Improve phpdoc. Escape strings printed with debug enabled. Remove error_reporting

Author: pitbulk

demo2/consume.php

@@ -7,8 +7,6 @@
  * link where it will send a certified response via $_POST.
  */
 
-error_reporting(E_ALL);
-
 require_once dirname(__DIR__).'/_toolkit_loader.php';
 
 try {

demo2/metadata.php

@@ -6,8 +6,6 @@
  * or expose it on a URL so your IdP can check it periodically.
  */
 
-error_reporting(E_ALL);
-
 require_once dirname(__DIR__).'/_toolkit_loader.php';
 
 header('Content-Type: text/xml');

lib/Saml2/Auth.php

@@ -75,7 +75,7 @@ class OneLogin_Saml2_Auth
      * SessionNotOnOrAfter. When the user is logged, this stored it
      * from the AuthnStatement of the SAML Response
      *
-     * @var DateTime
+     * @var int|null
      */
     private $_sessionExpiration;
 
@@ -97,7 +97,7 @@ class OneLogin_Saml2_Auth
      * The NotOnOrAfter value of the valid SubjectConfirmationData
      * node (if any) of the last assertion processed
      *
-     * @var DateTime
+     * @var int
      */
     private $_lastAssertionNotOnOrAfter;
 
@@ -111,7 +111,7 @@ class OneLogin_Saml2_Auth
     /**
      * Reason of the last error.
      *
-     * @var string
+     * @var string|null
      */
     private $_errorReason;
 
@@ -164,7 +164,7 @@ public function getSettings()
      *
      * @param bool $value Strict parameter
      *
-     * @return array The settings data.
+     * @throws OneLogin_Saml2_Error
      */
     public function setStrict($value)
     {
@@ -305,6 +305,8 @@ public function processSLO($keepLocalSession = false, $requestId = null, $retrie
      * @param string $url        The target URL to redirect the user.
      * @param array  $parameters Extra parameters to be passed as part of the url
      * @param bool   $stay       True if we want to stay (returns the url string) False to redirect
+     *
+     * @return string|null
      */
     public function redirectTo($url = '', $parameters = array(), $stay = false)
     {
@@ -401,7 +403,7 @@ public function getErrors()
     /**
      * Returns the reason for the last error
      *
-     * @return string  Error reason
+     * @return string|null  Error reason
      */
     public function getLastErrorReason()
     {
@@ -436,7 +438,7 @@ public function getAttribute($name)
      * @param bool        $stay            True if we want to stay (returns the url string) False to redirect
      * @param bool        $setNameIdPolicy When true the AuthNReuqest will set a nameIdPolicy element
      *
-     * @return If $stay is True, it return a string with the SLO URL + LogoutRequest + parameters
+     * @return string|null If $stay is True, it return a string with the SLO URL + LogoutRequest + parameters
      */
     public function login($returnTo = null, $parameters = array(), $forceAuthn = false, $isPassive = false, $stay = false, $setNameIdPolicy = true)
     {
@@ -662,7 +664,7 @@ public function getLastAssertionId()
     }
 
     /**
-     * @return The NotOnOrAfter value of the valid
+     * @return int The NotOnOrAfter value of the valid
      *         SubjectConfirmationData node (if any)
      *         of the last assertion processed
      */
@@ -675,7 +677,7 @@ public function getLastAssertionNotOnOrAfter()
      * Returns the most recently-constructed/processed
      * XML SAML request (AuthNRequest, LogoutRequest)
      *
-     * @return string The Request XML
+     * @return string|null The Request XML
      */
     public function getLastRequestXML()
     {
@@ -688,7 +690,7 @@ public function getLastRequestXML()
      * If the SAMLResponse was encrypted, by default tries
      * to return the decrypted XML.
      *
-     * @return string The Response XML
+     * @return string|null The Response XML
      */
     public function getLastResponseXML()
     {

