From 5cbb080e6816ac81a3839eac5ccb7755e5c13e76 Mon Sep 17 00:00:00 2001
From: Tim van Dijen <tvdijen@gmail.com>
Date: Sun, 11 Aug 2019 22:13:59 +0200
Subject: [PATCH] Fully typehint lib/Auth/*.php
---
lib/SimpleSAML/Auth/AuthenticationFactory.php | 2 +-
lib/SimpleSAML/Auth/ProcessingChain.php | 22 +++-----
lib/SimpleSAML/Auth/ProcessingFilter.php | 6 +-
lib/SimpleSAML/Auth/Simple.php | 37 +++++--------
lib/SimpleSAML/Auth/Source.php | 55 ++++++-------------
lib/SimpleSAML/Auth/SourceFactory.php | 4 +-
lib/SimpleSAML/Auth/State.php | 34 +++---------
.../core/lib/Auth/Process/AttributeAdd.php | 7 +--
.../core/lib/Auth/Process/AttributeAlter.php | 7 +--
.../core/lib/Auth/Process/AttributeCopy.php | 7 +--
.../core/lib/Auth/Process/AttributeLimit.php | 9 +--
.../core/lib/Auth/Process/AttributeMap.php | 8 +--
.../lib/Auth/Process/AttributeValueMap.php | 7 +--
modules/core/lib/Auth/Process/Cardinality.php | 6 +-
.../lib/Auth/Process/CardinalitySingle.php | 6 +-
.../lib/Auth/Process/ExtendIdPSession.php | 4 +-
.../core/lib/Auth/Process/GenerateGroups.php | 9 +--
.../core/lib/Auth/Process/LanguageAdaptor.php | 6 +-
modules/core/lib/Auth/Process/PHP.php | 7 +--
.../core/lib/Auth/Process/ScopeAttribute.php | 6 +-
.../lib/Auth/Process/ScopeFromAttribute.php | 6 +-
.../Auth/Process/StatisticsWithAttribute.php | 8 +--
modules/core/lib/Auth/Process/TargetedID.php | 7 +--
.../lib/Auth/Process/WarnShortSSOInterval.php | 4 +-
modules/core/lib/Auth/UserPassBase.php | 24 +++-----
modules/core/lib/Auth/UserPassOrgBase.php | 37 ++++++-------
.../lib/Auth/Process/RedirectTest.php | 3 +-
.../exampleauth/lib/Auth/Source/External.php | 8 +--
.../lib/Auth/Source/StaticSource.php | 2 +-
.../multiauth/lib/Auth/Source/MultiAuth.php | 4 +-
.../saml/lib/Auth/Process/AttributeNameID.php | 5 +-
.../lib/Auth/Process/AuthnContextClassRef.php | 7 +--
.../Process/ExpectedAuthnContextClassRef.php | 8 +--
.../saml/lib/Auth/Process/FilterScopes.php | 5 +-
.../saml/lib/Auth/Process/NameIDAttribute.php | 6 +-
.../lib/Auth/Process/PersistentNameID.php | 5 +-
.../Process/PersistentNameID2TargetedID.php | 6 +-
.../lib/Auth/Process/SQLPersistentNameID.php | 5 +-
.../saml/lib/Auth/Process/TransientNameID.php | 5 +-
modules/saml/lib/Auth/Source/SP.php | 6 +-
modules/saml/lib/BaseNameIDGenerator.php | 6 +-
41 files changed, 144 insertions(+), 272 deletions(-)
diff --git a/lib/SimpleSAML/Auth/AuthenticationFactory.php b/lib/SimpleSAML/Auth/AuthenticationFactory.php
index e0569d293..79a22c06e 100644
--- a/lib/SimpleSAML/Auth/AuthenticationFactory.php
+++ b/lib/SimpleSAML/Auth/AuthenticationFactory.php
@@ -34,7 +34,7 @@ class AuthenticationFactory
*
* @return \SimpleSAML\Auth\Simple
*/
- public function create($as)
+ public function create(string $as): Simple
{
return new Simple($as, $this->config, $this->session);
}
diff --git a/lib/SimpleSAML/Auth/ProcessingChain.php b/lib/SimpleSAML/Auth/ProcessingChain.php
index 5ae89b31a..ab83ceb7a 100644
--- a/lib/SimpleSAML/Auth/ProcessingChain.php
+++ b/lib/SimpleSAML/Auth/ProcessingChain.php
@@ -57,11 +57,8 @@ class ProcessingChain
* @param array $spMetadata The metadata for the SP.
* @param string $mode
*/
- public function __construct($idpMetadata, $spMetadata, $mode = 'idp')
+ public function __construct(array $idpMetadata, array $spMetadata, string $mode = 'idp')
{
- Assert::isArray($idpMetadata);
- Assert::isArray($spMetadata);
-
$this->filters = [];
$config = Configuration::getInstance();
@@ -96,7 +93,7 @@ class ProcessingChain
* @param array $src Source filters. May be unsorted.
* @return void
*/
- private static function addFilters(array &$target, array $src)
+ private static function addFilters(array &$target, array $src): void
{
foreach ($src as $filter) {
$fp = $filter->priority;
@@ -191,9 +188,8 @@ class ProcessingChain
* @throws \SimpleSAML\Error\UnserializableException
* @return void
*/
- public function processState(&$state)
+ public function processState(array &$state): void
{
- Assert::isArray($state);
Assert::true(array_key_exists('ReturnURL', $state) || array_key_exists('ReturnCall', $state));
Assert::true(!array_key_exists('ReturnURL', $state) || !array_key_exists('ReturnCall', $state));
@@ -231,10 +227,8 @@ class ProcessingChain
* @param array $state The state we are processing.
* @return void
*/
- public static function resumeProcessing($state)
+ public static function resumeProcessing(array $state): void
{
- Assert::isArray($state);
-
while (count($state[self::FILTERS_INDEX]) > 0) {
$filter = array_shift($state[self::FILTERS_INDEX]);
try {
@@ -286,9 +280,8 @@ class ProcessingChain
* @param array &$state The state we are processing.
* @return void
*/
- public function processStatePassive(&$state)
+ public function processStatePassive(array &$state): void
{
- Assert::isArray($state);
// Should not be set when calling this method
Assert::keyNotExists($state, 'ReturnURL');
@@ -307,6 +300,7 @@ class ProcessingChain
}
}
+
/**
* Retrieve a state which has finished processing.
*
@@ -314,10 +308,8 @@ class ProcessingChain
* @see State::parseStateID()
* @return array|null The state referenced by the $id parameter.
*/
- public static function fetchProcessedState($id)
+ public static function fetchProcessedState(string $id): ?array
{
- Assert::string($id);
-
return State::loadState($id, self::COMPLETED_STAGE);
}
}
diff --git a/lib/SimpleSAML/Auth/ProcessingFilter.php b/lib/SimpleSAML/Auth/ProcessingFilter.php
index f3bf7cfeb..464633d82 100644
--- a/lib/SimpleSAML/Auth/ProcessingFilter.php
+++ b/lib/SimpleSAML/Auth/ProcessingFilter.php
@@ -47,10 +47,8 @@ abstract class ProcessingFilter
* @param array &$config Configuration for this filter.
* @param mixed $reserved For future use.
*/
- public function __construct(&$config, $reserved)
+ public function __construct(array &$config, $reserved)
{
- Assert::isArray($config);
-
if (array_key_exists('%priority', $config)) {
$this->priority = $config['%priority'];
if (!is_int($this->priority)) {
@@ -69,5 +67,5 @@ abstract class ProcessingFilter
* @param array &$request The request we are currently processing.
* @return void
*/
- abstract public function process(&$request);
+ abstract public function process(array &$request) : void;
}
diff --git a/lib/SimpleSAML/Auth/Simple.php b/lib/SimpleSAML/Auth/Simple.php
index 652fcdc7f..42194223e 100644
--- a/lib/SimpleSAML/Auth/Simple.php
+++ b/lib/SimpleSAML/Auth/Simple.php
@@ -40,10 +40,8 @@ class Simple
* @param \SimpleSAML\Configuration|null $config Optional configuration to use.
* @param \SimpleSAML\Session|null $session Optional session to use.
