chore: add phpstan and fix resulting issues (#2252)

Author: bshaffer

.github/workflows/tests.yml

@@ -54,4 +54,18 @@ jobs:
                 command: composer install
             - name: Run Script
               run: vendor/bin/phpcs src tests examples --standard=phpcs.xml.dist -nps
+    staticanalysis:
+        runs-on: ubuntu-latest
+        name: PHPStan Static Analysis
+        steps:
+            - uses: actions/checkout@v2
+            - name: Install PHP
+              uses: shivammathur/setup-php@v2
+              with:
+                php-version: '8.0'
+            - name: Run Script
+              run: |
+                composer install
+                composer global require phpstan/phpstan
+                ~/.composer/vendor/bin/phpstan analyse
 

phpstan.neon.dist

@@ -0,0 +1,8 @@
+parameters:
+    treatPhpDocTypesAsCertain: false
+    level: 5
+    paths:
+    - src
+    excludePaths:
+    - src/AuthHandler/Guzzle5AuthHandler.php
+

src/AccessToken/Verify.php

@@ -55,6 +55,11 @@ class Verify
      */
     private $cache;
 
+    /**
+     * @var \Firebase\JWT\JWT
+    */
+    public $jwt;
+
     /**
      * Instantiates the class, but does not initiate the login flow, leaving it
      * to the discretion of the caller.
@@ -85,7 +90,7 @@ public function __construct(
      *
      * @param string $idToken the ID token in JWT format
      * @param string $audience Optional. The audience to verify against JWt "aud"
-     * @return array the token payload, if successful
+     * @return array|false the token payload, if successful
      */
     public function verifyIdToken($idToken, $audience = null)
     {
@@ -124,7 +129,7 @@ public function verifyIdToken($idToken, $audience = null)
                 }
 
                 return (array) $payload;
-            } catch (ExpiredException $e) {
+            } catch (ExpiredException $e) { // @phpstan-ignore-line
                 return false;
             } catch (ExpiredExceptionV3 $e) {
                 return false;
@@ -146,7 +151,7 @@ private function getCache()
     /**
      * Retrieve and cache a certificates file.
      *
-     * @param $url string location
+     * @param string $url location
      * @throws \Google\Exception
      * @return array certificates
      */
@@ -164,6 +169,7 @@ private function retrieveCertsFromLocation($url)
             return json_decode($file, true);
         }
 
+        // @phpstan-ignore-next-line
         $response = $this->http->get($url);
 
         if ($response->getStatusCode() == 200) {
@@ -224,6 +230,7 @@ private function getJwtService()
             $jwtClass::$leeway = 1;
         }
 
+        // @phpstan-ignore-next-line
         return new $jwtClass;
     }
 

src/AuthHandler/AuthHandlerFactory.php

@@ -35,6 +35,7 @@ public static function build($cache = null, array $cacheConfig = [])
         if (defined('\GuzzleHttp\ClientInterface::MAJOR_VERSION')) {
             $guzzleVersion = ClientInterface::MAJOR_VERSION;
         } elseif (defined('\GuzzleHttp\ClientInterface::VERSION')) {
+            // @phpstan-ignore-next-line
             $guzzleVersion = (int) substr(ClientInterface::VERSION, 0, 1);
         }
 

src/Client.php

@@ -43,6 +43,7 @@
 use DomainException;
 use InvalidArgumentException;
 use LogicException;
+use UnexpectedValueException;
 
 /**
  * The Google API Client
@@ -58,7 +59,7 @@ class Client
     const API_BASE_PATH = 'https://www.googleapis.com';
 
     /**
-     * @var OAuth2 $auth
+     * @var ?OAuth2 $auth
      */
     private $auth;
 
@@ -68,7 +69,7 @@ class Client
     private $http;
 
     /**
-     * @var CacheItemPoolInterface $cache
+     * @var ?CacheItemPoolInterface $cache
      */
     private $cache;
 
@@ -83,12 +84,12 @@ class Client
     private $config;
 
     /**
-     * @var LoggerInterface $logger
+     * @var ?LoggerInterface $logger
      */
     private $logger;
 
     /**
-     * @var CredentialsLoader $credentials
+     * @var ?CredentialsLoader $credentials
      */
     private $credentials;
 
