thephpleague · Sephster · May 13, 2024 · Apr 9, 2024 · Apr 14, 2024 · Apr 14, 2024
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Fixed
 - Basic authorization is now case insensitive (PR #1403)
 
+### Changed
+- Request parameters are now parsed into strings to use internally in the library (PR #1402)
+
 ## [9.0.0-RC1] - released 2024-03-27
 ### Added
 - Device Authorization Grant added (PR #1074)

diff --git a/examples/src/Entities/UserEntity.php b/examples/src/Entities/UserEntity.php
@@ -19,8 +19,8 @@ class UserEntity implements UserEntityInterface
     /**
      * Return the user's identifier.
      */
-    public function getIdentifier(): mixed
+    public function getIdentifier(): string
     {
-        return 1;
+        return '1';
     }
 }
diff --git a/phpcs.xml.dist b/phpcs.xml.dist
@@ -14,6 +14,8 @@
     <file>tests</file>
     <file>examples</file>
 
+    <exclude-pattern>examples/vendor/*</exclude-pattern>
+
     <rule ref="PSR12">
         <exclude name="Generic.Files.LineLength.TooLong" />
     </rule>

diff --git a/phpstan.neon.dist b/phpstan.neon.dist
@@ -2,8 +2,4 @@ parameters:
     level: 8
     paths:
         - src
-        - tests
-    ignoreErrors:
-        -
-          message: '#Call to an undefined method League\\OAuth2\\Server\\ResponseTypes\\ResponseTypeInterface::getAccessToken\(\)\.#'
-          path: tests/Grant/ClientCredentialsGrantTest.php 
+        - tests
diff --git a/src/CryptKey.php b/src/CryptKey.php
@@ -43,13 +43,13 @@ class CryptKey implements CryptKeyInterface
 
     public function __construct(string $keyPath, protected ?string $passPhrase = null, bool $keyPermissionsCheck = true)
     {
-        if (strpos($keyPath, self::FILE_PREFIX) !== 0 && $this->isValidKey($keyPath, $this->passPhrase ?? '')) {
+        if (str_starts_with($keyPath, self::FILE_PREFIX) === false && $this->isValidKey($keyPath, $this->passPhrase ?? '')) {
             $this->keyContents = $keyPath;
             $this->keyPath = '';
             // There's no file, so no need for permission check.
             $keyPermissionsCheck = false;
         } elseif (is_file($keyPath)) {
-            if (strpos($keyPath, self::FILE_PREFIX) !== 0) {
+            if (str_starts_with($keyPath, self::FILE_PREFIX) === false) {
                 $keyPath = self::FILE_PREFIX . $keyPath;
             }
 

diff --git a/src/Entities/RefreshTokenEntityInterface.php b/src/Entities/RefreshTokenEntityInterface.php
@@ -18,13 +18,17 @@ interface RefreshTokenEntityInterface
 {
     /**
      * Get the token's identifier.
+     *
+     * @return non-empty-string
      */
     public function getIdentifier(): string;
 
     /**
      * Set the token's identifier.
+     *
+     * @param non-empty-string $identifier
      */
-    public function setIdentifier(mixed $identifier): void;
+    public function setIdentifier(string $identifier): void;
 
     /**
      * Get the token's expiry date time.

diff --git a/src/Entities/ScopeEntityInterface.php b/src/Entities/ScopeEntityInterface.php
@@ -18,6 +18,8 @@ interface ScopeEntityInterface extends JsonSerializable
 {
     /**
      * Get the scope's identifier.
+     *
+     * @return non-empty-string
      */
     public function getIdentifier(): string;
 }
diff --git a/src/Entities/TokenInterface.php b/src/Entities/TokenInterface.php
@@ -18,13 +18,17 @@ interface TokenInterface
 {
     /**
      * Get the token's identifier.
+     *
+     * @return non-empty-string
      */
     public function getIdentifier(): string;
 
     /**
      * Set the token's identifier.
+     *
+     * @param non-empty-string $identifier
      */
-    public function setIdentifier(mixed $identifier): void;
+    public function setIdentifier(string $identifier): void;
 
