diff --git a/lib/SimpleSAML/Command/RouterDebugCommand.php b/lib/SimpleSAML/Command/RouterDebugCommand.php
index d1bfab227e89241faeed568dac483997dea75863..05edf2fe6553363a5ad686ce68d81a79c5d71043 100644
--- a/lib/SimpleSAML/Command/RouterDebugCommand.php
+++ b/lib/SimpleSAML/Command/RouterDebugCommand.php
@@ -26,7 +26,7 @@ class RouterDebugCommand extends Command
/**
- * @param Symfony\Component\Routing\RouterInterface
+ * @param \Symfony\Component\Routing\RouterInterface
*
* @throws \Symfony\Component\Console\Exception\LogicException When the command name is empty
*/
@@ -58,7 +58,7 @@ EOF
/**
* @param \Symfony\Component\Console\Input\InputInterface $input
* @param \Symfony\Component\Console\Output\OutputInterface $output
- * @return int 0 if everything went fine, or an exit code
+ * @return void
*/
protected function execute(InputInterface $input, OutputInterface $output)
{
diff --git a/lib/SimpleSAML/Configuration.php b/lib/SimpleSAML/Configuration.php
index 5059487a96de5c0b63377fd1918052c4a1f4c0df..be7ad8955b464b2ae85d7cf4e35f0fb8cd027847 100644
--- a/lib/SimpleSAML/Configuration.php
+++ b/lib/SimpleSAML/Configuration.php
@@ -468,8 +468,6 @@ class Configuration implements Utils\ClearableState
return null;
}
- Assert::string($path);
-
return Utils\System::resolvePath($path, $this->getBaseDir());
}
@@ -790,8 +788,6 @@ class Configuration implements Utils\ClearableState
*/
public function getArrayize(string $name, $default = self::REQUIRED_OPTION)
{
- Assert::string($name);
-
$ret = $this->getValue($name, $default);
if ($ret === $default) {
@@ -817,7 +813,7 @@ class Configuration implements Utils\ClearableState
* required if this parameter isn't given. The default value can be any value, including
* null.
*
- * @return array The option with the given name, or $default if the option isn't found and $default is specified.
+ * @return mixed The option with the given name, or $default if the option isn't found and $default is specified.
*
* @throws \Exception If the option is not a string or an array of strings.
*/
@@ -858,7 +854,8 @@ class Configuration implements Utils\ClearableState
* This function will only return null if $default is set to null and the option
* doesn't exist.
*
- * @return \SimpleSAML\Configuration|null The option with the given name, or $default if the option isn't found and $default is specified.
+ * @return \SimpleSAML\Configuration|null The option with the given name,
+ * or $default if the option isn't found and $default is specified.
*
* @throws \Exception If the option is not an array.
*/
@@ -1022,7 +1019,7 @@ class Configuration implements Utils\ClearableState
* @param mixed $default The default value to return if no matching endpoint is found. If no default is provided,
* an exception will be thrown.
*
- * @return array|null The default endpoint, or null if no acceptable endpoints are used.
+ * @return mixed|null The default endpoint, or null if no acceptable endpoints are used.
*
* @throws \Exception If no supported endpoint is found.
*/
diff --git a/lib/SimpleSAML/Error/AuthSource.php b/lib/SimpleSAML/Error/AuthSource.php
index b836b93b806166d3070bf71bf560f506e16ad0c9..b42ab25d0d85e6a6c4eab9dd45c65d19ea8575e9 100644
--- a/lib/SimpleSAML/Error/AuthSource.php
+++ b/lib/SimpleSAML/Error/AuthSource.php
@@ -4,13 +4,12 @@ declare(strict_types=1);
namespace SimpleSAML\Error;
-use Exception;
use Webmozart\Assert\Assert;
/**
* Baseclass for auth source exceptions.
*
- * @package SimpleSAMLphp_base
+ * @package SimpleSAMLphp
*
*/
@@ -36,7 +35,7 @@ class AuthSource extends Error
* @param string $reason Description of the error.
* @param \Exception|null $cause
*/
- public function __construct(string $authsource, string $reason, Exception $cause = null)
+ public function __construct(string $authsource, string $reason, \Exception $cause = null)
{
$this->authsource = $authsource;
$this->reason = $reason;
diff --git a/lib/SimpleSAML/Logger.php b/lib/SimpleSAML/Logger.php
index 0805dd328da930d2b2400ad01f0c42db3aaa3a83..be1742dcdf5c2c69416f75046809f85d162c0271 100644
--- a/lib/SimpleSAML/Logger.php
+++ b/lib/SimpleSAML/Logger.php
@@ -426,7 +426,6 @@ class Logger
// get the configuration
$config = Configuration::getInstance();
- Assert::isInstanceOf($config, Configuration::class);
// setting minimum log_level
self::$logLevel = $config->getInteger('logging.level', self::INFO);
diff --git a/lib/SimpleSAML/Memcache.php b/lib/SimpleSAML/Memcache.php
index 7eff621f7238c4263905dcff90131b8ccddd57ae..07302815eddd96112e60891921216d56d33e850a 100644
--- a/lib/SimpleSAML/Memcache.php
+++ b/lib/SimpleSAML/Memcache.php
@@ -408,7 +408,6 @@ class Memcache
{
// get the configuration instance
$config = Configuration::getInstance();
- Assert::isInstanceOf($config, Configuration::class);
// get the expire-value from the configuration
$expire = $config->getInteger('memcache_store.expires', 0);
diff --git a/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php b/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php
index ac8407ce3d4c0b055ca079fd580042772cbbe487..e4a88e189edef243107c90a68e653cd8d7341ee3 100644
--- a/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php
+++ b/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php
@@ -108,7 +108,6 @@ class MetaDataStorageHandler implements \SimpleSAML\Utils\ClearableState
// get the configuration
$config = Configuration::getInstance();
- Assert::isInstanceOf($config, Configuration::class);
$baseurl = Utils\HTTP::getSelfURLHost() . $config->getBasePath();
@@ -311,8 +310,6 @@ class MetaDataStorageHandler implements \SimpleSAML\Utils\ClearableState
$index = $this->getMetaDataCurrentEntityID($set, 'metaindex');
}
- Assert::string($index);
-
foreach ($this->sources as $source) {
$metadata = $source->getMetaData($index, $set);
diff --git a/lib/SimpleSAML/Metadata/SAMLBuilder.php b/lib/SimpleSAML/Metadata/SAMLBuilder.php
index f598e7e0295cb2afe98f846ebda0c9d517ae85f5..d7ae636765d36ec2f6cd11b1f87fa0ddb6c34a67 100644
--- a/lib/SimpleSAML/Metadata/SAMLBuilder.php
+++ b/lib/SimpleSAML/Metadata/SAMLBuilder.php
@@ -76,8 +76,6 @@ class SAMLBuilder
*/
public function __construct(string $entityId, int $maxCache = null, int $maxDuration = null)
{
- Assert::string($entityId);
-
$this->maxCache = $maxCache;
$this->maxDuration = $maxDuration;
@@ -132,8 +130,6 @@ class SAMLBuilder
*/
public function getEntityDescriptorText(bool $formatted = true): string
{
- Assert::boolean($formatted);
-
$xml = $this->getEntityDescriptor();
if ($formatted) {
Utils\XML::formatDOMElement($xml);
diff --git a/lib/SimpleSAML/Module.php b/lib/SimpleSAML/Module.php
index e59418bdca6795ac13b4c3bb8c4b2ea6de38a78f..285882f7c47642f0f8e5fdc1b73da0d8f3272977 100644
--- a/lib/SimpleSAML/Module.php
+++ b/lib/SimpleSAML/Module.php
@@ -583,7 +583,7 @@ class Module
*
* This method removes the trailing slash and redirects to the resulting URL.
*
- * @param Symfony\Component\HttpFoundation\Request $request The request to process by this controller method.
+ * @param \Symfony\Component\HttpFoundation\Request $request The request to process by this controller method.
*
* @return \Symfony\Component\HttpFoundation\RedirectResponse
* A redirection to the URI specified in the request, but without the trailing slash.
diff --git a/lib/SimpleSAML/Session.php b/lib/SimpleSAML/Session.php
index e0a16dd3e79c0b838e3495704bdd5185851aa723..61428d3e935eb726bcb7b67e88c1997cf054318e 100644
--- a/lib/SimpleSAML/Session.php
+++ b/lib/SimpleSAML/Session.php
@@ -352,8 +352,6 @@ class Session implements \Serializable, Utils\ClearableState
return null;
}
- Assert::isInstanceOf($session, self::class);
-
if ($checkToken) {
$globalConfig = Configuration::getInstance();
diff --git a/lib/SimpleSAML/Utils/Crypto.php b/lib/SimpleSAML/Utils/Crypto.php
index 44752f4e5cf8ad82d6d792fc002e332035d35861..f37c31803db5d848781e5ba8d7aaac7a0e996b5a 100644
--- a/lib/SimpleSAML/Utils/Crypto.php
+++ b/lib/SimpleSAML/Utils/Crypto.php
@@ -328,9 +328,7 @@ class Crypto
*/
public static function pwHash(string $password): string
{
- if (!is_string($password)) {
- throw new \InvalidArgumentException('Invalid input parameter.');
- } elseif (!is_string($hash = password_hash($password, PASSWORD_DEFAULT))) {
+ if (!is_string($hash = password_hash($password, PASSWORD_DEFAULT))) {
throw new \InvalidArgumentException('Error while hashing password.');
}
return $hash;
diff --git a/lib/SimpleSAML/Utils/System.php b/lib/SimpleSAML/Utils/System.php
index 2c2b4d181db62ac2bcb64685cde1947cb01ce49d..a61b6784c56e31218fd2881a6ba990bf19961d94 100644
--- a/lib/SimpleSAML/Utils/System.php
+++ b/lib/SimpleSAML/Utils/System.php
@@ -28,7 +28,8 @@ class System
/**
* This function returns the Operating System we are running on.
