth2AuthenticateException( + Response::HTTP_UNAUTHORIZED, + OAuth2::TOKEN_TYPE_BEARER, + $this->serverService->getVariable(OAuth2::CONFIG_WWW_REALM), + 'access_denied', + $exception->getMessage() + ); + + return $responseException->getHttpResponse(); + } + + /** + * {@inheritdoc} + */ + public function supports(Request $request): ?bool + { + return $this->tokenStorage->getToken() instanceof OAuthToken; + } +} diff --git a/Security/Authentication/Passport/OAuthCredentials.php b/Security/Authentication/Passport/OAuthCredentials.php new file mode 100644 index 00000000..214f3323 --- /dev/null +++ b/Security/Authentication/Passport/OAuthCredentials.php @@ -0,0 +1,80 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace FOS\OAuthServerBundle\Security\Authentication\Passport; + +use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\CredentialsInterface; +use Symfony\Component\Security\Core\User\UserInterface; + +/** + * Implements credentials checking for an OAuth token. + * + * @author Israel J. Carberry + * + * @final + */ +class OAuthCredentials implements CredentialsInterface +{ + /** + * @var bool + */ + private $resolved = false; + + /** + * @var string + */ + private $scope; + + /** + * @var string + */ + private $tokenString; + + public function __construct(string $tokenString, string $scope) + { + $this->tokenString = $tokenString; + $this->scope = $scope; + } + + public function getRoles(UserInterface $user): array + { + $roles = $user->getRoles(); + + if (empty($this->scope)) { + return $roles; + } + + foreach (explode(' ', $this->scope) as $role) { + $roles[] = 'ROLE_'.mb_strtoupper($role); + } + + return array_unique($roles, SORT_REGULAR); + } + + public function getTokenString(): ?string + { + return $this->tokenString; + } + + public function markResolved(): void + { + $this->resolved = true; + $this->scope = null; + $this->tokenString = null; + } + + public function isResolved(): bool + { + return $this->resolved; + } +} diff --git a/Tests/DependencyInjection/Security/Factory/OAuthFactoryTest.php b/Tests/DependencyInjection/Security/Factory/OAuthFactoryTest.php index feb81fc0..ce4b7e96 100644 --- a/Tests/DependencyInjection/Security/Factory/OAuthFactoryTest.php +++ b/Tests/DependencyInjection/Security/Factory/OAuthFactoryTest.php @@ -124,7 +124,6 @@ public function testCreateAuthenticator(): void ; $id = '12'; $config = []; - $userProvider = 'mock.user.provider.service'; $definition = $this->getMockBuilder(Definition::class) ->disableOriginalConstructor() @@ -135,8 +134,8 @@ public function testCreateAuthenticator(): void ->expects($this->once()) ->method('setDefinition') ->with( - 'fos_oauth_server.security.authentication.provider.'.$id, - new ChildDefinition('fos_oauth_server.security.authentication.provider') + 'fos_oauth_server.security.authentication.authenticator.'.$id, + new ChildDefinition('fos_oauth_server.security.authentication.authenticator') ) ->will($this->returnValue($definition)) ; @@ -147,15 +146,15 @@ public function testCreateAuthenticator(): void ->withConsecutive( [ 0, - new Reference($userProvider), + new Reference('fos_oauth_server.server'), ], [ 1, - new Reference('security.user_checker.'.$id), + new Reference('security.token_storage'), ], [ 2, - $id, + new Reference('security.user_checker.'.$id), ] ) ->willReturnOnConsecutiveCalls( @@ -166,8 +165,8 @@ public function testCreateAuthenticator(): void ; $this->assertSame( - 'fos_oauth_server.security.authentication.provider.'.$id, - $this->instance->createAuthenticator($container, $id, $config, $userProvider) + 'fos_oauth_server.security.authentication.authenticator.'.$id, + $this->instance->createAuthenticator($container, $id, $config, 'ignored.user.provider.service') ); } diff --git a/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php b/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php new file mode 100644 index 00000000..91d49f2c --- /dev/null +++ b/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php @@ -0,0 +1,326 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace FOS\OAuthServerBundle\Tests\Security\Authentication\Authenticator; + +use FOS\OAuthServerBundle\Model\AccessToken; +use FOS\OAuthServerBundle\Security\Authentication\Authenticator\OAuthAuthenticator; +use FOS\OAuthServerBundle\Security\Authentication\Passport\OAuthCredentials; +use FOS\OAuthServerBundle\Security\Authentication\Token\OAuthToken; +use OAuth2\OAuth2; +use OAuth2\OAuth2AuthenticateException; +use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; +use Symfony\Component\Security\Core\Exception\AuthenticationException; +use Symfony\Component\Security\Core\Exception\CredentialsExpiredException; +use Symfony\Component\Security\Core\Exception\DisabledException; +use Symfony\Component\Security\Core\User\UserCheckerInterface; +use Symfony\Component\Security\Core\User\UserInterface; +use Symfony\Component\Security\Core\User\UserProviderInterface; +use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge; +use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials; +use Symfony\Component\Security\Http\Authenticator\Passport\Passport; + +class OAuthAuthenticatorTest extends \PHPUnit\Framework\TestCase +{ + /** + * @var OAuthAuthenticator + */ + protected $authenticator; + + /** + * @var \PHPUnit\Framework\MockObject\MockObject|OAuth2 + */ + protected $serverService; + + /** + * @var \PHPUnit\Framework\MockObject\MockObject|TokenStorageInterface + */ + protected $tokenStorage; + + /** + * @var \PHPUnit\Framework\MockObject\MockObject|UserInterface + */ + protected $user; + + /** + * @var \PHPUnit\Framework\MockObject\MockObject|UserCheckerInterface + */ + protected $userChecker; + + /** + * @var \PHPUnit\Framework\MockObject\MockObject|UserProviderInterface + */ + protected $userProvider; + + public function setUp(): void + { + $this->serverService = $this->getMockBuilder(OAuth2::class) + ->disableOriginalConstructor() + ->setMethods([ + 'getVariable', + 'verifyAccessToken' + ]) + ->getMock() + ; + $this->tokenStorage = $this->getMockBuilder(TokenStorageInterface::class)->disableOriginalConstructor()->getMock(); + $this->user = $this->getMockBuilder(UserInterface::class)->disableOriginalConstructor()->getMock(); + $this->userChecker = $this->getMockBuilder(UserCheckerInterface::class)->disableOriginalConstructor()->getMock(); + $this->userProvider = $this->getMockBuilder(UserProviderInterface::class)->disableOriginalConstructor()->getMock(); + + $this->authenticator = new OAuthAuthenticator( + $this->serverService, + $this->tokenStorage, + $this->userChecker, + $this->userProvider + ); + } + + public function testAuthenticateReturnsPassportIfValid(): void + { + // expect a token from the token storage + $token = new OAuthToken(); + $token->setToken('mock_token_string'); + $this->tokenStorage->expects($this->once()) + ->method('getToken') + ->will($this->returnValue($token)) + ; + + // expect the OAuth2 service to verify the token, returning an access token + $accessToken = new AccessToken(); + $accessToken->setUser($this->user); + $accessToken->setScope('scope_1 scope_2'); + $this->serverService->expects($this->once()) + ->method('verifyAccessToken') + ->with('mock_token_string') + ->will($this->returnValue($accessToken)) + ; + + // expect the user checker to pass + $this->userChecker->expects($this->once()) + ->method('checkPreAuth') + ->with($this->user) + ; + + // expect the username from the user + $this->user->expects($this->once()) + ->method('getUsername') + ->will($this->returnValue('test_user')) + ; + + $passport = $this->authenticator->authenticate(new Request()); + + $this->assertInstanceOf(Passport::class, $passport); + $this->assertCount(2, $passport->getBadges()); + $this->assertTrue($passport->hasBadge(OAuthCredentials::class)); + $this->assertTrue($passport->hasBadge(UserBadge::class)); + $this->assertSame('test_user', $passport->getBadge(UserBadge::class)->getUserIdentifier()); + $this->assertSame('mock_token_string', $passport->getBadge(OAuthCredentials::class)->getTokenString()); + $this->assertSame(['ROLE_SCOPE_1', 'ROLE_SCOPE_2'], $passport->getBadge(OAuthCredentials::class)->getRoles($this->user)); + } + + public function testAuthenticateReturnsTokenInvalidWhenNullData(): void + { + // expect a token from the token storage + $token = new OAuthToken(); + $token->setToken('mock_token_string'); + $this->tokenStorage->expects($this->once()) + ->method('getToken') + ->will($this->returnValue($token)) + ; + + // expect the OAuth2 service to verify the token, returning an access + // token, but without a related user + $accessToken = new AccessToken(); + $this->serverService->expects($this->once()) + ->method('verifyAccessToken') + ->with('mock_token_string') + ->will($this->returnValue($accessToken)) + ; + + // expect an authentication exception + $this->expectException(AuthenticationException::class); + $this->expectExceptionMessage('OAuth2 authentication failed'); + + $this->authenticator->authenticate(new Request()); + } + + public function testAuthenticateTransformsOAuthServerException(): void + { + // expect a token from the token storage + $token = new OAuthToken(); + $token->setToken('mock_token_string'); + $this->tokenStorage->expects($this->once()) + ->method('getToken') + ->will($this->returnValue($token)) + ; + + // expect the OAuth2 service to verify the token, returning an access + // token, but without a related user + $accessToken = new AccessToken(); + $this->serverService->expects($this->once()) + ->method('verifyAccessToken') + ->with('mock_token_string') + ->willThrowException(new OAuth2AuthenticateException( + Response::HTTP_UNAUTHORIZED, + 'mock_token_type', + 'mock_realm', + 'invalid_grant', + 'The access token provided is invalid.', + null + )) + ; + + // expect the thrown exception to be transformed into an authentication exception + $this->expectException(AuthenticationException::class); + $this->expectExceptionMessage('OAuth2 authentication failed'); + + $this->authenticator->authenticate(new Request()); + } + + public function testAuthenticateTransformsAccountStatusException(): void + { + // expect a token from the token storage + $token = new OAuthToken(); + $token->setToken('mock_token_string'); + $this->tokenStorage->expects($this->once()) + ->method('getToken') + ->will($this->returnValue($token)) + ; + + // expect the OAuth2 service to verify the token, returning an access token + $accessToken = new AccessToken(); + $accessToken->setUser($this->user); + $accessToken->setScope('scope_1 scope_2'); + $this->serverService->expects($this->once()) + ->method('verifyAccessToken') + ->with('mock_token_string') + ->will($this->returnValue($accessToken)) + ; + + // expect the user checker to not pass + $this->userChecker->expects($this->once()) + ->method('checkPreAuth') + ->with($this->user) + ->willThrowException(new DisabledException('User account is disabled.')) + ; + + // expect the thrown exception to be transformed into an authentication exception + $this->expectException(AuthenticationException::class); + $this->expectExceptionMessage('OAuth2 authentication failed'); + + $this->authenticator->authenticate(new Request()); + } + + public function testCreateAuthenticatedTokenWithValidPassport(): void + { + // expect the user to be loaded by the provider + $this->userProvider->expects($this->once()) + ->method('loadUserByUsername') + ->with('test_user') + ->will($this->returnValue($this->user)) + ; + + // expect the user checker to pass + $this->userChecker->expects($this->once()) + ->method('checkPostAuth') + ->with($this->user) + ; + + // configure roles on the user to confirm they are combined with the + // access token scopes + $this->user->expects($this->once()) + ->method('getRoles') + ->will($this->returnValue(['ROLE_USER'])) + ; + + // configure the passport + $passport = new Passport( + new UserBadge('test_user'), + new OAuthCredentials('mock_token_string', 'scope_1 scope_2') + ); + + $token = $this->authenticator->createAuthenticatedToken($passport, 'api_firewall_name'); + + $this->assertTrue($token->isAuthenticated()); + $this->assertSame('mock_token_string', $token->getToken()); + $this->assertSame($this->user, $token->getUser()); + $this->assertSame(['ROLE_USER', 'ROLE_SCOPE_1', 'ROLE_SCOPE_2'], $token->getRoleNames()); + } + + public function testCreateAuthenticatedTokenWithUnexpectedPassportCredentials(): void + { + // expect the user to not be loaded by the provider + $this->userProvider->expects($this->never())->method('loadUserByUsername'); + + // configure the passport with non-oauth credentials + $passport = new Passport( + new UserBadge('test_user'), + new PasswordCredentials('mock_password') + ); + + // expect an authentication exception + $this->expectException(AuthenticationException::class); + $this->expectExceptionMessage('OAuth2 authentication failed'); + + $this->authenticator->createAuthenticatedToken($passport, 'api_firewall_name'); + } + + public function testCreateAuthenticatedTokenTransformsAccountStatusException(): void + { + // expect the user to be loaded by the provider + $this->userProvider->expects($this->once()) + ->method('loadUserByUsername') + ->with('test_user') + ->will($this->returnValue($this->user)) + ; + + // expect the user checker to not pass + $this->userChecker->expects($this->once()) + ->method('checkPostAuth') + ->with($this->user) + ->willThrowException(new CredentialsExpiredException('User credentials have expired.')) + ; + + // configure the passport + $passport = new Passport( + new UserBadge('test_user'), + new OAuthCredentials('mock_token_string', 'scope') + ); + + // expect an authentication exception + $this->expectException(AuthenticationException::class); + $this->expectExceptionMessage('OAuth2 authentication failed'); + + $this->authenticator->createAuthenticatedToken($passport, 'api_firewall_name'); + } + + public function testOnAuthenticationFailure(): void + { + // expect the OAuth server to get the realm + $this->serverService->expects($this->once()) + ->method('getVariable') + ->with('realm') + ->will($this->returnValue('mock_realm')) + ; + + $response = $this->authenticator->onAuthenticationFailure( + new Request(), + new AuthenticationException('Authentication failure message') + ); + + $this->assertSame(401, $response->getStatusCode()); + $this->assertSame('{"error":"access_denied","error_description":"Authentication failure message"}', $response->getContent()); + } +} diff --git a/Tests/Security/Authentication/Passport/OAuthCredentialsTest.php b/Tests/Security/Authentication/Passport/OAuthCredentialsTest.php new file mode 100644 index 00000000..8302b9be --- /dev/null +++ b/Tests/Security/Authentication/Passport/OAuthCredentialsTest.php @@ -0,0 +1,69 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace FOS\OAuthServerBundle\Tests\Security\Authentication\Passport; + +use FOS\OAuthServerBundle\Security\Authentication\Passport\OAuthCredentials; +use Symfony\Component\Security\Core\User\UserInterface; + +class OAuthCredentialsTest extends \PHPUnit\Framework\TestCase +{ + /** + * @var \PHPUnit\Framework\MockObject\MockObject|UserInterface + */ + protected $user; + + public function setUp(): void + { + $this->user = $this->getMockBuilder(UserInterface::class)->disableOriginalConstructor()->getMock(); + } + + /** + * @testWith ["scope_1 scope_2", ["ROLE_USER"], ["ROLE_USER", "ROLE_SCOPE_1", "ROLE_SCOPE_2"], "roles and scopes combined"] + * ["scope_1 duplicate", ["ROLE_USER", "ROLE_DUPLICATE"], ["ROLE_USER", "ROLE_DUPLICATE", "ROLE_SCOPE_1"], "only unique roles"] + * ["", ["ROLE_USER"], ["ROLE_USER"], "scopes can be empty"] + * ["scope", [], ["ROLE_SCOPE"], "user roles can be empty"] + * ["", [], [], "roles and scopes can be empty"] + */ + public function testGetRoles(string $scopes, array $userRoles, array $expectedRoles, string $testCase): void + { + $credentials = new OAuthCredentials('mock_token', $scopes); + + $this->user->expects($this->once()) + ->method('getRoles') + ->will($this->returnValue($userRoles)) + ; + + $this->assertSame($expectedRoles, $credentials->getRoles($this->user)); + } + + public function testMarkResolved(): void + { + $credentials = new OAuthCredentials('mock_token', 'scope_1 scope_2'); + + $this->user->expects($this->any()) + ->method('getRoles') + ->will($this->returnValue([])) + ; + + $this->assertFalse($credentials->isResolved()); + $this->assertSame('mock_token', $credentials->getTokenString()); + $this->assertSame(['ROLE_SCOPE_1', 'ROLE_SCOPE_2'], $credentials->getRoles($this->user)); + + $credentials->markResolved(); + + $this->assertTrue($credentials->isResolved()); + $this->assertNull($credentials->getTokenString()); + $this->assertSame([], $credentials->getRoles($this->user)); + } +} From 5059e4c08e3882e5b4d6f4a29f6698e3724b54f2 Mon Sep 17 00:00:00 2001 From: "Israel J. Carberry" Date: Wed, 27 Oct 2021 13:00:50 -0500 Subject: [PATCH 03/18] Add missing authenticator dependency injection argument --- DependencyInjection/Security/Factory/OAuthFactory.php | 1 + .../Security/Factory/OAuthFactoryTest.php | 10 ++++++++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/DependencyInjection/Security/Factory/OAuthFactory.php b/DependencyInjection/Security/Factory/OAuthFactory.php index 54af33cb..90ed48de 100644 --- a/DependencyInjection/Security/Factory/OAuthFactory.php +++ b/DependencyInjection/Security/Factory/OAuthFactory.php @@ -38,6 +38,7 @@ public function createAuthenticator(ContainerBuilder $container, string $id, arr ->replaceArgument(0, new Reference('fos_oauth_server.server')) ->replaceArgument(1, new Reference('security.token_storage')) ->replaceArgument(2, new Reference('security.user_checker.'.$id)) + ->replaceArgument(3, new Reference($userProviderId)) ; return $providerId; diff --git a/Tests/DependencyInjection/Security/Factory/OAuthFactoryTest.php b/Tests/DependencyInjection/Security/Factory/OAuthFactoryTest.php index ce4b7e96..3965693f 100644 --- a/Tests/DependencyInjection/Security/Factory/OAuthFactoryTest.php +++ b/Tests/DependencyInjection/Security/Factory/OAuthFactoryTest.php @@ -124,6 +124,7 @@ public function testCreateAuthenticator(): void ; $id = '12'; $config = []; + $userProviderId = 'mock.user.provider.service'; $definition = $this->getMockBuilder(Definition::class) ->disableOriginalConstructor() @@ -141,7 +142,7 @@ public function testCreateAuthenticator(): void ; $definition - ->expects($this->exactly(3)) + ->expects($this->exactly(4)) ->method('replaceArgument') ->withConsecutive( [ @@ -155,9 +156,14 @@ public function testCreateAuthenticator(): void [ 2, new Reference('security.user_checker.'.$id), + ], + [ + 3, + new Reference($userProviderId), ] ) ->willReturnOnConsecutiveCalls( + $definition, $definition, $definition, $definition @@ -166,7 +172,7 @@ public function testCreateAuthenticator(): void $this->assertSame( 'fos_oauth_server.security.authentication.authenticator.'.$id, - $this->instance->createAuthenticator($container, $id, $config, 'ignored.user.provider.service') + $this->instance->createAuthenticator($container, $id, $config, $userProviderId) ); } From 81d95dc6bad83e38f5985bf53145095922e3c8f4 Mon Sep 17 00:00:00 2001 From: "Israel J. Carberry" Date: Wed, 27 Oct 2021 19:39:22 -0500 Subject: [PATCH 04/18] Fix request and credentials handling in authenticator --- .../Authenticator/OAuthAuthenticator.php | 58 ++++---- .../Passport/OAuthCredentials.php | 2 - .../Authenticator/OAuthAuthenticatorTest.php | 126 +++++++++++------- .../Passport/OAuthCredentialsTest.php | 8 +- 4 files changed, 112 insertions(+), 82 deletions(-) diff --git a/Security/Authentication/Authenticator/OAuthAuthenticator.php b/Security/Authentication/Authenticator/OAuthAuthenticator.php index f9089f9d..1ea627db 100644 --- a/Security/Authentication/Authenticator/OAuthAuthenticator.php +++ b/Security/Authentication/Authenticator/OAuthAuthenticator.php @@ -25,6 +25,7 @@ use Symfony\Component\Security\Core\Exception\AccountStatusException; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Core\User\UserCheckerInterface; +use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface; use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge; @@ -76,42 +77,42 @@ public function __construct( */ public function authenticate(Request $request): UserPassportInterface { - try { - $token = $this->tokenStorage->getToken(); - $tokenString = $token->getToken(); + // remove the authorization header from the request on this check + $tokenString = $this->serverService->getBearerToken($request, true); + $accessToken = $scope = $user = $username = null; + try { $accessToken = $this->serverService->verifyAccessToken($tokenString); - - /** @var \Symfony\Component\Security\Core\User\UserInterface **/ + $scope = $accessToken->getScope(); $user = $accessToken->getUser(); + // allow for dependency on deprecated getUsername method + $username = $user instanceof UserInterface + ? (method_exists($user, 'getUserIdentifier') ? $user->getUserIdentifier() : $user->getUsername()) + : null + ; + } catch (OAuth2AuthenticateException $e) { + // do nothing - credentials will remain unresolved below + } - if (null === $user) { - throw new AuthenticationException('OAuth2 authentication failed'); - } + // configure the passport badges, ensuring requisite string types + $userBadge = new UserBadge($username ?? ''); + $credentials = new OAuthCredentials($tokenString ?? '', $scope ?? ''); - // check the user + // check the user if not null + if ($user instanceof UserInterface) { try { $this->userChecker->checkPreAuth($user); + + // mark the credentials as resolved + $credentials->markResolved(); } catch (AccountStatusException $e) { - throw new OAuth2AuthenticateException( - Response::HTTP_UNAUTHORIZED, - OAuth2::TOKEN_TYPE_BEARER, - $this->serverService->getVariable(OAuth2::CONFIG_WWW_REALM), - 'access_denied', - $e->getMessage() - ); + // do nothing - credentials remain unresolved } - - return new Passport( - new UserBadge($user->getUsername()), - new OAuthCredentials($tokenString, $accessToken->getScope()) - ); - } catch (OAuth2ServerException $e) { - throw new AuthenticationException('OAuth2 authentication failed', 0, $e); } - // this should never be reached - throw new AuthenticationException('OAuth2 authentication failed'); + // passport will only be valid if all badges are resolved (user badge + // is always resolved, credentials badge if passing the above check) + return new Passport($userBadge, $credentials); } /** @@ -160,7 +161,7 @@ public function createAuthenticatedToken(PassportInterface $passport, string $fi $token->setToken($credentials->getTokenString()); $token->setUser($user); - $credentials->markResolved(); + $this->tokenStorage->setToken($token); return $token; } @@ -194,6 +195,9 @@ public function onAuthenticationFailure(Request $request, AuthenticationExceptio */ public function supports(Request $request): ?bool { - return $this->tokenStorage->getToken() instanceof OAuthToken; + // do not remove the authorization header from the request on this check + $tokenString = $this->serverService->getBearerToken($request); + + return is_string($tokenString) && !empty($tokenString); } } diff --git a/Security/Authentication/Passport/OAuthCredentials.php b/Security/Authentication/Passport/OAuthCredentials.php index 214f3323..430250cb 100644 --- a/Security/Authentication/Passport/OAuthCredentials.php +++ b/Security/Authentication/Passport/OAuthCredentials.php @@ -69,8 +69,6 @@ public function getTokenString(): ?string public function markResolved(): void { $this->resolved = true; - $this->scope = null; - $this->tokenString = null; } public function isResolved(): bool diff --git a/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php b/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php index 91d49f2c..ae83ba69 100644 --- a/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php +++ b/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php @@ -26,7 +26,7 @@ use Symfony\Component\Security\Core\Exception\CredentialsExpiredException; use Symfony\Component\Security\Core\Exception\DisabledException; use Symfony\Component\Security\Core\User\UserCheckerInterface; -use Symfony\Component\Security\Core\User\UserInterface; +use Symfony\Component\Security\Core\User\User; use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge; use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials; @@ -50,7 +50,7 @@ class OAuthAuthenticatorTest extends \PHPUnit\Framework\TestCase protected $tokenStorage; /** - * @var \PHPUnit\Framework\MockObject\MockObject|UserInterface + * @var \PHPUnit\Framework\MockObject\MockObject|User */ protected $user; @@ -69,16 +69,20 @@ public function setUp(): void $this->serverService = $this->getMockBuilder(OAuth2::class) ->disableOriginalConstructor() ->setMethods([ + 'getBearerToken', 'getVariable', - 'verifyAccessToken' + 'verifyAccessToken', ]) ->getMock() ; $this->tokenStorage = $this->getMockBuilder(TokenStorageInterface::class)->disableOriginalConstructor()->getMock(); - $this->user = $this->getMockBuilder(UserInterface::class)->disableOriginalConstructor()->getMock(); $this->userChecker = $this->getMockBuilder(UserCheckerInterface::class)->disableOriginalConstructor()->getMock(); $this->userProvider = $this->getMockBuilder(UserProviderInterface::class)->disableOriginalConstructor()->getMock(); + // mock the core user object rather than the user interface that the new + // getUserIdentifier method is used rather than the deprecated getUsername + $this->user = $this->getMockBuilder(User::class)->disableOriginalConstructor()->getMock(); + $this->authenticator = new OAuthAuthenticator( $this->serverService, $this->tokenStorage, @@ -89,12 +93,15 @@ public function setUp(): void public function testAuthenticateReturnsPassportIfValid(): void { - // expect a token from the token storage - $token = new OAuthToken(); - $token->setToken('mock_token_string'); - $this->tokenStorage->expects($this->once()) - ->method('getToken') - ->will($this->returnValue($token)) + // expect the OAuth2 service to get the token from the request header, + // flagging the authorization header to be removed at the same time + $this->serverService->expects($this->once()) + ->method('getBearerToken') + ->with( + $this->isInstanceOf(Request::class), + $this->equalTo(true) + ) + ->will($this->returnValue('mock_token_string')) ; // expect the OAuth2 service to verify the token, returning an access token @@ -107,18 +114,18 @@ public function testAuthenticateReturnsPassportIfValid(): void ->will($this->returnValue($accessToken)) ; + // expect the username from the user + $this->user->expects($this->once()) + ->method('getUserIdentifier') + ->will($this->returnValue('test_user')) + ; + // expect the user checker to pass $this->userChecker->expects($this->once()) ->method('checkPreAuth') ->with($this->user) ; - // expect the username from the user - $this->user->expects($this->once()) - ->method('getUsername') - ->will($this->returnValue('test_user')) - ; - $passport = $this->authenticator->authenticate(new Request()); $this->assertInstanceOf(Passport::class, $passport); @@ -128,16 +135,20 @@ public function testAuthenticateReturnsPassportIfValid(): void $this->assertSame('test_user', $passport->getBadge(UserBadge::class)->getUserIdentifier()); $this->assertSame('mock_token_string', $passport->getBadge(OAuthCredentials::class)->getTokenString()); $this->assertSame(['ROLE_SCOPE_1', 'ROLE_SCOPE_2'], $passport->getBadge(OAuthCredentials::class)->getRoles($this->user)); + $this->assertTrue($passport->getBadge(OAuthCredentials::class)->isResolved()); } - public function testAuthenticateReturnsTokenInvalidWhenNullData(): void + public function testAuthenticateReturnsUnresolvedPassportWhenNullUser(): void { - // expect a token from the token storage - $token = new OAuthToken(); - $token->setToken('mock_token_string'); - $this->tokenStorage->expects($this->once()) - ->method('getToken') - ->will($this->returnValue($token)) + // expect the OAuth2 service to get the token from the request header, + // flagging the authorization header to be removed at the same time + $this->serverService->expects($this->once()) + ->method('getBearerToken') + ->with( + $this->isInstanceOf(Request::class), + $this->equalTo(true) + ) + ->will($this->returnValue('mock_token_string')) ; // expect the OAuth2 service to verify the token, returning an access @@ -149,26 +160,29 @@ public function testAuthenticateReturnsTokenInvalidWhenNullData(): void ->will($this->returnValue($accessToken)) ; - // expect an authentication exception - $this->expectException(AuthenticationException::class); - $this->expectExceptionMessage('OAuth2 authentication failed'); + // expect the null user value to not be processed + $this->userChecker->expects($this->never())->method('checkPreAuth'); - $this->authenticator->authenticate(new Request()); + $passport = $this->authenticator->authenticate(new Request()); + + // confirm that the returned passport won't pass validation + $this->assertFalse($passport->getBadge(OAuthCredentials::class)->isResolved()); } - public function testAuthenticateTransformsOAuthServerException(): void + public function testAuthenticateReturnsUnresolvedPassportWhenInvalidToken(): void { - // expect a token from the token storage - $token = new