*/
- public function __construct($authSource, Configuration $config = null, Session $session = null)
+ public function __construct(string $authSource, Configuration $config = null, Session $session = null)
{
- Assert::string($authSource);
-
if ($config === null) {
$config = Configuration::getInstance();
}
@@ -60,11 +58,11 @@ class Simple
/**
* Retrieve the implementing authentication source.
*
- * @return Source The authentication source.
+ * @return \SimpleSAML\Auth\Source The authentication source.
*
* @throws \SimpleSAML\Error\AuthSource If the requested auth source is unknown.
*/
- public function getAuthSource()
+ public function getAuthSource(): Source
{
$as = Source::getById($this->authSource);
if ($as === null) {
@@ -82,7 +80,7 @@ class Simple
*
* @return bool True if the user is authenticated, false if not.
*/
- public function isAuthenticated()
+ public function isAuthenticated(): bool
{
return $this->session->isValid($this->authSource);
}
@@ -102,7 +100,7 @@ class Simple
* @param array $params Various options to the authentication request. See the documentation.
* @return void
*/
- public function requireAuth(array $params = [])
+ public function requireAuth(array $params = []): void
{
if ($this->session->isValid($this->authSource)) {
// Already authenticated
@@ -128,7 +126,7 @@ class Simple
* @param array $params Various options to the authentication request.
* @return void
*/
- public function login(array $params = [])
+ public function login(array $params = []): void
{
if (array_key_exists('KeepPost', $params)) {
$keepPost = (bool) $params['KeepPost'];
@@ -188,7 +186,7 @@ class Simple
* with parameters for the logout. If this parameter is null, we will return to the current page.
* @return void
*/
- public function logout($params = null)
+ public function logout($params = null): void
{
Assert::true(is_array($params) || is_string($params) || $params === null);
@@ -237,9 +235,8 @@ class Simple
* @param array $state The state after the logout.
* @return void
*/
- public static function logoutCompleted($state)
+ public static function logoutCompleted(array $state): void
{
- Assert::isArray($state);
Assert::true(isset($state['ReturnTo']) || isset($state['ReturnCallback']));
if (isset($state['ReturnCallback'])) {
@@ -265,7 +262,7 @@ class Simple
*
* @return array The users attributes.
*/
- public function getAttributes()
+ public function getAttributes(): array
{
if (!$this->isAuthenticated()) {
// Not authenticated
@@ -284,10 +281,8 @@ class Simple
*
* @return mixed|null The value of the parameter, or null if it isn't found or we are unauthenticated.
*/
- public function getAuthData($name)
+ public function getAuthData(string $name)
{
- Assert::string($name);
-
if (!$this->isAuthenticated()) {
return null;
}
@@ -301,7 +296,7 @@ class Simple
*
* @return array|null All persistent authentication data, or null if we aren't authenticated.
*/
- public function getAuthDataArray()
+ public function getAuthDataArray(): ?array
{
if (!$this->isAuthenticated()) {
return null;
@@ -319,10 +314,8 @@ class Simple
*
* @return string A URL which is suitable for use in link-elements.
*/
- public function getLoginURL($returnTo = null)
+ public function getLoginURL(?string $returnTo = null): string
{
- Assert::nullOrString($returnTo);
-
if ($returnTo === null) {
$returnTo = Utils\HTTP::getSelfURL();
}
@@ -344,10 +337,8 @@ class Simple
*
* @return string A URL which is suitable for use in link-elements.
*/
- public function getLogoutURL($returnTo = null)
+ public function getLogoutURL(?string $returnTo = null): string
{
- Assert::nullOrString($returnTo);
-
if ($returnTo === null) {
$returnTo = Utils\HTTP::getSelfURL();
}
@@ -371,7 +362,7 @@ class Simple
*
* @return string The URL modified according to the precedence rules.
*/
- protected function getProcessedURL($url = null)
+ protected function getProcessedURL(?string $url = null): string
{
if ($url === null) {
$url = Utils\HTTP::getSelfURL();
diff --git a/lib/SimpleSAML/Auth/Source.php b/lib/SimpleSAML/Auth/Source.php
index 9f1acd989..0e260d277 100644
--- a/lib/SimpleSAML/Auth/Source.php
+++ b/lib/SimpleSAML/Auth/Source.php
@@ -41,10 +41,8 @@ abstract class Source
* @param array $info Information about this authentication source.
* @param array &$config Configuration for this authentication source.
*/
- public function __construct($info, &$config)
+ public function __construct(array $info, array &$config)
{
- Assert::isArray($info);
- Assert::isArray($config);
Assert::keyExists($info, 'AuthId');
$this->authId = $info['AuthId'];
@@ -59,10 +57,8 @@ abstract class Source
* @return Source[] Array of \SimpleSAML\Auth\Source objects of the specified type.
* @throws \Exception If the authentication source is invalid.
*/
- public static function getSourcesOfType($type)
+ public static function getSourcesOfType(string $type): array
{
- Assert::string($type);
-
$config = Configuration::getConfig('authsources.php');
$ret = [];
@@ -89,7 +85,7 @@ abstract class Source
*
* @return string The ID of this authentication source.
*/
- public function getAuthId()
+ public function getAuthId(): string
{
return $this->authId;
}
@@ -110,7 +106,7 @@ abstract class Source
* @param array &$state Information about the current authentication.
* @return void
*/
- abstract public function authenticate(&$state);
+ abstract public function authenticate(array &$state): void;
/**
@@ -122,7 +118,7 @@ abstract class Source
* @param array &$state Information about the current authentication.
* @return void
*/
- public function reauthenticate(array &$state)
+ public function reauthenticate(array &$state): void
{
Assert::notNull($state['ReturnCallback']);
@@ -149,9 +145,8 @@ abstract class Source
* @param array &$state Information about the current authentication.
* @return void
*/
- public static function completeAuth(&$state)
+ public static function completeAuth(array &$state): void
{
- Assert::isArray($state);
Assert::keyExists($state, 'LoginCompletedHandler');
State::deleteState($state);
@@ -178,28 +173,22 @@ abstract class Source
* information. Optional, will default to an empty array.
* @return void
*/
- public function initLogin($return, $errorURL = null, array $params = [])
+ public function initLogin($return, ?string $errorURL = null, array $params = []): void
{
Assert::True(is_string($return) || is_array($return));
- Assert::nullOrString($errorURL);
$state = array_merge($params, [
- '\SimpleSAML\Auth\DefaultAuth.id' => $this->authId, // TODO: remove in 2.0
'\SimpleSAML\Auth\Source.id' => $this->authId,
- '\SimpleSAML\Auth\DefaultAuth.Return' => $return, // TODO: remove in 2.0
'\SimpleSAML\Auth\Source.Return' => $return,
- '\SimpleSAML\Auth\DefaultAuth.ErrorURL' => $errorURL, // TODO: remove in 2.0
'\SimpleSAML\Auth\Source.ErrorURL' => $errorURL,
'LoginCompletedHandler' => [get_class(), 'loginCompleted'],
'LogoutCallback' => [get_class(), 'logoutCallback'],
'LogoutCallbackState' => [
- '\SimpleSAML\Auth\DefaultAuth.logoutSource' => $this->authId, // TODO: remove in 2.0
'\SimpleSAML\Auth\Source.logoutSource' => $this->authId,
],
]);
if (is_string($return)) {
- $state['\SimpleSAML\Auth\DefaultAuth.ReturnURL'] = $return; // TODO: remove in 2.0
$state['\SimpleSAML\Auth\Source.ReturnURL'] = $return;
}
@@ -227,9 +216,8 @@ abstract class Source
* @param array $state The state after the login has completed.
* @return void
*/
- public static function loginCompleted($state)
+ public static function loginCompleted(array $state): void
{
- Assert::isArray($state);
Assert::keyExists($state, '\SimpleSAML\Auth\Source.Return');
Assert::keyExists($state, '\SimpleSAML\Auth\Source.id');
Assert::keyExists($state, 'Attributes');
@@ -266,9 +254,8 @@ abstract class Source
* @param array &$state Information about the current logout operation.