*
- * @return string|false A predefined constant identifying the OS we are running on. False if we are unable to determine it.
+ * @return int|false A predefined constant identifying the OS we are running on.
+ * False if we are unable to determine it.
*
* @author Jaime Perez, UNINETT AS <jaime.perez@uninett.no>
*/
diff --git a/modules/admin/lib/Controller/Config.php b/modules/admin/lib/Controller/Config.php
index ad94e0df787de7f4c0bac48391819f1a1f4b0afb..423adafb05868b749a6642c7cf4e20cd4a91882a 100644
--- a/modules/admin/lib/Controller/Config.php
+++ b/modules/admin/lib/Controller/Config.php
@@ -57,7 +57,7 @@ class Config
*
* @return \SimpleSAML\XHTML\Template
*/
- public function diagnostics(Request $request)
+ public function diagnostics(Request $request): Template
{
Utils\Auth::requireAdmin();
@@ -90,7 +90,7 @@ class Config
*
* @return \SimpleSAML\XHTML\Template
*/
- public function main()
+ public function main(): Template
{
Utils\Auth::requireAdmin();
@@ -127,7 +127,7 @@ class Config
*
* @return RunnableResponse
*/
- public function phpinfo()
+ public function phpinfo(): RunnableResponse
{
Utils\Auth::requireAdmin();
@@ -148,7 +148,7 @@ class Config
*
* @return array
*/
- protected function getPrerequisiteChecks()
+ protected function getPrerequisiteChecks(): array
{
$matrix = [
[
@@ -333,7 +333,7 @@ class Config
*
* @return array
*/
- protected function getWarnings()
+ protected function getWarnings(): array
{
$warnings = [];
diff --git a/modules/admin/lib/Controller/Federation.php b/modules/admin/lib/Controller/Federation.php
index 6b6e0ca3710b152700ffc72cfba9f10173f6e1da..7ba872b7d2fa7cdc6c7550c0ab130d3ce4a297cd 100644
--- a/modules/admin/lib/Controller/Federation.php
+++ b/modules/admin/lib/Controller/Federation.php
@@ -62,7 +62,7 @@ class Federation
* @throws \SimpleSAML\Error\Exception
* @throws \SimpleSAML\Error\Exception
*/
- public function main()
+ public function main(): Template
{
Utils\Auth::requireAdmin();
@@ -344,7 +344,7 @@ class Federation
*
* @return \SimpleSAML\XHTML\Template
*/
- public function metadataConverter(Request $request)
+ public function metadataConverter(Request $request): Template
{
Utils\Auth::requireAdmin();
if ($xmlfile = $request->files->get('xmlfile')) {
@@ -411,7 +411,7 @@ class Federation
*
* @return Response PEM-encoded certificate.
*/
- public function downloadCert(Request $request)
+ public function downloadCert(Request $request): Response
{
Utils\Auth::requireAdmin();
@@ -454,7 +454,7 @@ class Federation
*
* @return Response
*/
- public function showRemoteEntity(Request $request)
+ public function showRemoteEntity(Request $request): Response
{
Utils\Auth::requireAdmin();
diff --git a/modules/admin/lib/Controller/Menu.php b/modules/admin/lib/Controller/Menu.php
index 6887fab1abd066809ea8b0207d8db5d701c6bfb7..bd1b2f4304ef621b3e695a7c244e2bb6f764940c 100644
--- a/modules/admin/lib/Controller/Menu.php
+++ b/modules/admin/lib/Controller/Menu.php
@@ -55,7 +55,7 @@ final class Menu
* @param string $name The name of the option for display purposes.
* @return void
*/
- public function addOption($id, $url, $name)
+ public function addOption(string $id, string $url, string $name): void
{
$this->options[$id] = [
'url' => $url,
@@ -84,7 +84,7 @@ final class Menu
*
* @return \SimpleSAML\XHTML\Template The template with the added menu.
*/
- public function insert(Template $template)
+ public function insert(Template $template): Template
{
$template->data['menu'] = $this->options;
Module::callHooks('adminmenu', $template);
diff --git a/modules/admin/lib/Controller/Test.php b/modules/admin/lib/Controller/Test.php
index 06b4baa0f7d6ea4b80b5e76b6491428642016b1d..5a9dd1db208dcbfab92e8d901704dce1dca62724 100644
--- a/modules/admin/lib/Controller/Test.php
+++ b/modules/admin/lib/Controller/Test.php
@@ -58,7 +58,7 @@ class Test
* @param string|null $as
* @return \SimpleSAML\XHTML\Template
*/
- public function main(Request $request, $as)
+ public function main(Request $request, string $as = null)
{
Utils\Auth::requireAdmin();
if (is_null($as)) {
diff --git a/modules/core/hooks/hook_frontpage.php b/modules/core/hooks/hook_frontpage.php
index f6ff146a3978a41970a25dbefc0979a22e4a7612..8eb6d6416498b9bbf19586579f4868ad9906f194 100644
--- a/modules/core/hooks/hook_frontpage.php
+++ b/modules/core/hooks/hook_frontpage.php
@@ -10,9 +10,8 @@ use Webmozart\Assert\Assert;
* @param array &$links The links on the frontpage, split into sections.
* @return void
*/
-function core_hook_frontpage(&$links)
+function core_hook_frontpage(array &$links): void
{
- Assert::isArray($links);
Assert::keyExists($links, 'links');
$links['links']['frontpage_welcome'] = [
diff --git a/modules/core/hooks/hook_sanitycheck.php b/modules/core/hooks/hook_sanitycheck.php
index c786872bb70049a549d8e81c4ea825ddb4a22a6d..d37d6c62b43fa4e81a7906215058575f85cdc103 100644
--- a/modules/core/hooks/hook_sanitycheck.php
+++ b/modules/core/hooks/hook_sanitycheck.php
@@ -10,9 +10,8 @@ use Webmozart\Assert\Assert;
* @param array &$hookinfo hookinfo
* @return void
*/
-function core_hook_sanitycheck(&$hookinfo)
+function core_hook_sanitycheck(array &$hookinfo): void
{
- Assert::isArray($hookinfo);
Assert::keyExists($hookinfo, 'errors');
Assert::keyExists($hookinfo, 'info');
diff --git a/modules/core/lib/ACL.php b/modules/core/lib/ACL.php
index 6ab1baa790f1ea76cf345e95b5794ac05221e0cb..0840cd12b95846137eeee8ed87d9f76478d47cb9 100644
--- a/modules/core/lib/ACL.php
+++ b/modules/core/lib/ACL.php
@@ -23,6 +23,7 @@ class ACL
*/
private $acl;
+
/**
* Initializer for this access control list.
*
@@ -70,13 +71,14 @@ class ACL
return $config->getArray($id);
}
+
/**
* Match the attributes against the access control list.
*
* @param array $attributes The attributes of an user.
* @return boolean TRUE if the user is allowed to access the resource, FALSE if not.
*/
- public function allows(array $attributes)
+ public function allows(array $attributes): bool
{
foreach ($this->acl as $rule) {
$action = array_shift($rule);
@@ -94,6 +96,7 @@ class ACL
return false;
}
+
/**
* Match the attributes against the given rule.
*
@@ -129,6 +132,7 @@ class ACL
}
}
+
/**
* 'and' match operator.
*
@@ -148,6 +152,7 @@ class ACL
return true;
}
+
/**
* 'equals' match operator.
*
@@ -188,6 +193,7 @@ class ACL
return true;
}
+
/**
* 'equals-preg' match operator.
*
@@ -229,6 +235,7 @@ class ACL
return true;
}
+
/**
* 'has' match operator.
*
@@ -256,6 +263,7 @@ class ACL
return true;
}
+
/**
* 'has-preg' match operator.
*
@@ -284,6 +292,7 @@ class ACL
return true;
}
+
/**
* 'or' match operator.
*
diff --git a/modules/core/lib/Auth/Process/AttributeMap.php b/modules/core/lib/Auth/Process/AttributeMap.php
index 63c81aad0e6ba97ec2aba50eff5627e8c5fb45a7..5a79368b94ed03c9d46b08f2641b33790ec2ec48 100644
--- a/modules/core/lib/Auth/Process/AttributeMap.php
+++ b/modules/core/lib/Auth/Process/AttributeMap.php
@@ -101,6 +101,7 @@ class AttributeMap extends \SimpleSAML\Auth\ProcessingFilter
throw new \Exception('Could not find attribute map file: ' . $filePath);
}
+ /** @psalm-var mixed|null $attributemap */
$attributemap = null;
include($filePath);
if (!is_array($attributemap)) {
diff --git a/modules/core/lib/Auth/Source/AdminPassword.php b/modules/core/lib/Auth/Source/AdminPassword.php
index 5f2b8f7b5fbff5146445e3b24197b4cc9e195e76..9433372556bf500d2aa7d8ae27f0b63724612ef5 100644
--- a/modules/core/lib/Auth/Source/AdminPassword.php
+++ b/modules/core/lib/Auth/Source/AdminPassword.php
@@ -25,9 +25,6 @@ class AdminPassword extends \SimpleSAML\Module\core\Auth\UserPassBase
*/
public function __construct(array $info, array $config)
{
- Assert::isArray($info);
- Assert::isArray($config);
-
// Call the parent constructor first, as required by the interface
parent::__construct($info, $config);
@@ -50,9 +47,6 @@ class AdminPassword extends \SimpleSAML\Module\core\Auth\UserPassBase
*/
protected function login(string $username, string $password): array
{
- Assert::string($username);
- Assert::string($password);
-
$config = Configuration::getInstance();
$adminPassword = $config->getString('auth.adminpassword', '123');
if ($adminPassword === '123') {
diff --git a/modules/core/lib/Auth/UserPassBase.php b/modules/core/lib/Auth/UserPassBase.php
index 4b2ac3452e52f067564bc3f42b2f1848928bf6fd..14890d8de6a49e110f18f220a5c1bbfc3a5129c5 100644
--- a/modules/core/lib/Auth/UserPassBase.php
+++ b/modules/core/lib/Auth/UserPassBase.php
@@ -100,11 +100,8 @@ abstract class UserPassBase extends \SimpleSAML\Auth\Source
* @param array $info Information about this authentication source.
