Configure level 9, addding warnings to baseline

docs/postman/2.http

@@ -126,6 +126,7 @@ Content-Type: application/json
 POST http://middleware.dev.openconext.local/management/whitelist/add
 Accept: application/json
 Content-Type: application/json
+Authorization: Basic ra ra_secret
 
 {
   "institutions": [
@@ -193,15 +194,16 @@ Content-Type: application/json
 ###
 # @name /management/institution-configuration
 # GET the institution configuration options
-GET http://middleware.stepup.example.com/management/institution-configuration?
+GET http://middleware.dev.openconext.local/management/institution-configuration?
     XDEBUG_SESSION_START=PHPSTORM
 Accept: application/json
 Content-Type: application/json
+Authorization: Basic ra ra_secret
 
 ###
 # @name /management/institution-configuration
 # POST the institution configuration options to reconfigure
-POST http://middleware.stepup.example.com/management/institution-configuration?
+POST http://middleware.dev.openconext.local/management/institution-configuration?
     XDEBUG_SESSION_START=PHPSTORM
 Accept: application/json
 Content-Type: application/json

src/Surfnet/Stepup/Tests/Configuration/Value/InstitutionAuthorizationOptionTest.php

@@ -111,18 +111,6 @@ public function can_be_retrieved_json_serializable_on_empty_set(): void
         $this->assertEquals(null, $institutionOption->jsonSerialize());
     }
 
-    /**
-     * @test
-     * @group domain
-     * @dataProvider invalidConstructorArgumentsProvider
-     */
-    public function invalid_types_are_rejected_during_construction(bool|int|array $arguments): void
-    {
-        $this->expectException(InvalidArgumentException::class);
-
-        InstitutionAuthorizationOption::fromInstitutionConfig($this->institutionRole, $arguments);
-    }
-
     /**
      * @test
      * @group domain

src/Surfnet/Stepup/Tests/Configuration/Value/InstitutionConfigurationIdTest.php

@@ -48,7 +48,7 @@ public function two_institution_configuration_ids_created_for_the_different_inst
      * @dataProvider nonStringOrEmptyStringProvider
      */
     public function an_institution_configuration_id_cannot_be_created_from_something_other_than_a_string(
-        string|int|float|StdClass|array $nonStringOrEmptyString,
+        string $nonStringOrEmptyString,
     ): void {
         $this->expectException(InvalidArgumentException::class);
 
@@ -125,10 +125,6 @@ public function nonStringOrEmptyStringProvider(): array
         return [
             'empty string' => [''],
             'blank string' => ['   '],
-            'array' => [[]],
-            'integer' => [1],
-            'float' => [1.2],
-            'object' => [new StdClass()],
         ];
     }
 }

src/Surfnet/Stepup/Tests/Identity/Value/GssfIdTest.php

@@ -34,7 +34,7 @@ class GssfIdTest extends UnitTest
      * @dataProvider invalidValueProvider
      */
     public function a_gssf_id_cannot_be_created_with_anything_but_a_nonempty_string(
-        string|int|float|StdClass|array $invalidValue,
+        string $invalidValue,
     ): void {
         $this->expectException(InvalidArgumentException::class);
 
@@ -65,10 +65,6 @@ public function invalidValueProvider(): array
         return [
             'empty string' => [''],
             'blank string' => ['   '],
-            'array' => [[]],
-            'integer' => [1],
-            'float' => [1.2],
-            'object' => [new StdClass()],
         ];
     }
 }

src/Surfnet/Stepup/Tests/Identity/Value/PhoneNumberTest.php

@@ -34,7 +34,7 @@ class PhoneNumberTest extends UnitTest
      * @dataProvider invalidValueProvider
      */
     public function a_phone_number_cannot_be_created_with_anything_but_a_nonempty_string(
-        string|int|float|StdClass|array $invalidValue,
+        string $invalidValue,
     ): void {
         $this->expectException(InvalidArgumentException::class);
 