* @return void
*/
- public function logout(&$state)
+ public function logout(array &$state): void
{
- Assert::isArray($state);
// default logout handler which doesn't do anything
}
@@ -283,9 +270,8 @@ abstract class Source
* @param array &$state Information about the current authentication.
* @return void
*/
- public static function completeLogout(&$state)
+ public static function completeLogout(array &$state): void
{
- Assert::isArray($state);
Assert::keyExists($state, 'LogoutCompletedHandler');
State::deleteState($state);
@@ -360,11 +346,8 @@ abstract class Source
* source with the given identifier is found.
* @throws \SimpleSAML\Error\Exception If no such authentication source is found or it is invalid.
*/
- public static function getById($authId, $type = null)
+ public static function getById(string $authId, ?string $type = null): ?Source
{
- Assert::string($authId);
- Assert::nullOrString($type);
-
// for now - load and parse config file
$config = Configuration::getConfig('authsources.php');
@@ -400,9 +383,8 @@ abstract class Source
* @param array $state State array for the logout operation.
* @return void
*/
- public static function logoutCallback($state)
+ public static function logoutCallback(array $state): void
{
- Assert::isArray($state);
Assert::keyExists($state, '\SimpleSAML\Auth\Source.logoutSource');
$source = $state['\SimpleSAML\Auth\Source.logoutSource'];
@@ -433,11 +415,8 @@ abstract class Source
* @param array $state The state array passed to the authenticate-function.
* @return void
*/
- protected function addLogoutCallback($assoc, $state)
+ protected function addLogoutCallback(string $assoc, array $state): void
{
- Assert::string($assoc);
- Assert::isArray($state);
-
if (!array_key_exists('LogoutCallback', $state)) {
// the authentication requester doesn't have a logout callback
return;
@@ -478,10 +457,8 @@ abstract class Source
* @param string $assoc The logout association which should be called.
* @return void
*/
- protected function callLogoutCallback($assoc)
+ protected function callLogoutCallback(string $assoc): void
{
- Assert::string($assoc);
-
$id = strlen($this->authId) . ':' . $this->authId . $assoc;
$session = Session::getSessionFromRequest();
@@ -511,7 +488,7 @@ abstract class Source
*
* @return array The id of all authentication sources.
*/
- public static function getSources()
+ public static function getSources(): array
{
$config = Configuration::getOptionalConfig('authsources.php');
@@ -528,7 +505,7 @@ abstract class Source
* @throws \Exception If the first element of $source is not an identifier for the auth source.
* @return void
*/
- protected static function validateSource($source, $id)
+ protected static function validateSource(array $source, string $id): void
{
if (!array_key_exists(0, $source) || !is_string($source[0])) {
throw new \Exception(
diff --git a/lib/SimpleSAML/Auth/SourceFactory.php b/lib/SimpleSAML/Auth/SourceFactory.php
index 1b3077655..d1a0b1d12 100644
--- a/lib/SimpleSAML/Auth/SourceFactory.php
+++ b/lib/SimpleSAML/Auth/SourceFactory.php
@@ -9,7 +9,7 @@ interface SourceFactory
/**
* @param array $info
* @param array $config
- * @return Source
+ * @return \SimpleSAML\Auth\Source
*/
- public function create(array $info, array $config);
+ public function create(array $info, array $config): Source;
}
diff --git a/lib/SimpleSAML/Auth/State.php b/lib/SimpleSAML/Auth/State.php
index 4821b8d0f..9d1f568c8 100644
--- a/lib/SimpleSAML/Auth/State.php
+++ b/lib/SimpleSAML/Auth/State.php
@@ -112,7 +112,7 @@ class State
*
* @return array The persistent authentication state.
*/
- public static function getPersistentAuthData(array $state)
+ public static function getPersistentAuthData(array $state): array
{
// save persistent authentication data
$persistent = [];
@@ -154,11 +154,8 @@ class State
*
* @return string Identifier which can be used to retrieve the state later.
*/
- public static function getStateId(&$state, $rawId = false)
+ public static function getStateId(array &$state, bool $rawId = false): string
{
- Assert::isArray($state);
- Assert::boolean($rawId);
-
if (!array_key_exists(self::ID, $state)) {
$state[self::ID] = Utils\Random::generateID();
}
@@ -203,12 +200,8 @@ class State
*
* @return string Identifier which can be used to retrieve the state later.
*/
- public static function saveState(&$state, $stage, $rawId = false)
+ public static function saveState(array &$state, string $stage, bool $rawId = false) : string
{
- Assert::isArray($state);
- Assert::string($stage);
- Assert::boolean($rawId);
-
$return = self::getStateId($state, $rawId);
$id = $state[self::ID];
@@ -235,7 +228,7 @@ class State
*
* @return array Cloned state data.
*/
- public static function cloneState(array $state)
+ public static function cloneState(array $state): array
{
$clonedState = $state;
@@ -268,11 +261,8 @@ class State
*
* @return array|null State information, or NULL if the state is missing and $allowMissing is true.
*/
- public static function loadState($id, $stage, $allowMissing = false)
+ public static function loadState(string $id, string $stage, bool $allowMissing = false): ?array
{
- Assert::string($id);
- Assert::string($stage);
- Assert::boolean($allowMissing);
Logger::debug('Loading state: ' . var_export($id, true));
$sid = self::parseStateID($id);
@@ -329,10 +319,8 @@ class State
* @param array &$state The state which should be deleted.
* @return void
*/
- public static function deleteState(&$state)
+ public static function deleteState(array &$state): void
{
- Assert::isArray($state);
-
if (!array_key_exists(self::ID, $state)) {
// This state hasn't been saved
return;
@@ -354,10 +342,8 @@ class State
* @throws \SimpleSAML\Error\Exception If there is no exception handler defined, it will just throw the $exception.
* @return void
*/
- public static function throwException($state, Error\Exception $exception)
+ public static function throwException(array $state, Error\Exception $exception): void
{
- Assert::isArray($state);
-
if (array_key_exists(self::EXCEPTION_HANDLER_URL, $state)) {
// Save the exception
$state[self::EXCEPTION_DATA] = $exception;
@@ -392,10 +378,8 @@ class State
*
* @return array|null The state array with the exception, or NULL if no exception was thrown.
*/
- public static function loadExceptionState($id = null)
+ public static function loadExceptionState(?string $id = null): ?array
{
- Assert::nullOrString($id);
-
if ($id === null) {
if (!array_key_exists(self::EXCEPTION_PARAM, $_REQUEST)) {
// No exception
@@ -423,7 +407,7 @@ class State
* @author Andreas Solberg, UNINETT AS <andreas.solberg@uninett.no>
* @author Jaime Perez, UNINETT AS <jaime.perez@uninett.no>
*/
- public static function parseStateID($stateId)
+ public static function parseStateID(string $stateId): array
{
$tmp = explode(':', $stateId, 2);
$id = $tmp[0];
diff --git a/modules/core/lib/Auth/Process/AttributeAdd.php b/modules/core/lib/Auth/Process/AttributeAdd.php
index 59d1dce47..d9b1ffd4c 100644
--- a/modules/core/lib/Auth/Process/AttributeAdd.php
+++ b/modules/core/lib/Auth/Process/AttributeAdd.php
@@ -37,12 +37,10 @@ class AttributeAdd extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$config Configuration information about this filter.
* @param mixed $reserved For future use.
*/
- public function __construct(&$config, $reserved)
+ public function __construct(array &$config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
-
foreach ($config as $name => $values) {
if (is_int($name)) {
if ($values === '%replace') {
@@ -77,9 +75,8 @@ class AttributeAdd extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$request The current request
* @return void
*/
- public function process(&$request)
+ public function process(array &$request): void
{
- Assert::isArray($request);
Assert::keyExists($request, 'Attributes');
$attributes = &$request['Attributes'];
diff --git a/modules/core/lib/Auth/Process/AttributeAlter.php b/modules/core/lib/Auth/Process/AttributeAlter.php
index 4fec537e8..01970de30 100644
--- a/modules/core/lib/Auth/Process/AttributeAlter.php
+++ b/modules/core/lib/Auth/Process/AttributeAlter.php
@@ -61,12 +61,10 @@ class AttributeAlter extends \SimpleSAML\Auth\ProcessingFilter
* @param mixed $reserved For future use.
