Change AuthenticationPlugin::showFailure() return type

Instead of throwing an ExitException, showFailure() now returns a Response object. Signed-off-by: Maurício Meneghini Fauth <mauricio@fauth.dev>
phpmyadmin · May 9, 2024 · ad98ad2 · ad98ad2
1 parent cfdaedb
commit ad98ad2
Show file tree

Hide file tree

Showing 11 changed files with 46 additions and 50 deletions.
diff --git a/psalm-baseline.xml b/psalm-baseline.xml
@@ -7679,6 +7679,7 @@
       <code><![CDATA[$password]]></code>
     </PossiblyInvalidPropertyAssignmentValue>
     <PossiblyUnusedReturnValue>
+      <code><![CDATA[Response]]></code>
       <code><![CDATA[bool]]></code>
     </PossiblyUnusedReturnValue>
     <RedundantCast>
@@ -7768,6 +7769,9 @@
       <code><![CDATA[$config->selectedServer]]></code>
       <code><![CDATA[array_merge($config->selectedServer, $singleSignonCfgUpdate)]]></code>
     </MixedPropertyTypeCoercion>
+    <PossiblyUnusedReturnValue>
+      <code><![CDATA[Response]]></code>
+    </PossiblyUnusedReturnValue>
     <RiskyTruthyFalsyComparison>
       <code><![CDATA[empty($config->selectedServer['SignonURL'])]]></code>
     </RiskyTruthyFalsyComparison>

diff --git a/src/Http/Middleware/Authentication.php b/src/Http/Middleware/Authentication.php
@@ -63,7 +63,7 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
             try {
                 $authPlugin->authenticate();
             } catch (AuthenticationFailure $exception) {
-                $authPlugin->showFailure($exception);
+                return $authPlugin->showFailure($exception);
             }
 
             $currentServer = new Server(Config::getInstance()->selectedServer);
@@ -79,7 +79,7 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
             try {
                 $this->connectToDatabaseServer(DatabaseInterface::getInstance(), $currentServer);
             } catch (AuthenticationFailure $exception) {
-                $authPlugin->showFailure($exception);
+                return $authPlugin->showFailure($exception);
             }
 
             // Relation should only be initialized after the connection is successful

diff --git a/src/Plugins/Auth/AuthenticationConfig.php b/src/Plugins/Auth/AuthenticationConfig.php
@@ -12,13 +12,16 @@
 use PhpMyAdmin\Error\ErrorHandler;
 use PhpMyAdmin\Exceptions\AuthenticationFailure;
 use PhpMyAdmin\Html\Generator;
+use PhpMyAdmin\Http\Response;
 use PhpMyAdmin\Plugins\AuthenticationPlugin;
 use PhpMyAdmin\ResponseRenderer;
 use PhpMyAdmin\Server\Select;
 use PhpMyAdmin\Util;
 
 use function __;
 use function count;
+use function ob_get_clean;
+use function ob_start;
 use function sprintf;
 use function trigger_error;
 
@@ -67,7 +70,7 @@ public function readCredentials(): bool
     /**
      * User is not allowed to login to MySQL -> authentication failed
      */
-    public function showFailure(AuthenticationFailure $failure): never
+    public function showFailure(AuthenticationFailure $failure): Response
     {
         $this->logFailure($failure);
 
@@ -77,12 +80,14 @@ public function showFailure(AuthenticationFailure $failure): never
         }
 
         /* HTML header */
-        $response = ResponseRenderer::getInstance();
-        $response->setMinimalFooter();
-        $header = $response->getHeader();
+        $responseRenderer = ResponseRenderer::getInstance();
+        $responseRenderer->setMinimalFooter();
+        $header = $responseRenderer->getHeader();
         $header->setBodyId('loginform');
         $header->setTitle(__('Access denied!'));
         $header->disableMenuAndConsole();
+
+        ob_start();
         echo '<br><br>
     <div class="text-center">
         <h1>';
@@ -157,6 +162,9 @@ public function showFailure(AuthenticationFailure $failure): never
         }
 
         echo '</table>' , "\n";
-        $response->callExit();
+
+        $responseRenderer->addHTML((string) ob_get_clean());
+
+        return $responseRenderer->response();
     }
 }
diff --git a/src/Plugins/Auth/AuthenticationCookie.php b/src/Plugins/Auth/AuthenticationCookie.php
@@ -13,6 +13,7 @@
 use PhpMyAdmin\Error\ErrorHandler;
 use PhpMyAdmin\Exceptions\AuthenticationFailure;
 use PhpMyAdmin\Exceptions\SessionHandlerException;
+use PhpMyAdmin\Http\Response;
 use PhpMyAdmin\LanguageManager;
 use PhpMyAdmin\Message;
 use PhpMyAdmin\Plugins\AuthenticationPlugin;
@@ -543,7 +544,7 @@ public function storePasswordCookie(string $password): void
      * prepares error message and switches to showLoginForm() which display the error
      * and the login form
      */
-    public function showFailure(AuthenticationFailure $failure): never
+    public function showFailure(AuthenticationFailure $failure): Response
     {
         $this->logFailure($failure);
 
