Merge pull request #1475 from hafezdivandari/master-bump-phpunit

Bump PHPUnit and PHPStan
thephpleague · Feb 27, 2025 · b8df2b3 · b8df2b3
2 parents 0032301 + a669aae
commit b8df2b3
Show file tree

Hide file tree

Showing 11 changed files with 113 additions and 82 deletions.
diff --git a/composer.json b/composer.json
@@ -16,14 +16,14 @@
         "psr/http-server-middleware": "^1.0"
     },
     "require-dev": {
-        "phpunit/phpunit": "^9.6.21",
+        "phpunit/phpunit": "^10.5|^11.5|^12.0",
         "laminas/laminas-diactoros": "^3.5",
-        "phpstan/phpstan": "^1.12",
-        "phpstan/phpstan-phpunit": "^1.3.15",
+        "phpstan/phpstan": "^1.12|^2.0",
+        "phpstan/phpstan-phpunit": "^1.3.15|^2.0",
         "roave/security-advisories": "dev-master",
         "phpstan/extension-installer": "^1.3.1",
-        "phpstan/phpstan-deprecation-rules": "^1.1.4",
-        "phpstan/phpstan-strict-rules": "^1.5.2",
+        "phpstan/phpstan-deprecation-rules": "^1.1.4|^2.0",
+        "phpstan/phpstan-strict-rules": "^1.5.2|^2.0",
         "slevomat/coding-standard": "^8.14.1",
         "php-parallel-lint/php-parallel-lint": "^1.3.2",
         "squizlabs/php_codesniffer": "^3.8"

diff --git a/phpunit.xml.dist b/phpunit.xml.dist
@@ -1,18 +1,19 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/9.3/phpunit.xsd"
+         xsi:noNamespaceSchemaLocation="vendor/phpunit/phpunit/phpunit.xsd"
+         bootstrap="vendor/autoload.php"
          colors="true"
+         failOnRisky="true"
+         failOnWarning="true"
          stopOnError="true"
          stopOnFailure="true"
-         stopOnIncomplete="false"
-         stopOnSkipped="false"
-         bootstrap="tests/Bootstrap.php"
 >
-  <coverage includeUncoveredFiles="true">
+  <source>
     <include>
-      <directory suffix=".php">src</directory>
+      <directory>src</directory>
     </include>
-  </coverage>
+  </source>
+
   <testsuites>
     <testsuite name="Tests">
       <directory>./tests/</directory>

diff --git a/src/AuthorizationValidators/BearerTokenValidator.php b/src/AuthorizationValidators/BearerTokenValidator.php
@@ -74,6 +74,7 @@ private function initJwtConfiguration(): void
             throw new RuntimeException('Public key is empty');
         }
 
+        // TODO: next major release: replace deprecated method and remove phpstan ignored error
         $this->jwtConfiguration->setValidationConstraints(
             new LooseValidAt($clock, $this->jwtValidAtDateLeeway),
             new SignedWith(

diff --git a/src/Grant/AuthCodeGrant.php b/src/Grant/AuthCodeGrant.php
@@ -175,7 +175,11 @@ private function validateCodeChallenge(object $authCodePayload, ?string $codeVer
             if (isset($this->codeChallengeVerifiers[$authCodePayload->code_challenge_method])) {
                 $codeChallengeVerifier = $this->codeChallengeVerifiers[$authCodePayload->code_challenge_method];
 
-                if (!isset($authCodePayload->code_challenge) || $codeChallengeVerifier->verifyCodeChallenge($codeVerifier, $authCodePayload->code_challenge) === false) {
+                if (
+                    !property_exists($authCodePayload, 'code_challenge') ||
+                    !isset($authCodePayload->code_challenge) ||
+                    $codeChallengeVerifier->verifyCodeChallenge($codeVerifier, $authCodePayload->code_challenge) === false
+                ) {
                     throw OAuthServerException::invalidGrant('Failed to verify `code_verifier`.');
                 }
             } else {

diff --git a/tests/Bootstrap.php b/tests/Bootstrap.php
diff --git a/tests/Exception/OAuthServerExceptionTest.php b/tests/Exception/OAuthServerExceptionTest.php
@@ -93,7 +93,9 @@ private function issueInvalidClientException(ServerRequestInterface $serverReque
         $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
         $clientRepositoryMock->method('validateClient')->willReturn(false);
 