* @throws \SimpleSAML\Error\Exception In case of invalid configuration.
*/
- public function __construct(&$config, $reserved)
+ public function __construct(array &$config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
-
// parse filter configuration
foreach ($config as $name => $value) {
if (is_int($name)) {
@@ -105,9 +103,8 @@ class AttributeAlter extends \SimpleSAML\Auth\ProcessingFilter
* @throws \SimpleSAML\Error\Exception In case of invalid configuration.
* @return void
*/
- public function process(&$request)
+ public function process(array &$request): void
{
- Assert::isArray($request);
Assert::keyExists($request, 'Attributes');
// get attributes from request
diff --git a/modules/core/lib/Auth/Process/AttributeCopy.php b/modules/core/lib/Auth/Process/AttributeCopy.php
index fe1ae5017..00dcddfcd 100644
--- a/modules/core/lib/Auth/Process/AttributeCopy.php
+++ b/modules/core/lib/Auth/Process/AttributeCopy.php
@@ -36,12 +36,10 @@ class AttributeCopy extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$config Configuration information about this filter.
* @param mixed $reserved For future use.
*/
- public function __construct(&$config, $reserved)
+ public function __construct(array &$config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
-
foreach ($config as $source => $destination) {
if (!is_string($source)) {
throw new \Exception('Invalid source attribute name: ' . var_export($source, true));
@@ -62,9 +60,8 @@ class AttributeCopy extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$request The current request
* @return void
*/
- public function process(&$request)
+ public function process(array &$request): void
{
- Assert::isArray($request);
Assert::keyExists($request, 'Attributes');
$attributes = &$request['Attributes'];
diff --git a/modules/core/lib/Auth/Process/AttributeLimit.php b/modules/core/lib/Auth/Process/AttributeLimit.php
index ffa79c0b5..f5f1f4698 100644
--- a/modules/core/lib/Auth/Process/AttributeLimit.php
+++ b/modules/core/lib/Auth/Process/AttributeLimit.php
@@ -37,12 +37,10 @@ class AttributeLimit extends \SimpleSAML\Auth\ProcessingFilter
* @param mixed $reserved For future use
* @throws \SimpleSAML\Error\Exception If invalid configuration is found.
*/
- public function __construct(&$config, $reserved)
+ public function __construct(array &$config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
-
foreach ($config as $index => $value) {
if ($index === 'default') {
$this->isDefault = (bool) $value;
@@ -71,7 +69,7 @@ class AttributeLimit extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$request The current request.
* @return array|null Array with attribute names, or NULL if no limit is placed.
*/
- private static function getSPIdPAllowed(array &$request)
+ private static function getSPIdPAllowed(array &$request): ?array
{
if (array_key_exists('attributes', $request['Destination'])) {
// SP Config
@@ -94,9 +92,8 @@ class AttributeLimit extends \SimpleSAML\Auth\ProcessingFilter
* @throws \SimpleSAML\Error\Exception If invalid configuration is found.
* @return void
*/
- public function process(&$request)
+ public function process(array &$request): void
{
- Assert::isArray($request);
assert::keyExists($request, 'Attributes');
if ($this->isDefault) {
diff --git a/modules/core/lib/Auth/Process/AttributeMap.php b/modules/core/lib/Auth/Process/AttributeMap.php
index 2ff61fc2e..63c81aad0 100644
--- a/modules/core/lib/Auth/Process/AttributeMap.php
+++ b/modules/core/lib/Auth/Process/AttributeMap.php
@@ -37,11 +37,10 @@ class AttributeMap extends \SimpleSAML\Auth\ProcessingFilter
*
* @throws \Exception If the configuration of the filter is wrong.
*/
- public function __construct(&$config, $reserved)
+ public function __construct(array &$config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
$mapFiles = [];
foreach ($config as $origName => $newName) {
@@ -82,7 +81,7 @@ class AttributeMap extends \SimpleSAML\Auth\ProcessingFilter
* @throws \Exception If the filter could not load the requested attribute map file.
* @return void
*/
- private function loadMapFile(string $fileName)
+ private function loadMapFile(string $fileName): void
{
$config = Configuration::getInstance();
@@ -122,9 +121,8 @@ class AttributeMap extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$request The current request.
* @return void
*/
- public function process(&$request)
+ public function process(array &$request): void
{
- Assert::isArray($request);
Assert::keyExists($request, 'Attributes');
$mapped_attributes = [];
diff --git a/modules/core/lib/Auth/Process/AttributeValueMap.php b/modules/core/lib/Auth/Process/AttributeValueMap.php
index 9f6407771..fddd85b8e 100644
--- a/modules/core/lib/Auth/Process/AttributeValueMap.php
+++ b/modules/core/lib/Auth/Process/AttributeValueMap.php
@@ -54,12 +54,10 @@ class AttributeValueMap extends \SimpleSAML\Auth\ProcessingFilter
* @param mixed $reserved For future use.
* @throws \SimpleSAML\Error\Exception If the configuration is not valid.
*/
- public function __construct(&$config, $reserved)
+ public function __construct(array &$config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
-
// parse configuration
foreach ($config as $name => $value) {
if (is_int($name)) {
@@ -112,11 +110,10 @@ class AttributeValueMap extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$request The current request
* @return void
*/
- public function process(&$request)
+ public function process(array &$request): void
{
Logger::debug('Processing the AttributeValueMap filter.');
- Assert::isArray($request);
Assert::keyExists($request, 'Attributes');
$attributes = &$request['Attributes'];
diff --git a/modules/core/lib/Auth/Process/Cardinality.php b/modules/core/lib/Auth/Process/Cardinality.php
index 96f68fbd0..47a4308a9 100644
--- a/modules/core/lib/Auth/Process/Cardinality.php
+++ b/modules/core/lib/Auth/Process/Cardinality.php
@@ -37,10 +37,9 @@ class Cardinality extends \SimpleSAML\Auth\ProcessingFilter
* @param \SimpleSAML\Utils\HttpAdapter $http HTTP utility service (handles redirects).
* @throws \SimpleSAML\Error\Exception
*/
- public function __construct(&$config, $reserved, Utils\HttpAdapter $http = null)
+ public function __construct(array &$config, $reserved, Utils\HttpAdapter $http = null)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
$this->http = $http ? : new Utils\HttpAdapter();
@@ -111,9 +110,8 @@ class Cardinality extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$request The current request
* @return void
*/
- public function process(&$request)
+ public function process(array &$request): void
{
- Assert::isArray($request);
Assert::keyExists($request, 'Attributes');
$entityid = false;
diff --git a/modules/core/lib/Auth/Process/CardinalitySingle.php b/modules/core/lib/Auth/Process/CardinalitySingle.php
index cf59af15f..bcdec2780 100644
--- a/modules/core/lib/Auth/Process/CardinalitySingle.php
+++ b/modules/core/lib/Auth/Process/CardinalitySingle.php
@@ -47,10 +47,9 @@ class CardinalitySingle extends \SimpleSAML\Auth\ProcessingFilter
* @param mixed $reserved For future use.
* @param \SimpleSAML\Utils\HttpAdapter $http HTTP utility service (handles redirects).
*/
- public function __construct(&$config, $reserved, Utils\HttpAdapter $http = null)
+ public function __construct(array &$config, $reserved, Utils\HttpAdapter $http = null)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
$this->http = $http ? : new Utils\HttpAdapter();
@@ -86,9 +85,8 @@ class CardinalitySingle extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$request The current request
* @return void
*/
- public function process(&$request)
+ public function process(array &$request): void
{
- Assert::isArray($request);
Assert::keyExists($request, 'Attributes');
if (
diff --git a/modules/core/lib/Auth/Process/ExtendIdPSession.php b/modules/core/lib/Auth/Process/ExtendIdPSession.php
index 0366ff2f3..764538336 100644
--- a/modules/core/lib/Auth/Process/ExtendIdPSession.php
+++ b/modules/core/lib/Auth/Process/ExtendIdPSession.php
@@ -18,10 +18,8 @@ class ExtendIdPSession extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$state
* @return void
*/
- public function process(&$state)
+ public function process(array &$state): void
{
- Assert::isArray($state);
-
if (empty($state['Expire']) || empty($state['Authority'])) {
return;
}
diff --git a/modules/core/lib/Auth/Process/GenerateGroups.php b/modules/core/lib/Auth/Process/GenerateGroups.php
index 9a6ef0d3d..fe0cd5f3c 100644
--- a/modules/core/lib/Auth/Process/GenerateGroups.php
+++ b/modules/core/lib/Auth/Process/GenerateGroups.php
@@ -28,12 +28,10 @@ class GenerateGroups extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$config Configuration information about this filter.