@@ -65,10 +65,6 @@ public function invalidValueProvider(): array
         return [
             'empty string' => [''],
             'blank string' => ['   '],
-            'array' => [[]],
-            'integer' => [1],
-            'float' => [1.2],
-            'object' => [new StdClass()],
         ];
     }
 }

src/Surfnet/Stepup/Tests/Identity/Value/StepupProviderTest.php

@@ -34,7 +34,7 @@ class StepupProviderTest extends UnitTest
      * @dataProvider invalidValueProvider
      */
     public function a_stepup_provider_cannot_be_created_with_anything_but_a_nonempty_string(
-        string|int|float|StdClass|array $invalidValue,
+        string $invalidValue,
     ): void {
         $this->expectException(InvalidArgumentException::class);
 
@@ -63,10 +63,6 @@ public function invalidValueProvider(): array
         return [
             'empty string' => [''],
             'blank string' => ['   '],
-            'array' => [[]],
-            'integer' => [1],
-            'float' => [1.2],
-            'object' => [new StdClass()],
         ];
     }
 }

src/Surfnet/StepupMiddleware/ApiBundle/Configuration/Entity/ConfiguredInstitution.php

@@ -25,10 +25,6 @@
 #[ORM\Entity(repositoryClass: ConfiguredInstitutionRepository::class)]
 class ConfiguredInstitution
 {
-    /**
-     *
-     * @var Institution
-     */
     #[ORM\Id]
     #[ORM\Column(type: 'stepup_configuration_institution')]
     public Institution $institution;

src/Surfnet/StepupMiddleware/ApiBundle/Identity/Value/RegistrationAuthorityCredentials.php

@@ -27,6 +27,7 @@
 use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\Identity;
 use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\RaListing;
 use Surfnet\StepupMiddleware\ApiBundle\Identity\Entity\Sraa;
+use function assert;
 
 class RegistrationAuthorityCredentials implements JsonSerializable
 {
@@ -62,6 +63,7 @@ public static function fromSraa(Sraa $sraa, Identity $identity): self
     public static function fromRaListings(array $raListings): self
     {
         $raListingCredentials = current($raListings);
+        assert($raListingCredentials instanceof RaListing, 'The provided raListings are empty');
         $isRa = false;
         $isRaa = false;
 

src/Surfnet/StepupMiddleware/ApiBundle/Request/CommandParamConverter.php

@@ -21,6 +21,7 @@
 use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter;
 use Sensio\Bundle\FrameworkExtraBundle\Request\ParamConverter\ParamConverterInterface;
 use Surfnet\StepupMiddleware\ApiBundle\Exception\BadCommandRequestException;
+use Surfnet\StepupMiddleware\CommandHandlingBundle\Command\AbstractCommand;
 use Surfnet\StepupMiddleware\CommandHandlingBundle\Command\Command;
 use Symfony\Component\HttpFoundation\Request;
 
@@ -40,6 +41,7 @@ public function apply(Request $request, ParamConverter $configuration): bool
             str_replace('.', '\\', $commandName[2]),
         );
 
+        /** @var AbstractCommand $command */
         $command = new $commandClassName;
         $command->UUID = $data['command']['uuid'];
 

src/Surfnet/StepupMiddleware/ApiBundle/Tests/Authorization/Service/AuthorizationContextServiceTest.php

@@ -22,6 +22,7 @@
 use Mockery\Adapter\Phpunit\MockeryPHPUnitIntegration;
 use Mockery\MockInterface;
 use PHPUnit\Framework\TestCase;
+use Surfnet\Stepup\Configuration\Value\Institution as StepupConfigurationInstitution;
 use Surfnet\Stepup\Identity\Collection\InstitutionCollection;
 use Surfnet\Stepup\Identity\Value\CommonName;
 use Surfnet\Stepup\Identity\Value\Email;
@@ -52,7 +53,7 @@ class AuthorizationContextServiceTest extends TestCase
 
     private AuthorizationRepository&MockInterface $authorizationRepository;
 
