fix: sonar lint findings

EllaiSys · EllaiSys · commit f15fd34c6954 · 2025-11-02T11:47:02.000+05:30
diff --git a/config/cognito.php b/config/cognito.php
@@ -175,13 +175,13 @@
 
     /*
     |--------------------------------------------------------------------------
-    | Cognito Challenge Status Names for Forced Access.
+    | Cognito Challenge Status Names for Forced Password Change.
     |--------------------------------------------------------------------------
     |
     | This option controls the package action based on the Challenge Status
     | received from the AWS Cognito Authentication. If the challenge status
-    | is 'NEW_PASSWORD_CHALLENGE' and/or 'RESET_REQUIRED_PASSWORD', the
-    | configuration that follows below will execute.
+    | is 'NEW_PASSWORD_CHALLENGE' and/or 'RESET_REQUIRED_PASSWORD', this
+    | configuration will force the user to change their password.
     |
     */
     'forced_challenge_names' => [
@@ -191,7 +191,8 @@
 
     /*
     |--------------------------------------------------------------------------
-    | Force Password Change by the User based on Cognito Status in Web Request (Session Guard)
+    | Force Password Change by the User based on Cognito Status in Web Request
+    | (Session Guard)
     |--------------------------------------------------------------------------
     |
     | This setting controls the action, in case the AWS Cognito authentication
@@ -271,7 +272,7 @@
     | Allow new user to set the password and have verified
     |--------------------------------------------------------------------------
     |
-    | This option enables the user to set the password and have that verified 
+    | This option enables the user to set the password and have that verified
     | during the to invitation for the new user. The default value is set to true.
     |
     */
diff --git a/src/AwsCognito.php b/src/AwsCognito.php
@@ -61,7 +61,7 @@ class AwsCognito
 
     /**
      * The AwsCognito Claim token
-     * 
+     *
      * @var \Ellaisys\Cognito\AwsCognitoClaim|null
      */
     protected $claim;
@@ -98,8 +98,6 @@ public function __construct(AwsCognitoManager $manager, Parser $parser)
     public static function ignoreMigrations(): void
     {
         static::$runsMigrations = false;
-
-        return;
     } //Function ends
 
 
@@ -220,7 +218,7 @@ public function setChallengeData(string $key, $data, int $durationInSecs=3600)
      *
      * @return \Ellaisys\Cognito\AwsCognito
      */
-    public function unsetToken($forceForever = false)
+    public function unsetToken(bool $forceForever = false)
     {
         $tokenKey = $this->token->get();
         $this->manager->release($tokenKey);
@@ -314,4 +312,4 @@ public function storeToken()
         return $this->manager->encode($this->claim)->store();
     } //Function ends
 
-} //Class ends
+} //Class ends
diff --git a/src/AwsCognitoClaim.php b/src/AwsCognitoClaim.php
@@ -86,6 +86,7 @@ public function __construct(AwsResult $result, Authenticatable $user=null) {
             $this->tokenDecode = $decodedToken;
 
         } catch(Exception $e) {
+            Log::error('CognitoClaim:__construct:Exception');
             throw $e;
         } //Try-catch ends
     } //Function ends
@@ -177,4 +178,4 @@ public function __toString()
         return $this->getToken();
     } //Function ends
 
-} //Class ends
+} //Class ends
diff --git a/src/AwsCognitoClient.php b/src/AwsCognitoClient.php
@@ -227,6 +227,7 @@ public function authenticate($username, $password)
 
             $response = $this->client->adminInitiateAuth($payload);
         } catch (CognitoIdentityProviderException $exception) {
+            Log::error('CognitoIdentityProvider:adminInitiateAuth:Exception');
             throw $exception;
         } //Try-catch ends
 
@@ -385,6 +386,7 @@ public function adminListGroupsForUser(string $username)
             );
             return $groups;
         } catch (CognitoIdentityProviderException $e) {
+            Log::error('CognitoIdentityProvider:adminListGroupsForUser:Exception');
             throw $e;
         } //Try-catch ends
 
@@ -410,6 +412,7 @@ public function adminAddUserToGroup(string $username, string $groupname)
                 'Username' => $username
             ]);
         } catch (CognitoIdentityProviderException $e) {
+            Log::error('CognitoIdentityProvider:adminAddUserToGroup:Exception');
             throw $e;
         } //Try-catch ends
 