* @param array &$config Configuration for this authentication source.
*/
- public function __construct($info, &$config)
+ public function __construct(array $info, array &$config)
{
- Assert::isArray($info);
- Assert::isArray($config);
-
if (isset($config['core:loginpage_links'])) {
$this->loginLinks = $config['core:loginpage_links'];
}
@@ -135,7 +132,7 @@ abstract class UserPassBase extends \SimpleSAML\Auth\Source
* @param string|null $forcedUsername The forced username.
* @return void
*/
- public function setForcedUsername($forcedUsername): void
+ public function setForcedUsername(?string $forcedUsername): void
{
Assert::nullOrString($forcedUsername);
$this->forcedUsername = $forcedUsername;
@@ -143,7 +140,7 @@ abstract class UserPassBase extends \SimpleSAML\Auth\Source
/**
* Return login links from configuration
- * @return array
+ * @return string[]
*/
public function getLoginLinks(): array
{
@@ -238,7 +235,6 @@ abstract class UserPassBase extends \SimpleSAML\Auth\Source
}
$attributes = $this->login($username, $password);
- Assert::isArray($attributes);
$state['Attributes'] = $attributes;
return;
@@ -271,9 +267,9 @@ abstract class UserPassBase extends \SimpleSAML\Auth\Source
*
* @param string $username The username the user wrote.
* @param string $password The password the user wrote.
- * @return array Associative array with the user's attributes.
+ * @return array Associative array with the user's attributes.
*/
- abstract protected function login($username, $password): array;
+ abstract protected function login(string $username, string $password): array;
/**
@@ -288,7 +284,7 @@ abstract class UserPassBase extends \SimpleSAML\Auth\Source
* @param string $password The password the user wrote.
* @return void
*/
- public static function handleLogin(string $authStateId, string $username, string $password)
+ public static function handleLogin(string $authStateId, string $username, string $password): void
{
// Here we retrieve the state array we saved in the authenticate-function.
/** @var array $state */
@@ -319,7 +315,6 @@ abstract class UserPassBase extends \SimpleSAML\Auth\Source
Logger::stats('User \'' . $username . '\' successfully authenticated from ' . $_SERVER['REMOTE_ADDR']);
// Save the attributes we received from the login-function in the $state-array
- Assert::isArray($attributes);
$state['Attributes'] = $attributes;
// Return control to SimpleSAMLphp after successful authentication.
diff --git a/modules/core/lib/Auth/UserPassOrgBase.php b/modules/core/lib/Auth/UserPassOrgBase.php
index f8ba52fd0aec98f56a94152fcf31e59fcd8fdc60..b854a240ddf4d5ba679b0caf97e624e2efd13e8d 100644
--- a/modules/core/lib/Auth/UserPassOrgBase.php
+++ b/modules/core/lib/Auth/UserPassOrgBase.php
@@ -99,11 +99,8 @@ abstract class UserPassOrgBase extends \SimpleSAML\Auth\Source
* @param array $info Information about this authentication source.
* @param array &$config Configuration for this authentication source.
*/
- public function __construct($info, &$config)
+ public function __construct(array $info, array &$config)
{
- Assert::isArray($info);
- Assert::isArray($config);
-
// Call the parent constructor first, as required by the interface
parent::__construct($info, $config);
@@ -143,7 +140,7 @@ abstract class UserPassOrgBase extends \SimpleSAML\Auth\Source
* @param string $usernameOrgMethod The method which should be used.
* @return void
*/
- protected function setUsernameOrgMethod($usernameOrgMethod): void
+ protected function setUsernameOrgMethod(string $usernameOrgMethod): void
{
Assert::oneOf($usernameOrgMethod, ['none', 'allow', 'force']);
diff --git a/modules/core/lib/Controller/Login.php b/modules/core/lib/Controller/Login.php
index 99b13664e7a1e0edecd7260e34b73a4b7aedd869..e117cdc2c6537e486c00d6b416a7d23fd53cb823 100644
--- a/modules/core/lib/Controller/Login.php
+++ b/modules/core/lib/Controller/Login.php
@@ -199,7 +199,7 @@ class Login
* @param Request $request The request that lead to this login operation.
* @return void
*/
- public function cleardiscochoices(Request $request)
+ public function cleardiscochoices(Request $request): void
{
// The base path for cookies. This should be the installation directory for SimpleSAMLphp.
$cookiePath = $this->config->getBasePath();
diff --git a/modules/core/lib/Stats/Output/File.php b/modules/core/lib/Stats/Output/File.php
index a6562637ab104c6d4ffc94fb924b503277b874d9..df83076923caba53db330feb33e9bc3ff5f5acf8 100644
--- a/modules/core/lib/Stats/Output/File.php
+++ b/modules/core/lib/Stats/Output/File.php
@@ -58,7 +58,7 @@ class File extends \SimpleSAML\Stats\Output
* @param string $date The date for the log file.
* @return void
*/
- private function openLog(string $date)
+ private function openLog(string $date): void
{
if ($this->file !== null && $this->file !== false) {
fclose($this->file);
diff --git a/modules/core/lib/Storage/SQLPermanentStorage.php b/modules/core/lib/Storage/SQLPermanentStorage.php
index 541bb711792249df973adf4b1b91cf6c49863e17..dda3fa35c3898550d479dc3c7a04631ed7bdff58 100644
--- a/modules/core/lib/Storage/SQLPermanentStorage.php
+++ b/modules/core/lib/Storage/SQLPermanentStorage.php
@@ -28,7 +28,7 @@ class SQLPermanentStorage
* @param \SimpleSAML\Configuration|null $config
* @throws \Exception
*/
- public function __construct($name, $config = null)
+ public function __construct(string $name, Configuration $config = null)
{
if (is_null($config)) {
$config = Configuration::getInstance();
@@ -78,7 +78,7 @@ class SQLPermanentStorage
* @param int|null $duration
* @return void
*/
- public function set($type, $key1, $key2, $value, $duration = null)
+ public function set(string $type, string $key1, string $key2, string $value, int $duration = null): void
{
if ($this->exists($type, $key1, $key2)) {
$this->update($type, $key1, $key2, $value, $duration);
@@ -140,12 +140,12 @@ class SQLPermanentStorage
/**
- * @param string $type
- * @param string $key1
- * @param string $key2
+ * @param string|null $type
+ * @param string|null $key1
+ * @param string|null $key2
* @return array|null
*/
- public function get($type = null, $key1 = null, $key2 = null)
+ public function get(string $type = null, string $key1 = null, string $key2 = null): ?array
{
$conditions = $this->getCondition($type, $key1, $key2);
$query = 'SELECT * FROM data WHERE ' . $conditions;
@@ -165,12 +165,12 @@ class SQLPermanentStorage
/**
* Return the value directly (not in a container)
*
- * @param string $type
- * @param string $key1
- * @param string $key2
- * @return array|null
+ * @param string|null $type
+ * @param string|null $key1
+ * @param string|null $key2
+ * @return string|null
*/
- public function getValue($type = null, $key1 = null, $key2 = null)
+ public function getValue(string $type = null, string $key1 = null, string $key2 = null): ?string
{
$res = $this->get($type, $key1, $key2);
if ($res === null) {
@@ -186,7 +186,7 @@ class SQLPermanentStorage
* @param string $key2
* @return bool
*/
- public function exists($type, $key1, $key2)
+ public function exists(string $type, string $key1, string $key2): bool
{
$query = 'SELECT * FROM data WHERE type = :type AND key1 = :key1 AND key2 = :key2 LIMIT 1';
$prepared = $this->db->prepare($query);
@@ -198,12 +198,12 @@ class SQLPermanentStorage
/**
- * @param string $type
- * @param string $key1
- * @param string $key2
+ * @param string|null $type
+ * @param string|null $key1
+ * @param string|null $key2
* @return array|false
*/
- public function getList($type = null, $key1 = null, $key2 = null)
+ public function getList(string $type = null, string $key1 = null, string $key2 = null)
{
$conditions = $this->getCondition($type, $key1, $key2);
$query = 'SELECT * FROM data WHERE ' . $conditions;
@@ -223,15 +223,19 @@ class SQLPermanentStorage
/**
- * @param string $type
- * @param string $key1
- * @param string $key2
+ * @param string|null $type
+ * @param string|null $key1
+ * @param string|null $key2
* @param string $whichKey
* @throws \Exception
* @return array|null
*/
- public function getKeys($type = null, $key1 = null, $key2 = null, $whichKey = 'type')
- {
+ public function getKeys(
+ string $type = null,
+ string $key1 = null,
+ string $key2 = null,
+ string $whichKey = 'type'
+ ): ?array {
if (!in_array($whichKey, ['key1', 'key2', 'type'], true)) {
throw new \Exception('Invalid key type');
}
@@ -254,13 +258,14 @@ class SQLPermanentStorage
return $resarray;
}
+
/**
* @param string $type
* @param string $key1
* @param string $key2
* @return bool
*/
- public function remove($type, $key1, $key2)
+ public function remove(string $type, string $key1, string $key2): bool
{
$query = 'DELETE FROM data WHERE type = :type AND key1 = :key1 AND key2 = :key2';
$prepared = $this->db->prepare($query);
@@ -274,7 +279,7 @@ class SQLPermanentStorage
/**
* @return int
*/
- public function removeExpired()
+ public function removeExpired(): int
{
$query = "DELETE FROM data WHERE expire IS NOT NULL AND expire < :expire";
$prepared = $this->db->prepare($query);
@@ -286,9 +291,9 @@ class SQLPermanentStorage
/**
* Create a SQL condition statement based on parameters
*
- * @param string $type
- * @param string $key1
- * @param string $key2
+ * @param string|null $type
+ * @param string|null $key1
+ * @param string|null $key2
* @return string
*/
private function getCondition(string $type = null, string $key1 = null, string $key2 = null): string
diff --git a/modules/cron/hooks/hook_configpage.php b/modules/cron/hooks/hook_configpage.php
index 136888a0036582a91a086acf69179db53fa81fce..cb43582994a0e41e690f878e95684711370fb8d6 100644
--- a/modules/cron/hooks/hook_configpage.php
+++ b/modules/cron/hooks/hook_configpage.php
@@ -6,7 +6,7 @@
* @param \SimpleSAML\XHTML\Template &$template The template that we should alter in this hook.
