thecatontheflat / atlassian-connect-bundle

src/Service/AuthenticatedAtlassianClient.php

<?php

declare(strict_types=1);

namespace AtlassianConnectBundle\Service;

use AtlassianConnectBundle\Entity\TenantInterface;
use Symfony\Component\HttpClient\DecoratorTrait;
use Symfony\Contracts\HttpClient\HttpClientInterface;
use Symfony\Contracts\HttpClient\ResponseInterface;

final class AuthenticatedAtlassianClient implements HttpClientInterface
{
    use DecoratorTrait;

    public function request(string $method, string $url, array $options = []): ResponseInterface
    {
        /** @var TenantInterface $tenant */
        $tenant = $options['tenant'];
        $userId = $options['user_id'];
        unset($options['tenant']);
        unset($options['user_id']);

        if (!$userId) {
            $options['headers']['Authorization'] = 'JWT '.JWTGenerator::generate($url, $method, $tenant->getAddonKey(), $tenant->getSharedSecret());

It seems like $tenant->getSharedSecret() can also be of type null; however, parameter $secret of AtlassianConnectBundle\Service\JWTGenerator::generate() does only seem to accept string, maybe add an additional type check?

It seems like $tenant->getAddonKey() can also be of type null; however, parameter $issuer of AtlassianConnectBundle\Service\JWTGenerator::generate() does only seem to accept string, maybe add an additional type check?

            return $this->client->request($method, $url, $options);
        }

        if (!$tenant->getOauthClientId()) {
            throw new \RuntimeException('Tenant is not set up as oath application. Install the app with "ACT_AS_USER" scope.');
        }

        $result = $this->client->request('POST', 'https://oauth-2-authorization-server.services.atlassian.com/oauth2/token', [
            'body' => [
                'grant_type' => 'urn:ietf:params:oauth:grant-type:jwt-bearer',
                'assertion' => JWTGenerator::generateAssertion($tenant->getSharedSecret(), $tenant->getOauthClientId(), $tenant->getBaseUrl(), $userId),

It seems like $tenant->getBaseUrl() can also be of type null; however, parameter $baseUrl of AtlassianConnectBundle\Service\JWTGenerator::generateAssertion() does only seem to accept string, maybe add an additional type check?

It seems like $tenant->getSharedSecret() can also be of type null; however, parameter $secret of AtlassianConnectBundle\Service\JWTGenerator::generateAssertion() does only seem to accept string, maybe add an additional type check?

            ],
        ]);

        $options['headers']['Authorization'] = 'Bearer '.$result->toArray()['access_token'];

        return $this->client->request($method, $url, $options);
    }
}