Merge branch 'b-7.1.x-phpmd_fixes_and_baseline-OXDEV-8315' into b-7.1.x

OXID-eSales · Jun 12, 2024 · f2c3c85 · f2c3c85
2 parents c69136d + 5e29983
commit f2c3c85
Show file tree

Hide file tree

Showing 19 changed files with 252 additions and 65 deletions.
diff --git a/.github/oxid-esales/graphql-base.yml b/.github/oxid-esales/graphql-base.yml
@@ -47,7 +47,8 @@ runslim:
         script: |
             [
               "graphql_base:phpcs",
-              "graphql_base:phpstan"
+              "graphql_base:phpstan",
+              "graphql_base:phpmd"
             ]
 
 sonarcloud:

diff --git a/src/Component/Widget/GraphQL.php b/src/Component/Widget/GraphQL.php
@@ -14,6 +14,7 @@
 use OxidEsales\Eshop\Core\Registry as EshopRegistry;
 use OxidEsales\EshopCommunity\Core\Di\ContainerFacade;
 use OxidEsales\GraphQL\Base\Exception\Error;
+use OxidEsales\GraphQL\Base\Exception\ErrorCategories;
 use OxidEsales\GraphQL\Base\Exception\InvalidLogin;
 use OxidEsales\GraphQL\Base\Exception\InvalidRequest;
 use OxidEsales\GraphQL\Base\Exception\InvalidToken;
@@ -99,6 +100,6 @@ public static function sendUnauthenticatedErrorResponse(array $message, int $sta
 
     private function isAuthenticated(Error $error): bool
     {
-        return !($error instanceof InvalidLogin || $error instanceof InvalidToken);
+        return $error->getCategory() !== ErrorCategories::PERMISSIONERRORS;
     }
 }
diff --git a/src/Exception/InvalidToken.php b/src/Exception/InvalidToken.php
@@ -13,34 +13,16 @@ class InvalidToken extends Error
 {
     protected const INVALID_TOKEN_MESSAGE = 'The token is invalid';
 
-    protected const UNKNOWN_TOKEN_MESSAGE = 'The token is not registered';
-
-    protected const UNABLE_TO_PARSE_MESSAGE = 'Unable to parse token';
-
-    protected const USER_BLOCKED_MESSAGE = 'User is blocked';
-
-    public function getCategory(): string
-    {
-        return ErrorCategories::PERMISSIONERRORS;
-    }
-
-    public static function unknownToken(): self
+    public function __construct(string $message = self::INVALID_TOKEN_MESSAGE, array $extensions = [])
     {
-        return new self(self::UNKNOWN_TOKEN_MESSAGE);
+        parent::__construct(
+            message: $message,
+            extensions: $extensions
+        );
     }
 
-    public static function invalidToken(): self
-    {
-        return new self(self::INVALID_TOKEN_MESSAGE);
-    }
-
-    public static function unableToParse(): self
-    {
-        return new self(self::UNABLE_TO_PARSE_MESSAGE);
-    }
-
-    public static function userBlocked(): self
+    public function getCategory(): string
     {
-        return new self(self::USER_BLOCKED_MESSAGE);
+        return ErrorCategories::PERMISSIONERRORS;
     }
 }
diff --git a/src/Exception/TokenQuota.php b/src/Exception/TokenQuota.php
@@ -13,13 +13,16 @@ class TokenQuota extends Error
 {
     protected const QUOTA_EXCEEDED_MESSAGE = 'Token quota exceeded.';
 
-    public function getCategory(): string
+    public function __construct(string $message = self::QUOTA_EXCEEDED_MESSAGE, array $extensions = [])
     {
-        return ErrorCategories::PERMISSIONERRORS;
+        parent::__construct(
+            message: $message,
+            extensions: $extensions
+        );
     }
 