* @return void
*/
-function cron_hook_configpage(\SimpleSAML\XHTML\Template &$template)
+function cron_hook_configpage(\SimpleSAML\XHTML\Template &$template): void
{
$template->data['links']['cron'] = [
'href' => SimpleSAML\Module::getModuleURL('cron/croninfo.php'),
diff --git a/modules/cron/hooks/hook_cron.php b/modules/cron/hooks/hook_cron.php
index 18b18847b750b9b263f6bdaf1e57882cf1f59245..2211d7a40260ae56e97d7c58c4028a15eef31d7f 100644
--- a/modules/cron/hooks/hook_cron.php
+++ b/modules/cron/hooks/hook_cron.php
@@ -8,9 +8,8 @@ use Webmozart\Assert\Assert;
* @param array &$croninfo Output
* @return void
*/
-function cron_hook_cron(&$croninfo)
+function cron_hook_cron(array &$croninfo): void
{
- Assert::isArray($croninfo);
Assert::keyExists($croninfo, 'summary');
Assert::keyExists($croninfo, 'tag');
diff --git a/modules/cron/hooks/hook_frontpage.php b/modules/cron/hooks/hook_frontpage.php
index 3ca4903136dbf2064e59cf529cbc95260c970750..4e34f505d0c0a97307bf97d7d9b2b5e8414de439 100644
--- a/modules/cron/hooks/hook_frontpage.php
+++ b/modules/cron/hooks/hook_frontpage.php
@@ -8,9 +8,8 @@ use Webmozart\Assert\Assert;
* @param array &$links The links on the frontpage, split into sections.
* @return void
*/
-function cron_hook_frontpage(&$links)
+function cron_hook_frontpage(array &$links): void
{
- Assert::isArray($links);
Assert::keyExists($links, 'links');
$links['config'][] = [
diff --git a/modules/cron/lib/Controller/Cron.php b/modules/cron/lib/Controller/Cron.php
index 7654533f347fdafe6c1b4ffa0402a42b21f942d9..e3d1a01767b694d98a9a15c01b119414be6581f8 100644
--- a/modules/cron/lib/Controller/Cron.php
+++ b/modules/cron/lib/Controller/Cron.php
@@ -63,7 +63,7 @@ class Cron
* @return \SimpleSAML\XHTML\Template
* An HTML template or a redirection if we are not authenticated.
*/
- public function info()
+ public function info(): Template
{
Utils\Auth::requireAdmin();
@@ -100,14 +100,14 @@ class Cron
*
* @param string $tag The tag
* @param string $key The secret key
- * @param string|null $output The output format, defaulting to xhtml
+ * @param string $output The output format, defaulting to xhtml
*
* @return \SimpleSAML\XHTML\Template|\Symfony\Component\HttpFoundation\Response
* An HTML template, a redirect or a "runnable" response.
*
* @throws \SimpleSAML\Error\Exception
*/
- public function run($tag, $key, $output)
+ public function run(string $tag, string $key, string $output = 'xhtml'): Response
{
$configKey = $this->cronconfig->getValue('key', 'secret');
if ($key !== $configKey) {
@@ -116,7 +116,7 @@ class Cron
}
$cron = new \SimpleSAML\Module\cron\Cron();
- if ($tag === null || !$cron->isValidTag($tag)) {
+ if (!$cron->isValidTag($tag)) {
Logger::error('Cron - Illegal tag [' . $tag . '].');
exit;
}
diff --git a/modules/cron/lib/Cron.php b/modules/cron/lib/Cron.php
index 81b3641b69837556652500ff2655e6f8c3920ebe..128ddc8bcfdcbc9c58d18027854038f714b8d0a7 100644
--- a/modules/cron/lib/Cron.php
+++ b/modules/cron/lib/Cron.php
@@ -38,7 +38,7 @@ class Cron
* @return array the tag, and summary information from the run.
* @throws \Exception If an invalid tag specified
*/
- public function runTag($tag)
+ public function runTag(string $tag): array
{
if (!$this->isValidTag($tag)) {
throw new \Exception("Invalid cron tag '$tag''");
@@ -63,7 +63,7 @@ class Cron
* @param string $tag
* @return bool
*/
- public function isValidTag($tag)
+ public function isValidTag(string $tag): bool
{
if (!is_null($this->cronconfig->getValue('allowed_tags'))) {
return in_array($tag, $this->cronconfig->getArray('allowed_tags'), true);
diff --git a/modules/exampleauth/lib/Auth/Source/External.php b/modules/exampleauth/lib/Auth/Source/External.php
index 966ab4b57d57b09e78126709715572cc396041d2..606479543cf59c24bf2c51b74aabc30a1fe3850d 100644
--- a/modules/exampleauth/lib/Auth/Source/External.php
+++ b/modules/exampleauth/lib/Auth/Source/External.php
@@ -44,11 +44,8 @@ class External extends \SimpleSAML\Auth\Source
* @param array $info Information about this authentication source.
* @param array $config Configuration.
*/
- public function __construct($info, $config)
+ public function __construct(array $info, array $config)
{
- Assert::isArray($info);
- Assert::isArray($config);
-
// Call the parent constructor first, as required by the interface
parent::__construct($info, $config);
@@ -109,8 +106,6 @@ class External extends \SimpleSAML\Auth\Source
*/
public function authenticate(array &$state): void
{
- Assert::isArray($state);
-
$attributes = $this->getUser();
if ($attributes !== null) {
/*
@@ -273,8 +268,6 @@ class External extends \SimpleSAML\Auth\Source
*/
public function logout(array &$state): void
{
- Assert::isArray($state);
-
if (!session_id()) {
// session_start not called before. Do it here
session_start();
diff --git a/modules/exampleauth/lib/Auth/Source/StaticSource.php b/modules/exampleauth/lib/Auth/Source/StaticSource.php
index 21c86c697944e374f31d36834bb1c4f3fecfa0f2..75e6a57da5c2604be0b4081e9b8f8b03c2124393 100644
--- a/modules/exampleauth/lib/Auth/Source/StaticSource.php
+++ b/modules/exampleauth/lib/Auth/Source/StaticSource.php
@@ -31,11 +31,8 @@ class StaticSource extends \SimpleSAML\Auth\Source
* @param array $info Information about this authentication source.
* @param array $config Configuration.
*/
- public function __construct($info, $config)
+ public function __construct(array $info, array $config)
{
- Assert::isArray($info);
- Assert::isArray($config);
-
// Call the parent constructor first, as required by the interface
parent::__construct($info, $config);
@@ -57,7 +54,6 @@ class StaticSource extends \SimpleSAML\Auth\Source
*/
public function authenticate(array &$state): void
{
- Assert::isArray($state);
$state['Attributes'] = $this->attributes;
}
}
diff --git a/modules/exampleauth/lib/Auth/Source/UserPass.php b/modules/exampleauth/lib/Auth/Source/UserPass.php
index 6d6849f2377e862b27f5c629f4e800ae2c08bf9c..e4e6b21883a755574ea39a6763284615a27a6f22 100644
--- a/modules/exampleauth/lib/Auth/Source/UserPass.php
+++ b/modules/exampleauth/lib/Auth/Source/UserPass.php
@@ -35,11 +35,8 @@ class UserPass extends \SimpleSAML\Module\core\Auth\UserPassBase
* @param array $info Information about this authentication source.
* @param array $config Configuration.
*/
- public function __construct($info, $config)
+ public function __construct(array $info, array $config)
{
- Assert::isArray($info);
- Assert::isArray($config);
-
// Call the parent constructor first, as required by the interface
parent::__construct($info, $config);
@@ -86,11 +83,8 @@ class UserPass extends \SimpleSAML\Module\core\Auth\UserPassBase
* @param string $password The password the user wrote.
* @return array Associative array with the users attributes.
*/
- protected function login($username, $password)
+ protected function login(string $username, string $password): array
{
- Assert::string($username);
- Assert::string($password);
-
$userpass = $username . ':' . $password;
if (!array_key_exists($userpass, $this->users)) {
throw new Error\Error('WRONGUSERPASS');
diff --git a/modules/multiauth/lib/Auth/Source/MultiAuth.php b/modules/multiauth/lib/Auth/Source/MultiAuth.php
index 5bad36250774b37089d70e77d4826348af30407f..009b9fb8c399ffa6037413ae6e3e882a059792f8 100644
--- a/modules/multiauth/lib/Auth/Source/MultiAuth.php
+++ b/modules/multiauth/lib/Auth/Source/MultiAuth.php
@@ -59,11 +59,8 @@ class MultiAuth extends \SimpleSAML\Auth\Source
* @param array $info Information about this authentication source.
* @param array $config Configuration.
