chore(deps-dev): update codeigniter/phpstan-codeigniter requirement from ^1.3 to ^2.0

composer.json

@@ -30,7 +30,7 @@
     },
     "require-dev": {
         "boundwize/structarmed": "0.13.4",
-        "codeigniter/phpstan-codeigniter": "^1.3",
+        "codeigniter/phpstan-codeigniter": "^2.0",
         "codeigniter4/devkit": "^1.3",
         "codeigniter4/framework": ">=4.3.5 <4.5.0 || ^4.5.1",
         "firebase/php-jwt": "^7.0.3",

phpstan-baseline.php

@@ -1,42 +1,18 @@
 <?php declare(strict_types = 1);
 
 $ignoreErrors = [];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\UserIdentityModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 2,
-	'path' => __DIR__ . '/src/Authentication/Actions/Email2FA.php',
-];
 $ignoreErrors[] = [
 	'rawMessage' => 'Construct empty() is not allowed. Use more strict comparison.',
 	'identifier' => 'empty.notAllowed',
 	'count' => 1,
 	'path' => __DIR__ . '/src/Authentication/Actions/Email2FA.php',
 ];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\UserIdentityModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 2,
-	'path' => __DIR__ . '/src/Authentication/Actions/EmailActivator.php',
-];
 $ignoreErrors[] = [
 	'rawMessage' => 'Construct empty() is not allowed. Use more strict comparison.',
 	'identifier' => 'empty.notAllowed',
 	'count' => 1,
 	'path' => __DIR__ . '/src/Authentication/Authentication.php',
 ];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\TokenLoginModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 1,
-	'path' => __DIR__ . '/src/Authentication/Authenticators/AccessTokens.php',
-];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\UserIdentityModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 1,
-	'path' => __DIR__ . '/src/Authentication/Authenticators/AccessTokens.php',
-];
 $ignoreErrors[] = [
 	'rawMessage' => 'Construct empty() is not allowed. Use more strict comparison.',
 	'identifier' => 'empty.notAllowed',
@@ -49,24 +25,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/src/Authentication/Authenticators/AccessTokens.php',
 ];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\TokenLoginModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 1,
-	'path' => __DIR__ . '/src/Authentication/Authenticators/HmacSha256.php',
-];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\UserIdentityModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 1,
-	'path' => __DIR__ . '/src/Authentication/Authenticators/HmacSha256.php',
-];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\TokenLoginModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 1,
-	'path' => __DIR__ . '/src/Authentication/Authenticators/JWT.php',
-];
 $ignoreErrors[] = [
 	'rawMessage' => 'Parameter #1 $credentials (array{token?: string}) of method CodeIgniter\\Shield\\Authentication\\Authenticators\\JWT::attempt() should be contravariant with parameter $credentials (array) of method CodeIgniter\\Shield\\Authentication\\AuthenticatorInterface::attempt()',
 	'identifier' => 'method.childParameterType',
@@ -79,24 +37,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/src/Authentication/Authenticators/JWT.php',
 ];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\LoginModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 1,
-	'path' => __DIR__ . '/src/Authentication/Authenticators/Session.php',
-];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\RememberModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 1,
-	'path' => __DIR__ . '/src/Authentication/Authenticators/Session.php',
-];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\UserIdentityModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 1,
-	'path' => __DIR__ . '/src/Authentication/Authenticators/Session.php',
-];
 $ignoreErrors[] = [
 	'rawMessage' => 'Construct empty() is not allowed. Use more strict comparison.',
 	'identifier' => 'empty.notAllowed',
@@ -163,30 +103,6 @@
 	'count' => 11,
 	'path' => __DIR__ . '/src/Commands/Hmac.php',
 ];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\GroupModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 1,
-	'path' => __DIR__ . '/src/Commands/User.php',
-];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\UserModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 9,
-	'path' => __DIR__ . '/src/Commands/User.php',
-];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\LoginModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 1,
-	'path' => __DIR__ . '/src/Controllers/MagicLinkController.php',
-];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\UserIdentityModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 2,
-	'path' => __DIR__ . '/src/Controllers/MagicLinkController.php',
-];
 $ignoreErrors[] = [
 	'rawMessage' => 'Call to function assert() with false and \'Config Auth…\' will always evaluate to false.',
 	'identifier' => 'function.impossibleType',
@@ -217,30 +133,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/src/Database/Migrations/2020-12-28-223112_create_auth_tables.php',
 ];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\GroupModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 4,
-	'path' => __DIR__ . '/src/Entities/User.php',
-];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\LoginModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 2,
-	'path' => __DIR__ . '/src/Entities/User.php',
-];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\PermissionModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 2,
-	'path' => __DIR__ . '/src/Entities/User.php',
-];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\UserIdentityModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 23,
-	'path' => __DIR__ . '/src/Entities/User.php',
-];
 $ignoreErrors[] = [
 	'rawMessage' => 'Only booleans are allowed in a ternary operator condition, int<0, max> given.',
 	'identifier' => 'ternary.condNotBoolean',
@@ -361,24 +253,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/src/Filters/TokenAuth.php',
 ];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\GroupModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 2,
-	'path' => __DIR__ . '/src/Models/UserModel.php',
-];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\PermissionModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 1,
-	'path' => __DIR__ . '/src/Models/UserModel.php',
-];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\UserIdentityModel::class is discouraged.',
-	'identifier' => 'codeigniter.factoriesClassConstFetch',
-	'count' => 1,
-	'path' => __DIR__ . '/src/Models/UserModel.php',
-];
 $ignoreErrors[] = [
 	'rawMessage' => 'Construct empty() is not allowed. Use more strict comparison.',
 	'identifier' => 'empty.notAllowed',
@@ -424,7 +298,7 @@
 $ignoreErrors[] = [
 	'rawMessage' => 'Call to method setCookie() of internal class CodeIgniter\\Superglobals from outside its root namespace CodeIgniter.',
 	'identifier' => 'method.internalClass',
-	'count' => 1,
+	'count' => 2,
 	'path' => __DIR__ . '/tests/Authentication/Authenticators/SessionAuthenticatorTest.php',
 ];
 $ignoreErrors[] = [
@@ -446,25 +320,25 @@
 	'path' => __DIR__ . '/tests/Authentication/HasAccessTokensTest.php',
 ];
 $ignoreErrors[] = [
-	'rawMessage' => 'Accessing offset \'HTTP_USER_AGENT\' directly on $_SERVER is discouraged.',
-	'identifier' => 'codeigniter.superglobalAccess',
-	'count' => 1,
+	'rawMessage' => 'Call to method setServer() of internal class CodeIgniter\\Superglobals from outside its root namespace CodeIgniter.',
+	'identifier' => 'method.internalClass',
+	'count' => 2,
 	'path' => __DIR__ . '/tests/Controllers/ActionsTest.php',
 ];
 $ignoreErrors[] = [
-	'rawMessage' => 'Call to method setServer() of internal class CodeIgniter\\Superglobals from outside its root namespace CodeIgniter.',
+	'rawMessage' => 'Call to method unsetServer() of internal class CodeIgniter\\Superglobals from outside its root namespace CodeIgniter.',
 	'identifier' => 'method.internalClass',
-	'count' => 2,
+	'count' => 1,
 	'path' => __DIR__ . '/tests/Controllers/ActionsTest.php',
 ];
 $ignoreErrors[] = [
-	'rawMessage' => 'Accessing offset \'HTTP_USER_AGENT\' directly on $_SERVER is discouraged.',
-	'identifier' => 'codeigniter.superglobalAccess',
+	'rawMessage' => 'Call to method setServer() of internal class CodeIgniter\\Superglobals from outside its root namespace CodeIgniter.',
+	'identifier' => 'method.internalClass',
 	'count' => 1,
 	'path' => __DIR__ . '/tests/Controllers/MagicLinkTest.php',
 ];
 $ignoreErrors[] = [
-	'rawMessage' => 'Call to method setServer() of internal class CodeIgniter\\Superglobals from outside its root namespace CodeIgniter.',
+	'rawMessage' => 'Call to method unsetServer() of internal class CodeIgniter\\Superglobals from outside its root namespace CodeIgniter.',
 	'identifier' => 'method.internalClass',
 	'count' => 1,
 	'path' => __DIR__ . '/tests/Controllers/MagicLinkTest.php',