@@ -435,7 +438,7 @@ public function inviteUser(string $username, string $password=null, array $attri
         //Validate phone for MFA
         if (config('cognito.mfa_setup')=="MFA_ENABLED") {
             if (empty($attributes['phone_number'])) { throw new HttpException(400, 'ERROR_MFA_ENABLED_PHONE_MISSING'); }
-        } //End if        
+        } //End if
         
         //Force validate email
         if ($attributes['email']) {
@@ -636,7 +639,7 @@ public function confirmUserSignUp($username, $confirmationCode)
                 return 'validation.invalid_token';
             } //End if
 
-            if ($e->getAwsErrorCode() === 'NotAuthorizedException' AND $e->getAwsErrorMessage() === 'User cannot be confirmed. Current status is CONFIRMED') {
+            if ($e->getAwsErrorCode() === 'NotAuthorizedException' && $e->getAwsErrorMessage() === 'User cannot be confirmed. Current status is CONFIRMED') {
                 return 'validation.confirmed';
             } //End if
 
@@ -698,6 +701,7 @@ public function setUserAttributes($username, array $attributes)
             //Execute the payload
             $this->client->AdminUpdateUserAttributes($payload);
         } catch (CognitoIdentityProviderException $e) {
+            Log::error('CognitoIdentityProvider:adminUpdateUserAttributes:Exception');
             throw $e;
         } //End try
 
@@ -713,7 +717,7 @@ public function setUserAttributes($username, array $attributes)
      * @param string $session
      * @param string $challengeValue
      * @param string $username
-     *  
+     *
      * @return \Aws\Result
      */
     protected function adminRespondToAuthChallenge(
@@ -766,6 +770,7 @@ protected function adminRespondToAuthChallenge(
             //Execute the payload
             $response = $this->client->adminRespondToAuthChallenge($payload);
         } catch (CognitoIdentityProviderException $e) {
+            Log::error('CognitoIdentityProvider:adminRespondToAuthChallenge:Exception');
             throw $e;
         } //Try-catch ends
 
@@ -837,6 +842,7 @@ public function getUserByAccessToken(string $token)
                 'AccessToken' => $token
             ]);
         } catch (CognitoIdentityProviderException $e) {
+            Log::error('CognitoIdentityProvider:getUserByAccessToken:Exception');
             throw $e;
         } //Try-catch ends
 
@@ -916,6 +922,7 @@ public function refreshToken(string $username, string $refreshToken)
             // Reuse same refreshToken
             $response['AuthenticationResult']['RefreshToken'] = $refreshToken;
         } catch (CognitoIdentityProviderException $e) {
+            Log::error('CognitoIdentityProvider:refreshToken:Exception');
             throw $e;
         } //Try-catch ends
 
@@ -940,6 +947,7 @@ public function revokeToken(string $refreshToken)
                 'Token'         => $refreshToken
             ]);
         } catch (Exception $e) {
+            Log::error('CognitoIdentityProvider:revokeToken:Exception');
             throw $e;
         } //Try-catch ends
         return true;
diff --git a/src/AwsCognitoManager.php b/src/AwsCognitoManager.php
@@ -47,7 +47,7 @@ class AwsCognitoManager
 
     /**
      * The AwsCognito Claim token
-     * 
+     *
      * @var \Ellaisys\Cognito\AwsCognitoClaim|null
      */
     protected $claim;
@@ -136,7 +136,7 @@ public function release(string $token)
 
     /**
      * Save challenge object
-     * 
+     *
      * @param  string  $key
      * @param  mixed  $data
      * @param  int  $durationInSecs
@@ -161,4 +161,4 @@ public function fetchData(string $key)
         return $data?json_decode($data, true):null;
     } //Function ends
 
-} //Class ends
+} //Class ends
diff --git a/src/Contracts/Storage/StorageContract.php b/src/Contracts/Storage/StorageContract.php
@@ -53,4 +53,4 @@ public function destroy($key);
      * @return void
      */
     public function flush();
-}
+}
diff --git a/src/Exceptions/InvalidTokenException.php b/src/Exceptions/InvalidTokenException.php
@@ -33,4 +33,4 @@ public function render($request, Throwable $exception)
         return parent::render($request, $exception);
     }
     
-} //Class ends
+} //Class ends
diff --git a/src/Exceptions/InvalidUserFieldException.php b/src/Exceptions/InvalidUserFieldException.php
@@ -35,4 +35,4 @@ public function render($request, Throwable $exception)
         return parent::render($request, $exception);
     }
     