*/
- public function __construct($info, $config)
+ public function __construct(array $info, array $config)
{
- Assert::isArray($info);
- Assert::isArray($config);
-
// Call the parent constructor first, as required by the interface
parent::__construct($info, $config);
@@ -141,8 +138,6 @@ class MultiAuth extends \SimpleSAML\Auth\Source
*/
public function authenticate(array &$state): void
{
- Assert::isArray($state);
-
$state[self::AUTHID] = $this->authId;
$state[self::SOURCESID] = $this->sources;
@@ -184,11 +179,8 @@ class MultiAuth extends \SimpleSAML\Auth\Source
* @return void
* @throws \Exception
*/
- public static function delegateAuthentication($authId, $state)
+ public static function delegateAuthentication(string $authId, array $state): void
{
- assert::string($authId);
- Assert::isArray($state);
-
$as = Auth\Source::getById($authId);
$valid_sources = array_map(
/**
@@ -236,8 +228,6 @@ class MultiAuth extends \SimpleSAML\Auth\Source
*/
public function logout(array &$state): void
{
- Assert::isArray($state);
-
// Get the source that was used to authenticate
$session = Session::getSessionFromRequest();
$authId = $session->getData(self::SESSION_SOURCE, $this->authId);
@@ -260,10 +250,8 @@ class MultiAuth extends \SimpleSAML\Auth\Source
* @param string $source Name of the authentication source the user selected.
* @return void
*/
- public function setPreviousSource($source)
+ public function setPreviousSource(string $source): void
{
- Assert::string($source);
-
$cookieName = 'multiauth_source_' . $this->authId;
$config = Configuration::getInstance();
@@ -286,7 +274,7 @@ class MultiAuth extends \SimpleSAML\Auth\Source
* last time or NULL if this is the first time or remembering is disabled.
* @return string|null
*/
- public function getPreviousSource()
+ public function getPreviousSource(): ?string
{
$cookieName = 'multiauth_source_' . $this->authId;
if (array_key_exists($cookieName, $_COOKIE)) {
diff --git a/modules/portal/hooks/hook_htmlinject.php b/modules/portal/hooks/hook_htmlinject.php
index d446a6ed63b8c1a60a0011ab67f6eed95b631afb..acd88405c47fa7897f9d4d0ebf3df4a7b691ea10 100644
--- a/modules/portal/hooks/hook_htmlinject.php
+++ b/modules/portal/hooks/hook_htmlinject.php
@@ -8,9 +8,8 @@ use Webmozart\Assert\Assert;
* @param array &$hookinfo hookinfo
* @return void
*/
-function portal_hook_htmlinject(&$hookinfo)
+function portal_hook_htmlinject(array &$hookinfo)
{
- Assert::isArray($hookinfo);
Assert::keyExists($hookinfo, 'pre');
Assert::keyExists($hookinfo, 'post');
Assert::keyExists($hookinfo, 'page');
diff --git a/modules/portal/lib/Portal.php b/modules/portal/lib/Portal.php
index e116c6e5a5d93aaf967555029c401622f4e68833..f397953fee4026f476c494301174279d55fa6b41 100644
--- a/modules/portal/lib/Portal.php
+++ b/modules/portal/lib/Portal.php
@@ -21,7 +21,7 @@ class Portal
* @param array $pages
* @param array|null $config
*/
- public function __construct($pages, $config = null)
+ public function __construct(array $pages, array $config = null)
{
$this->pages = $pages;
$this->config = $config;
@@ -32,7 +32,7 @@ class Portal
* @param string $thispage
* @return array|null
*/
- public function getTabset($thispage)
+ public function getTabset(string $thispage): ?array
{
if (!isset($this->config)) {
return null;
@@ -50,7 +50,7 @@ class Portal
* @param string $thispage
* @return bool
*/
- public function isPortalized($thispage)
+ public function isPortalized(string $thispage): bool
{
if (!isset($this->config)) {
return false;
@@ -69,7 +69,7 @@ class Portal
* @param string $thispage
* @return string
*/
- public function getLoginInfo($translator, $thispage)
+ public function getLoginInfo(Translate $translator, string $thispage): string
{
$info = ['info' => '', 'translator' => $translator, 'thispage' => $thispage];
Module::callHooks('portalLoginInfo', $info);
@@ -81,7 +81,7 @@ class Portal
* @param string $thispage
* @return string
*/
- public function getMenu($thispage)
+ public function getMenu(string $thispage): string
{
$config = Configuration::getInstance();
$t = new Translate($config);
diff --git a/modules/saml/hooks/hook_metadata_hosted.php b/modules/saml/hooks/hook_metadata_hosted.php
index 75ee581b251354789831b7f8b8c24b68770f1c55..38f35ccfe2234b3ea5d9f42fb2ec7aa534ca2c57 100644
--- a/modules/saml/hooks/hook_metadata_hosted.php
+++ b/modules/saml/hooks/hook_metadata_hosted.php
@@ -8,10 +8,8 @@ use Webmozart\Assert\Assert;
* @param array &$metadataHosted The metadata links for hosted metadata on the frontpage.
* @return void
*/
-function saml_hook_metadata_hosted(&$metadataHosted)
+function saml_hook_metadata_hosted(array &$metadataHosted)
{
- Assert::isArray($metadataHosted);
-
$sources = \SimpleSAML\Auth\Source::getSourcesOfType('saml:SP');
foreach ($sources as $source) {
diff --git a/modules/saml/lib/Auth/Process/ExpectedAuthnContextClassRef.php b/modules/saml/lib/Auth/Process/ExpectedAuthnContextClassRef.php
index cd64ac6ad8c89cf460d66dfab731b62c45c594ea..d33f6bad767675ac2f2eb1aacd0d9e58cbc32a42 100644
--- a/modules/saml/lib/Auth/Process/ExpectedAuthnContextClassRef.php
+++ b/modules/saml/lib/Auth/Process/ExpectedAuthnContextClassRef.php
@@ -97,7 +97,7 @@ class ExpectedAuthnContextClassRef extends \SimpleSAML\Auth\ProcessingFilter
* @param array $request
* @return void
*/
- protected function unauthorized(&$request): void
+ protected function unauthorized(array &$request): void
{
Logger::error(
'ExpectedAuthnContextClassRef: Invalid authentication context: ' . strval($this->AuthnContextClassRef) .
diff --git a/modules/saml/lib/Auth/Source/SP.php b/modules/saml/lib/Auth/Source/SP.php
index 5dedebf5181088a4b47f9d6c77642ac809555a7a..eb9536602608983aaf7b1dcc9b25a811e40a158e 100644
--- a/modules/saml/lib/Auth/Source/SP.php
+++ b/modules/saml/lib/Auth/Source/SP.php
@@ -71,11 +71,8 @@ class SP extends \SimpleSAML\Auth\Source
* @param array $info Information about this authentication source.
* @param array $config Configuration.
*/
- public function __construct($info, $config)
+ public function __construct(array $info, array $config)
{
- Assert::isArray($info);
- Assert::isArray($config);
-
// Call the parent constructor first, as required by the interface
parent::__construct($info, $config);
@@ -107,7 +104,7 @@ class SP extends \SimpleSAML\Auth\Source
*
* @return string The metadata URL.
*/
- public function getMetadataURL()
+ public function getMetadataURL(): string
{
return Module::getModuleURL('saml/sp/metadata.php/' . urlencode($this->authId));
}
@@ -118,7 +115,7 @@ class SP extends \SimpleSAML\Auth\Source
*
* @return string The entity id of this SP.
*/
- public function getEntityId()
+ public function getEntityId(): string
{
return $this->entityId;
}
@@ -129,7 +126,7 @@ class SP extends \SimpleSAML\Auth\Source
*
* @return array The metadata array for its use by a remote IdP.
*/
- public function getHostedMetadata()
+ public function getHostedMetadata(): array
{
$entityid = $this->getEntityId();
$metadata = [
@@ -286,10 +283,8 @@ class SP extends \SimpleSAML\Auth\Source
* @param string $entityId The entity id of the IdP.
* @return \SimpleSAML\Configuration The metadata of the IdP.
*/
- public function getIdPMetadata($entityId)
+ public function getIdPMetadata(string $entityId): Configuration
{
- Assert::string($entityId);
-
if ($this->idp !== null && $this->idp !== $entityId) {
throw new Error\Exception('Cannot retrieve metadata for IdP ' .
var_export($entityId, true) . ' because it isn\'t a valid IdP for this SP.');
@@ -316,7 +311,7 @@ class SP extends \SimpleSAML\Auth\Source
*
* @return \SimpleSAML\Configuration The metadata of this SP.
*/
- public function getMetadata()
+ public function getMetadata(): Configuration
{
return $this->metadata;
}
@@ -325,9 +320,9 @@ class SP extends \SimpleSAML\Auth\Source
/**
* Get a list with the protocols supported by this SP.
*
- * @return array
+ * @return string[]
*/
- public function getSupportedProtocols()
+ public function getSupportedProtocols(): array
{
return $this->protocols;
}
@@ -455,7 +450,7 @@ class SP extends \SimpleSAML\Auth\Source
* @param array $state The state array for the current authentication.
* @return void
*/
- private function startSSO2(Configuration $idpMetadata, array $state)
+ private function startSSO2(Configuration $idpMetadata, array $state): void
{
if (isset($state['saml:ProxyCount']) && $state['saml:ProxyCount'] < 0) {
Auth\State::throwException(
@@ -654,7 +649,7 @@ class SP extends \SimpleSAML\Auth\Source
* @param \SAML2\AuthnRequest $ar The authentication request.
* @return void
*/
- public function sendSAML2AuthnRequest(array &$state, Binding $binding, AuthnRequest $ar)
+ public function sendSAML2AuthnRequest(array &$state, Binding $binding, AuthnRequest $ar): void
{
$binding->send($ar);
Assert::true(false);
@@ -668,10 +663,8 @@ class SP extends \SimpleSAML\Auth\Source
* @param array $state The state array for the current authentication.
* @return void
*/
- public function startSSO($idp, array $state)
+ public function startSSO(string $idp, array $state): void
{
- Assert::string($idp);
-
$idpMetadata = $this->getIdPMetadata($idp);
$type = $idpMetadata->getString('metadata-set');
@@ -692,7 +685,7 @@ class SP extends \SimpleSAML\Auth\Source
* @param array $state The state array.