rector.php

@@ -120,7 +120,9 @@
             __DIR__ . '/tests/Authentication/Authenticators/SessionAuthenticatorTest.php',
             __DIR__ . '/tests/Commands/SetupTest.php',
             __DIR__ . '/tests/Commands/UserModelGeneratorTest.php',
+            __DIR__ . '/tests/Controllers/ActionsTest.php',
             __DIR__ . '/tests/Controllers/LoginTest.php',
+            __DIR__ . '/tests/Controllers/MagicLinkTest.php',
         ],
         RemoveUnusedPrivatePropertyRector::class => [
             __DIR__ . '/src/Test/MockInputOutput.php',

src/Authentication/Actions/Email2FA.php

@@ -145,7 +145,6 @@ public function verify(IncomingRequest $request)
      */
     public function createIdentity(User $user): string
     {
-        /** @var UserIdentityModel $identityModel */
         $identityModel = model(UserIdentityModel::class);
 
         // Delete any previous identities for action
@@ -169,7 +168,6 @@ public function createIdentity(User $user): string
      */
     private function getIdentity(User $user): ?UserIdentity
     {
-        /** @var UserIdentityModel $identityModel */
         $identityModel = model(UserIdentityModel::class);
 
         return $identityModel->getIdentityByType(

src/Authentication/Actions/EmailActivator.php

@@ -137,7 +137,6 @@ public function verify(IncomingRequest $request)
      */
     public function createIdentity(User $user): string
     {
-        /** @var UserIdentityModel $identityModel */
         $identityModel = model(UserIdentityModel::class);
 