* @param mixed $reserved For future use.
*/
- public function __construct(&$config, $reserved)
+ public function __construct(array &$config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
-
if (count($config) === 0) {
// Use default groups
$this->generateGroupsFrom = [
@@ -60,9 +58,8 @@ class GenerateGroups extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$request The current request
* @return void
*/
- public function process(&$request)
+ public function process(array &$request): void
{
- Assert::isArray($request);
Assert::keyExists($request, 'Attributes');
$groups = [];
@@ -105,7 +102,7 @@ class GenerateGroups extends \SimpleSAML\Auth\ProcessingFilter
* @param array $attributes The attributes of the user.
* @return string|null The realm of the user, or NULL if we are unable to determine the realm.
*/
- private static function getRealm(array $attributes)
+ private static function getRealm(array $attributes): ?string
{
if (!array_key_exists('eduPersonPrincipalName', $attributes)) {
return null;
diff --git a/modules/core/lib/Auth/Process/LanguageAdaptor.php b/modules/core/lib/Auth/Process/LanguageAdaptor.php
index 1984c4e32..c1cefff0c 100644
--- a/modules/core/lib/Auth/Process/LanguageAdaptor.php
+++ b/modules/core/lib/Auth/Process/LanguageAdaptor.php
@@ -26,10 +26,9 @@ class LanguageAdaptor extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$config Configuration information about this filter.
* @param mixed $reserved For future use.
*/
- public function __construct(&$config, $reserved)
+ public function __construct(array &$config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
if (array_key_exists('attributename', $config)) {
$this->langattr = $config['attributename'];
@@ -45,9 +44,8 @@ class LanguageAdaptor extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$request The current request
* @return void
*/
- public function process(&$request)
+ public function process(array &$request): void
{
- Assert::isArray($request);
Assert::keyExists($request, 'Attributes');
$attributes = &$request['Attributes'];
diff --git a/modules/core/lib/Auth/Process/PHP.php b/modules/core/lib/Auth/Process/PHP.php
index 5bcf8c0e0..541992d09 100644
--- a/modules/core/lib/Auth/Process/PHP.php
+++ b/modules/core/lib/Auth/Process/PHP.php
@@ -31,12 +31,10 @@ class PHP extends \SimpleSAML\Auth\ProcessingFilter
*
* @throws \SimpleSAML\Error\Exception if the 'code' option is not defined.
*/
- public function __construct(&$config, $reserved)
+ public function __construct(array &$config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
-
if (!isset($config['code'])) {
throw new Error\Exception("core:PHP: missing mandatory configuration option 'code'.");
}
@@ -52,9 +50,8 @@ class PHP extends \SimpleSAML\Auth\ProcessingFilter
*
* @scrutinizer ignore-unused
*/
- public function process(&$request)
+ public function process(array &$request): void
{
- Assert::isArray($request);
Assert::keyExists($request, 'Attributes');
/**
diff --git a/modules/core/lib/Auth/Process/ScopeAttribute.php b/modules/core/lib/Auth/Process/ScopeAttribute.php
index b1228a1f6..8c13339b0 100644
--- a/modules/core/lib/Auth/Process/ScopeAttribute.php
+++ b/modules/core/lib/Auth/Process/ScopeAttribute.php
@@ -50,10 +50,9 @@ class ScopeAttribute extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$config Configuration information about this filter.
* @param mixed $reserved For future use.
*/
- public function __construct(&$config, $reserved)
+ public function __construct(array &$config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
$cfg = Configuration::loadFromArray($config, 'ScopeAttribute');
@@ -70,9 +69,8 @@ class ScopeAttribute extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$request The current request
* @return void
*/
- public function process(&$request)
+ public function process(array &$request): void
{
- Assert::isArray($request);
Assert::keyExists($request, 'Attributes');
$attributes = &$request['Attributes'];
diff --git a/modules/core/lib/Auth/Process/ScopeFromAttribute.php b/modules/core/lib/Auth/Process/ScopeFromAttribute.php
index a8a44012b..eec2cf68b 100644
--- a/modules/core/lib/Auth/Process/ScopeFromAttribute.php
+++ b/modules/core/lib/Auth/Process/ScopeFromAttribute.php
@@ -47,10 +47,9 @@ class ScopeFromAttribute extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$config Configuration information about this filter.
* @param mixed $reserved For future use.
*/
- public function __construct(&$config, $reserved)
+ public function __construct(array &$config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
$cfg = Configuration::loadFromArray($config, 'ScopeFromAttribute');
$this->targetAttribute = $cfg->getString('targetAttribute');
@@ -64,9 +63,8 @@ class ScopeFromAttribute extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$request The current request
* @return void
*/
- public function process(&$request)
+ public function process(array &$request): void
{
- Assert::isArray($request);
Assert::keyExists($request, 'Attributes');
$attributes = &$request['Attributes'];
diff --git a/modules/core/lib/Auth/Process/StatisticsWithAttribute.php b/modules/core/lib/Auth/Process/StatisticsWithAttribute.php
index 07ecc94d0..66fedc761 100644
--- a/modules/core/lib/Auth/Process/StatisticsWithAttribute.php
+++ b/modules/core/lib/Auth/Process/StatisticsWithAttribute.php
@@ -38,12 +38,10 @@ class StatisticsWithAttribute extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$config Configuration information about this filter.
* @param mixed $reserved For future use.
*/
- public function __construct(&$config, $reserved)
+ public function __construct(array &$config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
-
if (array_key_exists('attributename', $config)) {
$this->attribute = $config['attributename'];
if (!is_string($this->attribute)) {
@@ -70,9 +68,8 @@ class StatisticsWithAttribute extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$state The current state.
* @return void
*/
- public function process(&$state)
+ public function process(array &$state): void
{
- Assert::isArray($state);
Assert::keyExists($state, 'Attributes');
$logAttribute = 'NA';
@@ -101,6 +98,7 @@ class StatisticsWithAttribute extends \SimpleSAML\Auth\ProcessingFilter
Logger::stats($isPassive . $this->typeTag . ' ' . $dest . ' ' . $source . ' ' . $logAttribute);
}
+
/**
* @param string &$direction Either 'Source' or 'Destination'.
* @param array $state The current state.
diff --git a/modules/core/lib/Auth/Process/TargetedID.php b/modules/core/lib/Auth/Process/TargetedID.php
index 1e8273bd9..5ed627839 100644
--- a/modules/core/lib/Auth/Process/TargetedID.php
+++ b/modules/core/lib/Auth/Process/TargetedID.php
@@ -61,12 +61,10 @@ class TargetedID extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$config Configuration information about this filter.
* @param mixed $reserved For future use.
*/
- public function __construct(&$config, $reserved)
+ public function __construct(array &$config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
-
if (array_key_exists('attributename', $config)) {
$this->attribute = $config['attributename'];
if (!is_string($this->attribute)) {
@@ -89,9 +87,8 @@ class TargetedID extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$state The current state.
* @return void
*/
- public function process(&$state)
+ public function process(array &$state): void
{
- Assert::isArray($state);
Assert::keyExists($state, 'Attributes');
if ($this->attribute === null) {
diff --git a/modules/core/lib/Auth/Process/WarnShortSSOInterval.php b/modules/core/lib/Auth/Process/WarnShortSSOInterval.php
index e75b56cd7..2ce421d3c 100644
--- a/modules/core/lib/Auth/Process/WarnShortSSOInterval.php
+++ b/modules/core/lib/Auth/Process/WarnShortSSOInterval.php
@@ -26,10 +26,8 @@ class WarnShortSSOInterval extends \SimpleSAML\Auth\ProcessingFilter
* @param array $state The state of the response.