-        $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
+        $grantMock = $this->getMockBuilder(AbstractGrant::class)
+            ->onlyMethods(['getIdentifier', 'respondToAccessTokenRequest'])
+            ->getMock();
         $grantMock->setClientRepository($clientRepositoryMock);
 
         $abstractGrantReflection = new ReflectionClass($grantMock);

diff --git a/tests/Grant/AbstractGrantTest.php b/tests/Grant/AbstractGrantTest.php
diff --git a/tests/Grant/DeviceCodeGrantTest.php b/tests/Grant/DeviceCodeGrantTest.php
@@ -347,7 +347,7 @@ public function testRespondToAccessTokenRequest(): void
         $deviceCodeEntity->setClient($client);
         $deviceCodeEntity->addScope($scope);
 
-        $deviceCodeRepositoryMock->method('getDeviceCodeEntityByDeviceCode')
+        $deviceCodeRepositoryMock->expects(self::atLeast(1))->method('getDeviceCodeEntityByDeviceCode')
             ->with($deviceCodeEntity->getIdentifier())
             ->willReturn($deviceCodeEntity);
 
@@ -356,7 +356,7 @@ public function testRespondToAccessTokenRequest(): void
         $accessTokenEntity->addScope($scope);
 
         $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
-        $accessTokenRepositoryMock->method('getNewToken')
+        $accessTokenRepositoryMock->expects(self::once())->method('getNewToken')
             ->with($client, $deviceCodeEntity->getScopes(), $deviceCodeEntity->getUserIdentifier())
             ->willReturn($accessTokenEntity);
         $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();

diff --git a/tests/Grant/RefreshTokenGrantTest.php b/tests/Grant/RefreshTokenGrantTest.php
@@ -611,6 +611,7 @@ public function testRespondToRequestFinalizeScopes(): void
         $accessToken = new AccessTokenEntity();
         $accessToken->setClient($client);
         $accessTokenRepositoryMock
+            ->expects(self::once())
             ->method('getNewToken')
             ->with($client, $finalizedScopes)
             ->willReturn($accessToken);
@@ -674,7 +675,7 @@ public function testRevokedRefreshToken(): void
 
         $refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
         $refreshTokenRepositoryMock->method('isRefreshTokenRevoked')
-            ->will(self::onConsecutiveCalls(false, true));
+            ->willReturn(false, true);
         $refreshTokenRepositoryMock->expects(self::once())->method('revokeRefreshToken')->with(self::equalTo($refreshTokenId));
 
         $oldRefreshToken = json_encode(

diff --git a/tests/PHPStan/AbstractGrantExtension.php b/tests/PHPStan/AbstractGrantExtension.php
@@ -36,7 +36,7 @@ public function getTypeFromMethodCall(MethodReflection $methodReflection, Method
     {
         return TypeCombinator::union(...[
             new StringType(),
-            isset($methodCall->getArgs[2]) ? $scope->getType($methodCall->getArgs[2]->value) : new NullType(),
+            property_exists($methodCall, 'getArgs') && isset($methodCall->getArgs[2]) ? $scope->getType($methodCall->getArgs[2]->value) : new NullType(),
         ]);
     }
 }
diff --git a/tests/Stubs/ScopeEntity.php b/tests/Stubs/ScopeEntity.php
@@ -6,11 +6,13 @@
 
 use League\OAuth2\Server\Entities\ScopeEntityInterface;
 use League\OAuth2\Server\Entities\Traits\EntityTrait;
+use League\OAuth2\Server\Entities\Traits\ScopeTrait;
 use ReturnTypeWillChange;
 
 class ScopeEntity implements ScopeEntityInterface
 {
     use EntityTrait;
+    use ScopeTrait;
 
     #[ReturnTypeWillChange]
     public function jsonSerialize(): string