OAuthToken(); - $token->setToken('mock_token_string'); - $this->tokenStorage->expects($this->once()) - ->method('getToken') - ->will($this->returnValue($token)) + // expect the OAuth2 service to get the token from the request header, + // flagging the authorization header to be removed at the same time + $this->serverService->expects($this->once()) + ->method('getBearerToken') + ->with( + $this->isInstanceOf(Request::class), + $this->equalTo(true) + ) + ->will($this->returnValue('mock_token_string')) ; - // expect the OAuth2 service to verify the token, returning an access - // token, but without a related user - $accessToken = new AccessToken(); + // expect the OAuth2 service to not verify the token, throwing an exception $this->serverService->expects($this->once()) ->method('verifyAccessToken') ->with('mock_token_string') @@ -182,21 +196,26 @@ public function testAuthenticateTransformsOAuthServerException(): void )) ; - // expect the thrown exception to be transformed into an authentication exception - $this->expectException(AuthenticationException::class); - $this->expectExceptionMessage('OAuth2 authentication failed'); + // expect the null user value to not be processed + $this->userChecker->expects($this->never())->method('checkPreAuth'); + + $passport = $this->authenticator->authenticate(new Request()); - $this->authenticator->authenticate(new Request()); + // confirm that the returned passport won't pass validation + $this->assertFalse($passport->getBadge(OAuthCredentials::class)->isResolved()); } public function testAuthenticateTransformsAccountStatusException(): void { - // expect a token from the token storage - $token = new OAuthToken(); - $token->setToken('mock_token_string'); - $this->tokenStorage->expects($this->once()) - ->method('getToken') - ->will($this->returnValue($token)) + // expect the OAuth2 service to get the token from the request header, + // flagging the authorization header to be removed at the same time + $this->serverService->expects($this->once()) + ->method('getBearerToken') + ->with( + $this->isInstanceOf(Request::class), + $this->equalTo(true) + ) + ->will($this->returnValue('mock_token_string')) ; // expect the OAuth2 service to verify the token, returning an access token @@ -216,11 +235,10 @@ public function testAuthenticateTransformsAccountStatusException(): void ->willThrowException(new DisabledException('User account is disabled.')) ; - // expect the thrown exception to be transformed into an authentication exception - $this->expectException(AuthenticationException::class); - $this->expectExceptionMessage('OAuth2 authentication failed'); + $passport = $this->authenticator->authenticate(new Request()); - $this->authenticator->authenticate(new Request()); + // confirm that the returned passport won't pass validation + $this->assertFalse($passport->getBadge(OAuthCredentials::class)->isResolved()); } public function testCreateAuthenticatedTokenWithValidPassport(): void @@ -245,6 +263,12 @@ public function testCreateAuthenticatedTokenWithValidPassport(): void ->will($this->returnValue(['ROLE_USER'])) ; + // expect a new authenticated token to be stored + $this->tokenStorage->expects($this->once()) + ->method('setToken') + ->with($this->isInstanceOf(OAuthToken::class)) + ; + // configure the passport $passport = new Passport( new UserBadge('test_user'), diff --git a/Tests/Security/Authentication/Passport/OAuthCredentialsTest.php b/Tests/Security/Authentication/Passport/OAuthCredentialsTest.php index 8302b9be..87f27135 100644 --- a/Tests/Security/Authentication/Passport/OAuthCredentialsTest.php +++ b/Tests/Security/Authentication/Passport/OAuthCredentialsTest.php @@ -62,8 +62,12 @@ public function testMarkResolved(): void $credentials->markResolved(); + // marking credentials as resolved should not change any other state, + // as the transported data is still needed for creating the + // authenticated token when the AuthenticatorManager progresses in + // executing the OAuthAuthenticator $this->assertTrue($credentials->isResolved()); - $this->assertNull($credentials->getTokenString()); - $this->assertSame([], $credentials->getRoles($this->user)); + $this->assertSame('mock_token', $credentials->getTokenString()); + $this->assertSame(['ROLE_SCOPE_1', 'ROLE_SCOPE_2'], $credentials->getRoles($this->user)); } } From 92756c0d0b1e5996032dfbc01a22eac6eed426c6 Mon Sep 17 00:00:00 2001 From: "Israel J. Carberry" Date: Wed, 27 Oct 2021 20:08:03 -0500 Subject: [PATCH 05/18] Remove redundant token storage action --- .../Security/Factory/OAuthFactory.php | 5 ++--- Resources/config/security.xml | 1 - .../Authenticator/OAuthAuthenticator.php | 10 ---------- .../Security/Factory/OAuthFactoryTest.php | 9 ++------- .../Authenticator/OAuthAuthenticatorTest.php | 14 -------------- 5 files changed, 4 insertions(+), 35 deletions(-) diff --git a/DependencyInjection/Security/Factory/OAuthFactory.php b/DependencyInjection/Security/Factory/OAuthFactory.php index 90ed48de..e97ac786 100644 --- a/DependencyInjection/Security/Factory/OAuthFactory.php +++ b/DependencyInjection/Security/Factory/OAuthFactory.php @@ -36,9 +36,8 @@ public function createAuthenticator(ContainerBuilder $container, string $id, arr $container ->setDefinition($providerId, new ChildDefinition('fos_oauth_server.security.authentication.authenticator')) ->replaceArgument(0, new Reference('fos_oauth_server.server')) - ->replaceArgument(1, new Reference('security.token_storage')) - ->replaceArgument(2, new Reference('security.user_checker.'.$id)) - ->replaceArgument(3, new Reference($userProviderId)) + ->replaceArgument(1, new Reference('security.user_checker.'.$id)) + ->replaceArgument(2, new Reference($userProviderId)) ; return $providerId; diff --git a/Resources/config/security.xml b/Resources/config/security.xml index a6b355e7..d2961b6d 100644 --- a/Resources/config/security.xml +++ b/Resources/config/security.xml @@ -14,7 +14,6 @@ - diff --git a/Security/Authentication/Authenticator/OAuthAuthenticator.php b/Security/Authentication/Authenticator/OAuthAuthenticator.php index 1ea627db..795f003e 100644 --- a/Security/Authentication/Authenticator/OAuthAuthenticator.php +++ b/Security/Authentication/Authenticator/OAuthAuthenticator.php @@ -20,7 +20,6 @@ use OAuth2\OAuth2ServerException; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; -use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Exception\AccountStatusException; use Symfony\Component\Security\Core\Exception\AuthenticationException; @@ -45,11 +44,6 @@ class OAuthAuthenticator implements AuthenticatorInterface */ protected $serverService; - /** - * @var TokenStorageInterface - */ - private $tokenStorage; - /** * @var UserCheckerInterface */ @@ -62,12 +56,10 @@ class OAuthAuthenticator implements AuthenticatorInterface public function __construct( OAuth2 $serverService, - TokenStorageInterface $tokenStorage, UserCheckerInterface $userChecker, UserProviderInterface $userProvider ) { $this->serverService = $serverService; - $this->tokenStorage = $tokenStorage; $this->userChecker = $userChecker; $this->userProvider = $userProvider; } @@ -161,8 +153,6 @@ public function createAuthenticatedToken(PassportInterface $passport, string $fi $token->setToken($credentials->getTokenString()); $token->setUser($user); - $this->tokenStorage->setToken($token); - return $token; } diff --git a/Tests/DependencyInjection/Security/Factory/OAuthFactoryTest.php b/Tests/DependencyInjection/Security/Factory/OAuthFactoryTest.php index 3965693f..22daf5a8 100644 --- a/Tests/DependencyInjection/Security/Factory/OAuthFactoryTest.php +++ b/Tests/DependencyInjection/Security/Factory/OAuthFactoryTest.php @@ -142,7 +142,7 @@ public function testCreateAuthenticator(): void ; $definition - ->expects($this->exactly(4)) + ->expects($this->exactly(3)) ->method('replaceArgument') ->withConsecutive( [ @@ -151,19 +151,14 @@ public function testCreateAuthenticator(): void ], [ 1, - new Reference('security.token_storage'), - ], - [ - 2, new Reference('security.user_checker.'.$id), ], [ - 3, + 2, new Reference($userProviderId), ] ) ->willReturnOnConsecutiveCalls( - $definition, $definition, $definition, $definition diff --git a/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php b/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php index ae83ba69..b8d66d66 100644 --- a/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php +++ b/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php @@ -21,7 +21,6 @@ use OAuth2\OAuth2AuthenticateException; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; -use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Core\Exception\CredentialsExpiredException; use Symfony\Component\Security\Core\Exception\DisabledException; @@ -44,11 +43,6 @@ class OAuthAuthenticatorTest extends \PHPUnit\Framework\TestCase */ protected $serverService; - /** - * @var \PHPUnit\Framework\MockObject\MockObject|TokenStorageInterface - */ - protected $tokenStorage; - /** * @var \PHPUnit\Framework\MockObject\MockObject|User */ @@ -75,7 +69,6 @@ public function setUp(): void ]) ->getMock() ; - $this->tokenStorage = $this->getMockBuilder(TokenStorageInterface::class)->disableOriginalConstructor()->getMock(); $this->userChecker = $this->getMockBuilder(UserCheckerInterface::class)->disableOriginalConstructor()->getMock(); $this->userProvider = $this->getMockBuilder(UserProviderInterface::class)->disableOriginalConstructor()->getMock(); @@ -85,7 +78,6 @@ public function setUp(): void $this->authenticator = new OAuthAuthenticator( $this->serverService, - $this->tokenStorage, $this->userChecker, $this->userProvider ); @@ -263,12 +255,6 @@ public function testCreateAuthenticatedTokenWithValidPassport(): void ->will($this->returnValue(['ROLE_USER'])) ; - // expect a new authenticated token to be stored - $this->tokenStorage->expects($this->once()) - ->method('setToken') - ->with($this->isInstanceOf(OAuthToken::class)) - ; - // configure the passport $passport = new Passport( new UserBadge('test_user'), From 0bb41a5a22213c1d26da554139ce79730771f557 Mon Sep 17 00:00:00 2001 From: "Israel J. Carberry" Date: Fri, 2 Sep 2022 12:08:01 -0500 Subject: [PATCH 06/18] Updates CS Fixer config and applies fixes --- .gitignore | 1 + .php_cs.dist => .php-cs-fixer.dist-php | 15 ++++++++------- DependencyInjection/FOSOAuthServerExtension.php | 2 +- Makefile | 6 ++++-- .../Authenticator/OAuthAuthenticator.php | 16 ++-------------- .../Authentication/Passport/OAuthCredentials.php | 2 +- Tests/Form/Type/AuthorizeFormTypeTest.php | 2 +- .../Authenticator/OAuthAuthenticatorTest.php | 3 +-- 8 files changed, 19 insertions(+), 28 deletions(-) rename .php_cs.dist => .php-cs-fixer.dist-php (80%) diff --git a/.gitignore b/.gitignore index b1a9bef1..f69bf23f 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ Propel/map/ composer.lock .php_cs.cache .phpunit.result.cache +.php-cs-fixer.php diff --git a/.php_cs.dist b/.php-cs-fixer.dist-php similarity index 80% rename from .php_cs.dist rename to .php-cs-fixer.dist-php index cd8261a0..8e3f83ad 100644 --- a/.php_cs.dist +++ b/.php-cs-fixer.dist-php @@ -18,11 +18,11 @@ For the full copyright and license information, please view the LICENSE file that was distributed with this source code. EOF; -$finder = PhpCsFixer\Finder::create() +$finder = (new PhpCsFixer\Finder()) ->exclude('vendor') ->in(__DIR__); -return PhpCsFixer\Config::create() +return (new PhpCsFixer\Config()) ->setRiskyAllowed(true) ->setUsingCache(false) ->setRules( @@ -33,16 +33,16 @@ return PhpCsFixer\Config::create() 'combine_consecutive_unsets' => true, 'declare_strict_types' => true, 'dir_constant' => true, - 'general_phpdoc_annotation_remove' => ['@author'], + 'echo_tag_syntax' => ['format' => 'long'], + 'general_phpdoc_annotation_remove' => ['annotations' => ['@author']], 'header_comment' => ['header' => $header], 'linebreak_after_opening_tag' => true, 'mb_str_functions' => true, 'modernize_types_casting' => true, // 'native_function_invocation' => true, - 'no_extra_consecutive_blank_lines' => ['continue', 'extra', 'return', 'throw', 'use', 'parenthesis_brace_block', 'square_brace_block', 'curly_brace_block'], 'multiline_whitespace_before_semicolons' => ['strategy' => 'new_line_for_chained_calls'], + 'no_extra_blank_lines' => ['tokens' => ['continue', 'extra', 'return', 'throw', 'use', 'parenthesis_brace_block', 'square_brace_block', 'curly_brace_block']], 'no_php4_constructor' => true, - 'no_short_echo_tag' => true, 'no_unreachable_default_argument_value' => true, 'no_useless_else' => true, 'no_useless_return' => true, @@ -54,11 +54,12 @@ return PhpCsFixer\Config::create() 'php_unit_strict' => true, 'phpdoc_add_missing_param_annotation' => true, 'phpdoc_annotation_without_dot' => true, - 'phpdoc_inline_tag' => false, 'phpdoc_no_empty_return' => false, 'phpdoc_order' => true, + // phpdoc tag defaults are annotation + // see https://cs.symfony.com/doc/rules/phpdoc/phpdoc_tag_type.html + // 'phpdoc_tag_type' => [], 'phpdoc_to_comment' => false, - 'psr4' => true, 'random_api_migration' => true, 'semicolon_after_instruction' => true, 'single_import_per_statement' => true, diff --git a/DependencyInjection/FOSOAuthServerExtension.php b/DependencyInjection/FOSOAuthServerExtension.php index 92773af5..74c016cd 100644 --- a/DependencyInjection/FOSOAuthServerExtension.php +++ b/DependencyInjection/FOSOAuthServerExtension.php @@ -78,7 +78,7 @@ public function load(array $configs, ContainerBuilder $container) } else { $container->setAlias('fos_oauth_server.document_manager', new Alias( sprintf('doctrine.odm.%s_mongodb.document_manager', - $config['model_manager_name']), + $config['model_manager_name']), false )); } diff --git a/Makefile b/Makefile index ff405a34..e4b81fc1 100644 --- a/Makefile +++ b/Makefile @@ -12,10 +12,12 @@ cs: sh -c "${QA_DOCKER_COMMAND} php-cs-fixer fix -vvv --diff" cs-full: - sh -c "${QA_DOCKER_COMMAND} php-cs-fixer fix -vvv --using-cache=false --diff" + if [ ! -f .php-cs-fixer.php ]; then cp .php-cs-fixer.dist-php .php-cs-fixer.php; fi + sh -c "${QA_DOCKER_COMMAND} php-cs-fixer fix -vvv --using-cache=no --diff" cs-full-check: - sh -c "${QA_DOCKER_COMMAND} php-cs-fixer fix -vvv --using-cache=false --diff --dry-run" + if [ ! -f .php-cs-fixer.php ]; then cp .php-cs-fixer.dist-php .php-cs-fixer.php; fi + sh -c "${QA_DOCKER_COMMAND} php-cs-fixer fix -vvv --using-cache=no --diff --dry-run" composer-compat: composer config "platform.ext-mongo" "1.6.16" diff --git a/Security/Authentication/Authenticator/OAuthAuthenticator.php b/Security/Authentication/Authenticator/OAuthAuthenticator.php index 795f003e..d28ebccd 100644 --- a/Security/Authentication/Authenticator/OAuthAuthenticator.php +++ b/Security/Authentication/Authenticator/OAuthAuthenticator.php @@ -117,13 +117,7 @@ public function createAuthenticatedToken(PassportInterface $passport, string $fi if (!