* @return void
*/
- public function process(&$state)
+ public function process(array &$state): void
{
- Assert::isArray($state);
-
if (!array_key_exists('PreviousSSOTimestamp', $state)) {
/*
* No timestamp from the previous SSO to this SP. This is the first
diff --git a/modules/core/lib/Auth/UserPassBase.php b/modules/core/lib/Auth/UserPassBase.php
index 919cda96a..4b2ac3452 100644
--- a/modules/core/lib/Auth/UserPassBase.php
+++ b/modules/core/lib/Auth/UserPassBase.php
@@ -135,7 +135,7 @@ abstract class UserPassBase extends \SimpleSAML\Auth\Source
* @param string|null $forcedUsername The forced username.
* @return void
*/
- public function setForcedUsername($forcedUsername)
+ public function setForcedUsername($forcedUsername): void
{
Assert::nullOrString($forcedUsername);
$this->forcedUsername = $forcedUsername;
@@ -145,7 +145,7 @@ abstract class UserPassBase extends \SimpleSAML\Auth\Source
* Return login links from configuration
* @return array
*/
- public function getLoginLinks()
+ public function getLoginLinks(): array
{
return $this->loginLinks;
}
@@ -155,7 +155,7 @@ abstract class UserPassBase extends \SimpleSAML\Auth\Source
* Getter for the authsource config option remember.username.enabled
* @return bool
*/
- public function getRememberUsernameEnabled()
+ public function getRememberUsernameEnabled(): bool
{
return $this->rememberUsernameEnabled;
}
@@ -165,7 +165,7 @@ abstract class UserPassBase extends \SimpleSAML\Auth\Source
* Getter for the authsource config option remember.username.checked
* @return bool
*/
- public function getRememberUsernameChecked()
+ public function getRememberUsernameChecked(): bool
{
return $this->rememberUsernameChecked;
}
@@ -175,7 +175,7 @@ abstract class UserPassBase extends \SimpleSAML\Auth\Source
* Check if the "remember me" feature is enabled.
* @return bool TRUE if enabled, FALSE otherwise.
*/
- public function isRememberMeEnabled()
+ public function isRememberMeEnabled(): bool
{
return $this->rememberMeEnabled;
}
@@ -185,7 +185,7 @@ abstract class UserPassBase extends \SimpleSAML\Auth\Source
* Check if the "remember me" checkbox should be checked.
* @return bool TRUE if enabled, FALSE otherwise.
*/
- public function isRememberMeChecked()
+ public function isRememberMeChecked(): bool
{
return $this->rememberMeChecked;
}
@@ -200,10 +200,8 @@ abstract class UserPassBase extends \SimpleSAML\Auth\Source
* @param array &$state Information about the current authentication.
* @return void
*/
- public function authenticate(&$state)
+ public function authenticate(array &$state): void
{
- Assert::isArray($state);
-
/*
* Save the identifier of this authentication source, so that we can
* retrieve it later. This allows us to call the login()-function on
@@ -275,7 +273,7 @@ abstract class UserPassBase extends \SimpleSAML\Auth\Source
* @param string $password The password the user wrote.
* @return array Associative array with the user's attributes.
*/
- abstract protected function login($username, $password);
+ abstract protected function login($username, $password): array;
/**
@@ -290,12 +288,8 @@ abstract class UserPassBase extends \SimpleSAML\Auth\Source
* @param string $password The password the user wrote.
* @return void
*/
- public static function handleLogin($authStateId, $username, $password)
+ public static function handleLogin(string $authStateId, string $username, string $password)
{
- Assert::string($authStateId);
- Assert::string($username);
- Assert::string($password);
-
// Here we retrieve the state array we saved in the authenticate-function.
/** @var array $state */
$state = Auth\State::loadState($authStateId, self::STAGEID);
diff --git a/modules/core/lib/Auth/UserPassOrgBase.php b/modules/core/lib/Auth/UserPassOrgBase.php
index 608ca8672..dce40e894 100644
--- a/modules/core/lib/Auth/UserPassOrgBase.php
+++ b/modules/core/lib/Auth/UserPassOrgBase.php
@@ -143,7 +143,7 @@ abstract class UserPassOrgBase extends \SimpleSAML\Auth\Source
* @param string $usernameOrgMethod The method which should be used.
* @return void
*/
- protected function setUsernameOrgMethod($usernameOrgMethod)
+ protected function setUsernameOrgMethod($usernameOrgMethod): void
{
Assert::oneOf($usernameOrgMethod, ['none', 'allow', 'force']);
@@ -161,7 +161,7 @@ abstract class UserPassOrgBase extends \SimpleSAML\Auth\Source
*
* @return string The method which should be used.
*/
- public function getUsernameOrgMethod()
+ public function getUsernameOrgMethod(): string
{
return $this->usernameOrgMethod;
}
@@ -171,7 +171,7 @@ abstract class UserPassOrgBase extends \SimpleSAML\Auth\Source
* Getter for the authsource config option remember.username.enabled
* @return bool
*/
- public function getRememberUsernameEnabled()
+ public function getRememberUsernameEnabled(): bool
{
return $this->rememberUsernameEnabled;
}
@@ -181,7 +181,7 @@ abstract class UserPassOrgBase extends \SimpleSAML\Auth\Source
* Getter for the authsource config option remember.username.checked
* @return bool
*/
- public function getRememberUsernameChecked()
+ public function getRememberUsernameChecked(): bool
{
return $this->rememberUsernameChecked;
}
@@ -191,7 +191,7 @@ abstract class UserPassOrgBase extends \SimpleSAML\Auth\Source
* Getter for the authsource config option remember.organization.enabled
* @return bool
*/
- public function getRememberOrganizationEnabled()
+ public function getRememberOrganizationEnabled(): bool
{
return $this->rememberOrganizationEnabled;
}
@@ -201,7 +201,7 @@ abstract class UserPassOrgBase extends \SimpleSAML\Auth\Source
* Getter for the authsource config option remember.organization.checked
* @return bool
*/
- public function getRememberOrganizationChecked()
+ public function getRememberOrganizationChecked(): bool
{
return $this->rememberOrganizationChecked;
}
@@ -216,10 +216,8 @@ abstract class UserPassOrgBase extends \SimpleSAML\Auth\Source
* @param array &$state Information about the current authentication.
* @return void
*/
- public function authenticate(&$state)
+ public function authenticate(array &$state): void
{
- Assert::isArray($state);
-
// We are going to need the authId in order to retrieve this authentication source later
$state[self::AUTHID] = $this->authId;
@@ -245,7 +243,7 @@ abstract class UserPassOrgBase extends \SimpleSAML\Auth\Source
* @param string $organization The id of the organization the user chose.
* @return array Associative array with the user's attributes.
*/
- abstract protected function login($username, $password, $organization);
+ abstract protected function login(string $username, string $password, string $organization): array;
/**
@@ -258,7 +256,7 @@ abstract class UserPassOrgBase extends \SimpleSAML\Auth\Source
*
* @return array Associative array with the organizations.
*/
- abstract protected function getOrganizations();
+ abstract protected function getOrganizations(): array;
/**
@@ -274,13 +272,12 @@ abstract class UserPassOrgBase extends \SimpleSAML\Auth\Source
* @param string $organization The id of the organization the user chose.
* @return void
*/
- public static function handleLogin($authStateId, $username, $password, $organization)
- {
- Assert::string($authStateId);
- Assert::string($username);
- Assert::string($password);
- assert::string($organization);
-
+ public static function handleLogin(
+ string $authStateId,
+ string $username,
+ string $password,
+ string $organization
+ ): void {
/* Retrieve the authentication state. */
/** @var array $state */
$state = Auth\State::loadState($authStateId, self::STAGEID);
@@ -339,10 +336,8 @@ abstract class UserPassOrgBase extends \SimpleSAML\Auth\Source
* @return array|null Array of organizations. NULL if the user must enter the
* organization as part of the username.
