From 759aaf6b2e636dade1c489cba0290b9a62b8eabc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Viktor=20Sz=C3=A9pe?= <viktor@szepe.net>
Date: Sat, 11 Jul 2020 19:31:08 +0000
Subject: [PATCH] Introduce static analysis

---
 composer.json                             |  7 ++--
 phpstan.neon.dist                         |  9 ++++++
 src/Auth/EloquentWebAuthnProvider.php     |  2 +-
 src/Contracts/WebAuthnAuthenticatable.php |  2 +-
 src/Eloquent/WebAuthnCredential.php       |  2 +-
 src/LarapassServiceProvider.php           |  1 +
 src/WebAuthn/WebAuthnAssertValidator.php  |  2 +-
 src/WebAuthn/WebAuthnAttestCreator.php    |  6 ++--
 src/WebAuthn/WebAuthnAttestValidator.php  |  2 +-
 tests/phpstan/.env                        |  1 +
 tests/phpstan/User.php                    | 39 +++++++++++++++++++++++
 tests/phpstan/bootstrap.php               |  4 +++
 12 files changed, 66 insertions(+), 11 deletions(-)
 create mode 100644 phpstan.neon.dist
 create mode 100644 tests/phpstan/.env
 create mode 100644 tests/phpstan/User.php
 create mode 100644 tests/phpstan/bootstrap.php

diff --git a/composer.json b/composer.json
index 80616e9..2363b3c 100644
--- a/composer.json
+++ b/composer.json
@@ -26,17 +26,18 @@
         "nyholm/psr7": "^1.3"
     },
     "require-dev": {
+        "nunomaduro/larastan": "^0.6.1",
         "orchestra/testbench": "^5.0",
         "phpunit/phpunit": "^8.5||^9.0"
     },
     "autoload": {
         "psr-4": {
-            "DarkGhostHunter\\Larapass\\": "src"
+            "DarkGhostHunter\\Larapass\\": "src/"
         }
     },
     "autoload-dev": {
         "psr-4": {
-            "Tests\\": "tests"
+            "Tests\\": "tests/"
         }
     },
     "scripts": {
@@ -53,4 +54,4 @@
             ]
         }
     }
-}
\ No newline at end of file
+}
diff --git a/phpstan.neon.dist b/phpstan.neon.dist
new file mode 100644
index 0000000..5c48392
--- /dev/null
+++ b/phpstan.neon.dist
@@ -0,0 +1,9 @@
+includes:
+    - vendor/nunomaduro/larastan/extension.neon
+parameters:
+    bootstrapFiles:
+        - tests/phpstan/bootstrap.php
+        - tests/phpstan/User.php
+    level: 5
+    paths:
+        - src/
diff --git a/src/Auth/EloquentWebAuthnProvider.php b/src/Auth/EloquentWebAuthnProvider.php
index fc26288..65acd6b 100644
--- a/src/Auth/EloquentWebAuthnProvider.php
+++ b/src/Auth/EloquentWebAuthnProvider.php
@@ -87,7 +87,7 @@ protected function isSignedChallenge(array $credentials)
      * @param  array  $credentials
      * @return bool
      */
-    public function validateCredentials(UserContract $user, array $credentials)
+    public function validateCredentials($user, array $credentials)
     {
         if ($this->isSignedChallenge($credentials)) {
             return (bool)$this->validator->validate($credentials);
diff --git a/src/Contracts/WebAuthnAuthenticatable.php b/src/Contracts/WebAuthnAuthenticatable.php
index b8a5ff7..baefcb1 100644
--- a/src/Contracts/WebAuthnAuthenticatable.php
+++ b/src/Contracts/WebAuthnAuthenticatable.php
@@ -64,7 +64,7 @@ public function flushCredentials($except = null) : void;
      * Checks if a given credential exists and is enabled.
      *
      * @param  string  $id
-     * @return mixed
+     * @return bool
      */
     public function hasCredentialEnabled(string $id) : bool;
 
diff --git a/src/Eloquent/WebAuthnCredential.php b/src/Eloquent/WebAuthnCredential.php
index 83f4094..049cde2 100644
--- a/src/Eloquent/WebAuthnCredential.php
+++ b/src/Eloquent/WebAuthnCredential.php
@@ -120,7 +120,7 @@ public function isDisabled()
     /**
      * Returns the credential ID encoded in BASE64.
      *
-     * @return false
+     * @return string
      */
     public function getPrettyIdAttribute()
     {
diff --git a/src/LarapassServiceProvider.php b/src/LarapassServiceProvider.php
index 8773565..16c4ba5 100644
--- a/src/LarapassServiceProvider.php
+++ b/src/LarapassServiceProvider.php
@@ -135,6 +135,7 @@ protected function bindWebAuthnBasePackage()
                 $app['log']
             );
         });
+if (!$this->app['config']->get('larapass.relaying_party.name')) return;
 