-    public static function quotaExceeded(): self
+    public function getCategory(): string
     {
-        return new self(self::QUOTA_EXCEEDED_MESSAGE);
+        return ErrorCategories::PERMISSIONERRORS;
     }
 }
diff --git a/src/Exception/TokenUserBlocked.php b/src/Exception/TokenUserBlocked.php
@@ -0,0 +1,28 @@
+<?php
+
+/**
+ * Copyright © OXID eSales AG. All rights reserved.
+ * See LICENSE file for license details.
+ */
+
+declare(strict_types=1);
+
+namespace OxidEsales\GraphQL\Base\Exception;
+
+class TokenUserBlocked extends Error
+{
+    protected const USER_BLOCKED_MESSAGE = 'User is blocked';
+
+    public function __construct(string $message = self::USER_BLOCKED_MESSAGE, array $extensions = [])
+    {
+        parent::__construct(
+            message: $message,
+            extensions: $extensions
+        );
+    }
+
+    public function getCategory(): string
+    {
+        return ErrorCategories::PERMISSIONERRORS;
+    }
+}
diff --git a/src/Exception/UnableToParseToken.php b/src/Exception/UnableToParseToken.php
@@ -0,0 +1,28 @@
+<?php
+
+/**
+ * Copyright © OXID eSales AG. All rights reserved.
+ * See LICENSE file for license details.
+ */
+
+declare(strict_types=1);
+
+namespace OxidEsales\GraphQL\Base\Exception;
+
+class UnableToParseToken extends Error
+{
+    protected const UNABLE_TO_PARSE_MESSAGE = 'Unable to parse token';
+
+    public function __construct(string $message = self::UNABLE_TO_PARSE_MESSAGE, array $extensions = [])
+    {
+        parent::__construct(
+            message: $message,
+            extensions: $extensions
+        );
+    }
+
+    public function getCategory(): string
+    {
+        return ErrorCategories::PERMISSIONERRORS;
+    }
+}
diff --git a/src/Exception/UnknownToken.php b/src/Exception/UnknownToken.php
@@ -0,0 +1,28 @@
+<?php
+
+/**
+ * Copyright © OXID eSales AG. All rights reserved.
+ * See LICENSE file for license details.
+ */
+
+declare(strict_types=1);
+
+namespace OxidEsales\GraphQL\Base\Exception;
+
+class UnknownToken extends Error
+{
+    protected const UNKNOWN_TOKEN_MESSAGE = 'The token is not registered';
+
+    public function __construct(string $message = self::UNKNOWN_TOKEN_MESSAGE, array $extensions = [])
+    {
+        parent::__construct(
+            message: $message,
+            extensions: $extensions
+        );
+    }
+
+    public function getCategory(): string
+    {
+        return ErrorCategories::PERMISSIONERRORS;
+    }
+}
diff --git a/src/Framework/RequestReader.php b/src/Framework/RequestReader.php
@@ -14,7 +14,7 @@
 use Laminas\Diactoros\ServerRequestFactory;
 use Lcobucci\JWT\Configuration;
 use Lcobucci\JWT\UnencryptedToken;
-use OxidEsales\GraphQL\Base\Exception\InvalidToken;
+use OxidEsales\GraphQL\Base\Exception\UnableToParseToken;
 use OxidEsales\GraphQL\Base\Service\JwtConfigurationBuilder;
 use OxidEsales\GraphQL\Base\Service\TokenValidator;
 
@@ -23,7 +23,6 @@
 use function file_get_contents;
 use function json_decode;
 use function sscanf;
-use function strpos;
 use function trim;
 
 class RequestReader
@@ -37,7 +36,7 @@ public function __construct(
     /**
      * Returns the encoded token from the authorization header
      *
-     * @throws InvalidToken
+     * @throws UnableToParseToken
      */
     public function getAuthToken(): ?UnencryptedToken
     {
@@ -61,7 +60,7 @@ public function getAuthToken(): ?UnencryptedToken
             /** @var UnencryptedToken $token */
             $token = $jwtConfig->parser()->parse($jwt);
         } catch (Exception) {
-            throw InvalidToken::unableToParse();
+            throw new UnableToParseToken();
         }
 