lib/Saml2/IdPMetadataParser.php

@@ -90,6 +90,7 @@ public static function parseFileXML($filepath, $entityId = null, $desiredNameIdF
      * @param string $desiredNameIdFormat If available on IdP metadata, use that nameIdFormat
      *
      * @return array metadata info in php-saml settings format
+     * @throws \Exception
      */
     public static function parseXML($xml, $entityId = null, $desiredNameIdFormat = null)
     {
@@ -200,8 +201,8 @@ public static function parseXML($xml, $entityId = null, $desiredNameIdFormat = n
     /**
      * Inject metadata info into php-saml settings array
      *
-     * @param string $settings     php-saml settings array
-     * @param string $metadataInfo array metadata info
+     * @param array $settings     php-saml settings array
+     * @param array $metadataInfo array metadata info
      *
      * @return array settings
      */

lib/Saml2/LogoutRequest.php

@@ -139,7 +139,6 @@ public function __construct(OneLogin_Saml2_Settings $settings, $request = null,
         $this->_logoutRequest = $logoutRequest;
     }
 
-
     /**
      * Returns the Logout Request defated, base64encoded, unsigned
      *
@@ -401,7 +400,7 @@ public function isValid($retrieveParametersFromServer = false)
             $this->_error = $e->getMessage();
             $debug = $this->_settings->isDebugActive();
             if ($debug) {
-                echo $this->_error;
+                echo htmlentities($this->_error);
             }
             return false;
         }

lib/Saml2/LogoutResponse.php

@@ -35,7 +35,7 @@ class OneLogin_Saml2_LogoutResponse
     /**
      * The decoded, unprocessed XML response provided to the constructor.
      *
-     * @var string
+     * @var string|null
      */
     protected $_logoutResponse;
 
@@ -49,7 +49,7 @@ class OneLogin_Saml2_LogoutResponse
     /**
      * After execute a validation process, if it fails, this var contains the cause
      *
-     * @var string
+     * @var string|null
      */
     private $_error;
 
@@ -104,7 +104,7 @@ public function getIssuer()
     /**
      * Gets the Status of the Logout Response.
      *
-     * @return string The Status
+     * @return string|null The Status
      */
     public function getStatus()
     {
@@ -205,7 +205,7 @@ public function isValid($requestId = null, $retrieveParametersFromServer = false
             $this->_error = $e->getMessage();
             $debug = $this->_settings->isDebugActive();
             if ($debug) {
-                echo $this->_error;
+                echo htmlentities($this->_error);
             }
             return false;
         }
@@ -266,16 +266,16 @@ public function build($inResponseTo)
      */
     public function getResponse($deflate = null)
     {
-        $subject = $this->_logoutResponse;
+        $logoutResponse = $this->_logoutResponse;
 
         if (is_null($deflate)) {
             $deflate = $this->_settings->shouldCompressResponses();
         }
 
         if ($deflate) {
-            $subject = gzdeflate($this->_logoutResponse);
+            $logoutResponse = gzdeflate($this->_logoutResponse);
         }
-        return base64_encode($subject);
+        return base64_encode($logoutResponse);
     }
 
     /**
@@ -289,7 +289,7 @@ public function getError()
     }
 
     /**
-     * @return the ID of the Response
+     * @return string the ID of the Response
      */
     public function getId()
     {
@@ -300,7 +300,7 @@ public function getId()
      * Returns the XML that will be sent as part of the response
      * or that was received at the SP
      *
-     * @return string
+     * @return string|null
      */
     public function getXML()
     {

lib/Saml2/Response.php

@@ -67,7 +67,7 @@ class OneLogin_Saml2_Response
     /**
      * NotOnOrAfter value of a valid SubjectConfirmationData node
      *
-     * @var DateTime
+     * @var int
      */
     private $_validSCDNotOnOrAfter;
 
@@ -422,14 +422,14 @@ public function isValid($requestId = null)
             $this->_error = $e->getMessage();
             $debug = $this->_settings->isDebugActive();
             if ($debug) {
-                echo $this->_error;
+                echo htmlentities($this->_error);
             }
             return false;
         }
     }
 