@@ -552,11 +553,11 @@ public function showFailure(AuthenticationFailure $failure): never
 
         $GLOBALS['conn_error'] = $this->getErrorMessage($failure);
 
-        $response = ResponseRenderer::getInstance();
+        $responseRenderer = ResponseRenderer::getInstance();
 
         // needed for PHP-CGI (not need for FastCGI or mod-php)
-        $response->addHeader('Cache-Control', 'no-store, no-cache, must-revalidate');
-        $response->addHeader('Pragma', 'no-cache');
+        $responseRenderer->addHeader('Cache-Control', 'no-store, no-cache, must-revalidate');
+        $responseRenderer->addHeader('Pragma', 'no-cache');
 
         $this->showLoginForm();
     }

diff --git a/src/Plugins/Auth/AuthenticationHttp.php b/src/Plugins/Auth/AuthenticationHttp.php
@@ -13,6 +13,7 @@
 use PhpMyAdmin\Core;
 use PhpMyAdmin\DatabaseInterface;
 use PhpMyAdmin\Exceptions\AuthenticationFailure;
+use PhpMyAdmin\Http\Response;
 use PhpMyAdmin\LanguageManager;
 use PhpMyAdmin\Message;
 use PhpMyAdmin\Plugins\AuthenticationPlugin;
@@ -180,19 +181,20 @@ public function readCredentials(): bool
     /**
      * User is not allowed to login to MySQL -> authentication failed
      */
-    public function showFailure(AuthenticationFailure $failure): never
+    public function showFailure(AuthenticationFailure $failure): Response
     {
         $this->logFailure($failure);
 
         $error = DatabaseInterface::getInstance()->getError();
         if ($error && $GLOBALS['errno'] != 1045) {
-            echo $this->template->render('error/generic', [
+            $responseRenderer = ResponseRenderer::getInstance();
+            $responseRenderer->addHTML($this->template->render('error/generic', [
                 'lang' => $GLOBALS['lang'] ?? 'en',
                 'dir' => LanguageManager::$textDir,
                 'error_message' => $error,
-            ]);
+            ]));
 
-            ResponseRenderer::getInstance()->callExit();
+            return $responseRenderer->response();
         }
 
         $this->authForm();

diff --git a/src/Plugins/Auth/AuthenticationSignon.php b/src/Plugins/Auth/AuthenticationSignon.php
@@ -9,6 +9,7 @@
 
 use PhpMyAdmin\Config;
 use PhpMyAdmin\Exceptions\AuthenticationFailure;
+use PhpMyAdmin\Http\Response;
 use PhpMyAdmin\LanguageManager;
 use PhpMyAdmin\Plugins\AuthenticationPlugin;
 use PhpMyAdmin\ResponseRenderer;
@@ -235,7 +236,7 @@ public function readCredentials(): bool
     /**
      * User is not allowed to login to MySQL -> authentication failed
      */
-    public function showFailure(AuthenticationFailure $failure): never
+    public function showFailure(AuthenticationFailure $failure): Response
     {
         $this->logFailure($failure);
 

diff --git a/src/Plugins/AuthenticationPlugin.php b/src/Plugins/AuthenticationPlugin.php
@@ -12,6 +12,7 @@
 use PhpMyAdmin\Exceptions\AuthenticationFailure;
 use PhpMyAdmin\Exceptions\ExitException;
 use PhpMyAdmin\Exceptions\SessionHandlerException;
+use PhpMyAdmin\Http\Response;
 use PhpMyAdmin\Http\ServerRequest;
 use PhpMyAdmin\IpAllowDeny;
 use PhpMyAdmin\LanguageManager;
@@ -97,7 +98,7 @@ public function rememberCredentials(): void
     /**
      * User is not allowed to login to MySQL -> authentication failed
      */
-    abstract public function showFailure(AuthenticationFailure $failure): never;
+    abstract public function showFailure(AuthenticationFailure $failure): Response;
 
     protected function logFailure(AuthenticationFailure $failure): void
     {

diff --git a/tests/unit/Plugins/Auth/AuthenticationConfigTest.php b/tests/unit/Plugins/Auth/AuthenticationConfigTest.php
@@ -15,10 +15,6 @@
 use PHPUnit\Framework\Attributes\CoversClass;
 use PHPUnit\Framework\Attributes\Medium;
 use ReflectionProperty;
-use Throwable;
-
-use function ob_get_clean;
-use function ob_start;
 
 #[CoversClass(AuthenticationConfig::class)]
 #[Medium]
@@ -90,17 +86,9 @@ public function testAuthFails(): void
 
         (new ReflectionProperty(ResponseRenderer::class, 'instance'))->setValue(null, null);
 
-        ob_start();
-        try {
-            $this->object->showFailure(AuthenticationFailure::serverDenied());
-        } catch (Throwable $throwable) {
-        }
-
-        $html = ob_get_clean();
-
-        self::assertInstanceOf(ExitException::class, $throwable);
+        $response = $this->object->showFailure(AuthenticationFailure::serverDenied());
 