* @return void
*/
- private function startDisco(array $state)
+ private function startDisco(array $state): void
{
$id = Auth\State::saveState($state, 'saml:sp:sso');
@@ -732,8 +725,6 @@ class SP extends \SimpleSAML\Auth\Source
*/
public function authenticate(array &$state): void
{
- Assert::isArray($state);
-
// We are going to need the authId in order to retrieve this authentication source later
$state['saml:sp:AuthId'] = $this->authId;
@@ -877,7 +868,7 @@ class SP extends \SimpleSAML\Auth\Source
* @return void
* @throws \SimpleSAML\Module\saml\Error\NoPassive In case the authentication request was passive.
*/
- public static function askForIdPChange(array &$state)
+ public static function askForIdPChange(array &$state): void
{
Assert::keyExists($state, 'saml:sp:IdPMetadata');
Assert::keyExists($state, 'saml:sp:AuthId');
@@ -908,7 +899,7 @@ class SP extends \SimpleSAML\Auth\Source
* @param array $state The state array.
* @return void
*/
- public static function reauthLogout(array $state)
+ public static function reauthLogout(array $state): void
{
Logger::debug('Proxy: logging the user out before re-authentication.');
@@ -929,7 +920,7 @@ class SP extends \SimpleSAML\Auth\Source
* @param array $state The authentication state.
* @return void
*/
- public static function reauthPostLogin(array $state)
+ public static function reauthPostLogin(array $state): void
{
Assert::keyExists($state, 'ReturnCallback');
@@ -953,7 +944,7 @@ class SP extends \SimpleSAML\Auth\Source
* @param array &$state The state array with the state during logout.
* @return void
*/
- public static function reauthPostLogout(IdP $idp, array $state)
+ public static function reauthPostLogout(IdP $idp, array $state): void
{
Assert::keyExists($state, 'saml:sp:AuthId');
@@ -978,9 +969,8 @@ class SP extends \SimpleSAML\Auth\Source
* @param array $state The logout state.
* @return void
*/
- public function startSLO2(&$state)
+ public function startSLO2(array &$state): void
{
- Assert::isArray($state);
Assert::keyExists($state, 'saml:logout:IdP');
Assert::keyExists($state, 'saml:logout:NameID');
Assert::keyExists($state, 'saml:logout:SessionIndex');
@@ -1036,14 +1026,10 @@ class SP extends \SimpleSAML\Auth\Source
*/
public function logout(array &$state): void
{
- Assert::isArray($state);
Assert::keyExists($state, 'saml:logout:Type');
$logoutType = $state['saml:logout:Type'];
switch ($logoutType) {
- case 'saml1':
- // Nothing to do
- return;
case 'saml2':
$this->startSLO2($state);
return;
@@ -1062,9 +1048,8 @@ class SP extends \SimpleSAML\Auth\Source
* @param array $attributes The attributes.
* @return void
*/
- public function handleResponse(array $state, $idp, array $attributes)
+ public function handleResponse(array $state, string $idp, array $attributes): void
{
- Assert::string($idp);
Assert::keyExists($state, 'LogoutState');
Assert::keyExists($state, 'saml:logout:Type');
@@ -1107,10 +1092,8 @@ class SP extends \SimpleSAML\Auth\Source
* @param string $idpEntityId The entity ID of the IdP.
* @return void
*/
- public function handleLogout($idpEntityId)
+ public function handleLogout(string $idpEntityId): void
{
- Assert::string($idpEntityId);
-
/* Call the logout callback we registered in onProcessingCompleted(). */
$this->callLogoutCallback($idpEntityId);
}
@@ -1131,11 +1114,8 @@ class SP extends \SimpleSAML\Auth\Source
* configuration directive for more information about allowing (or disallowing) URLs.
* @return void
*/
- public static function handleUnsolicitedAuth($authId, array $state, $redirectTo)
+ public static function handleUnsolicitedAuth(string $authId, array $state, string $redirectTo): void
{
- Assert::string($authId);
- Assert::string($redirectTo);
-
$session = Session::getSessionFromRequest();
$session->doLogin($authId, Auth\State::getPersistentAuthData($state));
@@ -1149,7 +1129,7 @@ class SP extends \SimpleSAML\Auth\Source
* @param array $authProcState The processing chain state.
* @return void
*/
- public static function onProcessingCompleted(array $authProcState)
+ public static function onProcessingCompleted(array $authProcState): void
{
Assert::keyExists($authProcState, 'saml:sp:IdP');
Assert::keyExists($authProcState, 'saml:sp:State');
diff --git a/modules/saml/lib/BaseNameIDGenerator.php b/modules/saml/lib/BaseNameIDGenerator.php
index 0e7dc5c9cf67213e52e4e8a22f814373dce1a98f..15bb39770fd1b55287e795a8cefd5ae7a9d9c2d2 100644
--- a/modules/saml/lib/BaseNameIDGenerator.php
+++ b/modules/saml/lib/BaseNameIDGenerator.php
@@ -78,7 +78,7 @@ abstract class BaseNameIDGenerator extends \SimpleSAML\Auth\ProcessingFilter
*
* @return string|null The NameID value.
*/
- abstract protected function getValue(array &$state);
+ abstract protected function getValue(array &$state): ?string;
/**
diff --git a/modules/saml/lib/Error.php b/modules/saml/lib/Error.php
index e299117b2eda06e8ecdb9e99a511236987340904..9c28eab9e2edc95bd932444cb8a1248d5d334d8a 100644
--- a/modules/saml/lib/Error.php
+++ b/modules/saml/lib/Error.php
@@ -47,12 +47,12 @@ class Error extends \SimpleSAML\Error\Exception
* Can be NULL, in which case there is no status message.
* @param \Exception|null $cause The cause of this exception. Can be NULL.
*/
- public function __construct($status, $subStatus = null, $statusMessage = null, \Exception $cause = null)
- {
- Assert::string($status);
- Assert::nullOrString($subStatus);
- Assert::nullOrString($statusMessage);
-
+ public function __construct(
+ string $status,
+ string $subStatus = null,
+ string $statusMessage = null,
+ \Exception $cause = null
+ ) {
$st = self::shortStatus($status);
if ($subStatus !== null) {
$st .= '/' . self::shortStatus($subStatus);
@@ -73,7 +73,7 @@ class Error extends \SimpleSAML\Error\Exception
*
* @return string The top-level status code.
*/
- public function getStatus()
+ public function getStatus(): string
{
return $this->status;
}
@@ -84,7 +84,7 @@ class Error extends \SimpleSAML\Error\Exception
*
* @return string|null The second-level status code or NULL if no second-level status code is present.
*/
- public function getSubStatus()
+ public function getSubStatus(): ?string
{
return $this->subStatus;
}
@@ -95,7 +95,7 @@ class Error extends \SimpleSAML\Error\Exception
*
* @return string|null The status message or NULL if no status message is present.
*/
- public function getStatusMessage()
+ public function getStatusMessage(): ?string
{
return $this->statusMessage;
}
@@ -115,23 +115,6 @@ class Error extends \SimpleSAML\Error\Exception
if ($exception instanceof \SimpleSAML\Module\saml\Error) {
// Return the original exception unchanged
return $exception;
-
- // TODO: remove this branch in 2.0
- } elseif ($exception instanceof \SimpleSAML\Error\NoPassive) {
- $e = new self(
- Constants::STATUS_RESPONDER,
- Constants::STATUS_NO_PASSIVE,
- $exception->getMessage(),
- $exception
- );
- // TODO: remove this branch in 2.0
- } elseif ($exception instanceof \SimpleSAML\Error\ProxyCountExceeded) {
- $e = new self(
- Constants::STATUS_RESPONDER,
- Constants::STATUS_PROXY_COUNT_EXCEEDED,
- $exception->getMessage(),
- $exception
- );
} else {
$e = new self(
\SAML2\Constants::STATUS_RESPONDER,
@@ -156,7 +139,7 @@ class Error extends \SimpleSAML\Error\Exception
*
* @return \SimpleSAML\Error\Exception An exception representing this error.
*/
- public function toException()
+ public function toException(): \SimpleSAML\Error\Exception
{
$e = null;
diff --git a/modules/saml/lib/Error/NoAuthnContext.php b/modules/saml/lib/Error/NoAuthnContext.php
index 508da8e0ca4f0f347d060fa8c1f9ba32408e8a1d..f9a3a40b16d4fc2287fad442b9bc1dfdb5241133 100644
--- a/modules/saml/lib/Error/NoAuthnContext.php
+++ b/modules/saml/lib/Error/NoAuthnContext.php
@@ -23,7 +23,7 @@ class NoAuthnContext extends \SimpleSAML\Module\saml\Error
* @param string|null $message A short message explaining why this error happened.
* @param \Exception|null $cause An exception that caused this error.
*/
- public function __construct($responsible, $message = null, \Exception $cause = null)
+ public function __construct(string $responsible, string $message = null, \Exception $cause = null)
{
parent::__construct($responsible, Constants::STATUS_NO_AUTHN_CONTEXT, $message, $cause);
}
diff --git a/modules/saml/lib/Error/NoAvailableIDP.php b/modules/saml/lib/Error/NoAvailableIDP.php
index f1c66ab4bbe7493ed2056f92163f202216a61c3c..f740aedc6ffc1a15c3dea3cf2d4ccfee0c7f3236 100644
--- a/modules/saml/lib/Error/NoAvailableIDP.php
+++ b/modules/saml/lib/Error/NoAvailableIDP.php
@@ -23,7 +23,7 @@ class NoAvailableIDP extends \SimpleSAML\Module\saml\Error
* @param string|null $message A short message explaining why this error happened.
* @param \Exception|null $cause An exception that caused this error.
*/
- public function __construct($responsible, $message = null, \Exception $cause = null)
+ public function __construct(string $responsible, string $message = null, \Exception $cause = null)
{
parent::__construct($responsible, Constants::STATUS_NO_AVAILABLE_IDP, $message, $cause);
}
diff --git a/modules/saml/lib/Error/NoPassive.php b/modules/saml/lib/Error/NoPassive.php
index 3fc03e0499b61f9a93c64259cd2c10f5c573fb3b..46ed47a3b553dc13f8a523c969898d13470d2c1a 100644
--- a/modules/saml/lib/Error/NoPassive.php
+++ b/modules/saml/lib/Error/NoPassive.php
@@ -23,7 +23,7 @@ class NoPassive extends \SimpleSAML\Module\saml\Error
* @param string|null $message A short message explaining why this error happened.