     /**
-     * @return the ID of the Response
+     * @return string|null the ID of the Response
      */
     public function getId()
     {
@@ -441,12 +441,12 @@ public function getId()
     }
 
     /**
-     * @return the ID of the assertion in the Response
+     * @return string|null the ID of the assertion in the Response
      */
     public function getAssertionId()
     {
         if (!$this->validateNumAssertions()) {
-            throw new IllegalArgumentException("SAML Response must contain 1 Assertion.");
+            throw new InvalidArgumentException("SAML Response must contain 1 Assertion.");
         }
         $assertionNodes = $this->_queryAssertion("");
         $id = null;
@@ -459,7 +459,8 @@ public function getAssertionId()
     }
 
     /**
-     * @return the NotOnOrAfter value of the valid SubjectConfirmationData *         node if any
+     * @return int the NotOnOrAfter value of the valid SubjectConfirmationData
+     * node if any
      */
     public function getAssertionNotOnOrAfter()
     {
@@ -544,6 +545,7 @@ public function getAudiences()
      * Gets the Issuers (from Response and Assertion).
      *
      * @return array @issuers The issuers of the assertion/response
+     * @throws OneLogin_Saml2_ValidationError
      */
     public function getIssuers()
     {
@@ -641,7 +643,7 @@ public function getNameIdData()
     /**
      * Gets the NameID provided by the SAML response from the IdP.
      *
-     * @return string Name ID Value
+     * @return string|null Name ID Value
      */
     public function getNameId()
     {
@@ -656,7 +658,7 @@ public function getNameId()
     /**
      * Gets the NameID Format provided by the SAML response from the IdP.
      *
-     * @return string Name ID Format
+     * @return string|null Name ID Format
      */
     public function getNameIdFormat()
     {
@@ -671,7 +673,7 @@ public function getNameIdFormat()
     /**
      * Gets the NameID NameQualifier provided by the SAML response from the IdP.
      *
-     * @return string Name ID NameQualifier
+     * @return string|null Name ID NameQualifier
      */
     public function getNameIdNameQualifier()
     {

lib/Saml2/Settings.php

@@ -100,9 +100,9 @@ class OneLogin_Saml2_Settings
     private $_errors = array();
 
     /**
-     * Setting errors.
+     * Valitate SP data only flag
      *
-     * @var array
+     * @var bool
      */
     private $_spValidationOnly = false;
 
@@ -112,7 +112,7 @@ class OneLogin_Saml2_Settings
      * - Loads settings info from settings file or array/object provided
      *
      * @param array|object|null $settings         SAML Toolkit Settings
-     * @param boolean           $spValidationOnly Validate or not the IdP data
+     * @param bool              $spValidationOnly Validate or not the IdP data
      *
      * @throws OneLogin_Saml2_Error If any settings parameter is invalid
      * @throws Exception If OneLogin_Saml2_Settings is incorrectly supplied
@@ -162,6 +162,7 @@ public function __construct($settings = null, $spValidationOnly = false)
 
     /**
      * Sets the paths of the different folders
+     * @suppress PhanUndeclaredConstant
      */
     private function _loadPaths()
     {
@@ -289,6 +290,7 @@ private function _loadSettingsFromArray($settings)
      *
      * @return bool True if the settings info is valid
      * @throws OneLogin_Saml2_Error
+     * @suppress PhanUndeclaredVariable
      */
     private function _loadSettingsFromFile()
     {
@@ -302,13 +304,14 @@ private function _loadSettingsFromFile()
             );
         }
 
+        /** @var array $settings */
         include $filename;
 
         // Add advance_settings if exists
-
         $advancedFilename = $this->getConfigPath().'advanced_settings.php';
 
         if (file_exists($advancedFilename)) {
+            /** @var array $advancedSettings */
             include $advancedFilename;
             $settings = array_merge($settings, $advancedSettings);
         }
@@ -1000,6 +1003,7 @@ public function getErrors()
      * Activates or deactivates the strict mode.
      *
      * @param bool $value Strict parameter
+     * @throws Exception
      */
     public function setStrict($value)
     {