-    private MockInterface|ConfiguredInstitutionRepository $institutionRepo;
+    private MockInterface&ConfiguredInstitutionRepository $institutionRepo;
 
     public function setUp(): void
     {
@@ -174,7 +175,7 @@ public function it_can_build_a_context_with_sraa_actor(): void
         $configuredInstitutions = [];
         foreach ($institutions as $institution) {
             $ci = new ConfiguredInstitution();
-            $ci->institution = $institution->getInstitution();
+            $ci->institution = new StepupConfigurationInstitution($institution->getInstitution());
             $configuredInstitutions[] = $ci;
         }
         $this->institutionRepo->shouldReceive('findAll')->andReturn($configuredInstitutions);

src/Surfnet/StepupMiddleware/ApiBundle/Tests/Authorization/Service/CommandAuthorizationServiceTest.php

@@ -78,6 +78,8 @@
 use Surfnet\StepupMiddleware\CommandHandlingBundle\Identity\Command\VerifyEmailCommand;
 use Surfnet\StepupMiddleware\CommandHandlingBundle\Identity\Command\VetSecondFactorCommand;
 use Surfnet\StepupMiddleware\CommandHandlingBundle\Tests\Command\FixedUuidStubCommand;
+use function is_array;
+use function is_string;
 use function property_exists;
 
 class CommandAuthorizationServiceTest extends TestCase
@@ -483,18 +485,24 @@ public function all_available_commands_should_be_tested(): void
     public function availableCommands(): array
     {
         $rootPath = realpath(__DIR__ . '/../../../../../../../src');
+        assert(is_string($rootPath), 'Root path could not be determined correctly');
         $basePath = realPath($rootPath . '/Surfnet/StepupMiddleware/CommandHandlingBundle') . '/*';
 
         $commands = [];
 
         // get folders
         $folders = glob($basePath, GLOB_ONLYDIR);
+        assert(is_array($folders), 'Unable to grab the CommandHandlingBundle folders');
         foreach ($folders as $folder) {
             $commandPath = $folder . '/Command/*Command.php';
             $files = glob($commandPath);
             if ($files === false) {
                 continue;
             }
+            assert(
+                is_array($files),
+                sprintf('Unable to grab the files from %s with pattern %s', $folder , $commandPath)
+            );
 
             foreach ($files as $file) {
                 $className = str_replace($rootPath, '', $file);

src/Surfnet/StepupMiddleware/ApiBundle/Tests/Doctrine/Type/DateTimeTypeTest.php

@@ -27,6 +27,7 @@
 use PHPUnit\Framework\TestCase as UnitTest;
 use Surfnet\Stepup\DateTime\DateTime;
 use Surfnet\StepupMiddleware\ApiBundle\Doctrine\Type\DateTimeType;
+use function assert;
 
 class DateTimeTypeTest extends UnitTest
 {
@@ -99,9 +100,9 @@ public function a_string_is_converted_to_the_stepup_datetime_object(): void
 
         $databaseValue = '2015-02-17 10:48:22';
         $actualDateTime = $dateTime->convertToPHPValue($databaseValue, $this->platform);
-        $expectedDateTime = new DateTime(
-            CoreDateTime::createFromFormat('Y-m-d H:i:s', $databaseValue, new DateTimeZone('UTC')),
-        );
+        $coreDateTime = CoreDateTime::createFromFormat('Y-m-d H:i:s', $databaseValue, new DateTimeZone('UTC'));
+        assert($coreDateTime instanceof CoreDateTime, 'Unable to create a DateTime object');
+        $expectedDateTime = new DateTime($coreDateTime);
 
         $this->assertInstanceOf(DateTime::class, $actualDateTime);
         $this->assertEquals($expectedDateTime, $actualDateTime);

src/Surfnet/StepupMiddleware/ApiBundle/Tests/Endpoint/ConfiguredInstitutionControllerTest.php