-        self::assertIsString($html);
+        $html = (string) $response->getBody();
 
         self::assertStringContainsString(
             'You probably did not create a configuration file. You might want ' .

diff --git a/tests/unit/Plugins/Auth/AuthenticationCookieTest.php b/tests/unit/Plugins/Auth/AuthenticationCookieTest.php
@@ -552,7 +552,7 @@ public function testAuthCheckAuthFails(): void
         // mock for blowfish function
         $this->object = $this->getMockBuilder(AuthenticationCookie::class)
             ->disableOriginalConstructor()
-            ->onlyMethods(['showFailure', 'cookieDecrypt'])
+            ->onlyMethods(['cookieDecrypt'])
             ->getMock();
 
         $this->object->expects(self::once())
@@ -639,7 +639,7 @@ public function testAuthFailsNoPass(): void
         } catch (Throwable $throwable) {
         }
 
-        self::assertInstanceOf(ExitException::class, $throwable);
+        self::assertInstanceOf(ExitException::class, $throwable ?? null);
         $response = $responseStub->getResponse();
         self::assertSame(['no-store, no-cache, must-revalidate'], $response->getHeader('Cache-Control'));
         self::assertSame(['no-cache'], $response->getHeader('Pragma'));
@@ -707,7 +707,7 @@ public function testAuthFailsDeny(): void
         } catch (Throwable $throwable) {
         }
 
-        self::assertInstanceOf(ExitException::class, $throwable);
+        self::assertInstanceOf(ExitException::class, $throwable ?? null);
         $response = $responseStub->getResponse();
         self::assertSame(['no-store, no-cache, must-revalidate'], $response->getHeader('Cache-Control'));
         self::assertSame(['no-cache'], $response->getHeader('Pragma'));
@@ -739,7 +739,7 @@ public function testAuthFailsActivity(): void
         } catch (Throwable $throwable) {
         }
 
-        self::assertInstanceOf(ExitException::class, $throwable);
+        self::assertInstanceOf(ExitException::class, $throwable ?? null);
         $response = $responseStub->getResponse();
         self::assertSame(['no-store, no-cache, must-revalidate'], $response->getHeader('Cache-Control'));
         self::assertSame(['no-cache'], $response->getHeader('Pragma'));
@@ -784,7 +784,7 @@ public function testAuthFailsDBI(): void
         } catch (Throwable $throwable) {
         }
 
-        self::assertInstanceOf(ExitException::class, $throwable);
+        self::assertInstanceOf(ExitException::class, $throwable ?? null);
         $response = $responseStub->getResponse();
         self::assertSame(['no-store, no-cache, must-revalidate'], $response->getHeader('Cache-Control'));
         self::assertSame(['no-cache'], $response->getHeader('Pragma'));
@@ -825,7 +825,7 @@ public function testAuthFailsErrno(): void
         } catch (Throwable $throwable) {
         }
 
-        self::assertInstanceOf(ExitException::class, $throwable);
+        self::assertInstanceOf(ExitException::class, $throwable ?? null);
         $response = $responseStub->getResponse();
         self::assertSame(['no-store, no-cache, must-revalidate'], $response->getHeader('Cache-Control'));
         self::assertSame(['no-cache'], $response->getHeader('Pragma'));

diff --git a/tests/unit/Plugins/Auth/AuthenticationHttpTest.php b/tests/unit/Plugins/Auth/AuthenticationHttpTest.php
@@ -20,8 +20,6 @@
 use Throwable;
 
 use function base64_encode;
-use function ob_get_clean;
-use function ob_start;
 
 #[CoversClass(AuthenticationHttp::class)]
 #[Medium]
@@ -285,17 +283,9 @@ public function testAuthFails(): void
         DatabaseInterface::$instance = $dbi;
         $GLOBALS['errno'] = 31;
 
-        ob_start();
-        try {
-            $this->object->showFailure(AuthenticationFailure::serverDenied());
-        } catch (Throwable $throwable) {
-        }
-
-        $result = ob_get_clean();
-
-        self::assertInstanceOf(ExitException::class, $throwable);
+        $response = $this->object->showFailure(AuthenticationFailure::serverDenied());
 
-        self::assertIsString($result);
+        $result = (string) $response->getBody();
 
         self::assertStringContainsString('<p>error 123</p>', $result);
 

diff --git a/tests/unit/Plugins/AuthenticationPluginTest.php b/tests/unit/Plugins/AuthenticationPluginTest.php
@@ -8,6 +8,7 @@
 use PhpMyAdmin\Exceptions\AuthenticationFailure;
 use PhpMyAdmin\Exceptions\ExitException;
 use PhpMyAdmin\Http\Factory\ServerRequestFactory;
+use PhpMyAdmin\Http\Response;
 use PhpMyAdmin\Plugins\AuthenticationPlugin;
 use PhpMyAdmin\ResponseRenderer;
 use PhpMyAdmin\Tests\AbstractTestCase;
@@ -36,7 +37,7 @@ public function readCredentials(): bool
                 return false;
             }
 
-            public function showFailure(AuthenticationFailure $failure): never
+            public function showFailure(AuthenticationFailure $failure): Response
             {
                 throw new ExitException();
             }