*/
- public static function listOrganizations($authStateId)
+ public static function listOrganizations(string $authStateId): ?array
{
- Assert::string($authStateId);
-
/* Retrieve the authentication state. */
/** @var array $state */
$state = Auth\State::loadState($authStateId, self::STAGEID);
diff --git a/modules/exampleauth/lib/Auth/Process/RedirectTest.php b/modules/exampleauth/lib/Auth/Process/RedirectTest.php
index 88e6da07f..27b575f0f 100644
--- a/modules/exampleauth/lib/Auth/Process/RedirectTest.php
+++ b/modules/exampleauth/lib/Auth/Process/RedirectTest.php
@@ -21,9 +21,8 @@ class RedirectTest extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$state The state we should update.
* @return void
*/
- public function process(&$state)
+ public function process(array &$state): void
{
- Assert::isArray($state);
Assert::keyExists($state, 'Attributes');
// To check whether the state is saved correctly
diff --git a/modules/exampleauth/lib/Auth/Source/External.php b/modules/exampleauth/lib/Auth/Source/External.php
index b6e8101d8..966ab4b57 100644
--- a/modules/exampleauth/lib/Auth/Source/External.php
+++ b/modules/exampleauth/lib/Auth/Source/External.php
@@ -61,7 +61,7 @@ class External extends \SimpleSAML\Auth\Source
*
* @return array|null The user's attributes, or NULL if the user isn't authenticated.
*/
- private function getUser()
+ private function getUser(): ?array
{
/*
* In this example we assume that the attributes are
@@ -107,7 +107,7 @@ class External extends \SimpleSAML\Auth\Source
* @param array &$state Information about the current authentication.
* @return void
*/
- public function authenticate(&$state)
+ public function authenticate(array &$state): void
{
Assert::isArray($state);
@@ -194,7 +194,7 @@ class External extends \SimpleSAML\Auth\Source
* @throws \SimpleSAML\Error\BadRequest
* @throws \SimpleSAML\Error\Exception
*/
- public static function resume()
+ public static function resume(): void
{
/*
* First we need to restore the $state-array. We should have the identifier for
@@ -271,7 +271,7 @@ class External extends \SimpleSAML\Auth\Source
* @param array &$state The logout state array.
* @return void
*/
- public function logout(&$state)
+ public function logout(array &$state): void
{
Assert::isArray($state);
diff --git a/modules/exampleauth/lib/Auth/Source/StaticSource.php b/modules/exampleauth/lib/Auth/Source/StaticSource.php
index 35deb5479..21c86c697 100644
--- a/modules/exampleauth/lib/Auth/Source/StaticSource.php
+++ b/modules/exampleauth/lib/Auth/Source/StaticSource.php
@@ -55,7 +55,7 @@ class StaticSource extends \SimpleSAML\Auth\Source
* @param array &$state Information about the current authentication.
* @return void
*/
- public function authenticate(&$state)
+ public function authenticate(array &$state): void
{
Assert::isArray($state);
$state['Attributes'] = $this->attributes;
diff --git a/modules/multiauth/lib/Auth/Source/MultiAuth.php b/modules/multiauth/lib/Auth/Source/MultiAuth.php
index 959242973..4db78af18 100644
--- a/modules/multiauth/lib/Auth/Source/MultiAuth.php
+++ b/modules/multiauth/lib/Auth/Source/MultiAuth.php
@@ -139,7 +139,7 @@ class MultiAuth extends \SimpleSAML\Auth\Source
* @param array &$state Information about the current authentication.
* @return void
*/
- public function authenticate(&$state)
+ public function authenticate(array &$state) : void
{
Assert::isArray($state);
@@ -234,7 +234,7 @@ class MultiAuth extends \SimpleSAML\Auth\Source
* @param array &$state Information about the current logout operation.
* @return void
*/
- public function logout(&$state)
+ public function logout(array &$state) : void
{
Assert::isArray($state);
diff --git a/modules/saml/lib/Auth/Process/AttributeNameID.php b/modules/saml/lib/Auth/Process/AttributeNameID.php
index 7e5647cf8..6c5db9bff 100644
--- a/modules/saml/lib/Auth/Process/AttributeNameID.php
+++ b/modules/saml/lib/Auth/Process/AttributeNameID.php
@@ -32,10 +32,9 @@ class AttributeNameID extends \SimpleSAML\Module\saml\BaseNameIDGenerator
*
* @throws \SimpleSAML\Error\Exception If the required options 'Format' or 'attribute' are missing.
*/
- public function __construct($config, $reserved)
+ public function __construct(array $config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
if (!isset($config['Format'])) {
throw new Error\Exception("AttributeNameID: Missing required option 'Format'.");
@@ -55,7 +54,7 @@ class AttributeNameID extends \SimpleSAML\Module\saml\BaseNameIDGenerator
* @param array $state The state array.
* @return string|null The NameID value.
*/
- protected function getValue(array &$state)
+ protected function getValue(array &$state): ?string
{
if (!isset($state['Attributes'][$this->attribute]) || count($state['Attributes'][$this->attribute]) === 0) {
Logger::warning(
diff --git a/modules/saml/lib/Auth/Process/AuthnContextClassRef.php b/modules/saml/lib/Auth/Process/AuthnContextClassRef.php
index e717accfd..e1cb26b66 100644
--- a/modules/saml/lib/Auth/Process/AuthnContextClassRef.php
+++ b/modules/saml/lib/Auth/Process/AuthnContextClassRef.php
@@ -30,10 +30,9 @@ class AuthnContextClassRef extends \SimpleSAML\Auth\ProcessingFilter
*
* @throws \SimpleSAML\Error\Exception if the mandatory 'AuthnContextClassRef' option is missing.
*/
- public function __construct($config, $reserved)
+ public function __construct(array $config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
if (!isset($config['AuthnContextClassRef'])) {
throw new Error\Exception('Missing AuthnContextClassRef option in processing filter.');
@@ -49,10 +48,8 @@ class AuthnContextClassRef extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$state The state array for this request.
* @return void
*/
- public function process(&$state)
+ public function process(array &$state): void
{
- Assert::isArray($state);
-
$state['saml:AuthnContextClassRef'] = $this->authnContextClassRef;
}
}
diff --git a/modules/saml/lib/Auth/Process/ExpectedAuthnContextClassRef.php b/modules/saml/lib/Auth/Process/ExpectedAuthnContextClassRef.php
index 0edc8e00e..cd64ac6ad 100644
--- a/modules/saml/lib/Auth/Process/ExpectedAuthnContextClassRef.php
+++ b/modules/saml/lib/Auth/Process/ExpectedAuthnContextClassRef.php
@@ -51,11 +51,10 @@ class ExpectedAuthnContextClassRef extends \SimpleSAML\Auth\ProcessingFilter
*
* @throws \SimpleSAML\Error\Exception if the mandatory 'accepted' configuration option is missing.
*/
- public function __construct($config, $reserved)
+ public function __construct(array $config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
if (empty($config['accepted'])) {
Logger::error(
'ExpectedAuthnContextClassRef: Configuration error. There is no accepted AuthnContextClassRef.'
@@ -73,9 +72,8 @@ class ExpectedAuthnContextClassRef extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$request The current request
* @return void
*/
- public function process(&$request)
+ public function process(array &$request): void
{
- Assert::isArray($request);
Assert::keyExists($request, 'Attributes');
$this->AuthnContextClassRef = $request['saml:sp:State']['saml:sp:AuthnContext'];
@@ -99,7 +97,7 @@ class ExpectedAuthnContextClassRef extends \SimpleSAML\Auth\ProcessingFilter
* @param array $request
* @return void
*/
- protected function unauthorized(&$request)
+ protected function unauthorized(&$request): void
{
Logger::error(
'ExpectedAuthnContextClassRef: Invalid authentication context: ' . strval($this->AuthnContextClassRef) .
diff --git a/modules/saml/lib/Auth/Process/FilterScopes.php b/modules/saml/lib/Auth/Process/FilterScopes.php
index 8b33e723a..39b352069 100644
--- a/modules/saml/lib/Auth/Process/FilterScopes.php
+++ b/modules/saml/lib/Auth/Process/FilterScopes.php
@@ -33,10 +33,9 @@ class FilterScopes extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$config Configuration for this filter.
* @param mixed $reserved For future use.