         $this->tokenValidator->validateToken($token);

diff --git a/src/Infrastructure/Legacy.php b/src/Infrastructure/Legacy.php
@@ -14,7 +14,6 @@
 use OxidEsales\Eshop\Core\Email;
 use OxidEsales\Eshop\Core\Model\ListModel as EshopListModel;
 use OxidEsales\Eshop\Core\Registry;
-use OxidEsales\Eshop\Core\UtilsObject;
 use OxidEsales\EshopCommunity\Internal\Transition\Utility\ContextInterface;
 use OxidEsales\EshopCommunity\Internal\Utility\Email\EmailValidatorServiceInterface as EhopEmailValidator;
 use OxidEsales\GraphQL\Base\DataType\User;

diff --git a/src/Service/Token.php b/src/Service/Token.php
@@ -14,8 +14,8 @@
 use OxidEsales\GraphQL\Base\DataType\User as UserDataType;
 use OxidEsales\GraphQL\Base\Event\BeforeTokenCreation;
 use OxidEsales\GraphQL\Base\Exception\InvalidLogin;
-use OxidEsales\GraphQL\Base\Exception\InvalidToken;
 use OxidEsales\GraphQL\Base\Exception\TokenQuota;
+use OxidEsales\GraphQL\Base\Exception\UnknownToken;
 use OxidEsales\GraphQL\Base\Infrastructure\Legacy;
 use OxidEsales\GraphQL\Base\Infrastructure\Token as TokenInfrastructure;
 use Symfony\Component\EventDispatcher\EventDispatcherInterface;
@@ -105,7 +105,7 @@ public function deleteToken(ID $tokenId): void
         $tokenId = (string)$tokenId;
 
         if (!$this->tokenInfrastructure->isTokenRegistered($tokenId)) {
-            throw InvalidToken::unknownToken();
+            throw new UnknownToken();
         }
 
         $this->tokenInfrastructure->tokenDelete(null, $tokenId);
@@ -114,7 +114,7 @@ public function deleteToken(ID $tokenId): void
     public function deleteUserToken(UserDataType $user, ID $tokenId): void
     {
         if (!$this->tokenInfrastructure->userHasToken($user, (string)$tokenId)) {
-            throw InvalidToken::unknownToken();
+            throw new UnknownToken();
         }
 
         $this->tokenInfrastructure->tokenDelete($user, (string)$tokenId);
@@ -137,7 +137,7 @@ private function canIssueToken(UserDataType $user): void
             !$user->isAnonymous() &&
             !$this->tokenInfrastructure->canIssueToken($user, $this->moduleConfiguration->getUserTokenQuota())
         ) {
-            throw TokenQuota::quotaExceeded();
+            throw new TokenQuota();
         }
     }
 

diff --git a/src/Service/TokenValidator.php b/src/Service/TokenValidator.php
@@ -11,6 +11,8 @@
 
 use Lcobucci\JWT\UnencryptedToken;
 use OxidEsales\GraphQL\Base\Exception\InvalidToken;
+use OxidEsales\GraphQL\Base\Exception\TokenUserBlocked;
+use OxidEsales\GraphQL\Base\Exception\UnknownToken;
 use OxidEsales\GraphQL\Base\Infrastructure\Legacy;
 use OxidEsales\GraphQL\Base\Infrastructure\Token as TokenInfrastructure;
 
@@ -40,15 +42,15 @@ public function __construct(
     public function validateToken(UnencryptedToken $token): void
     {
         if (!$this->areConstraintsValid($token)) {
-            throw InvalidToken::invalidToken();
+            throw new InvalidToken();
         }
 
         if (!$token->claims()->get(Token::CLAIM_USER_ANONYMOUS) && !$this->isRegistered($token)) {
-            throw InvalidToken::unknownToken();
+            throw new UnknownToken();
         }
 
         if ($this->isUserBlocked($token->claims()->get(Token::CLAIM_USERID))) {
-            throw InvalidToken::userBlocked();
+            throw new TokenUserBlocked();
         }
     }
 