$passport->hasBadge(OAuthCredentials::class) || !$passport->hasBadge(UserBadge::class) ) { - throw new OAuth2AuthenticateException( - Response::HTTP_UNAUTHORIZED, - OAuth2::TOKEN_TYPE_BEARER, - $this->serverService->getVariable(OAuth2::CONFIG_WWW_REALM), - 'access_denied', - 'Unexpected credentials type.' - ); + throw new OAuth2AuthenticateException(Response::HTTP_UNAUTHORIZED, OAuth2::TOKEN_TYPE_BEARER, $this->serverService->getVariable(OAuth2::CONFIG_WWW_REALM), 'access_denied', 'Unexpected credentials type.'); } // get the passport badges @@ -136,13 +130,7 @@ public function createAuthenticatedToken(PassportInterface $passport, string $fi try { $this->userChecker->checkPostAuth($user); } catch (AccountStatusException $e) { - throw new OAuth2AuthenticateException( - Response::HTTP_UNAUTHORIZED, - OAuth2::TOKEN_TYPE_BEARER, - $this->serverService->getVariable(OAuth2::CONFIG_WWW_REALM), - 'access_denied', - $e->getMessage() - ); + throw new OAuth2AuthenticateException(Response::HTTP_UNAUTHORIZED, OAuth2::TOKEN_TYPE_BEARER, $this->serverService->getVariable(OAuth2::CONFIG_WWW_REALM), 'access_denied', $e->getMessage()); } } catch (OAuth2ServerException $e) { throw new AuthenticationException('OAuth2 authentication failed', 0, $e); diff --git a/Security/Authentication/Passport/OAuthCredentials.php b/Security/Authentication/Passport/OAuthCredentials.php index 430250cb..0444a64f 100644 --- a/Security/Authentication/Passport/OAuthCredentials.php +++ b/Security/Authentication/Passport/OAuthCredentials.php @@ -13,8 +13,8 @@ namespace FOS\OAuthServerBundle\Security\Authentication\Passport; -use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\CredentialsInterface; use Symfony\Component\Security\Core\User\UserInterface; +use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\CredentialsInterface; /** * Implements credentials checking for an OAuth token. diff --git a/Tests/Form/Type/AuthorizeFormTypeTest.php b/Tests/Form/Type/AuthorizeFormTypeTest.php index 74185fbd..6828951f 100644 --- a/Tests/Form/Type/AuthorizeFormTypeTest.php +++ b/Tests/Form/Type/AuthorizeFormTypeTest.php @@ -105,7 +105,7 @@ public function testGetBlockPrefix(): void */ protected function getTypes() { - return [ + return [ new AuthorizeFormType(), ]; } diff --git a/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php b/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php index b8d66d66..005a9221 100644 --- a/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php +++ b/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php @@ -16,7 +16,6 @@ use FOS\OAuthServerBundle\Model\AccessToken; use FOS\OAuthServerBundle\Security\Authentication\Authenticator\OAuthAuthenticator; use FOS\OAuthServerBundle\Security\Authentication\Passport\OAuthCredentials; -use FOS\OAuthServerBundle\Security\Authentication\Token\OAuthToken; use OAuth2\OAuth2; use OAuth2\OAuth2AuthenticateException; use Symfony\Component\HttpFoundation\Request; @@ -24,8 +23,8 @@ use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Core\Exception\CredentialsExpiredException; use Symfony\Component\Security\Core\Exception\DisabledException; -use Symfony\Component\Security\Core\User\UserCheckerInterface; use Symfony\Component\Security\Core\User\User; +use Symfony\Component\Security\Core\User\UserCheckerInterface; use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge; use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials; From 59ed0d9ec789fd7da51702236900f14d0666ec14 Mon Sep 17 00:00:00 2001 From: "Israel J. Carberry" Date: Fri, 2 Sep 2022 12:24:43 -0500 Subject: [PATCH 07/18] Updates CI workflow versions --- .github/workflows/continuous-integration.yaml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/.github/workflows/continuous-integration.yaml b/.github/workflows/continuous-integration.yaml index 2e5be59b..f8ea9df1 100644 --- a/.github/workflows/continuous-integration.yaml +++ b/.github/workflows/continuous-integration.yaml @@ -11,10 +11,10 @@ jobs: - name: 'Setup PHP' uses: 'shivammathur/setup-php@v2' with: - php-version: '7.4' + php-version: '8.1' coverage: 'none' extensions: 'json, mbstring, tokenizer' - tools: 'composer-normalize, php-cs-fixer:2.16.4' + tools: 'composer-normalize, php-cs-fixer:3.10.0' env: update: true @@ -39,7 +39,7 @@ jobs: - name: 'Setup PHP' uses: 'shivammathur/setup-php@v2' with: - php-version: '7.4' + php-version: '8.1' coverage: 'none' extensions: 'json, mbstring, tokenizer' env: @@ -59,16 +59,18 @@ jobs: strategy: matrix: php: - - '7.2' - - '7.3' - '7.4' - '8.0' + - '8.1' dependencies: - 'lowest' - 'highest' - 'beta' include: - dependencies: 'beta' + symfony_version: + - 5.4 + - 6.0 env: SYMFONY_VERSION: '${{ matrix.symfony_version }}' steps: From 3fbcf642533ea8fbe7ceb0b69973a3e4eace97f2 Mon Sep 17 00:00:00 2001 From: "Israel J. Carberry" Date: Fri, 2 Sep 2022 12:27:23 -0500 Subject: [PATCH 08/18] Fixes CI workflow config for dry run of CS Fixer --- .github/workflows/continuous-integration.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/continuous-integration.yaml b/.github/workflows/continuous-integration.yaml index f8ea9df1..b9bc42c9 100644 --- a/.github/workflows/continuous-integration.yaml +++ b/.github/workflows/continuous-integration.yaml @@ -24,7 +24,7 @@ jobs: php-cs-fixer --version - name: 'Check PHP code' - run: 'php-cs-fixer fix --diff --dry-run --using-cache=false' + run: 'php-cs-fixer fix --diff --dry-run --using-cache=no' - name: 'Check composer.json' run: 'composer-normalize --diff --dry-run --no-update-lock' From 1f244a954ab52ffeba6f5a045691e751ab6f4f5d Mon Sep 17 00:00:00 2001 From: "Israel J. Carberry" Date: Fri, 2 Sep 2022 12:31:11 -0500 Subject: [PATCH 09/18] Specifies CS Fixer config file for CI workflow --- .github/workflows/continuous-integration.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/continuous-integration.yaml b/.github/workflows/continuous-integration.yaml index b9bc42c9..da3824ae 100644 --- a/.github/workflows/continuous-integration.yaml +++ b/.github/workflows/continuous-integration.yaml @@ -24,7 +24,7 @@ jobs: php-cs-fixer --version - name: 'Check PHP code' - run: 'php-cs-fixer fix --diff --dry-run --using-cache=no' + run: 'php-cs-fixer fix --diff --dry-run --using-cache=no --config=.php-cs-fixer.dist-php' - name: 'Check composer.json' run: 'composer-normalize --diff --dry-run --no-update-lock' From 977d362b28b246728528bb85b665e8512dc22a8a Mon Sep 17 00:00:00 2001 From: "Israel J. Carberry" Date: Fri, 2 Sep 2022 12:39:27 -0500 Subject: [PATCH 10/18] Updates deprecated phpstan configs --- phpstan.neon | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpstan.neon b/phpstan.neon index 62ef14db..f0f8f749 100644 --- a/phpstan.neon +++ b/phpstan.neon @@ -5,8 +5,8 @@ parameters: level: 6 paths: - . - autoload_files: + bootstrapFiles: - vendor/autoload.php - excludes_analyse: + excludePaths: - vendor/ From 2b0fcdd159472156bda12c9498b8edd31ad9ed30 Mon Sep 17 00:00:00 2001 From: "Israel J. Carberry" Date: Wed, 7 Sep 2022 16:35:44 -0500 Subject: [PATCH 11/18] Updating minimum version requirements and workflow checks --- .github/workflows/continuous-integration.yaml | 7 +++++-- composer.json | 20 +++++++++---------- 2 files changed, 15 insertions(+), 12 deletions(-) diff --git a/.github/workflows/continuous-integration.yaml b/.github/workflows/continuous-integration.yaml index da3824ae..8fa58e8f 100644 --- a/.github/workflows/continuous-integration.yaml +++ b/.github/workflows/continuous-integration.yaml @@ -11,7 +11,7 @@ jobs: - name: 'Setup PHP' uses: 'shivammathur/setup-php@v2' with: - php-version: '8.1' + php-version: '7.4' coverage: 'none' extensions: 'json, mbstring, tokenizer' tools: 'composer-normalize, php-cs-fixer:3.10.0' @@ -39,7 +39,7 @@ jobs: - name: 'Setup PHP' uses: 'shivammathur/setup-php@v2' with: - php-version: '8.1' + php-version: '7.4' coverage: 'none' extensions: 'json, mbstring, tokenizer' env: @@ -69,6 +69,9 @@ jobs: include: - dependencies: 'beta' symfony_version: + - 5.1 + - 5.2 + - 5.3 - 5.4 - 6.0 env: diff --git a/composer.json b/composer.json index 7fe0c669..85cd8a1c 100644 --- a/composer.json +++ b/composer.json @@ -22,10 +22,10 @@ "require": { "php": "^7.2 || ^8.0", "friendsofsymfony/oauth2-php": "~1.1", - "symfony/dependency-injection": "^4.4 || ^5.1", - "symfony/framework-bundle": "^4.4 || ^5.1", - "symfony/security-bundle": "^4.4 || ^5.1", - "symfony/twig-bundle": "^4.4 || ^5.1" + "symfony/dependency-injection": "^5.1 || ^6.0", + "symfony/framework-bundle": "^5.1 || ^6.0", + "symfony/security-bundle": "^5.1 || ^6.0", + "symfony/twig-bundle": "^5.1 || ^6.0" }, "require-dev": { "doctrine/doctrine-bundle": "^2.0", @@ -36,12 +36,12 @@ "phpstan/phpstan": "^0.12", "phpstan/phpstan-phpunit": "~0.9", "phpunit/phpunit": "^8.5.23 || ^9.0", - "symfony/console": "^4.4 || ^5.1", - "symfony/form": "^4.4 || ^5.1", - "symfony/http-kernel": "^4.4 || ^5.1", - "symfony/phpunit-bridge": "^4.4 || ^5.1", - "symfony/security-core": "^4.4 || ^5.1", - "symfony/yaml": "^4.4 || ^5.1" + "symfony/console": "^5.1 || ^6.0", + "symfony/form": "^5.1 || ^6.0", + "symfony/http-kernel": "^5.1 || ^6.0", + "symfony/phpunit-bridge": "^5.1 || ^6.0", + "symfony/security-core": "^5.1 || ^6.0", + "symfony/yaml": "^5.1 || ^6.0" }, "conflict": { "twig/twig": "<1.40 || >=2.0,<2.9" From b3c3a38e727a869f3ec6bed40d5f67cc3381f0c6 Mon Sep 17 00:00:00 2001 From: "Israel J. Carberry" Date: Thu, 8 Sep 2022 13:32:57 -0500 Subject: [PATCH 12/18] PHPStan fixes --- .../Authenticator/OAuthAuthenticator.php | 6 +- Tests/Document/AuthCodeManagerTest.php | 2 +- Tests/Document/TokenManagerTest.php | 2 +- .../TestBundle/Entity/AccessToken.php | 6 + .../Functional/TestBundle/Entity/AuthCode.php | 6 + .../TestBundle/Entity/RefreshToken.php | 6 + Tests/Functional/TestCase.php | 11 - .../Authenticator/OAuthAuthenticatorTest.php | 2 +- phpstan-baseline.neon | 236 ++++++++++-------- 9 files changed, 159 insertions(+), 118 deletions(-) diff --git a/Security/Authentication/Authenticator/OAuthAuthenticator.php b/Security/Authentication/Authenticator/OAuthAuthenticator.php index d28ebccd..d8b1cc32 100644 --- a/Security/Authentication/Authenticator/OAuthAuthenticator.php +++ b/Security/Authentication/Authenticator/OAuthAuthenticator.php @@ -117,7 +117,7 @@ public function createAuthenticatedToken(PassportInterface $passport, string $fi if (!$passport->hasBadge(OAuthCredentials::class) || !$passport->hasBadge(UserBadge::class) ) { - throw new OAuth2AuthenticateException(Response::HTTP_UNAUTHORIZED, OAuth2::TOKEN_TYPE_BEARER, $this->serverService->getVariable(OAuth2::CONFIG_WWW_REALM), 'access_denied', 'Unexpected credentials type.'); + throw new OAuth2AuthenticateException((string) Response::HTTP_UNAUTHORIZED, OAuth2::TOKEN_TYPE_BEARER, $this->serverService->getVariable(OAuth2::CONFIG_WWW_REALM), 'access_denied', 'Unexpected credentials type.'); } // get the passport badges @@ -130,7 +130,7 @@ public function createAuthenticatedToken(PassportInterface $passport, string $fi try { $this->userChecker->checkPostAuth($user); } catch (AccountStatusException $e) { - throw new OAuth2AuthenticateException(Response::HTTP_UNAUTHORIZED, OAuth2::TOKEN_TYPE_BEARER, $this->serverService->getVariable(OAuth2::CONFIG_WWW_REALM), 'access_denied', $e->getMessage()); + throw new OAuth2AuthenticateException((string) Response::HTTP_UNAUTHORIZED, OAuth2::TOKEN_TYPE_BEARER, $this->serverService->getVariable(OAuth2::CONFIG_WWW_REALM), 'access_denied', $e->getMessage()); } } catch (OAuth2ServerException $e) { throw new AuthenticationException('OAuth2 authentication failed', 0, $e); @@ -158,7 +158,7 @@ public function onAuthenticationSuccess(Request $request, TokenInterface $token, public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response { $responseException = new OAuth2AuthenticateException( - Response::HTTP_UNAUTHORIZED, + (string) Response::HTTP_UNAUTHORIZED, OAuth2::TOKEN_TYPE_BEARER, $this->serverService->getVariable(OAuth2::CONFIG_WWW_REALM), 'access_denied', diff --git a/Tests/Document/AuthCodeManagerTest.php b/Tests/Document/AuthCodeManagerTest.php index 1f0033ca..4ccb5a52 100644 --- a/Tests/Document/AuthCodeManagerTest.php +++ b/Tests/Document/AuthCodeManagerTest.php @@ -200,7 +200,7 @@ public function testDeleteExpired(): void $collection, [ 'type' => Query::TYPE_REMOVE, - 'query' => null, + 'query' => [], ], [], false diff --git a/Tests/Document/TokenManagerTest.php b/Tests/Document/TokenManagerTest.php index f7f6a667..02fbb8f0 100644 --- a/Tests/Document/TokenManagerTest.php +++ b/Tests/Document/TokenManagerTest.php @@ -196,7 +196,7 @@ public function testDeleteExpired(): void $collection, [ 'type' => Query::TYPE_REMOVE, - 'query' => null, + 'query' => [], ], [], false diff --git a/Tests/Functional/TestBundle/Entity/AccessToken.php b/Tests/Functional/TestBundle/Entity/AccessToken.php index 78ffb576..54923b6f 100644 --- a/Tests/Functional/TestBundle/Entity/AccessToken.php +++ b/Tests/Functional/TestBundle/Entity/AccessToken.php @@ -15,6 +15,8 @@ use Doctrine\ORM\Mapping as ORM; use FOS\OAuthServerBundle\Entity\AccessToken as BaseAccessToken; +use FOS\OAuthServerBundle\Model\ClientInterface; +use Symfony\Component\Security\Core\User\UserInterface; /** * @ORM\Entity @@ -32,11 +34,15 @@ class AccessToken extends BaseAccessToken /** * @ORM\ManyToOne(targetEntity="Client") * @ORM\JoinColumn(nullable=false) + * + * @var ClientInterface */ protected $client; /** * @ORM\ManyToOne(targetEntity="User") + * + * @var UserInterface */ protected $user; } diff --git a/Tests/Functional/TestBundle/Entity/AuthCode.php b/Tests/Functional/TestBundle/Entity/AuthCode.php index 0d654696..db55c06e 100644 --- a/Tests/Functional/TestBundle/Entity/AuthCode.php +++ b/Tests/Functional/TestBundle/Entity/AuthCode.php @@ -15,6 +15,8 @@ use Doctrine\ORM\Mapping as ORM; use FOS\OAuthServerBundle\Entity\AuthCode as BaseAuthCode; +use FOS\OAuthServerBundle\Model\ClientInterface; +use Symfony\Component\Security\Core\User\UserInterface; /** * @ORM\Entity @@ -32,11 +34,15 @@ class AuthCode extends BaseAuthCode /** * @ORM\ManyToOne(targetEntity="Client") * @ORM\JoinColumn(nullable=false) + * + * @var ClientInterface */ protected $client; /** * @ORM\ManyToOne(targetEntity="User") + * + * @var UserInterface */ protected $user; } diff --git a/Tests/Functional/TestBundle/Entity/RefreshToken.php b/Tests/Functional/TestBundle/Entity/RefreshToken.php index f8aadfa9..1b55b2c3 100644 --- a/Tests/Functional/TestBundle/Entity/RefreshToken.php +++ b/Tests/Functional/TestBundle/Entity/RefreshToken.php @@ -15,6 +15,8 @@ use Doctrine\ORM\Mapping as ORM; use FOS\OAuthServerBundle\Entity\RefreshToken as BaseRefreshToken; +use FOS\OAuthServerBundle\Model\ClientInterface; +use Symfony\Component\Security\Core\User\UserInterface; /** * @ORM\Entity @@ -32,11 +34,15 @@ class RefreshToken extends BaseRefreshToken /** * @ORM\ManyToOne(targetEntity="Client") * @ORM\JoinColumn(nullable=false) + * + * @var ClientInterface */ protected $client; /** * @ORM\ManyToOne(targetEntity="User") + * + * @var UserInterface */ protected $user; } diff --git a/Tests/Functional/TestCase.php b/Tests/Functional/TestCase.php index 3061ee51..df6d1d20 100644 --- a/Tests/Functional/TestCase.php +++ b/Tests/Functional/TestCase.php @@ -15,26 +15,15 @@ use Symfony\Bundle\FrameworkBundle\Test\WebTestCase; use Symfony\Component\Filesystem\Filesystem; -use Symfony\Component\HttpKernel\KernelInterface; abstract class TestCase extends WebTestCase { - /** - * @var KernelInterface|null - */ - protected static $kernel; - protected function setUp(): void { $fs = new Filesystem(); $fs->remove(sys_get_temp_dir().'