     /**
      * Get the token's expiry date time.
@@ -45,8 +49,10 @@ public function setUserIdentifier(string $identifier): void;
 
     /**
      * Get the token user's identifier.
+     *
+     * @return non-empty-string|null
      */
-    public function getUserIdentifier(): string|int|null;
+    public function getUserIdentifier(): string|null;
 
     /**
      * Get the client that the token was issued to.

diff --git a/src/Entities/Traits/DeviceCodeTrait.php b/src/Entities/Traits/DeviceCodeTrait.php
@@ -59,6 +59,9 @@ abstract public function getExpiryDateTime(): DateTimeImmutable;
      */
     abstract public function getScopes(): array;
 
+    /**
+     * @return non-empty-string
+     */
     abstract public function getIdentifier(): string;
 
     public function getLastPolledAt(): ?DateTimeImmutable

diff --git a/src/Entities/Traits/EntityTrait.php b/src/Entities/Traits/EntityTrait.php
@@ -27,7 +27,10 @@ public function getIdentifier(): string
         return $this->identifier;
     }
 
-    public function setIdentifier(mixed $identifier): void
+    /**
+     * @param non-empty-string $identifier
+     */
+    public function setIdentifier(string $identifier): void
     {
         $this->identifier = $identifier;
     }

diff --git a/src/Entities/UserEntityInterface.php b/src/Entities/UserEntityInterface.php
@@ -16,6 +16,8 @@ interface UserEntityInterface
 {
     /**
      * Return the user's identifier.
+     *
+     * @return non-empty-string
      */
-    public function getIdentifier(): mixed;
+    public function getIdentifier(): string;
 }
diff --git a/src/Exception/OAuthServerException.php b/src/Exception/OAuthServerException.php
@@ -269,9 +269,9 @@ public function generateHttpResponse(ResponseInterface $response, bool $useFragm
 
         if ($this->redirectUri !== null) {
             if ($useFragment === true) {
-                $this->redirectUri .= (strstr($this->redirectUri, '#') === false) ? '#' : '&';
+                $this->redirectUri .= (str_contains($this->redirectUri, '#') === false) ? '#' : '&';
             } else {
-                $this->redirectUri .= (strstr($this->redirectUri, '?') === false) ? '?' : '&';
+                $this->redirectUri .= (str_contains($this->redirectUri, '?') === false) ? '?' : '&';
             }
 
             return $response->withStatus(302)->withHeader('Location', $this->redirectUri . http_build_query($payload));
@@ -310,7 +310,7 @@ public function getHttpHeaders(): array
         // include the "WWW-Authenticate" response header field
         // matching the authentication scheme used by the client.
         if ($this->errorType === 'invalid_client' && $this->requestHasAuthorizationHeader()) {
-            $authScheme = strpos($this->serverRequest->getHeader('Authorization')[0], 'Bearer') === 0 ? 'Bearer' : 'Basic';
+            $authScheme = str_starts_with($this->serverRequest->getHeader('Authorization')[0], 'Bearer') ? 'Bearer' : 'Basic';
 
             $headers['WWW-Authenticate'] = $authScheme . ' realm="OAuth"';
         }

diff --git a/src/Grant/AbstractAuthorizeGrant.php b/src/Grant/AbstractAuthorizeGrant.php
@@ -18,16 +18,15 @@
 use League\OAuth2\Server\RequestTypes\AuthorizationRequestInterface;
 
 use function http_build_query;
-use function strstr;
 
 abstract class AbstractAuthorizeGrant extends AbstractGrant
 {
     /**
-     * @param mixed[] $params
+     * @param array<array-key,mixed> $params
      */
     public function makeRedirectUri(string $uri, array $params = [], string $queryDelimiter = '?'): string
     {
-        $uri .= (strstr($uri, $queryDelimiter) === false) ? $queryDelimiter : '&';
+        $uri .= str_contains($uri, $queryDelimiter) ? '&' : $queryDelimiter;
 
         return $uri . http_build_query($params);
     }