*/
- public function __construct(&$config, $reserved)
+ public function __construct(array &$config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
if (array_key_exists('attributes', $config) && !empty($config['attributes'])) {
$this->scopedAttributes = $config['attributes'];
@@ -50,7 +49,7 @@ class FilterScopes extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$request the current request
* @return void
*/
- public function process(&$request)
+ public function process(array &$request): void
{
$src = $request['Source'];
if (!count($this->scopedAttributes)) {
diff --git a/modules/saml/lib/Auth/Process/NameIDAttribute.php b/modules/saml/lib/Auth/Process/NameIDAttribute.php
index e7e5655e5..8020e30e4 100644
--- a/modules/saml/lib/Auth/Process/NameIDAttribute.php
+++ b/modules/saml/lib/Auth/Process/NameIDAttribute.php
@@ -38,10 +38,9 @@ class NameIDAttribute extends \SimpleSAML\Auth\ProcessingFilter
* @param array $config Configuration information about this filter.
* @param mixed $reserved For future use.
*/
- public function __construct($config, $reserved)
+ public function __construct(array $config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
if (isset($config['attribute'])) {
$this->attribute = (string) $config['attribute'];
@@ -109,9 +108,8 @@ class NameIDAttribute extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$state The request state.
* @return void
*/
- public function process(&$state)
+ public function process(array &$state): void
{
- Assert::isArray($state);
Assert::keyExists($state['Source'], 'entityid');
Assert::keyExists($state['Destination'], 'entityid');
diff --git a/modules/saml/lib/Auth/Process/PersistentNameID.php b/modules/saml/lib/Auth/Process/PersistentNameID.php
index 07965c8e0..c36eaf62e 100644
--- a/modules/saml/lib/Auth/Process/PersistentNameID.php
+++ b/modules/saml/lib/Auth/Process/PersistentNameID.php
@@ -34,10 +34,9 @@ class PersistentNameID extends \SimpleSAML\Module\saml\BaseNameIDGenerator
*
* @throws \SimpleSAML\Error\Exception If the required option 'attribute' is missing.
*/
- public function __construct($config, $reserved)
+ public function __construct(array $config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
$this->format = Constants::NAMEID_PERSISTENT;
@@ -54,7 +53,7 @@ class PersistentNameID extends \SimpleSAML\Module\saml\BaseNameIDGenerator
* @param array $state The state array.
* @return string|null The NameID value.
*/
- protected function getValue(array &$state)
+ protected function getValue(array &$state): ?string
{
if (!isset($state['Destination']['entityid'])) {
Logger::warning('No SP entity ID - not generating persistent NameID.');
diff --git a/modules/saml/lib/Auth/Process/PersistentNameID2TargetedID.php b/modules/saml/lib/Auth/Process/PersistentNameID2TargetedID.php
index 3c98c4405..f9bfd25ba 100644
--- a/modules/saml/lib/Auth/Process/PersistentNameID2TargetedID.php
+++ b/modules/saml/lib/Auth/Process/PersistentNameID2TargetedID.php
@@ -38,10 +38,9 @@ class PersistentNameID2TargetedID extends \SimpleSAML\Auth\ProcessingFilter
* @param array $config Configuration information about this filter.
* @param mixed $reserved For future use.
*/
- public function __construct($config, $reserved)
+ public function __construct(array $config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
if (isset($config['attribute'])) {
$this->attribute = (string) $config['attribute'];
@@ -63,9 +62,8 @@ class PersistentNameID2TargetedID extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$state The request state.
* @return void
*/
- public function process(&$state)
+ public function process(array &$state): void
{
- Assert::isArray($state);
if (!isset($state['saml:NameID'][Constants::NAMEID_PERSISTENT])) {
Logger::warning(
'Unable to generate eduPersonTargetedID because no persistent NameID was available.'
diff --git a/modules/saml/lib/Auth/Process/SQLPersistentNameID.php b/modules/saml/lib/Auth/Process/SQLPersistentNameID.php
index 76a676bf1..abf6d5809 100644
--- a/modules/saml/lib/Auth/Process/SQLPersistentNameID.php
+++ b/modules/saml/lib/Auth/Process/SQLPersistentNameID.php
@@ -61,10 +61,9 @@ class SQLPersistentNameID extends \SimpleSAML\Module\saml\BaseNameIDGenerator
*
* @throws \SimpleSAML\Error\Exception If the 'attribute' option is not specified.
*/
- public function __construct($config, $reserved)
+ public function __construct(array $config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
$this->format = Constants::NAMEID_PERSISTENT;
@@ -99,7 +98,7 @@ class SQLPersistentNameID extends \SimpleSAML\Module\saml\BaseNameIDGenerator
*
* @throws \SimpleSAML\Module\saml\Error if the NameID creation policy is invalid.
*/
- protected function getValue(array &$state)
+ protected function getValue(array &$state): ?string
{
if (!isset($state['saml:NameIDFormat']) && !$this->allowUnspecified) {
Logger::debug(
diff --git a/modules/saml/lib/Auth/Process/TransientNameID.php b/modules/saml/lib/Auth/Process/TransientNameID.php
index 4f82a7fbb..932ef696a 100644
--- a/modules/saml/lib/Auth/Process/TransientNameID.php
+++ b/modules/saml/lib/Auth/Process/TransientNameID.php
@@ -22,10 +22,9 @@ class TransientNameID extends \SimpleSAML\Module\saml\BaseNameIDGenerator
* @param array $config Configuration information about this filter.
* @param mixed $reserved For future use.
*/
- public function __construct($config, $reserved)
+ public function __construct(array $config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
$this->format = Constants::NAMEID_TRANSIENT;
}
@@ -37,7 +36,7 @@ class TransientNameID extends \SimpleSAML\Module\saml\BaseNameIDGenerator
* @param array $state The state array.
* @return string|null The NameID value.
*/
- protected function getValue(array &$state)
+ protected function getValue(array &$state): ?string
{
return Utils\Random::generateID();
}
diff --git a/modules/saml/lib/Auth/Source/SP.php b/modules/saml/lib/Auth/Source/SP.php
index 91f2bd24b..0d62b13b2 100644
--- a/modules/saml/lib/Auth/Source/SP.php
+++ b/modules/saml/lib/Auth/Source/SP.php
@@ -730,7 +730,7 @@ class SP extends \SimpleSAML\Auth\Source
* @param array &$state Information about the current authentication.
* @return void
*/
- public function authenticate(&$state)
+ public function authenticate(array &$state) : void
{
Assert::isArray($state);
@@ -789,7 +789,7 @@ class SP extends \SimpleSAML\Auth\Source
* @param array &$state Information about the current authentication.
* @return void
*/
- public function reauthenticate(array &$state)
+ public function reauthenticate(array &$state) : void
{
$session = Session::getSessionFromRequest();
$data = $session->getAuthState($this->authId);
@@ -1034,7 +1034,7 @@ class SP extends \SimpleSAML\Auth\Source
* @param array $state The logout state.
* @return void
*/
- public function logout(&$state)
+ public function logout(array &$state) : void
{
Assert::isArray($state);
Assert::keyExists($state, 'saml:logout:Type');
diff --git a/modules/saml/lib/BaseNameIDGenerator.php b/modules/saml/lib/BaseNameIDGenerator.php
index bffb4435e..0e7dc5c9c 100644
--- a/modules/saml/lib/BaseNameIDGenerator.php
+++ b/modules/saml/lib/BaseNameIDGenerator.php
@@ -55,10 +55,9 @@ abstract class BaseNameIDGenerator extends \SimpleSAML\Auth\ProcessingFilter
* @param array $config Configuration information about this filter.
* @param mixed $reserved For future use.
*/
- public function __construct($config, $reserved)
+ public function __construct(array $config, $reserved)
{
parent::__construct($config, $reserved);
- Assert::isArray($config);
if (isset($config['NameQualifier'])) {
$this->nameQualifier = $config['NameQualifier'];
@@ -88,9 +87,8 @@ abstract class BaseNameIDGenerator extends \SimpleSAML\Auth\ProcessingFilter
* @param array &$state The request state.
* @return void
*/
- public function process(&$state)
+ public function process(array &$state): void
{
- Assert::isArray($state);
Assert::string($this->format);
$value = $this->getValue($state);
--
GitLab