/FOSOAuthServerBundle/'); } - protected function tearDown(): void - { - static::$kernel = null; - } - /** * @param array $options */ diff --git a/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php b/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php index 005a9221..37335046 100644 --- a/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php +++ b/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php @@ -178,7 +178,7 @@ public function testAuthenticateReturnsUnresolvedPassportWhenInvalidToken(): voi ->method('verifyAccessToken') ->with('mock_token_string') ->willThrowException(new OAuth2AuthenticateException( - Response::HTTP_UNAUTHORIZED, + (string) Response::HTTP_UNAUTHORIZED, 'mock_token_type', 'mock_realm', 'invalid_grant', diff --git a/phpstan-baseline.neon b/phpstan-baseline.neon index d5a14d74..249020ad 100644 --- a/phpstan-baseline.neon +++ b/phpstan-baseline.neon @@ -1,32 +1,32 @@ parameters: ignoreErrors: - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Command\\\\CleanCommand\\:\\:configure\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Command\\\\CleanCommand\\:\\:configure\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Command/CleanCommand.php - - message: "#^Property FOS\\\\OAuthServerBundle\\\\Command\\\\CleanCommand\\:\\:\\$accessTokenManager has no typehint specified\\.$#" + message: "#^Property FOS\\\\OAuthServerBundle\\\\Command\\\\CleanCommand\\:\\:\\$accessTokenManager has no type(|hint) specified\\.$#" count: 1 path: Command/CleanCommand.php - - message: "#^Property FOS\\\\OAuthServerBundle\\\\Command\\\\CleanCommand\\:\\:\\$authCodeManager has no typehint specified\\.$#" + message: "#^Property FOS\\\\OAuthServerBundle\\\\Command\\\\CleanCommand\\:\\:\\$authCodeManager has no type(|hint) specified\\.$#" count: 1 path: Command/CleanCommand.php - - message: "#^Property FOS\\\\OAuthServerBundle\\\\Command\\\\CleanCommand\\:\\:\\$refreshTokenManager has no typehint specified\\.$#" + message: "#^Property FOS\\\\OAuthServerBundle\\\\Command\\\\CleanCommand\\:\\:\\$refreshTokenManager has no type(|hint) specified\\.$#" count: 1 path: Command/CleanCommand.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Command\\\\CreateClientCommand\\:\\:configure\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Command\\\\CreateClientCommand\\:\\:configure\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Command/CreateClientCommand.php - - message: "#^Property FOS\\\\OAuthServerBundle\\\\Command\\\\CreateClientCommand\\:\\:\\$clientManager has no typehint specified\\.$#" + message: "#^Property FOS\\\\OAuthServerBundle\\\\Command\\\\CreateClientCommand\\:\\:\\$clientManager has no type(|hint) specified\\.$#" count: 1 path: Command/CreateClientCommand.php @@ -36,12 +36,12 @@ parameters: path: Controller/AuthorizeController.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Controller\\\\AuthorizeController\\:\\:authorizeAction\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Controller\\\\AuthorizeController\\:\\:authorizeAction\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Controller/AuthorizeController.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Controller\\\\AuthorizeController\\:\\:getCurrentRequest\\(\\) never returns null so it can be removed from the return typehint\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Controller\\\\AuthorizeController\\:\\:getCurrentRequest\\(\\) never returns null so it can be removed from the return type(|hint)\\.$#" count: 1 path: Controller/AuthorizeController.php @@ -56,12 +56,12 @@ parameters: path: Controller/AuthorizeController.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Compiler\\\\GrantExtensionsCompilerPass\\:\\:process\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Compiler\\\\GrantExtensionsCompilerPass\\:\\:process\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: DependencyInjection/Compiler/GrantExtensionsCompilerPass.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Compiler\\\\RequestStackCompilerPass\\:\\:process\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Compiler\\\\RequestStackCompilerPass\\:\\:process\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: DependencyInjection/Compiler/RequestStackCompilerPass.php @@ -76,12 +76,12 @@ parameters: path: DependencyInjection/Configuration.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Configuration\\:\\:addAuthorizeSection\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Configuration\\:\\:addAuthorizeSection\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: DependencyInjection/Configuration.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Configuration\\:\\:addServiceSection\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Configuration\\:\\:addServiceSection\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: DependencyInjection/Configuration.php @@ -96,7 +96,7 @@ parameters: path: DependencyInjection/Configuration.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\FOSOAuthServerExtension\\:\\:computeArraySupportedScopes\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\FOSOAuthServerExtension\\:\\:computeArraySupportedScopes\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: DependencyInjection/FOSOAuthServerExtension.php @@ -106,7 +106,7 @@ parameters: path: DependencyInjection/FOSOAuthServerExtension.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\FOSOAuthServerExtension\\:\\:load\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\FOSOAuthServerExtension\\:\\:load\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: DependencyInjection/FOSOAuthServerExtension.php @@ -116,7 +116,7 @@ parameters: path: DependencyInjection/FOSOAuthServerExtension.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\FOSOAuthServerExtension\\:\\:loadAuthorize\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\FOSOAuthServerExtension\\:\\:loadAuthorize\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: DependencyInjection/FOSOAuthServerExtension.php @@ -126,7 +126,7 @@ parameters: path: DependencyInjection/FOSOAuthServerExtension.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\FOSOAuthServerExtension\\:\\:remapParameters\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\FOSOAuthServerExtension\\:\\:remapParameters\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: DependencyInjection/FOSOAuthServerExtension.php @@ -141,7 +141,7 @@ parameters: path: DependencyInjection/FOSOAuthServerExtension.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\FOSOAuthServerExtension\\:\\:remapParametersNamespaces\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\FOSOAuthServerExtension\\:\\:remapParametersNamespaces\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: DependencyInjection/FOSOAuthServerExtension.php @@ -156,27 +156,27 @@ parameters: path: DependencyInjection/FOSOAuthServerExtension.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Security\\\\Factory\\\\OAuthFactory\\:\\:addConfiguration\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Security\\\\Factory\\\\OAuthFactory\\:\\:addConfiguration\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: DependencyInjection/Security/Factory/OAuthFactory.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Security\\\\Factory\\\\OAuthFactory\\:\\:create\\(\\) has parameter \\$config with no typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Security\\\\Factory\\\\OAuthFactory\\:\\:create\\(\\) has parameter \\$config with no type(|hint) specified\\.$#" count: 1 path: DependencyInjection/Security/Factory/OAuthFactory.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Security\\\\Factory\\\\OAuthFactory\\:\\:create\\(\\) has parameter \\$defaultEntryPoint with no typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Security\\\\Factory\\\\OAuthFactory\\:\\:create\\(\\) has parameter \\$defaultEntryPoint with no type(|hint) specified\\.$#" count: 1 path: DependencyInjection/Security/Factory/OAuthFactory.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Security\\\\Factory\\\\OAuthFactory\\:\\:create\\(\\) has parameter \\$id with no typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Security\\\\Factory\\\\OAuthFactory\\:\\:create\\(\\) has parameter \\$id with no type(|hint) specified\\.$#" count: 1 path: DependencyInjection/Security/Factory/OAuthFactory.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Security\\\\Factory\\\\OAuthFactory\\:\\:create\\(\\) has parameter \\$userProvider with no typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Security\\\\Factory\\\\OAuthFactory\\:\\:create\\(\\) has parameter \\$userProvider with no type(|hint) specified\\.$#" count: 1 path: DependencyInjection/Security/Factory/OAuthFactory.php @@ -185,6 +185,11 @@ parameters: count: 1 path: DependencyInjection/Security/Factory/OAuthFactory.php + - + message: "#^Method FOS\\\\OAuthServerBundle\\\\DependencyInjection\\\\Security\\\\Factory\\\\OAuthFactory\\:\\:createAuthenticator\\(\\) has parameter \\$config with no value type specified in iterable type array\\.$#" + count: 1 + path: DependencyInjection/Security/Factory/OAuthFactory.php + - message: "#^Call to method createQueryBuilder\\(\\) on an unknown class Doctrine\\\\ODM\\\\MongoDB\\\\DocumentRepository\\.$#" count: 1 @@ -196,12 +201,12 @@ parameters: path: Document/AuthCodeManager.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Document\\\\AuthCodeManager\\:\\:__construct\\(\\) has parameter \\$class with no typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Document\\\\AuthCodeManager\\:\\:__construct\\(\\) has parameter \\$class with no type(|hint) specified\\.$#" count: 1 path: Document/AuthCodeManager.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Document\\\\AuthCodeManager\\:\\:deleteAuthCode\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Document\\\\AuthCodeManager\\:\\:deleteAuthCode\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Document/AuthCodeManager.php @@ -211,7 +216,7 @@ parameters: path: Document/AuthCodeManager.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Document\\\\AuthCodeManager\\:\\:updateAuthCode\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Document\\\\AuthCodeManager\\:\\:updateAuthCode\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Document/AuthCodeManager.php @@ -236,12 +241,12 @@ parameters: path: Document/ClientManager.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Document\\\\ClientManager\\:\\:__construct\\(\\) has parameter \\$class with no typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Document\\\\ClientManager\\:\\:__construct\\(\\) has parameter \\$class with no type(|hint) specified\\.$#" count: 1 path: Document/ClientManager.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Document\\\\ClientManager\\:\\:deleteClient\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Document\\\\ClientManager\\:\\:deleteClient\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Document/ClientManager.php @@ -251,7 +256,7 @@ parameters: path: Document/ClientManager.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Document\\\\ClientManager\\:\\:updateClient\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Document\\\\ClientManager\\:\\:updateClient\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Document/ClientManager.php @@ -281,12 +286,12 @@ parameters: path: Document/TokenManager.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Document\\\\TokenManager\\:\\:__construct\\(\\) has parameter \\$class with no typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Document\\\\TokenManager\\:\\:__construct\\(\\) has parameter \\$class with no type(|hint) specified\\.$#" count: 1 path: Document/TokenManager.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Document\\\\TokenManager\\:\\:deleteToken\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Document\\\\TokenManager\\:\\:deleteToken\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Document/TokenManager.php @@ -296,7 +301,7 @@ parameters: path: Document/TokenManager.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Document\\\\TokenManager\\:\\:updateToken\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Document\\\\TokenManager\\:\\:updateToken\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Document/TokenManager.php @@ -316,7 +321,7 @@ parameters: path: Document/TokenManager.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Entity\\\\AuthCodeManager\\:\\:deleteAuthCode\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Entity\\\\AuthCodeManager\\:\\:deleteAuthCode\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Entity/AuthCodeManager.php @@ -326,7 +331,7 @@ parameters: path: Entity/AuthCodeManager.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Entity\\\\AuthCodeManager\\:\\:updateAuthCode\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Entity\\\\AuthCodeManager\\:\\:updateAuthCode\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Entity/AuthCodeManager.php @@ -341,12 +346,12 @@ parameters: path: Entity/AuthCodeManager.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Entity\\\\ClientManager\\:\\:__construct\\(\\) has parameter \\$class with no typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Entity\\\\ClientManager\\:\\:__construct\\(\\) has parameter \\$class with no type(|hint) specified\\.$#" count: 1 path: Entity/ClientManager.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Entity\\\\ClientManager\\:\\:deleteClient\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Entity\\\\ClientManager\\:\\:deleteClient\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Entity/ClientManager.php @@ -356,7 +361,7 @@ parameters: path: Entity/ClientManager.