@@ -225,7 +226,7 @@ public function getLibraryVersion()
      * For backwards compatibility
      * alias for fetchAccessTokenWithAuthCode
      *
-     * @param $code string code from accounts.google.com
+     * @param string $code string code from accounts.google.com
      * @return array access token
      * @deprecated
      */
@@ -238,7 +239,7 @@ public function authenticate($code)
      * Attempt to exchange a code for an valid authentication token.
      * Helper wrapped around the OAuth 2.0 implementation.
      *
-     * @param $code string code from accounts.google.com
+     * @param string $code code from accounts.google.com
      * @return array access token
      */
     public function fetchAccessTokenWithAuthCode($code)
@@ -714,7 +715,7 @@ public function setDeveloperKey($developerKey)
      * Set the hd (hosted domain) parameter streamlines the login process for
      * Google Apps hosted accounts. By including the domain of the user, you
      * restrict sign-in to accounts at that domain.
-     * @param $hd string - the domain to use.
+     * @param string $hd the domain to use.
      */
     public function setHostedDomain($hd)
     {
@@ -725,7 +726,7 @@ public function setHostedDomain($hd)
      * Set the prompt hint. Valid values are none, consent and select_account.
      * If no value is specified and the user has not previously authorized
      * access, then the user is shown a consent screen.
-     * @param $prompt string
+     * @param string $prompt
      *  {@code "none"} Do not display any authentication or consent screens. Must not be specified with other values.
      *  {@code "consent"} Prompt the user for consent.
      *  {@code "select_account"} Prompt the user to select an account.
@@ -739,7 +740,7 @@ public function setPrompt($prompt)
      * openid.realm is a parameter from the OpenID 2.0 protocol, not from OAuth
      * 2.0. It is used in OpenID 2.0 requests to signify the URL-space for which
      * an authentication request is valid.
-     * @param $realm string - the URL-space to use.
+     * @param string $realm the URL-space to use.
      */
     public function setOpenidRealm($realm)
     {
@@ -750,7 +751,7 @@ public function setOpenidRealm($realm)
      * If this is provided with the value true, and the authorization request is
      * granted, the authorization will include any previous authorizations
      * granted to this user/application combination for other scopes.
-     * @param $include boolean - the URL-space to use.
+     * @param bool $include the URL-space to use.
      */
     public function setIncludeGrantedScopes($include)
     {
@@ -834,7 +835,7 @@ public function setScopes($scope_or_scopes)
      * Will append any scopes not previously requested to the scope parameter.
      * A single string will be treated as a scope to request. An array of strings
      * will each be appended.
-     * @param $scope_or_scopes string|array e.g. "profile"
+     * @param string|string[] $scope_or_scopes e.g. "profile"
      */
     public function addScope($scope_or_scopes)
     {
@@ -873,10 +874,11 @@ public function prepareScopes()
     /**
      * Helper method to execute deferred HTTP requests.
      *
-     * @param $request RequestInterface|\Google\Http\Batch
-     * @param string $expectedClass
+     * @template T
+     * @param RequestInterface $request
+     * @param class-string<T> $expectedClass
      * @throws \Google\Exception
-     * @return mixed|$expectedClass|ResponseInterface
+     * @return mixed|T|ResponseInterface
      */
     public function execute(RequestInterface $request, $expectedClass = null)
     {
@@ -902,7 +904,7 @@ public function execute(RequestInterface $request, $expectedClass = null)
         if ($this->config['api_format_v2']) {
             $request = $request->withHeader(
                 'X-GOOG-API-FORMAT-VERSION',
-                2
+                '2'
             );
         }
 
@@ -1182,6 +1184,7 @@ protected function createDefaultHttpClient()
         if (defined('\GuzzleHttp\ClientInterface::MAJOR_VERSION')) {
             $guzzleVersion = ClientInterface::MAJOR_VERSION;
         } elseif (defined('\GuzzleHttp\ClientInterface::VERSION')) {
+            // @phpstan-ignore-next-line
             $guzzleVersion = (int)substr(ClientInterface::VERSION, 0, 1);
         }
 
@@ -1191,9 +1194,11 @@ protected function createDefaultHttpClient()
                 'defaults' => ['exceptions' => false],
             ];
             if ($this->isAppEngine()) {
-                // set StreamHandler on AppEngine by default
-                $options['handler'] = new StreamHandler();
-                $options['defaults']['verify'] = '/etc/ca-certificates.crt';
+                if (class_exists(StreamHandler::class)) {
+                    // set StreamHandler on AppEngine by default
+                    $options['handler'] = new StreamHandler();
+                    $options['defaults']['verify'] = '/etc/ca-certificates.crt';
+                }
             }
         } elseif (6 === $guzzleVersion || 7 === $guzzleVersion) {
             // guzzle 6 or 7

src/Collection.php

@@ -45,7 +45,7 @@ public function key()
         }
     }
 
-    /** @return void */
+    /** @return mixed */
     #[\ReturnTypeWillChange]
     public function next()
     {
@@ -71,6 +71,7 @@ public function count()
     }
 
     /** @return bool */
+    #[\ReturnTypeWillChange]
     public function offsetExists($offset)
     {
         if (!is_numeric($offset)) {
@@ -90,6 +91,7 @@ public function offsetGet($offset)
     }
 
     /** @return void */
+    #[\ReturnTypeWillChange]
     public function offsetSet($offset, $value)
     {
         if (!is_numeric($offset)) {
@@ -99,6 +101,7 @@ public function offsetSet($offset, $value)
     }
 
     /** @return void */
+    #[\ReturnTypeWillChange]
     public function offsetUnset($offset)
     {
         if (!is_numeric($offset)) {

src/Http/Batch.php

@@ -93,7 +93,7 @@ public function execute()
 
 EOF;
 
-        /** @var RequestInterface $req */
+        /** @var RequestInterface $request */
         foreach ($this->requests as $key => $request) {
             $firstLine = sprintf(
                 '%s %s HTTP/%s',
@@ -126,7 +126,7 @@ public function execute()
         $url = $this->rootUrl . '/' . $this->batchPath;
         $headers = array(
             'Content-Type' => sprintf('multipart/mixed; boundary=%s', $this->boundary),
-            'Content-Length' => strlen($body),
+            'Content-Length' => (string) strlen($body),
         );
 
         $request = new Request(
@@ -170,9 +170,9 @@ public function parseResponse(ResponseInterface $response, $classes = array())
                     $status = explode(" ", $status);
                     $status = $status[1];
 
-                    list($partHeaders, $partBody) = $this->parseHttpResponse($part, false);
+                    list($partHeaders, $partBody) = $this->parseHttpResponse($part, 0);
                     $response = new Response(
-                        $status,
+                        (int) $status,
                         $partHeaders,
                         Psr7\Utils::streamFor($partBody)
                     );
@@ -219,8 +219,8 @@ private function parseRawHeaders($rawHeaders)
     /**
      * Used by the IO lib and also the batch processing.
      *
-     * @param $respData
-     * @param $headerSize
+     * @param string $respData
+     * @param int $headerSize
      * @return array
      */
     private function parseHttpResponse($respData, $headerSize)