Merge pull request #772 from cakephp/phpstan

Improve type declarations

Author: markstory

.phive/phars.xml

@@ -1,4 +1,4 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <phive xmlns="https://phar.io/phive">
-  <phar name="phpstan" version="2.1.33" installed="2.1.33" location="./tools/phpstan" copy="false"/>
+  <phar name="phpstan" version="2.1.40" installed="2.1.40" location="./tools/phpstan" copy="false"/>
 </phive>

phpstan-baseline.neon

@@ -1,10 +1,7 @@
-includes:
-	- phpstan-baseline.neon
-
 parameters:
 	level: 8
 	paths:
 		- src/
 	ignoreErrors:
-			- identifier: missingType.generics
-			- identifier: missingType.iterableValue
+		- identifier: missingType.iterableValue
+		- identifier: missingType.generics

phpstan.neon

@@ -30,18 +30,19 @@ abstract class AbstractCollection extends ObjectRegistry
     /**
      * Config array.
      *
-     * @var array
+     * @var array<string, mixed>
      */
     protected array $_defaultConfig = [];
 
     /**
      * Constructor
      *
-     * @param array $config Configuration
+     * @param array<int|string, mixed> $config Configuration
      */
     public function __construct(array $config = [])
     {
-        $this->setConfig($config);
+        $configOptions = array_filter($config, fn($key) => is_string($key), ARRAY_FILTER_USE_KEY);
+        $this->setConfig($configOptions);
 
         foreach ($config as $key => $value) {
             if (is_int($key)) {

src/AbstractCollection.php

@@ -96,7 +96,7 @@ class AuthenticationService implements AuthenticationServiceInterface, Impersona
      * ]);
      * ```
      *
-     * @var array
+     * @var array<string, mixed>
      */
     protected array $_defaultConfig = [
         'authenticators' => [],
@@ -218,7 +218,7 @@ public function clearIdentity(ServerRequestInterface $request, ResponseInterface
      *
      * @param \Psr\Http\Message\ServerRequestInterface $request The request.
      * @param \Psr\Http\Message\ResponseInterface $response The response.
-     * @param \ArrayAccess|array $identity Identity data.
+     * @param \ArrayAccess<string, mixed>|array<string, mixed> $identity Identity data.
      * @return array{request: \Psr\Http\Message\ServerRequestInterface, response: \Psr\Http\Message\ResponseInterface}
      */
     public function persistIdentity(
@@ -308,7 +308,7 @@ public function getIdentityAttribute(): string
     /**
      * Builds the identity object
      *
-     * @param \ArrayAccess|array $identityData Identity data
+     * @param \ArrayAccess<string, mixed>|array<string, mixed> $identityData Identity data
      * @return \Authentication\IdentityInterface
      */
     public function buildIdentity(ArrayAccess|array $identityData): IdentityInterface
@@ -375,7 +375,7 @@ public function getUnauthenticatedRedirectUrl(ServerRequestInterface $request):
         }
         $query = urlencode($param) . '=' . urlencode($redirect);
 
-        /** @var array $url */
+        /** @var array<string, mixed> $url */
         $url = parse_url($target);
         if (isset($url['query']) && strlen($url['query'])) {
             $url['query'] .= '&' . $query;
@@ -470,13 +470,13 @@ protected function validateRedirect(string $redirect): ?string
     }
 
     /**
-     * Impersonates a user
+     * Impersonate a user
      *
      * @param \Psr\Http\Message\ServerRequestInterface $request The request
      * @param \Psr\Http\Message\ResponseInterface $response The response
-     * @param \ArrayAccess $impersonator User who impersonates
-     * @param \ArrayAccess $impersonated User impersonated
-     * @return array
+     * @param \ArrayAccess<string, mixed> $impersonator User who impersonates
+     * @param \ArrayAccess<string, mixed> $impersonated User impersonated
+     * @return array{request: \Psr\Http\Message\ServerRequestInterface, response: \Psr\Http\Message\ResponseInterface}
      */
     public function impersonate(
         ServerRequestInterface $request,
@@ -494,7 +494,7 @@ public function impersonate(
      *
      * @param \Psr\Http\Message\ServerRequestInterface $request The request
      * @param \Psr\Http\Message\ResponseInterface $response The response
-     * @return array
+     * @return array{request: \Psr\Http\Message\ServerRequestInterface, response: \Psr\Http\Message\ResponseInterface}
      */
     public function stopImpersonating(ServerRequestInterface $request, ResponseInterface $response): array
     {

src/AuthenticationService.php

@@ -30,7 +30,7 @@ abstract class AbstractAuthenticator implements AuthenticatorInterface
      * Default config for this object.
      * - `fields` The fields to use to identify a user by.
      *
-     * @var array
+     * @var array<string, mixed>
      */
     protected array $_defaultConfig = [
         'fields' => [