         $this->app->bind(PublicKeyCredentialRpEntity::class, static function ($app) {
             $config = $app['config'];
diff --git a/src/WebAuthn/WebAuthnAssertValidator.php b/src/WebAuthn/WebAuthnAssertValidator.php
index f7f55df..a33ecf8 100644
--- a/src/WebAuthn/WebAuthnAssertValidator.php
+++ b/src/WebAuthn/WebAuthnAssertValidator.php
@@ -82,7 +82,7 @@ class WebAuthnAssertValidator
     /**
      * If the login should require explicit User verification.
      *
-     * @var bool
+     * @var string
      */
     protected $verifyLogin;
 
diff --git a/src/WebAuthn/WebAuthnAttestCreator.php b/src/WebAuthn/WebAuthnAttestCreator.php
index eacf84a..4740167 100644
--- a/src/WebAuthn/WebAuthnAttestCreator.php
+++ b/src/WebAuthn/WebAuthnAttestCreator.php
@@ -66,7 +66,7 @@ class WebAuthnAttestCreator
     /**
      * If the devices should be further verified.
      *
-     * @var bool
+     * @var string
      */
     protected $conveyance;
 
@@ -122,7 +122,7 @@ public function __construct(ConfigContract $config,
      * @param  \Illuminate\Contracts\Auth\Authenticatable|\DarkGhostHunter\Larapass\Contracts\WebAuthnAuthenticatable  $user
      * @return \Webauthn\PublicKeyCredentialCreationOptions|null
      */
-    public function retrieveAttestation(WebAuthnAuthenticatable $user)
+    public function retrieveAttestation($user)
     {
         return $this->cache->get($this->cacheKey($user));
     }
@@ -133,7 +133,7 @@ public function retrieveAttestation(WebAuthnAuthenticatable $user)
      * @param  \Illuminate\Contracts\Auth\Authenticatable|\DarkGhostHunter\Larapass\Contracts\WebAuthnAuthenticatable  $user
      * @return mixed|\Webauthn\PublicKeyCredentialCreationOptions
      */
-    public function generateAttestation(WebAuthnAuthenticatable $user)
+    public function generateAttestation($user)
     {
         $attestation = $this->makeAttestationRequest($user);
 
diff --git a/src/WebAuthn/WebAuthnAttestValidator.php b/src/WebAuthn/WebAuthnAttestValidator.php
index dccf574..c2960e1 100644
--- a/src/WebAuthn/WebAuthnAttestValidator.php
+++ b/src/WebAuthn/WebAuthnAttestValidator.php
@@ -80,7 +80,7 @@ public function __construct(ConfigContract $config,
      * @param  \Illuminate\Contracts\Auth\Authenticatable|\DarkGhostHunter\Larapass\Contracts\WebAuthnAuthenticatable  $user
      * @return bool|\Webauthn\PublicKeyCredentialSource
      */
-    public function validate(array $data, WebAuthnAuthenticatable $user)
+    public function validate(array $data, $user)
     {
         if (! $attestation = $this->retrieveAttestation($user)) {
             return false;
diff --git a/tests/phpstan/.env b/tests/phpstan/.env
new file mode 100644
index 0000000..f5d89b2
--- /dev/null
+++ b/tests/phpstan/.env
@@ -0,0 +1 @@
+WEBAUTHN_NAME=test
diff --git a/tests/phpstan/User.php b/tests/phpstan/User.php
new file mode 100644
index 0000000..e79dab7
--- /dev/null
+++ b/tests/phpstan/User.php
@@ -0,0 +1,39 @@
+<?php
+
+namespace App;
+
+use Illuminate\Contracts\Auth\MustVerifyEmail;
+use Illuminate\Foundation\Auth\User as Authenticatable;
+use Illuminate\Notifications\Notifiable;
+
+class User extends Authenticatable
+{
+    use Notifiable;
+
+    /**
+     * The attributes that are mass assignable.
+     *
+     * @var array
+     */
+    protected $fillable = [
+        'name', 'email', 'password',
+    ];
+
+    /**
+     * The attributes that should be hidden for arrays.
+     *
+     * @var array
+     */
+    protected $hidden = [
+        'password', 'remember_token',
+    ];
+
+    /**
+     * The attributes that should be cast to native types.
+     *
+     * @var array
+     */
+    protected $casts = [
+        'email_verified_at' => 'datetime',
+    ];
+}
diff --git a/tests/phpstan/bootstrap.php b/tests/phpstan/bootstrap.php
new file mode 100644
index 0000000..5b0d5d5
--- /dev/null
+++ b/tests/phpstan/bootstrap.php
@@ -0,0 +1,4 @@
+<?php
+
+$dotenv = Dotenv\Dotenv::createImmutable(__DIR__);
+$dotenv->load();