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Entity\\\\ClientManager\\:\\:updateClient\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Entity\\\\ClientManager\\:\\:updateClient\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Entity/ClientManager.php @@ -376,12 +381,12 @@ parameters: path: Entity/ClientManager.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Entity\\\\TokenManager\\:\\:__construct\\(\\) has parameter \\$class with no typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Entity\\\\TokenManager\\:\\:__construct\\(\\) has parameter \\$class with no type(|hint) specified\\.$#" count: 1 path: Entity/TokenManager.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Entity\\\\TokenManager\\:\\:deleteToken\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Entity\\\\TokenManager\\:\\:deleteToken\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Entity/TokenManager.php @@ -391,7 +396,7 @@ parameters: path: Entity/TokenManager.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Entity\\\\TokenManager\\:\\:updateToken\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Entity\\\\TokenManager\\:\\:updateToken\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Entity/TokenManager.php @@ -411,42 +416,42 @@ parameters: path: Entity/TokenManager.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Event\\\\AbstractAuthorizationEvent\\:\\:setAuthorizedClient\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Event\\\\AbstractAuthorizationEvent\\:\\:setAuthorizedClient\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Event/AbstractAuthorizationEvent.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\FOSOAuthServerBundle\\:\\:build\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\FOSOAuthServerBundle\\:\\:build\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: FOSOAuthServerBundle.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Form\\\\Handler\\\\AuthorizeFormHandler\\:\\:getCurrentRequest\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Form\\\\Handler\\\\AuthorizeFormHandler\\:\\:getCurrentRequest\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Form/Handler/AuthorizeFormHandler.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Form\\\\Handler\\\\AuthorizeFormHandler\\:\\:getScope\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Form\\\\Handler\\\\AuthorizeFormHandler\\:\\:getScope\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Form/Handler/AuthorizeFormHandler.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Form\\\\Handler\\\\AuthorizeFormHandler\\:\\:isAccepted\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Form\\\\Handler\\\\AuthorizeFormHandler\\:\\:isAccepted\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Form/Handler/AuthorizeFormHandler.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Form\\\\Handler\\\\AuthorizeFormHandler\\:\\:isRejected\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Form\\\\Handler\\\\AuthorizeFormHandler\\:\\:isRejected\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Form/Handler/AuthorizeFormHandler.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Form\\\\Handler\\\\AuthorizeFormHandler\\:\\:onSuccess\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Form\\\\Handler\\\\AuthorizeFormHandler\\:\\:onSuccess\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Form/Handler/AuthorizeFormHandler.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Form\\\\Handler\\\\AuthorizeFormHandler\\:\\:setContainer\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Form\\\\Handler\\\\AuthorizeFormHandler\\:\\:setContainer\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Form/Handler/AuthorizeFormHandler.php @@ -461,27 +466,27 @@ parameters: path: Form/Model/Authorize.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Form\\\\Type\\\\AuthorizeFormType\\:\\:buildForm\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Form\\\\Type\\\\AuthorizeFormType\\:\\:buildForm\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Form/Type/AuthorizeFormType.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Form\\\\Type\\\\AuthorizeFormType\\:\\:configureOptions\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Form\\\\Type\\\\AuthorizeFormType\\:\\:configureOptions\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Form/Type/AuthorizeFormType.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\AuthCode\\:\\:setRedirectUri\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\AuthCode\\:\\:setRedirectUri\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/AuthCode.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\AuthCodeInterface\\:\\:setRedirectUri\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\AuthCodeInterface\\:\\:setRedirectUri\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/AuthCodeInterface.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\AuthCodeManagerInterface\\:\\:deleteAuthCode\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\AuthCodeManagerInterface\\:\\:deleteAuthCode\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/AuthCodeManagerInterface.php @@ -491,7 +496,7 @@ parameters: path: Model/AuthCodeManagerInterface.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\AuthCodeManagerInterface\\:\\:updateAuthCode\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\AuthCodeManagerInterface\\:\\:updateAuthCode\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/AuthCodeManagerInterface.php @@ -501,7 +506,7 @@ parameters: path: Model/Client.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Client\\:\\:getId\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Client\\:\\:getId\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/Client.php @@ -511,7 +516,7 @@ parameters: path: Model/Client.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Client\\:\\:setAllowedGrantTypes\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Client\\:\\:setAllowedGrantTypes\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/Client.php @@ -521,12 +526,12 @@ parameters: path: Model/Client.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Client\\:\\:setRandomId\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Client\\:\\:setRandomId\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/Client.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Client\\:\\:setRedirectUris\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Client\\:\\:setRedirectUris\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/Client.php @@ -536,7 +541,7 @@ parameters: path: Model/Client.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Client\\:\\:setSecret\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Client\\:\\:setSecret\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/Client.php @@ -556,7 +561,7 @@ parameters: path: Model/ClientInterface.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\ClientInterface\\:\\:setAllowedGrantTypes\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\ClientInterface\\:\\:setAllowedGrantTypes\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/ClientInterface.php @@ -566,12 +571,12 @@ parameters: path: Model/ClientInterface.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\ClientInterface\\:\\:setRandomId\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\ClientInterface\\:\\:setRandomId\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/ClientInterface.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\ClientInterface\\:\\:setRedirectUris\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\ClientInterface\\:\\:setRedirectUris\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/ClientInterface.php @@ -581,12 +586,12 @@ parameters: path: Model/ClientInterface.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\ClientInterface\\:\\:setSecret\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\ClientInterface\\:\\:setSecret\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/ClientInterface.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\ClientManagerInterface\\:\\:deleteClient\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\ClientManagerInterface\\:\\:deleteClient\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/ClientManagerInterface.php @@ -596,72 +601,72 @@ parameters: path: Model/ClientManagerInterface.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\ClientManagerInterface\\:\\:updateClient\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\ClientManagerInterface\\:\\:updateClient\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/ClientManagerInterface.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Token\\:\\:getClient\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Token\\:\\:getClient\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/Token.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Token\\:\\:getId\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Token\\:\\:getId\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/Token.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Token\\:\\:setClient\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Token\\:\\:setClient\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/Token.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Token\\:\\:setExpiresAt\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Token\\:\\:setExpiresAt\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/Token.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Token\\:\\:setScope\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Token\\:\\:setScope\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/Token.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Token\\:\\:setToken\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Token\\:\\:setToken\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/Token.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Token\\:\\:setUser\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\Token\\:\\:setUser\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/Token.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\TokenInterface\\:\\:setClient\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\TokenInterface\\:\\:setClient\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/TokenInterface.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\TokenInterface\\:\\:setExpiresAt\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\TokenInterface\\:\\:setExpiresAt\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/TokenInterface.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\TokenInterface\\:\\:setScope\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\TokenInterface\\:\\:setScope\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/TokenInterface.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\TokenInterface\\:\\:setToken\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\TokenInterface\\:\\:setToken\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/TokenInterface.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\TokenInterface\\:\\:setUser\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\TokenInterface\\:\\:setUser\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/TokenInterface.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\TokenManagerInterface\\:\\:deleteToken\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\TokenManagerInterface\\:\\:deleteToken\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/TokenManagerInterface.php @@ -671,10 +676,25 @@ parameters: path: Model/TokenManagerInterface.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\TokenManagerInterface\\:\\:updateToken\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Model\\\\TokenManagerInterface\\:\\:updateToken\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Model/TokenManagerInterface.php + - + message: "#^Call to an undefined method OAuth2\\\\Model\\\\IOAuth2AccessToken\\:\\:getUser\\(\\)\\.$#" + count: 1 + path: Security/Authentication/Authenticator/OAuthAuthenticator.php + + - + message: "#^Call to an undefined method Symfony\\\\Component\\\\Security\\\\Http\\\\Authenticator\\\\Passport\\\\Badge\\\\BadgeInterface\\:\\:get(UserIdentifier|Roles|TokenString)\\(\\)\\.$#" + count: 3 + path: Security/Authentication/Authenticator/OAuthAuthenticator.php + + - + message: "#^Method FOS\\\\OAuthServerBundle\\\\Security\\\\Authentication\\\\Passport\\\\OAuthCredentials\\:\\:getRoles\\(\\) return type has no value type specified in iterable type array\\.$#" + count: 1 + path: Security/Authentication/Passport/OAuthCredentials.php + - message: "#^Parameter \\#1 \\$httpCode of class OAuth2\\\\OAuth2AuthenticateException constructor expects string, int given\\.$#" count: 2 @@ -686,17 +706,17 @@ parameters: path: Security/Authentication/Provider/OAuthProvider.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Security\\\\Authentication\\\\Token\\\\OAuthToken\\:\\:getToken\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Security\\\\Authentication\\\\Token\\\\OAuthToken\\:\\:getToken\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Security/Authentication/Token/OAuthToken.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Security\\\\Authentication\\\\Token\\\\OAuthToken\\:\\:setToken\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Security\\\\Authentication\\\\Token\\\\OAuthToken\\:\\:setToken\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Security/Authentication/Token/OAuthToken.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Security\\\\Authentication\\\\Token\\\\OAuthToken\\:\\:setToken\\(\\) has parameter \\$token with no typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Security\\\\Authentication\\\\Token\\\\OAuthToken\\:\\:setToken\\(\\) has parameter \\$token with no type(|hint) specified\\.$#" count: 1 path: Security/Authentication/Token/OAuthToken.php @@ -706,7 +726,7 @@ parameters: path: Security/EntryPoint/OAuthEntryPoint.php - - message: "#^Property FOS\\\\OAuthServerBundle\\\\Security\\\\EntryPoint\\\\OAuthEntryPoint\\:\\:\\$serverService has no typehint specified\\.$#" + message: "#^Property FOS\\\\OAuthServerBundle\\\\Security\\\\EntryPoint\\\\OAuthEntryPoint\\:\\:\\$serverService has no type(|hint) specified\\.$#" count: 1 path: Security/EntryPoint/OAuthEntryPoint.php @@ -716,7 +736,7 @@ parameters: path: Security/Firewall/OAuthListener.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Security\\\\Firewall\\\\OAuthListener\\:\\:__invoke\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Security\\\\Firewall\\\\OAuthListener\\:\\:__invoke\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Security/Firewall/OAuthListener.php @@ -726,17 +746,17 @@ parameters: path: Security/Firewall/OAuthListener.