Fix PHPStan errors and PHP CS Fixer import order

- Fix OAuthController: add missing second parameter to redirect() - Fix KeycloakAuthenticator: get email from toArray() instead of getEmail() - Fix KeycloakAuthenticator: type-hint session for getFlashBag() access - Fix import order in KeycloakAuthenticatorTest Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 10:48:54 +01:00
parent 53d8b30942
commit 4ecbb23a2a
3 changed files with 7 additions and 5 deletions
--- a/src/Controller/OAuthController.php
+++ b/src/Controller/OAuthController.php
@@ -12,7 +12,7 @@ class OAuthController extends AbstractController
    #[Route('/connection/sso/login', name: 'app_oauth_keycloak')]
    public function connect(ClientRegistry $clientRegistry): RedirectResponse
    {
-        return $clientRegistry->getClient('keycloak')->redirect(['openid', 'email', 'profile']);
+        return $clientRegistry->getClient('keycloak')->redirect(['openid', 'email', 'profile'], []);
    }

    #[Route('/connection/sso/logout', name: 'app_oauth_keycloak_logout')]
--- a/src/Security/KeycloakAuthenticator.php
+++ b/src/Security/KeycloakAuthenticator.php
@@ -42,9 +42,9 @@ class KeycloakAuthenticator extends OAuth2Authenticator
        return new SelfValidatingPassport(
            new UserBadge($accessToken->getToken(), function () use ($accessToken, $client) {
                $keycloakUser = $client->fetchUserFromToken($accessToken);
-                $keycloakId = $keycloakUser->getId();
-                $email = $keycloakUser->getEmail();
                $data = $keycloakUser->toArray();
+                $keycloakId = $keycloakUser->getId();
+                $email = $data['email'] ?? '';
                $roles = $this->mapGroupsToRoles($data['groups'] ?? []);

                $user = $this->em->getRepository(User::class)->findOneBy(['keycloakId' => $keycloakId]);
@@ -110,7 +110,9 @@ class KeycloakAuthenticator extends OAuth2Authenticator

    public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
    {
-        $request->getSession()->getFlashBag()->add('error', 'Echec de la connexion SSO E-Cosplay.');
+        /** @var \Symfony\Component\HttpFoundation\Session\Session $session */
+        $session = $request->getSession();
+        $session->getFlashBag()->add('error', 'Echec de la connexion SSO E-Cosplay.');

        return new RedirectResponse($this->router->generate('app_login'));
    }
--- a/tests/Security/KeycloakAuthenticatorTest.php
+++ b/tests/Security/KeycloakAuthenticatorTest.php
@@ -9,8 +9,8 @@ use Doctrine\ORM\EntityRepository;
 use KnpU\OAuth2ClientBundle\Client\ClientRegistry;
 use KnpU\OAuth2ClientBundle\Client\OAuth2ClientInterface;
 use League\OAuth2\Client\Token\AccessToken;
-use Stevenmaguire\OAuth2\Client\Provider\KeycloakResourceOwner;
 use PHPUnit\Framework\TestCase;
+use Stevenmaguire\OAuth2\Client\Provider\KeycloakResourceOwner;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Session\Flash\FlashBag;
 use Symfony\Component\HttpFoundation\Session\Session;