* @param \Exception|null $cause An exception that caused this error.
*/
- public function __construct($responsible, $message = null, \Exception $cause = null)
+ public function __construct(string $responsible, string $message = null, \Exception $cause = null)
{
parent::__construct($responsible, Constants::STATUS_NO_PASSIVE, $message, $cause);
}
diff --git a/modules/saml/lib/Error/NoSupportedIDP.php b/modules/saml/lib/Error/NoSupportedIDP.php
index 7806fb379e925e87301aa6cfae70743c8ad47c08..8e2a31dcd92876c5cce79c87c9640d5cc0e084b6 100644
--- a/modules/saml/lib/Error/NoSupportedIDP.php
+++ b/modules/saml/lib/Error/NoSupportedIDP.php
@@ -23,7 +23,7 @@ class NoSupportedIDP extends \SimpleSAML\Module\saml\Error
* @param string|null $message A short message explaining why this error happened.
* @param \Exception|null $cause An exception that caused this error.
*/
- public function __construct($responsible, $message = null, \Exception $cause = null)
+ public function __construct(string $responsible, string $message = null, \Exception $cause = null)
{
parent::__construct($responsible, Constants::STATUS_NO_SUPPORTED_IDP, $message, $cause);
}
diff --git a/modules/saml/lib/Error/ProxyCountExceeded.php b/modules/saml/lib/Error/ProxyCountExceeded.php
index 044aded1f9dd0d3ae5d2de0c3af8cd8abfb87f72..cfdbfb1e0083861bd29dd91a5a44cee7d8725e99 100644
--- a/modules/saml/lib/Error/ProxyCountExceeded.php
+++ b/modules/saml/lib/Error/ProxyCountExceeded.php
@@ -23,7 +23,7 @@ class ProxyCountExceeded extends \SimpleSAML\Module\saml\Error
* @param string|null $message A short message explaining why this error happened.
* @param \Exception|null $cause An exception that caused this error.
*/
- public function __construct($responsible, $message = null, \Exception $cause = null)
+ public function __construct(string $responsible, string $message = null, \Exception $cause = null)
{
parent::__construct($responsible, Constants::STATUS_PROXY_COUNT_EXCEEDED, $message, $cause);
}
diff --git a/modules/saml/lib/IdP/SAML2.php b/modules/saml/lib/IdP/SAML2.php
index da474da24406bdeed92155e013c469cafca6c40c..89b035128b3adfd8c392592e3886377df4e886d5 100644
--- a/modules/saml/lib/IdP/SAML2.php
+++ b/modules/saml/lib/IdP/SAML2.php
@@ -49,7 +49,7 @@ class SAML2
* @param array $state The authentication state.
* @return void
*/
- public static function sendResponse(array $state)
+ public static function sendResponse(array $state): void
{
Assert::keyExists($state, 'saml:RequestId'); // Can be NULL
Assert::keyExists($state, 'saml:RelayState'); // Can be NULL.
@@ -127,7 +127,7 @@ class SAML2
* @param array $state The error state.
* @return void
*/
- public static function handleAuthError(\SimpleSAML\Error\Exception $exception, array $state)
+ public static function handleAuthError(\SimpleSAML\Error\Exception $exception, array $state): void
{
Assert::keyExists($state, 'saml:RequestId'); // Can be NULL.
Assert::keyExists($state, 'saml:RelayState'); // Can be NULL.
@@ -200,7 +200,7 @@ class SAML2
string $AssertionConsumerServiceURL = null,
string $ProtocolBinding = null,
int $AssertionConsumerServiceIndex = null
- ) {
+ ): ?array {
/* We want to pick the best matching endpoint in the case where for example
* only the ProtocolBinding is given. We therefore pick endpoints with the
* following priority:
@@ -277,7 +277,7 @@ class SAML2
* @return void
* @throws \SimpleSAML\Error\BadRequest In case an error occurs when trying to receive the request.
*/
- public static function receiveAuthnRequest(\SimpleSAML\IdP $idp)
+ public static function receiveAuthnRequest(IdP $idp): void
{
$metadata = MetaDataStorageHandler::getMetadataHandler();
$idpMetadata = $idp->getConfig();
@@ -494,10 +494,8 @@ class SAML2
* @param string|null $relayState An id that should be carried across the logout.
* @return void
*/
- public static function sendLogoutRequest(IdP $idp, array $association, $relayState)
+ public static function sendLogoutRequest(IdP $idp, array $association, string $relayState = null): void
{
- Assert::nullOrString($relayState);
-
Logger::info('Sending SAML 2.0 LogoutRequest to: ' . var_export($association['saml:entityID'], true));
$metadata = MetaDataStorageHandler::getMetadataHandler();
@@ -532,7 +530,7 @@ class SAML2
* @param array &$state The logout state array.
* @return void
*/
- public static function sendLogoutResponse(IdP $idp, array $state)
+ public static function sendLogoutResponse(IdP $idp, array $state): void
{
Assert::keyExists($state, 'saml:RelayState'); // Can be NULL.
Assert::notNull($state['saml:SPEntityId']);
@@ -593,7 +591,7 @@ class SAML2
* @return void
* @throws \SimpleSAML\Error\BadRequest In case an error occurs while trying to receive the logout message.
*/
- public static function receiveLogoutMessage(IdP $idp)
+ public static function receiveLogoutMessage(IdP $idp): void
{
$binding = Binding::getCurrentBinding();
$message = $binding->receive();
@@ -602,15 +600,8 @@ class SAML2
if ($issuer === null) {
/* Without an issuer we have no way to respond to the message. */
throw new Error\BadRequest('Received message on logout endpoint without issuer.');
- } elseif ($issuer instanceof Issuer) {
- /** @psalm-var string|null $spEntityId */
- $spEntityId = $issuer->getValue();
- if ($spEntityId === null) {
- /* Without an issuer we have no way to respond to the message. */
- throw new Error\BadRequest('Received message on logout endpoint without issuer.');
- }
} else {
- $spEntityId = $issuer;
+ $spEntityId = $issuer->getValue();
}
$metadata = MetaDataStorageHandler::getMetadataHandler();
@@ -676,10 +667,8 @@ class SAML2
*
* @return string The logout URL.
*/
- public static function getLogoutURL(IdP $idp, array $association, $relayState)
+ public static function getLogoutURL(IdP $idp, array $association, string $relayState = null): string
{
- Assert::nullOrString($relayState);
-
Logger::info('Sending SAML 2.0 LogoutRequest to: ' . var_export($association['saml:entityID'], true));
$metadata = MetaDataStorageHandler::getMetadataHandler();
@@ -718,7 +707,7 @@ class SAML2
*
* @return \SimpleSAML\Configuration Configuration object for the SP metadata.
*/
- public static function getAssociationConfig(IdP $idp, array $association)
+ public static function getAssociationConfig(IdP $idp, array $association): Configuration
{
$metadata = MetaDataStorageHandler::getMetadataHandler();
try {
@@ -739,7 +728,7 @@ class SAML2
* @throws \SimpleSAML\Error\Exception
* @throws \SimpleSAML\Error\MetadataNotFound
*/
- public static function getHostedMetadata($entityid)
+ public static function getHostedMetadata(string $entityid): array
{
$handler = MetaDataStorageHandler::getMetadataHandler();
$config = $handler->getMetaDataConfig($entityid, 'saml20-idp-hosted');
@@ -942,7 +931,7 @@ class SAML2
Configuration $idpMetadata,
Configuration $spMetadata,
array &$state
- ) {
+ ): ?string {
$attribute = $spMetadata->getString('simplesaml.nameidattribute', null);
if ($attribute === null) {
$attribute = $idpMetadata->getString('simplesaml.nameidattribute', null);
diff --git a/modules/saml/lib/IdP/SQLNameID.php b/modules/saml/lib/IdP/SQLNameID.php
index 37a3a2899ae56ed753212a3f4d4a6a1ae61e1afb..1d810040b910a8e4ed7d96ea2cec4fb357dd3bd5 100644
--- a/modules/saml/lib/IdP/SQLNameID.php
+++ b/modules/saml/lib/IdP/SQLNameID.php
@@ -178,12 +178,13 @@ class SQLNameID
* @param array $config
* @return void
*/
- public static function add($idpEntityId, $spEntityId, $user, $value, array $config = [])
- {
- Assert::string($idpEntityId);
- Assert::string($spEntityId);
- Assert::string($user);
- Assert::string($value);
+ public static function add(
+ string $idpEntityId,
+ string $spEntityId,
+ string $user,
+ string $value,
+ array $config = []
+ ): void {
$params = [
'_idp' => $idpEntityId,
@@ -207,12 +208,12 @@ class SQLNameID
* @param array $config
* @return string|null $value The NameID value, or NULL of no NameID value was found.
*/
- public static function get($idpEntityId, $spEntityId, $user, array $config = [])
- {
- Assert::string($idpEntityId);
- Assert::string($spEntityId);
- Assert::string($user);
-
+ public static function get(
+ string $idpEntityId,
+ string $spEntityId,
+ string $user,
+ array $config = []
+ ): ?string {
$params = [
'_idp' => $idpEntityId,
'_sp' => $spEntityId,
@@ -229,7 +230,7 @@ class SQLNameID
return null;
}
- return $row['_value'];
+ return strval($row['_value']);
}
@@ -242,12 +243,12 @@ class SQLNameID
* @param array $config
* @return void
*/
- public static function delete($idpEntityId, $spEntityId, $user, array $config = [])
- {
- Assert::string($idpEntityId);
- Assert::string($spEntityId);
- assert::string($user);
-
+ public static function delete(
+ string $idpEntityId,
+ string $spEntityId,
+ string $user,
+ array $config = []
+ ): void {
$params = [
'_idp' => $idpEntityId,
'_sp' => $spEntityId,
@@ -268,11 +269,8 @@ class SQLNameID
* @param array $config
* @return array Array of userid => NameID.