diff --git a/tests/PhpMd/phpmd.baseline.xml b/tests/PhpMd/phpmd.baseline.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0"?>
+<phpmd-baseline>
+  <violation rule="PHPMD\Rule\CleanCode\StaticAccess" file="src/Component/Widget/GraphQL.php"/>
+  <violation rule="PHPMD\Rule\CleanCode\StaticAccess" file="src/Controller/Token.php"/>
+  <violation rule="PHPMD\Rule\CleanCode\StaticAccess" file="src/DataType/Token.php"/>
+  <violation rule="PHPMD\Rule\CleanCode\StaticAccess" file="src/Framework/GraphQLQueryHandler.php"/>
+  <violation rule="PHPMD\Rule\CleanCode\StaticAccess" file="src/Framework/RequestReader.php"/>
+  <violation rule="PHPMD\Rule\CleanCode\StaticAccess" file="src/Infrastructure/Legacy.php"/>
+  <violation rule="PHPMD\Rule\CleanCode\StaticAccess" file="src/Service/JwtConfigurationBuilder.php"/>
+  <violation rule="PHPMD\Rule\CleanCode\StaticAccess" file="src/Service/ModuleConfiguration.php"/>
+  <violation rule="PHPMD\Rule\CleanCode\StaticAccess" file="src/Service/Token.php"/>
+</phpmd-baseline>
diff --git a/tests/Unit/Exception/InvalidTokenTest.php b/tests/Unit/Exception/InvalidTokenTest.php
@@ -17,36 +17,22 @@ final class InvalidTokenTest extends TestCase
 {
     public function testExceptionCategory(): void
     {
-        $invalidTokenException = InvalidToken::invalidToken();
+        $invalidTokenException = new InvalidToken();
 
         $this->assertSame(ErrorCategories::PERMISSIONERRORS, $invalidTokenException->getCategory());
     }
 
     public function testIsClientSafe(): void
     {
-        $invalidTokenException = InvalidToken::invalidToken();
+        $invalidTokenException = new InvalidToken();
 
         $this->assertTrue($invalidTokenException->isClientSafe());
     }
 
     public function testInvalidToken(): void
     {
-        $invalidTokenException = InvalidToken::invalidToken();
+        $invalidTokenException = new InvalidToken();
 
         $this->assertSame('The token is invalid', $invalidTokenException->getMessage());
     }
-
-    public function testUnableToParse(): void
-    {
-        $invalidTokenException = InvalidToken::unableToParse();
-
-        $this->assertSame('Unable to parse token', $invalidTokenException->getMessage());
-    }
-
-    public function testUserBlocked(): void
-    {
-        $invalidTokenException = InvalidToken::userBlocked();
-
-        $this->assertSame('User is blocked', $invalidTokenException->getMessage());
-    }
 }
diff --git a/tests/Unit/Exception/TokenUserBlockedTest.php b/tests/Unit/Exception/TokenUserBlockedTest.php
@@ -0,0 +1,38 @@
+<?php
+
+/**
+ * Copyright © OXID eSales AG. All rights reserved.
+ * See LICENSE file for license details.
+ */
+
+declare(strict_types=1);
+
+namespace OxidEsales\GraphQL\Base\Tests\Unit\Exception;
+
+use OxidEsales\GraphQL\Base\Exception\ErrorCategories;
+use OxidEsales\GraphQL\Base\Exception\TokenUserBlocked;
+use PHPUnit\Framework\TestCase;
+
+final class TokenUserBlockedTest extends TestCase
+{
+    public function testExceptionCategory(): void
+    {
+        $invalidTokenException = new TokenUserBlocked();
+
+        $this->assertSame(ErrorCategories::PERMISSIONERRORS, $invalidTokenException->getCategory());
+    }
+
+    public function testIsClientSafe(): void
+    {
+        $invalidTokenException = new TokenUserBlocked();
+
+        $this->assertTrue($invalidTokenException->isClientSafe());
+    }
+
+    public function testUserBlocked(): void
+    {
+        $invalidTokenException = new TokenUserBlocked();
+
+        $this->assertSame('User is blocked', $invalidTokenException->getMessage());
+    }
+}