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\GrantExtensionDispatcherInterface\\:\\:setGrantExtension\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\GrantExtensionDispatcherInterface\\:\\:setGrantExtension\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Storage/GrantExtensionDispatcherInterface.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\GrantExtensionDispatcherInterface\\:\\:setGrantExtension\\(\\) has parameter \\$uri with no typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\GrantExtensionDispatcherInterface\\:\\:setGrantExtension\\(\\) has parameter \\$uri with no type(|hint) specified\\.$#" count: 1 path: Storage/GrantExtensionDispatcherInterface.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\GrantExtensionInterface\\:\\:checkGrantExtension\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\GrantExtensionInterface\\:\\:checkGrantExtension\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Storage/GrantExtensionInterface.php @@ -776,17 +796,17 @@ parameters: path: Storage/OAuthStorage.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\OAuthStorage\\:\\:createAccessToken\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\OAuthStorage\\:\\:createAccessToken\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Storage/OAuthStorage.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\OAuthStorage\\:\\:createAuthCode\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\OAuthStorage\\:\\:createAuthCode\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Storage/OAuthStorage.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\OAuthStorage\\:\\:createRefreshToken\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\OAuthStorage\\:\\:createRefreshToken\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Storage/OAuthStorage.php @@ -796,22 +816,22 @@ parameters: path: Storage/OAuthStorage.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\OAuthStorage\\:\\:markAuthCodeAsUsed\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\OAuthStorage\\:\\:markAuthCodeAsUsed\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Storage/OAuthStorage.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\OAuthStorage\\:\\:setGrantExtension\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\OAuthStorage\\:\\:setGrantExtension\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Storage/OAuthStorage.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\OAuthStorage\\:\\:setGrantExtension\\(\\) has parameter \\$uri with no typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\OAuthStorage\\:\\:setGrantExtension\\(\\) has parameter \\$uri with no type(|hint) specified\\.$#" count: 1 path: Storage/OAuthStorage.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\OAuthStorage\\:\\:unsetRefreshToken\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Storage\\\\OAuthStorage\\:\\:unsetRefreshToken\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Storage/OAuthStorage.php @@ -825,6 +845,10 @@ parameters: count: 1 path: Storage/OAuthStorage.php + - + message: "#Test::test.*has parameter.*with no value type specified in iterable type array#" + path: Tests/ + - message: "#^Unreachable statement \\- code above always terminates\\.$#" count: 1 @@ -846,7 +870,7 @@ parameters: path: Tests/Controller/AuthorizeControllerTest.php - - message: "#^Call to method PHPUnit\\\\Framework\\\\Assert\\:\\:assertSame\\(\\) with string and int will always evaluate to false\\.$#" + message: "#^Call to method PHPUnit\\\\Framework\\\\Assert\\:\\:assertSame\\(\\) with (|non-empty-)string and int will always evaluate to false\\.$#" count: 1 path: Tests/Document/AuthCodeManagerTest.php @@ -861,7 +885,7 @@ parameters: path: Tests/Document/ClientManagerTest.php - - message: "#^Call to method PHPUnit\\\\Framework\\\\Assert\\:\\:assertSame\\(\\) with string and int will always evaluate to false\\.$#" + message: "#^Call to method PHPUnit\\\\Framework\\\\Assert\\:\\:assertSame\\(\\) with (|non-empty-)string and int will always evaluate to false\\.$#" count: 1 path: Tests/Document/TokenManagerTest.php @@ -871,17 +895,17 @@ parameters: path: Tests/Document/TokenManagerTest.php - - message: "#^Call to method PHPUnit\\\\Framework\\\\Assert\\:\\:assertSame\\(\\) with string and FOS\\\\OAuthServerBundle\\\\Model\\\\AuthCodeInterface\\|null will always evaluate to false\\.$#" + message: "#^Call to method PHPUnit\\\\Framework\\\\Assert\\:\\:assertSame\\(\\) with (|non-empty-)string and FOS\\\\OAuthServerBundle\\\\Model\\\\AuthCodeInterface\\|null will always evaluate to false\\.$#" count: 1 path: Tests/Entity/AuthCodeManagerTest.php - - message: "#^Call to method PHPUnit\\\\Framework\\\\Assert\\:\\:assertSame\\(\\) with string and int will always evaluate to false\\.$#" + message: "#^Call to method PHPUnit\\\\Framework\\\\Assert\\:\\:assertSame\\(\\) with (|non-empty-)string and int will always evaluate to false\\.$#" count: 1 path: Tests/Entity/AuthCodeManagerTest.php - - message: "#^Call to method PHPUnit\\\\Framework\\\\Assert\\:\\:assertSame\\(\\) with string and FOS\\\\OAuthServerBundle\\\\Model\\\\ClientInterface\\|null will always evaluate to false\\.$#" + message: "#^Call to method PHPUnit\\\\Framework\\\\Assert\\:\\:assertSame\\(\\) with (|non-empty-)string and FOS\\\\OAuthServerBundle\\\\Model\\\\ClientInterface\\|null will always evaluate to false\\.$#" count: 1 path: Tests/Entity/ClientManagerTest.php @@ -891,12 +915,12 @@ parameters: path: Tests/Entity/ClientManagerTest.php - - message: "#^Call to method PHPUnit\\\\Framework\\\\Assert\\:\\:assertSame\\(\\) with string and FOS\\\\OAuthServerBundle\\\\Model\\\\TokenInterface\\|null will always evaluate to false\\.$#" + message: "#^Call to method PHPUnit\\\\Framework\\\\Assert\\:\\:assertSame\\(\\) with (|non-empty-)string and FOS\\\\OAuthServerBundle\\\\Model\\\\TokenInterface\\|null will always evaluate to false\\.$#" count: 1 path: Tests/Entity/TokenManagerTest.php - - message: "#^Call to method PHPUnit\\\\Framework\\\\Assert\\:\\:assertSame\\(\\) with string and int will always evaluate to false\\.$#" + message: "#^Call to method PHPUnit\\\\Framework\\\\Assert\\:\\:assertSame\\(\\) with (|non-empty-)string and int will always evaluate to false\\.$#" count: 1 path: Tests/Entity/TokenManagerTest.php @@ -925,6 +949,16 @@ parameters: count: 1 path: Tests/Functional/TestBundle/Entity/User.php + - + message: "#^Call to an undefined method Symfony\\\\Component\\\\Security\\\\Core\\\\Authentication\\\\Token\\\\TokenInterface\\:\\:getToken\\(\\)\\.$#" + count: 1 + path: Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php + + - + message: "#^Call to an undefined method Symfony\\\\Component\\\\Security\\\\Http\\\\Authenticator\\\\Passport\\\\Badge\\\\BadgeInterface\\:\\:get(UserIdentifier|TokenString|Roles)\\(\\)\\.$#" + count: 3 + path: Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php + - message: "#^Unreachable statement \\- code above always terminates\\.$#" count: 1 @@ -961,7 +995,7 @@ parameters: path: Tests/Storage/OAuthStorageTest.php - - message: "#^Method FOS\\\\OAuthServerBundle\\\\Util\\\\Random\\:\\:generateToken\\(\\) has no return typehint specified\\.$#" + message: "#^Method FOS\\\\OAuthServerBundle\\\\Util\\\\Random\\:\\:generateToken\\(\\) has no return type(|hint) specified\\.$#" count: 1 path: Util/Random.php From 6924079eededa3766eba703a6722a7c773f86e6e Mon Sep 17 00:00:00 2001 From: "Israel J. Carberry" Date: Thu, 8 Sep 2022 13:48:18 -0500 Subject: [PATCH 13/18] Fixes test create kernel method signature --- Tests/Functional/TestCase.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Tests/Functional/TestCase.php b/Tests/Functional/TestCase.php index df6d1d20..fb5c924b 100644 --- a/Tests/Functional/TestCase.php +++ b/Tests/Functional/TestCase.php @@ -15,6 +15,7 @@ use Symfony\Bundle\FrameworkBundle\Test\WebTestCase; use Symfony\Component\Filesystem\Filesystem; +use Symfony\Component\HttpKernel\KernelInterface; abstract class TestCase extends WebTestCase { @@ -27,7 +28,7 @@ protected function setUp(): void /** * @param array $options */ - protected static function createKernel(array $options = []) + protected static function createKernel(array $options = []): KernelInterface { $env = @$options['env'] ?: 'test'; From 0801f062f4e0ce8934890757a166bb0dc71234a1 Mon Sep 17 00:00:00 2001 From: "Israel J. Carberry" Date: Fri, 9 Sep 2022 18:21:05 -0500 Subject: [PATCH 14/18] Limits dependency versions for BC breaks, updates testing accordingly --- .github/workflows/continuous-integration.yaml | 11 ++------- Makefile | 8 +++++++ composer.json | 23 ++++++++++--------- 3 files changed, 22 insertions(+), 20 deletions(-) diff --git a/.github/workflows/continuous-integration.yaml b/.github/workflows/continuous-integration.yaml index 8fa58e8f..8865ef16 100644 --- a/.github/workflows/continuous-integration.yaml +++ b/.github/workflows/continuous-integration.yaml @@ -58,10 +58,6 @@ jobs: name: 'Unit Tests' strategy: matrix: - php: - - '7.4' - - '8.0' - - '8.1' dependencies: - 'lowest' - 'highest' @@ -69,11 +65,8 @@ jobs: include: - dependencies: 'beta' symfony_version: - - 5.1 - - 5.2 - 5.3 - 5.4 - - 6.0 env: SYMFONY_VERSION: '${{ matrix.symfony_version }}' steps: @@ -83,7 +76,7 @@ jobs: - name: 'Setup PHP' uses: 'shivammathur/setup-php@v2' with: - php-version: '${{ matrix.php }}' + php-version: '7.4' coverage: 'none' tools: 'composer:2' extensions: 'mongodb' @@ -95,7 +88,7 @@ jobs: - run: | if [ "${{ matrix.dependencies }}" = "beta" ]; then make composer-config-beta; fi; - - run: 'composer rem symfony/form -n --no-update && composer req "symfony/form: ^4.4 || ^5.1" doctrine/annotations --no-update -n' + - run: 'composer rem symfony/form -n --no-update && composer req "symfony/form: ^5.3 || ^6.0" doctrine/annotations --no-update -n' - uses: 'ramsey/composer-install@v2' with: diff --git a/Makefile b/Makefile index e4b81fc1..c9851c73 100644 --- a/Makefile +++ b/Makefile @@ -26,6 +26,14 @@ composer-compat: composer-config-beta: composer config "minimum-stability" "beta" +composer-php7: + # when php 7 and 8 are both installed, to test with php7 - for example: + # $ make composer-compat + # $ make composer-php7 + # $ SYMFONY_VERSION=5.3 make composer-install + # $ php7.4 vendor/bin/phpunit + composer config platform.php 7.4 + composer-install: rm -f composer.lock && cp composer.json composer.json~ ifdef SYMFONY_VERSION diff --git a/composer.json b/composer.json index 85cd8a1c..d153c288 100644 --- a/composer.json +++ b/composer.json @@ -20,12 +20,13 @@ ], "homepage": "http://friendsofsymfony.github.com", "require": { - "php": "^7.2 || ^8.0", + "php": "^7.4 || ^8.0", "friendsofsymfony/oauth2-php": "~1.1", - "symfony/dependency-injection": "^5.1 || ^6.0", - "symfony/framework-bundle": "^5.1 || ^6.0", - "symfony/security-bundle": "^5.1 || ^6.0", - "symfony/twig-bundle": "^5.1 || ^6.0" + "symfony/dependency-injection": "^5.3", + "symfony/framework-bundle": "^5.3", + "symfony/security-bundle": "^5.3", + "symfony/symfony": "6.0", + "symfony/twig-bundle": "^5.3" }, "require-dev": { "doctrine/doctrine-bundle": "^2.0", @@ -36,12 +37,12 @@ "phpstan/phpstan": "^0.12", "phpstan/phpstan-phpunit": "~0.9", "phpunit/phpunit": "^8.5.23 || ^9.0", - "symfony/console": "^5.1 || ^6.0", - "symfony/form": "^5.1 || ^6.0", - "symfony/http-kernel": "^5.1 || ^6.0", - "symfony/phpunit-bridge": "^5.1 || ^6.0", - "symfony/security-core": "^5.1 || ^6.0", - "symfony/yaml": "^5.1 || ^6.0" + "symfony/console": "^5.3", + "symfony/form": "^5.3", + "symfony/http-kernel": "^5.3", + "symfony/phpunit-bridge": "^5.3", + "symfony/security-core": "^5.3", + "symfony/yaml": "^5.3" }, "conflict": { "twig/twig": "<1.40 || >=2.0,<2.9" From fcf847205d72de2eac9c706d00b6ff5e98362442 Mon Sep 17 00:00:00 2001 From: "Israel J. Carberry" Date: Mon, 12 Sep 2022 13:46:26 -0500 Subject: [PATCH 15/18] Updates load user method and fixes deprecated test methods --- .../Authenticator/OAuthAuthenticator.php | 2 +- Storage/OAuthStorage.php | 2 +- Tests/Controller/AuthorizeControllerTest.php | 57 ++++++++++--------- .../GrantExtensionsCompilerPassTest.php | 53 +++++++++-------- Tests/FOSOAuthServerBundleTest.php | 6 +- .../Form/Handler/AuthorizeFormHandlerTest.php | 2 +- .../Authenticator/OAuthAuthenticatorTest.php | 17 ++++-- Tests/Storage/OAuthStorageTest.php | 14 +++-- composer.json | 3 +- 9 files changed, 89 insertions(+), 67 deletions(-) diff --git a/Security/Authentication/Authenticator/OAuthAuthenticator.php b/Security/Authentication/Authenticator/OAuthAuthenticator.php index d8b1cc32..e82c5c4b 100644 --- a/Security/Authentication/Authenticator/OAuthAuthenticator.php +++ b/Security/Authentication/Authenticator/OAuthAuthenticator.php @@ -122,7 +122,7 @@ public function createAuthenticatedToken(PassportInterface $passport, string $fi // get the passport badges $credentials = $passport->getBadge(OAuthCredentials::class); - $user = $this->userProvider->loadUserByUsername( + $user = $this->userProvider->loadUserByIdentifier( $passport->getBadge(UserBadge::class)->getUserIdentifier() ); diff --git a/Storage/OAuthStorage.php b/Storage/OAuthStorage.php index 5ab6b7c9..5ead512b 100644 --- a/Storage/OAuthStorage.php +++ b/Storage/OAuthStorage.php @@ -152,7 +152,7 @@ public function checkUserCredentials(IOAuth2Client $client, $username, $password } try { - $user = $this->userProvider->loadUserByUsername($username); + $user = $this->userProvider->loadUserByIdentifier($username); } catch (AuthenticationException $e) { return false; } diff --git a/Tests/Controller/AuthorizeControllerTest.php b/Tests/Controller/AuthorizeControllerTest.php index 04d2319a..d155f4d4 100644 --- a/Tests/Controller/AuthorizeControllerTest.php +++ b/Tests/Controller/AuthorizeControllerTest.php @@ -236,13 +236,13 @@ public function testAuthorizeActionWillThrowAccessDeniedException(): void ; $this->tokenStorage - ->expects($this->at(0)) + ->expects($this->once()) ->method('getToken') ->willReturn($token) ; $token - ->expects($this->at(0)) + ->expects($this->once()) ->method('getUser') ->willReturn(null) ; @@ -261,19 +261,19 @@ public function testAuthorizeActionWillRenderTemplate(): void ; $this->tokenStorage - ->expects($this->at(0)) + ->expects($this->once()) ->method('getToken') ->willReturn($token) ; $token - ->expects($this->at(0)) + ->expects($this->once()) ->method('getUser') ->willReturn($this->user) ; $this->session - ->expects($this->at(0)) + ->expects($this->once()) ->method('get') ->with('_fos_oauth_server.ensure_logout') ->willReturn(false) @@ -297,14 +297,14 @@ public function testAuthorizeActionWillRenderTemplate(): void ; $this->authorizeFormHandler - ->expects($this->at(0)) + ->expects($this->once()) ->method('process') ->with() ->willReturn(false) ; $this->form - ->expects($this->at(0)) + ->expects($this->once()) ->method('createView') ->willReturn($this->formView) ; @@ -333,19 +333,19 @@ public function testAuthorizeActionWillFinishClientAuthorization(): void ; $this->tokenStorage - ->expects($this->at(0)) + ->expects($this->once()) ->method('getToken') ->willReturn($token) ; $token - ->expects($this->at(0)) + ->expects($this->once()) ->method('getUser') ->willReturn($this->user) ; $this->session - ->expects($this->at(0)) + ->expects($this->once()) ->method('get') ->with('_fos_oauth_server.ensure_logout') ->willReturn(false) @@ -371,7 +371,7 @@ public function testAuthorizeActionWillFinishClientAuthorization(): void $randomScope = 'scope'.