src/Authenticator/AbstractAuthenticator.php

@@ -40,7 +40,7 @@ class AuthenticationRequiredException extends HttpException
     /**
      * Constructor
      *
-     * @param array $headers The headers that should be sent in the unauthorized challenge response.
+     * @param array<non-empty-string, array<string>|string> $headers The headers that should be sent in the unauthorized challenge response.
      * @param string $body The response body that should be sent in the challenge response.
      * @param int $code The exception code that will be used as a HTTP status code
      */

src/Authenticator/AuthenticationRequiredException.php

@@ -123,8 +123,11 @@ public function authenticate(ServerRequestInterface $request): ResultInterface
     /**
      * @inheritDoc
      */
-    public function persistIdentity(ServerRequestInterface $request, ResponseInterface $response, $identity): array
-    {
+    public function persistIdentity(
+        ServerRequestInterface $request,
+        ResponseInterface $response,
+        ArrayAccess|array $identity,
+    ): array {
         $field = $this->getConfig('rememberMeField');
         $bodyData = $request->getParsedBody();
 
@@ -149,7 +152,7 @@ public function persistIdentity(ServerRequestInterface $request, ResponseInterfa
      *
      * Returns concatenated username, password hash, and HMAC signature.
      *
-     * @param \ArrayAccess|array $identity Identity data.
+     * @param \ArrayAccess<string, mixed>|array<string, mixed> $identity Identity data.
      * @return string
      */
     protected function _createPlainToken(ArrayAccess|array $identity): string
@@ -186,7 +189,7 @@ protected function _createPlainToken(ArrayAccess|array $identity): string
      *
      * Cookie token consists of a username and hashed username + password hash.
      *
-     * @param \ArrayAccess|array $identity Identity data.
+     * @param \ArrayAccess<string, mixed>|array<string, mixed> $identity Identity data.
      * @return string
      * @throws \JsonException
      */
@@ -203,7 +206,7 @@ protected function _createToken(ArrayAccess|array $identity): string
     /**
      * Checks whether a token hash matches the identity data.
      *
-     * @param \ArrayAccess|array $identity Identity data.
+     * @param \ArrayAccess<string, mixed>|array<string, mixed> $identity Identity data.
      * @param string $tokenHash Hashed part of a cookie token.
      * @return bool
      */

src/Authenticator/CookieAuthenticator.php

@@ -38,7 +38,7 @@ class EnvironmentAuthenticator extends AbstractAuthenticator
      * - `fields` array of required fields to get from the environment
      * - `optionalFields` array of optional fields to get from the environment
      *
-     * @var array
+     * @var array<string, mixed>
      */
     protected array $_defaultConfig = [
         'loginUrl' => null,
@@ -64,7 +64,7 @@ public function __construct(?IdentifierInterface $identifier, array $config = []
      * Get values from the environment variables configured by `fields`.
      *
      * @param \Psr\Http\Message\ServerRequestInterface $request The request that contains login information.
-     * @return array|null server params defined by `fields` or null if a field is missing.
+     * @return array<string, mixed>|null server params defined by `fields` or null if a field is missing.
      */
     protected function _getData(ServerRequestInterface $request): ?array
     {
@@ -92,7 +92,7 @@ protected function _getData(ServerRequestInterface $request): ?array
      * Get values from the environment variables configured by `optionalFields`.
      *
      * @param \Psr\Http\Message\ServerRequestInterface $request The request that contains login information.
-     * @return array server params defined by optionalFields.
+     * @return array<string, mixed> server params defined by optionalFields.
      */
     protected function _getOptionalData(ServerRequestInterface $request): array
     {

src/Authenticator/EnvironmentAuthenticator.php

@@ -38,7 +38,7 @@ class FormAuthenticator extends AbstractAuthenticator
      * - `loginUrl` Login URL or an array of URLs.
      * - `urlChecker` Url checker config.
      *
-     * @var array
+     * @var array<string, mixed>
      */
     protected array $_defaultConfig = [
         'loginUrl' => null,
@@ -73,12 +73,12 @@ public function getIdentifier(): IdentifierInterface
      * Checks the fields to ensure they are supplied.
      *
      * @param \Psr\Http\Message\ServerRequestInterface $request The request that contains login information.
-     * @return array|null Username and password retrieved from a request body.
+     * @return array<string, mixed>|null Username and password retrieved from a request body.
      */
     protected function _getData(ServerRequestInterface $request): ?array
     {
         $fields = $this->_config['fields'];
-        /** @var array $body */
+        /** @var array<string, mixed> $body */
         $body = $request->getParsedBody();
 
         $data = [];