These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace AerialShip\SamlSPBundle\Config; |
||
4 | |||
5 | use AerialShip\LightSaml\Model\Metadata\EntitiesDescriptor; |
||
6 | use AerialShip\LightSaml\Model\Metadata\EntityDescriptor; |
||
7 | use Symfony\Component\HttpKernel\KernelInterface; |
||
8 | |||
9 | class EntityDescriptorFileProvider implements EntityDescriptorProviderInterface |
||
10 | { |
||
11 | /** @var KernelInterface */ |
||
12 | protected $kernel; |
||
13 | |||
14 | /** @var string */ |
||
15 | protected $filename; |
||
16 | |||
17 | /** @var string|null */ |
||
18 | protected $entityId; |
||
19 | |||
20 | /** @var EntityDescriptor|null */ |
||
21 | private $entityDescriptor; |
||
22 | |||
23 | |||
24 | |||
25 | function __construct(KernelInterface $kernel) |
||
0 ignored issues
–
show
|
|||
26 | { |
||
27 | $this->kernel = $kernel; |
||
28 | } |
||
29 | |||
30 | |||
31 | /** |
||
32 | * @param string $filename |
||
33 | * @throws \InvalidArgumentException |
||
34 | */ |
||
35 | public function setFilename($filename) |
||
36 | { |
||
37 | if ($filename && $filename[0] == '@') { |
||
38 | $filename = $this->kernel->locateResource($filename); |
||
39 | } |
||
40 | if (!is_file($filename)) { |
||
41 | throw new \InvalidArgumentException('Specified file does not exist: '.$filename); |
||
42 | } |
||
43 | $this->filename = $filename; |
||
0 ignored issues
–
show
It seems like
$filename can also be of type array . However, the property $filename is declared as type string . Maybe add an additional type check?
Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly. For example, imagine you have a variable Either this assignment is in error or a type check should be added for that assignment. class Id
{
public $id;
public function __construct($id)
{
$this->id = $id;
}
}
class Account
{
/** @var Id $id */
public $id;
}
$account_id = false;
if (starsAreRight()) {
$account_id = new Id(42);
}
$account = new Account();
if ($account instanceof Id)
{
$account->id = $account_id;
}
Loading history...
|
|||
44 | } |
||
45 | |||
46 | /** |
||
47 | * @return string |
||
48 | */ |
||
49 | public function getFilename() |
||
50 | { |
||
51 | return $this->filename; |
||
52 | } |
||
53 | |||
54 | /** |
||
55 | * @param null|string $entityId |
||
56 | */ |
||
57 | public function setEntityId($entityId) |
||
58 | { |
||
59 | $this->entityId = $entityId; |
||
60 | } |
||
61 | |||
62 | /** |
||
63 | * @return null|string |
||
64 | */ |
||
65 | public function getEntityId() |
||
66 | { |
||
67 | return $this->entityId; |
||
68 | } |
||
69 | |||
70 | |||
71 | |||
72 | |||
73 | /** |
||
74 | * @return EntityDescriptor |
||
75 | */ |
||
76 | public function getEntityDescriptor() |
||
77 | { |
||
78 | if ($this->entityDescriptor === null) { |
||
79 | $this->load(); |
||
80 | } |
||
81 | return $this->entityDescriptor; |
||
82 | } |
||
83 | |||
84 | |||
85 | protected function load() |
||
86 | { |
||
87 | $doc = new \DOMDocument(); |
||
88 | $doc->load($this->filename); |
||
89 | if ($this->entityId) { |
||
0 ignored issues
–
show
The expression
$this->entityId of type string|null is loosely compared to true ; this is ambiguous if the string can be empty. You might want to explicitly use !== null instead.
In PHP, under loose comparison (like For '' == false // true
'' == null // true
'ab' == false // false
'ab' == null // false
// It is often better to use strict comparison
'' === false // false
'' === null // false
Loading history...
|
|||
90 | $entitiesDescriptor = new EntitiesDescriptor(); |
||
91 | $entitiesDescriptor->loadFromXml($doc->firstChild); |
||
0 ignored issues
–
show
$doc->firstChild of type object<DOMNode> is not a sub-type of object<DOMElement> . It seems like you assume a child class of the class DOMNode to be always present.
This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass. Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type.
Loading history...
|
|||
92 | $this->entityDescriptor = $entitiesDescriptor->getByEntityId($this->entityId); |
||
93 | } else { |
||
94 | $this->entityDescriptor = new EntityDescriptor(); |
||
95 | $this->entityDescriptor->loadFromXml($doc->firstChild); |
||
0 ignored issues
–
show
$doc->firstChild of type object<DOMNode> is not a sub-type of object<DOMElement> . It seems like you assume a child class of the class DOMNode to be always present.
This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass. Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type.
Loading history...
|
|||
96 | } |
||
97 | } |
||
98 | } |
||
99 |
Adding explicit visibility (
private
,protected
, orpublic
) is generally recommend to communicate to other developers how, and from where this method is intended to be used.