\random_bytes(10); $this->request - ->expects($this->at(0)) + ->expects($this->once()) ->method('get') ->with('scope', null) ->willReturn($randomScope) @@ -380,7 +380,7 @@ public function testAuthorizeActionWillFinishClientAuthorization(): void $response = new Response(); $this->oAuth2Server - ->expects($this->at(0)) + ->expects($this->once()) ->method('finishClientAuthorization') ->with( true, @@ -402,33 +402,33 @@ public function testAuthorizeActionWillEnsureLogout(): void ; $this->tokenStorage - ->expects($this->at(0)) + ->expects($this->once()) ->method('getToken') ->willReturn($token) ; $token - ->expects($this->at(0)) + ->expects($this->once()) ->method('getUser') ->willReturn($this->user) ; $this->session - ->expects($this->at(0)) + ->expects($this->once()) ->method('get') ->with('_fos_oauth_server.ensure_logout') ->willReturn(true) ; $this->session - ->expects($this->at(1)) + ->expects($this->once()) ->method('invalidate') ->with(600) ->willReturn(true) ; $this->session - ->expects($this->at(2)) + ->expects($this->once()) ->method('set') ->with('_fos_oauth_server.ensure_logout', true) ->willReturn(null) @@ -452,14 +452,14 @@ public function testAuthorizeActionWillEnsureLogout(): void ; $this->authorizeFormHandler - ->expects($this->at(0)) + ->expects($this->once()) ->method('process') ->with() ->willReturn(false) ; $this->form - ->expects($this->at(0)) + ->expects($this->once()) ->method('createView') ->willReturn($this->formView) ; @@ -510,18 +510,12 @@ public function testAuthorizeActionWillProcessAuthorizationForm(): void $propertyReflection->setAccessible(true); $propertyReflection->setValue($this->instance, $this->client); - $this->eventDispatcher - ->expects($this->at(0)) - ->method('dispatch') - ->with(new PreAuthorizationEvent($this->user, $this->client)) - ->willReturn($this->preAuthorizationEvent) - ; - $this->preAuthorizationEvent ->expects($this->once()) ->method('isAuthorizedClient') ->willReturn(false) ; + $postAuthorizationEvent = new PostAuthorizationEvent($this->user, $this->client, true); $this->authorizeFormHandler ->expects($this->once()) @@ -536,9 +530,16 @@ public function testAuthorizeActionWillProcessAuthorizationForm(): void ; $this->eventDispatcher - ->expects($this->at(1)) + ->expects($this->exactly(2)) ->method('dispatch') - ->with(new PostAuthorizationEvent($this->user, $this->client, true)) + ->withConsecutive( + [$this->equalTo(new PreAuthorizationEvent($this->user, $this->client))], + [$this->equalTo($postAuthorizationEvent)] + ) + ->willReturn( + $this->preAuthorizationEvent, + $postAuthorizationEvent + ) ; $formName = 'formName'.\random_bytes(10); diff --git a/Tests/DependencyInjection/Compiler/GrantExtensionsCompilerPassTest.php b/Tests/DependencyInjection/Compiler/GrantExtensionsCompilerPassTest.php index 81ab02d2..6d7038da 100644 --- a/Tests/DependencyInjection/Compiler/GrantExtensionsCompilerPassTest.php +++ b/Tests/DependencyInjection/Compiler/GrantExtensionsCompilerPassTest.php @@ -169,7 +169,7 @@ public function testProcessWillFailIfUriIsEmpty(): void $exceptionMessage = 'Service "%s" must define the "uri" attribute on "fos_oauth_server.grant_extension" tags.'; - $idx = 0; + $addMethodCallWiths = []; foreach ($data as $id => $tags) { foreach ($tags as $tag) { if (empty($tag['uri'])) { @@ -177,20 +177,22 @@ public function testProcessWillFailIfUriIsEmpty(): void break; } - $storageDefinition - ->expects($this->at(++$idx)) - ->method('addMethodCall') - ->with( - 'setGrantExtension', - [ - $tag['uri'], - new Reference($id), - ] - ) - ; + $addMethodCallWiths[] = [ + $this->equalTo('setGrantExtension'), + $this->equalTo([ + $tag['uri'], + new Reference($id), + ]) + ]; } } + $storageDefinition + ->expects($this->exactly(count($addMethodCallWiths))) + ->method('addMethodCall') + ->withConsecutive(...$addMethodCallWiths) + ; + $this->expectException(InvalidArgumentException::class); $this->expectExceptionMessage($exceptionMessage); @@ -279,23 +281,26 @@ public function testProcess(): void ->willReturn($data) ; - $idx = 0; + $addMethodCallWiths = []; foreach ($data as $id => $tags) { foreach ($tags as $tag) { - $storageDefinition - ->expects($this->at(++$idx)) - ->method('addMethodCall') - ->with( - 'setGrantExtension', - [ - $tag['uri'], - new Reference($id), - ] - ) - ; + $addMethodCallWiths[] = [ + $this->equalTo('setGrantExtension'), + $this->equalTo([ + $tag['uri'], + new Reference($id), + ]), + $this->equalTo(false) + ]; } } + $storageDefinition + ->expects($this->exactly(count($addMethodCallWiths))) + ->method('addMethodCall') + ->withConsecutive(...$addMethodCallWiths) + ; + $this->assertNull($this->instance->process($container)); } } diff --git a/Tests/FOSOAuthServerBundleTest.php b/Tests/FOSOAuthServerBundleTest.php index d437c0bb..53f75235 100644 --- a/Tests/FOSOAuthServerBundleTest.php +++ b/Tests/FOSOAuthServerBundleTest.php @@ -47,21 +47,21 @@ public function testConstruction(): void ; $containerBuilder - ->expects($this->at(0)) + ->expects($this->once()) ->method('getExtension') ->with('security') ->willReturn($securityExtension) ; $securityExtension - ->expects($this->at(0)) + ->expects($this->once()) ->method('addSecurityListenerFactory') ->with(new OAuthFactory()) ->willReturn(null) ; $containerBuilder - ->expects($this->at(1)) + ->expects($this->exactly(2)) ->method('addCompilerPass') ->withConsecutive( [new Compiler\GrantExtensionsCompilerPass()], diff --git a/Tests/Form/Handler/AuthorizeFormHandlerTest.php b/Tests/Form/Handler/AuthorizeFormHandlerTest.php index 3c261c5a..168f048d 100644 --- a/Tests/Form/Handler/AuthorizeFormHandlerTest.php +++ b/Tests/Form/Handler/AuthorizeFormHandlerTest.php @@ -188,7 +188,7 @@ public function testGetCurrentRequestWillReturnRequestServiceFromContainerIfNone $randomData = \random_bytes(10); $this->container - ->expects($this->at(0)) + ->expects($this->once()) ->method('get') ->with('request') ->willReturn($randomData) diff --git a/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php b/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php index 37335046..d26b2dd6 100644 --- a/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php +++ b/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php @@ -69,7 +69,16 @@ public function setUp(): void ->getMock() ; $this->userChecker = $this->getMockBuilder(UserCheckerInterface::class)->disableOriginalConstructor()->getMock(); - $this->userProvider = $this->getMockBuilder(UserProviderInterface::class)->disableOriginalConstructor()->getMock(); + $this->userProvider = $this->getMockBuilder(UserProviderInterface::class) + ->disableOriginalConstructor() + ->setMethods([ + 'loadUserByIdentifier', + 'loadUserByUsername', + 'refreshUser', + 'supportsClass' + ]) + ->getMock() + ; // mock the core user object rather than the user interface that the new // getUserIdentifier method is used rather than the deprecated getUsername @@ -236,7 +245,7 @@ public function testCreateAuthenticatedTokenWithValidPassport(): void { // expect the user to be loaded by the provider $this->userProvider->expects($this->once()) - ->method('loadUserByUsername') + ->method('loadUserByIdentifier') ->with('test_user') ->will($this->returnValue($this->user)) ; @@ -271,7 +280,7 @@ public function testCreateAuthenticatedTokenWithValidPassport(): void public function testCreateAuthenticatedTokenWithUnexpectedPassportCredentials(): void { // expect the user to not be loaded by the provider - $this->userProvider->expects($this->never())->method('loadUserByUsername'); + $this->userProvider->expects($this->never())->method('loadUserByIdentifier'); // configure the passport with non-oauth credentials $passport = new Passport( @@ -290,7 +299,7 @@ public function testCreateAuthenticatedTokenTransformsAccountStatusException(): { // expect the user to be loaded by the provider $this->userProvider->expects($this->once()) - ->method('loadUserByUsername') + ->method('loadUserByIdentifier') ->with('test_user') ->will($this->returnValue($this->user)) ; diff --git a/Tests/Storage/OAuthStorageTest.php b/Tests/Storage/OAuthStorageTest.php index ca70e609..fd621e08 100644 --- a/Tests/Storage/OAuthStorageTest.php +++ b/Tests/Storage/OAuthStorageTest.php @@ -78,6 +78,12 @@ public function setUp(): void ; $this->userProvider = $this->getMockBuilder(UserProviderInterface::class) ->disableOriginalConstructor() + ->setMethods([ + 'loadUserByIdentifier', + 'loadUserByUsername', + 'refreshUser', + 'supportsClass' + ]) ->getMock() ; $this->encoderFactory = $this->getMockBuilder(EncoderFactoryInterface::class) @@ -363,7 +369,7 @@ public function testCheckUserCredentialsCatchesAuthenticationExceptions(): void $this->userProvider ->expects(self::once()) - ->method('loadUserByUsername') + ->method('loadUserByIdentifier') ->with('Joe') ->willThrowException(new AuthenticationException('No such user')) ; @@ -396,7 +402,7 @@ public function testCheckUserCredentialsReturnsTrueOnValidCredentials(): void ; $this->userProvider->expects($this->once()) - ->method('loadUserByUsername') + ->method('loadUserByIdentifier') ->with('Joe') ->will($this->returnValue($user)) ; @@ -435,7 +441,7 @@ public function testCheckUserCredentialsReturnsFalseOnInvalidCredentials(): void ; $this->userProvider->expects($this->once()) - ->method('loadUserByUsername') + ->method('loadUserByIdentifier') ->with('Joe') ->will($this->returnValue($user)) ; @@ -454,7 +460,7 @@ public function testCheckUserCredentialsReturnsFalseIfUserNotExist(): void $client = new Client(); $this->userProvider->expects($this->once()) - ->method('loadUserByUsername') + ->method('loadUserByIdentifier') ->with('Joe') ->willThrowException(new AuthenticationException('No such user')) ; diff --git a/composer.json b/composer.json index d153c288..cd167d79 100644 --- a/composer.json +++ b/composer.json @@ -25,7 +25,7 @@ "symfony/dependency-injection": "^5.3", "symfony/framework-bundle": "^5.3", "symfony/security-bundle": "^5.3", - "symfony/symfony": "6.0", + "symfony/symfony": "^5.3", "symfony/twig-bundle": "^5.3" }, "require-dev": { @@ -38,6 +38,7 @@ "phpstan/phpstan-phpunit": "~0.9", "phpunit/phpunit": "^8.5.23 || ^9.0", "symfony/console": "^5.3", + "symfony/doctrine-messenger": "^5.3", "symfony/form": "^5.3", "symfony/http-kernel": "^5.3", "symfony/phpunit-bridge": "^5.3", From 24e193210e6bac76d54735ddf0804f837d079aee Mon Sep 17 00:00:00 2001 From: "Israel J. Carberry" Date: Mon, 12 Sep 2022 14:07:39 -0500 Subject: [PATCH 16/18] Style fixes and adds composer compatibility for runtime component on tests --- Makefile | 1 + .../Compiler/GrantExtensionsCompilerPassTest.php | 4 ++-- .../Authentication/Authenticator/OAuthAuthenticatorTest.php | 2 +- Tests/Storage/OAuthStorageTest.php | 2 +- 4 files changed, 5 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index c9851c73..99c12e9c 100644 --- a/Makefile +++ b/Makefile @@ -21,6 +21,7 @@ cs-full-check: composer-compat: composer config "platform.ext-mongo" "1.6.16" + composer config --no-plugins allow-plugins.symfony/runtime true composer require alcaeus/mongo-php-adapter --no-update composer-config-beta: diff --git a/Tests/DependencyInjection/Compiler/GrantExtensionsCompilerPassTest.php b/Tests/DependencyInjection/Compiler/GrantExtensionsCompilerPassTest.php index 6d7038da..760897f4 100644 --- a/Tests/DependencyInjection/Compiler/GrantExtensionsCompilerPassTest.php +++ b/Tests/DependencyInjection/Compiler/GrantExtensionsCompilerPassTest.php @@ -182,7 +182,7 @@ public function testProcessWillFailIfUriIsEmpty(): void $this->equalTo([ $tag['uri'], new Reference($id), - ]) + ]), ]; } } @@ -290,7 +290,7 @@ public function testProcess(): void $tag['uri'], new Reference($id), ]), - $this->equalTo(false) + $this->equalTo(false), ]; } } diff --git a/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php b/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php index d26b2dd6..e584696e 100644 --- a/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php +++ b/Tests/Security/Authentication/Authenticator/OAuthAuthenticatorTest.php @@ -75,7 +75,7 @@ public function setUp(): void 'loadUserByIdentifier', 'loadUserByUsername', 'refreshUser', - 'supportsClass' + 'supportsClass', ]) ->getMock() ; diff --git a/Tests/Storage/OAuthStorageTest.php b/Tests/Storage/OAuthStorageTest.php index fd621e08..27559809 100644 --- a/Tests/Storage/OAuthStorageTest.php +++ b/Tests/Storage/OAuthStorageTest.php @@ -82,7 +82,7 @@ public function setUp(): void 'loadUserByIdentifier', 'loadUserByUsername', 'refreshUser', - 'supportsClass' + 'supportsClass', ]) ->getMock() ; From 02419f95612502ac51f3f6881c8a265405189c80 Mon Sep 17 00:00:00 2001 From: "Israel J. Carberry" Date: Mon, 12 Sep 2022 14:34:27 -0500 Subject: [PATCH 17/18] Removes lowest software dependencies CI config until upgrade to Symfony 6 / PHP 8 --- .github/workflows/continuous-integration.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/continuous-integration.yaml b/.github/workflows/continuous-integration.yaml index 8865ef16..434bad3b 100644 --- a/.github/workflows/continuous-integration.yaml +++ b/.github/workflows/continuous-integration.yaml @@ -59,7 +59,6 @@ jobs: strategy: matrix: dependencies: - - 'lowest' - 'highest' - 'beta' include: From 2c9d87561b11221ec992c4224885fcd8ba84777c Mon Sep 17 00:00:00 2001 From: "Israel J. Carberry" Date: Tue, 20 Sep 2022 14:25:11 -0500 Subject: [PATCH 18/18] Fixes annotations dependency --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index cd167d79..a6f2e39c 100644 --- a/composer.json +++ b/composer.json @@ -21,11 +21,11 @@ "homepage": "http://friendsofsymfony.github.com", "require": { "php": "^7.4 || ^8.0", + "doctrine/annotations": "^1.13", "friendsofsymfony/oauth2-php": "~1.1", "symfony/dependency-injection": "^5.3", "symfony/framework-bundle": "^5.3", "symfony/security-bundle": "^5.3", - "symfony/symfony": "^5.3", "symfony/twig-bundle": "^5.3" }, "require-dev": {