         // Delete any previous identities for action
@@ -161,7 +160,6 @@ public function createIdentity(User $user): string
      */
     private function getIdentity(User $user): ?UserIdentity
     {
-        /** @var UserIdentityModel $identityModel */
         $identityModel = model(UserIdentityModel::class);
 
         return $identityModel->getIdentityByType(

src/Authentication/Authenticators/AccessTokens.php

@@ -140,7 +140,6 @@ public function check(array $credentials): Result
             $credentials['token'] = trim(substr((string) $credentials['token'], 6));
         }
 
-        /** @var UserIdentityModel $identityModel */
         $identityModel = model(UserIdentityModel::class);
 
         $token = $identityModel->getAccessTokenByRawToken($credentials['token']);
@@ -152,8 +151,6 @@ public function check(array $credentials): Result
             ]);
         }
 
-        assert($token->last_used_at instanceof Time || $token->last_used_at === null);
-
         // Is expired ?
         if (
             $token->expires instanceof Time

src/Authentication/Authenticators/HmacSha256.php

@@ -144,7 +144,6 @@ public function check(array $credentials): Result
         // Extract UserToken and HMACSHA256 Signature from Authorization token
         [$userToken, $signature] = $this->getHmacAuthTokens($credentials['token']);
 
-        /** @var UserIdentityModel $identityModel */
         $identityModel = model(UserIdentityModel::class);
 
         $token = $identityModel->getHmacTokenByKey($userToken);
@@ -168,8 +167,6 @@ public function check(array $credentials): Result
             ]);
         }
 
-        assert($token->last_used_at instanceof Time || $token->last_used_at === null);
-
         // Hasn't been used in a long time
         if (
             isset($token->last_used_at)

src/Authentication/Traits/HasAccessTokens.php

@@ -45,7 +45,6 @@ trait HasAccessTokens
      */
     public function generateAccessToken(string $name, array $scopes = ['*'], ?Time $expiresAt = null): AccessToken
     {
-        /** @var UserIdentityModel $identityModel */
         $identityModel = model(UserIdentityModel::class);
 
         return $identityModel->generateAccessToken($this, $name, $scopes, $expiresAt);
@@ -56,7 +55,6 @@ public function generateAccessToken(string $name, array $scopes = ['*'], ?Time $
      */
     public function revokeAccessToken(string $rawToken): void
     {
-        /** @var UserIdentityModel $identityModel */
         $identityModel = model(UserIdentityModel::class);
 
         $identityModel->revokeAccessToken($this, $rawToken);
@@ -67,7 +65,6 @@ public function revokeAccessToken(string $rawToken): void
      */
     public function revokeAccessTokenBySecret(string $secretToken): void
     {
-        /** @var UserIdentityModel $identityModel */
         $identityModel = model(UserIdentityModel::class);
 
         $identityModel->revokeAccessTokenBySecret($this, $secretToken);
@@ -78,7 +75,6 @@ public function revokeAccessTokenBySecret(string $secretToken): void
      */
     public function revokeAllAccessTokens(): void
     {
-        /** @var UserIdentityModel $identityModel */
         $identityModel = model(UserIdentityModel::class);
 
         $identityModel->revokeAllAccessTokens($this);
@@ -91,7 +87,6 @@ public function revokeAllAccessTokens(): void
      */
     public function accessTokens(): array
     {
-        /** @var UserIdentityModel $identityModel */
         $identityModel = model(UserIdentityModel::class);
 
         return $identityModel->getAllAccessTokens($this);
@@ -107,7 +102,6 @@ public function getAccessToken(?string $rawToken): ?AccessToken
             return null;
         }
 
-        /** @var UserIdentityModel $identityModel */
         $identityModel = model(UserIdentityModel::class);
 
         return $identityModel->getAccessToken($this, $rawToken);
@@ -118,7 +112,6 @@ public function getAccessToken(?string $rawToken): ?AccessToken
      */
     public function getAccessTokenById(int $id): ?AccessToken
     {
-        /** @var UserIdentityModel $identityModel */
         $identityModel = model(UserIdentityModel::class);
 
         return $identityModel->getAccessTokenById($id, $this);
@@ -190,7 +183,6 @@ public function isAccessTokenExpired(AccessToken $accessToken): bool
      */
     public function updateAccessTokenExpiration(int $id, Time $expiresAt): bool
     {
-        /** @var UserIdentityModel $identityModel */
         $identityModel = model(UserIdentityModel::class);
         $result        = $identityModel->setIdentityExpirationById($id, $this, $expiresAt);
 
@@ -211,7 +203,6 @@ public function updateAccessTokenExpiration(int $id, Time $expiresAt): bool
      */
     public function removeAccessTokenExpiration(int $id): bool
     {
-        /** @var UserIdentityModel $identityModel */
         $identityModel = model(UserIdentityModel::class);
         $result        = $identityModel->setIdentityExpirationById($id, $this);