@@ -26,6 +26,7 @@
 use Symfony\Bundle\FrameworkBundle\KernelBrowser;
 use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
 use Symfony\Component\HttpFoundation\Response;
+use function is_string;
 
 class ConfiguredInstitutionControllerTest extends WebTestCase
 {
@@ -51,8 +52,15 @@ public function setUp(): void
         self::ensureKernelShutdown();
         $this->client = static::createClient();
 
-        $this->databaseTool = static::getContainer()->get(ORMSqliteDatabaseTool::class);
-        $this->databaseTool->setRegistry(static::getContainer()->get(ManagerRegistry::class));
+        $tool = static::getContainer()->get(ORMSqliteDatabaseTool::class);
+        if (!$tool instanceof ORMSqliteDatabaseTool) {
+            $this->fail('Unable to grab the ORMSqliteDatabaseTool from the container');
+        }
+        $this->databaseTool = $tool;
+        $registry = static::getContainer()->get(ManagerRegistry::class);
+        assert($registry instanceof ManagerRegistry, 'ManagerRegistry could not be fetched from the container');
+        $this->databaseTool->setRegistry($registry);
+
         $this->databaseTool->setObjectManagerName('middleware');
         // Initialises schema.
         $this->databaseTool->loadFixtures();
@@ -62,6 +70,10 @@ public function setUp(): void
         $passwordRa = $this->client->getKernel()->getContainer()->getParameter('registration_authority_api_password');
         $passwordRo = $this->client->getKernel()->getContainer()->getParameter('readonly_api_password');
 
+        assert(is_string($passwordSs), 'Parameter selfservice_api_password must be of type string');
+        assert(is_string($passwordRa), 'Parameter registration_authority_api_password must be of type string');
+        assert(is_string($passwordRo), 'Parameter readonly_api_password must be of type string');
+
         $this->accounts = ['ss' => $passwordSs, 'ra' => $passwordRa, 'apireader' => $passwordRo];
 
         $this->endpoint = '/institution-listing';
@@ -89,7 +101,7 @@ public function only_get_requests_are_accepted(string $invalidHttpMethod): void
                 'HTTP_ACCEPT' => 'application/json',
                 'CONTENT_TYPE' => 'application/json',
             ],
-            json_encode([]),
+            '[]',
         );
 
         $this->assertEquals(Response::HTTP_METHOD_NOT_ALLOWED, $this->client->getResponse()->getStatusCode());
@@ -113,7 +125,7 @@ public function no_access_for_not_allowed_account(string $account): void
                 'PHP_AUTH_USER' => $account,
                 'PHP_AUTH_PW' => $this->accounts[$account],
             ],
-            json_encode([]),
+            '[]',
         );
 
         $this->assertEquals(Response::HTTP_FORBIDDEN, $this->client->getResponse()->getStatusCode());
@@ -136,7 +148,7 @@ public function json_is_returned_from_the_api(): void
                 'PHP_AUTH_USER' => 'ra',
                 'PHP_AUTH_PW' => $this->accounts['ra'],
             ],
-            json_encode([]),
+            '[]',
         );
 
         $this->assertTrue(
@@ -165,11 +177,13 @@ public function correct_institutions_are_returned(string $account): void
                 'PHP_AUTH_USER' => $account,
                 'PHP_AUTH_PW' => $this->accounts[$account],
             ],
-            json_encode([]),
+            '[]',
         );
 
         $this->assertEquals(Response::HTTP_OK, $this->client->getResponse()->getStatusCode());
-        $response = json_decode($this->client->getResponse()->getContent());
+        $content = $this->client->getResponse()->getContent();
+        assert(is_string($content), 'Unable to get the Response Content from the browser client');
+        $response = json_decode($content);
         $this->assertEquals([], $response);
     }