*/
- public static function getIdentities($idpEntityId, $spEntityId, array $config = [])
+ public static function getIdentities(string $idpEntityId, string $spEntityId, array $config = []): array
{
- Assert::string($idpEntityId);
- assert::string($spEntityId);
-
$params = [
'_idp' => $idpEntityId,
'_sp' => $spEntityId,
diff --git a/modules/saml/lib/Message.php b/modules/saml/lib/Message.php
index 7027e4f7e18fe342d1b49807cfd309f6aa911cfd..c5194aeca622586e2f602ae393cd74e0f332ccf7 100644
--- a/modules/saml/lib/Message.php
+++ b/modules/saml/lib/Message.php
@@ -43,7 +43,7 @@ class Message
Configuration $srcMetadata,
Configuration $dstMetadata,
SignedElement $element
- ) {
+ ): void {
$dstPrivateKey = $dstMetadata->getString('signature.privatekey', null);
if ($dstPrivateKey !== null) {
@@ -95,8 +95,7 @@ class Message
Configuration $srcMetadata,
Configuration $dstMetadata,
\SAML2\Message $message
- ) {
-
+ ): void {
$signingEnabled = null;
if ($message instanceof LogoutRequest || $message instanceof LogoutResponse) {
$signingEnabled = $srcMetadata->getBoolean('sign.logout', null);
@@ -171,7 +170,7 @@ class Message
* @throws \SimpleSAML\Error\Exception if there is not certificate in the metadata for the entity.
* @throws \Exception if the signature validation fails with an exception.
*/
- public static function checkSign(Configuration $srcMetadata, SignedElement $element)
+ public static function checkSign(Configuration $srcMetadata, SignedElement $element): bool
{
// find the public key that should verify signatures by this entity
$keys = $srcMetadata->getPublicKeys('signing');
@@ -239,7 +238,7 @@ class Message
Configuration $srcMetadata,
Configuration $dstMetadata,
\SAML2\Message $message
- ) {
+ ): void {
$enabled = null;
if ($message instanceof LogoutRequest || $message instanceof LogoutResponse) {
$enabled = $srcMetadata->getBoolean('validate.logout', null);
@@ -283,7 +282,7 @@ class Message
public static function getDecryptionKeys(
Configuration $srcMetadata,
Configuration $dstMetadata
- ) {
+ ): array {
$sharedKey = $srcMetadata->getString('sharedkey', null);
if ($sharedKey !== null) {
$key = new XMLSecurityKey(XMLSecurityKey::AES128_CBC);
@@ -338,7 +337,7 @@ class Message
public static function getBlacklistedAlgorithms(
Configuration $srcMetadata,
Configuration $dstMetadata
- ) {
+ ): array {
$blacklist = $srcMetadata->getArray('encryption.blacklisted-algorithms', null);
if ($blacklist === null) {
$blacklist = $dstMetadata->getArray('encryption.blacklisted-algorithms', [XMLSecurityKey::RSA_1_5]);
@@ -424,7 +423,7 @@ class Message
Configuration $srcMetadata,
Configuration $dstMetadata,
Assertion &$assertion
- ) {
+ ): void {
if (!$assertion->hasEncryptedAttributes()) {
return;
}
@@ -461,7 +460,7 @@ class Message
*
* @return \SimpleSAML\Module\saml\Error The error.
*/
- public static function getResponseError(StatusResponse $response)
+ public static function getResponseError(StatusResponse $response): \SimpleSAML\Module\saml\Error
{
$status = $response->getStatus();
return new \SimpleSAML\Module\saml\Error($status['Code'], $status['SubCode'], $status['Message']);
@@ -478,7 +477,7 @@ class Message
public static function buildAuthnRequest(
Configuration $spMetadata,
Configuration $idpMetadata
- ) {
+ ): AuthnRequest {
$ar = new AuthnRequest();
// get the NameIDPolicy to apply. IdP metadata has precedence.
@@ -540,7 +539,7 @@ class Message
public static function buildLogoutRequest(
Configuration $srcMetadata,
Configuration $dstMetadata
- ) {
+ ): LogoutRequest {
$lr = new LogoutRequest();
$issuer = new Issuer();
$issuer->setValue($srcMetadata->getString('entityid'));
@@ -563,7 +562,7 @@ class Message
public static function buildLogoutResponse(
Configuration $srcMetadata,
Configuration $dstMetadata
- ) {
+ ): LogoutResponse {
$lr = new LogoutResponse();
$issuer = new Issuer();
$issuer->setValue($srcMetadata->getString('entityid'));
@@ -594,7 +593,7 @@ class Message
Configuration $spMetadata,
Configuration $idpMetadata,
Response $response
- ) {
+ ): array {
if (!$response->isSuccess()) {
throw self::getResponseError($response);
}
@@ -891,7 +890,7 @@ class Message
*
* @throws \SimpleSAML\Error\Exception if there is no supported encryption key in the metadata of this entity.
*/
- public static function getEncryptionKey(Configuration $metadata)
+ public static function getEncryptionKey(Configuration $metadata): XMLSecurityKey
{
$sharedKey = $metadata->getString('sharedkey', null);
if ($sharedKey !== null) {
diff --git a/modules/saml/lib/SP/LogoutStore.php b/modules/saml/lib/SP/LogoutStore.php
index 8b941acd9611a1bcd092465f2349646ae475755a..a229d43bd3434bd4976c8818570c89b0a7f04aff 100644
--- a/modules/saml/lib/SP/LogoutStore.php
+++ b/modules/saml/lib/SP/LogoutStore.php
@@ -26,7 +26,7 @@ class LogoutStore
* @param \SimpleSAML\Store\SQL $store The datastore.
* @return void
*/
- private static function createLogoutTable(Store\SQL $store)
+ private static function createLogoutTable(Store\SQL $store): void
{
$tableVer = $store->getTableVersion('saml_LogoutStore');
if ($tableVer === 4) {
@@ -201,7 +201,7 @@ class LogoutStore
* @param \SimpleSAML\Store\SQL $store The datastore.
* @return void
*/
- private static function cleanLogoutStore(Store\SQL $store)
+ private static function cleanLogoutStore(Store\SQL $store): void
{
Logger::debug('saml.LogoutStore: Cleaning logout store.');
@@ -231,7 +231,7 @@ class LogoutStore
string $sessionIndex,
int $expire,
string $sessionId
- ) {
+ ): void {
self::createLogoutTable($store);
if (rand(0, 1000) < 10) {
@@ -330,12 +330,8 @@ class LogoutStore
* @param int $expire
* @return void
*/
- public static function addSession($authId, $nameId, $sessionIndex, $expire)
+ public static function addSession(string $authId, NameID $nameId, ?string $sessionIndex, int $expire): void
{
- Assert::string($authId);
- Assert::nullorString($sessionIndex);
- Assert::integer($expire);
-
$session = Session::getSessionFromRequest();
if ($session->isTransient()) {
// transient sessions are useless for this purpose, nothing to do
@@ -385,10 +381,8 @@ class LogoutStore
* @param array $sessionIndexes The SessionIndexes we should log out of. Logs out of all if this is empty.
* @return int|false Number of sessions logged out, or FALSE if not supported.
*/
- public static function logoutSessions($authId, $nameId, array $sessionIndexes)
+ public static function logoutSessions(string $authId, NameID $nameId, array $sessionIndexes)
{
- Assert::string($authId);
-
$store = Store::getInstance();
if ($store === false) {
// We don't have a datastore
diff --git a/tests/Utils/SpTester.php b/tests/Utils/SpTester.php
index 9580819c5d3575099a2bd6b7fd6a8901a1077e71..bca15ff61d789a0802b068d265fdfe37ed1d4697 100644
--- a/tests/Utils/SpTester.php
+++ b/tests/Utils/SpTester.php
@@ -21,7 +21,7 @@ class SpTester extends \SimpleSAML\Module\saml\Auth\Source\SP
* @param array $config
* @return void
*/
- public function __construct($info, $config)
+ public function __construct(array $info, array $config)
{
parent::__construct($info, $config);
}
@@ -30,7 +30,7 @@ class SpTester extends \SimpleSAML\Module\saml\Auth\Source\SP
/**
* @return void
*/
- public function startSSO2Test(Configuration $idpMetadata, array $state)
+ public function startSSO2Test(Configuration $idpMetadata, array $state): void
{
$reflector = new ReflectionObject($this);
$method = $reflector->getMethod('startSSO2');
@@ -43,7 +43,7 @@ class SpTester extends \SimpleSAML\Module\saml\Auth\Source\SP
* override the method that sends the request to avoid sending anything
* @return void
*/
- public function sendSAML2AuthnRequest(array &$state, Binding $binding, AuthnRequest $ar)
+ public function sendSAML2AuthnRequest(array &$state, Binding $binding, AuthnRequest $ar): void
{
// Exit test. Continuing would mean running into a assert(FALSE)
throw new ExitTestException(
diff --git a/tests/lib/SimpleSAML/DatabaseTest.php b/tests/lib/SimpleSAML/DatabaseTest.php
index eea953043b25098d6a3eda157fcd0bbe419a78a7..95b4671e2056e6d51431c33ce3846b162f80a0a9 100644
--- a/tests/lib/SimpleSAML/DatabaseTest.php
+++ b/tests/lib/SimpleSAML/DatabaseTest.php
@@ -72,7 +72,6 @@ class DatabaseTest extends TestCase
$this->config = new Configuration($config, "test/SimpleSAML/DatabaseTest.php");
// Ensure that we have a functional configuration class
- $this->assertInstanceOf(Configuration::class, $this->config);
$this->assertEquals($config['database.dsn'], $this->config->getString('database.dsn'));
$this->db = Database::getInstance($this->config);