Fix SonarQube: reduce authenticateRequest returns, add PHPDoc types, remove temp variable
- ApiAuthTrait::authenticateRequest: 5→3 returns (merge headers+verify+expired into 2 checks)
- ApiAuthTrait::success: add @param array<string, mixed> on $meta
- ApiAuthController::verifyJwt: add @return array{userId: int|null, expired: bool}
- ApiDocController::insomnia: return Response directly (remove temp $response variable)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Serreau Jovann
@@ -52,6 +52,9 @@ class ApiAuthController extends AbstractController
|
||||
*/
|
||||
private const INVALID_JWT = ['userId' => null, 'expired' => false];
|
||||
|
||||
/**
|
||||
* @return array{userId: int|null, expired: bool}
|
||||
*/
|
||||
public static function verifyJwt(string $token, string $email, string $appSecret): array
|
||||
{
|
||||
$parts = explode('.', $token);
|
||||
|
||||
@@ -13,29 +13,22 @@ trait ApiAuthTrait
|
||||
{
|
||||
$email = $request->headers->get('ETicket-Email', '');
|
||||
$jwt = $request->headers->get('ETicket-JWT', '');
|
||||
$result = ('' !== $email && '' !== $jwt) ? ApiAuthController::verifyJwt($jwt, $email, $appSecret) : ['userId' => null, 'expired' => false];
|
||||
|
||||
if ('' === $email || '' === $jwt) {
|
||||
return new JsonResponse(['success' => false, 'data' => null, 'error' => 'Headers ETicket-Email et ETicket-JWT requis.'], 401);
|
||||
}
|
||||
if (null === $result['userId'] || $result['expired']) {
|
||||
$error = null === $result['userId'] ? 'Token invalide ou headers manquants.' : 'Token expire. Utilisez POST /api/auth/refresh.';
|
||||
|
||||
$result = ApiAuthController::verifyJwt($jwt, $email, $appSecret);
|
||||
|
||||
if (null === $result['userId']) {
|
||||
return new JsonResponse(['success' => false, 'data' => null, 'error' => 'Token invalide.'], 401);
|
||||
}
|
||||
|
||||
if ($result['expired']) {
|
||||
return new JsonResponse(['success' => false, 'data' => null, 'error' => 'Token expire. Utilisez POST /api/auth/refresh pour le renouveler.'], 401);
|
||||
return new JsonResponse(['success' => false, 'data' => null, 'error' => $error], 401);
|
||||
}
|
||||
|
||||
$user = $em->getRepository(User::class)->find($result['userId']);
|
||||
if (!$user || $user->getEmail() !== $email) {
|
||||
return new JsonResponse(['success' => false, 'data' => null, 'error' => 'Utilisateur introuvable.'], 401);
|
||||
}
|
||||
|
||||
return $user;
|
||||
return $user && $user->getEmail() === $email
|
||||
? $user
|
||||
: new JsonResponse(['success' => false, 'data' => null, 'error' => 'Utilisateur introuvable.'], 401);
|
||||
}
|
||||
|
||||
/** @param array<string, mixed> $meta */
|
||||
private function success(mixed $data, array $meta = []): JsonResponse
|
||||
{
|
||||
$response = ['success' => true, 'data' => $data, 'error' => null];
|
||||
|
||||
@@ -134,7 +134,7 @@ class ApiDocController extends AbstractController
|
||||
'resources' => $resources,
|
||||
];
|
||||
|
||||
$response = new Response(
|
||||
return new Response(
|
||||
json_encode($export, \JSON_PRETTY_PRINT | \JSON_UNESCAPED_UNICODE | \JSON_UNESCAPED_SLASHES),
|
||||
200,
|
||||
[
|
||||
@@ -142,8 +142,6 @@ class ApiDocController extends AbstractController
|
||||
'Content-Disposition' => 'attachment; filename="eticket-api-insomnia.json"',
|
||||
]
|
||||
);
|
||||
|
||||
return $response;
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user