-} //Class ends
+} //Class ends
diff --git a/src/Exceptions/InvalidUserModelException.php b/src/Exceptions/InvalidUserModelException.php
@@ -32,4 +32,4 @@ public function render($request, Throwable $exception)
         return parent::render($request, $exception);
     }
     
-} //Class ends
+} //Class ends
diff --git a/src/Exceptions/NoTokenException.php b/src/Exceptions/NoTokenException.php
@@ -33,4 +33,4 @@ public function render($request, Throwable $exception)
         return parent::render($request, $exception);
     }
     
-} //Class ends
+} //Class ends
diff --git a/src/Exceptions/TokenBlacklistedException.php b/src/Exceptions/TokenBlacklistedException.php
@@ -30,4 +30,4 @@ public function render($request, Throwable $exception)
         return parent::render($request, $exception);
     }
     
-} //Class ends
+} //Class ends
diff --git a/src/Guards/CognitoSessionGuard.php b/src/Guards/CognitoSessionGuard.php
@@ -131,7 +131,8 @@ public function __construct(
      * @throws
      * @return bool
      */
-    public function attempt(array $credentials = [], $remember = false, string $paramUsername='email', string $paramPassword='password')
+    public function attempt(array $credentials = [], $remember = false,
+        string $paramUsername='email', string $paramPassword='password')
     {
         try {
             $returnValue = false;
@@ -271,9 +272,7 @@ private function handleAWSChallenge() {
                 break;
             
             default:
-                if (in_array($this->challengeName, config('cognito.forced_challenge_names'))) {
-                    $this->challengeName = $result['ChallengeName'];
-                } //End if
+                //Do nothing
                 break;
         } //End switch
 
diff --git a/src/Guards/CognitoTokenGuard.php b/src/Guards/CognitoTokenGuard.php
@@ -310,7 +310,7 @@ public function invalidate(bool $forceForever = false)
             //Revoke the token from AWS Cognito
             if ($this->client->signOut($accessToken)) {
 
-                //Global logout and invalidate the Refresh Token 
+                //Global logout and invalidate the Refresh Token
                 if ($forceForever) {
                     //Get claim data
                     $data = $this->cognito->getClaim();
@@ -327,6 +327,7 @@ public function invalidate(bool $forceForever = false)
                 return $this->cognito->unsetToken($forceForever);
             } //End if
         } catch (Exception $e) {
+            Log::error('CognitoTokenGuard:invalidate:Exception');
             throw $e;
         } //try-catch ends
     } //Function ends
@@ -341,19 +342,19 @@ public function user() {
 
         //Check if the user exists
         if (!is_null($this->user)) {
-			return $this->user;
-		} //End if
+            return $this->user;
+        } //End if
 
         //Retrieve token from request and authenticate
-		return $this->getTokenForRequest();
+        return $this->getTokenForRequest();
     } //Function ends
 
 
     /**
-	 * Get the token for the current request.
-	 * @return string
-	 */
-	public function getTokenForRequest () {
+     * Get the token for the current request.
+     * @return string
+     */
+    public function getTokenForRequest () {
         //Check for request having token
         if (! $this->cognito->parser()->setRequest($this->request)->hasToken()) {
             return null;
@@ -371,14 +372,14 @@ public function getTokenForRequest () {
 
         //Get user and return
         return $this->user = $this->provider->retrieveById($claim['sub']);
-	} //Function ends
+    } //Function ends
 
 
     /**
-	 * Get the user from the provider.
-	 * @return User
-	 */
-	public function getUser (string $identifier) {
+     * Get the user from the provider.
+     * @return User
+     */
+    public function getUser (string $identifier) {
         return $this->provider->retrieveById($identifier);
     } //Function ends
 
@@ -417,6 +418,7 @@ public function attemptMFA(array $challenge=[], bool $remember=false) {
                 throw new InvalidUserException();
             } //End if
         } catch(AwsCognitoException | InvalidUserException | Exception $e) {
+            Log::error('CognitoTokenGuard:attemptMFA:Exception');
             throw $e;
         } //Try-catch ends
 
diff --git a/src/Guards/Traits/BaseCognitoGuard.php b/src/Guards/Traits/BaseCognitoGuard.php
@@ -35,30 +35,30 @@ trait BaseCognitoGuard
 {
 
     /**
-	 * Get the AWS Cognito object
+     * Get the AWS Cognito object
      *
-	 * @return \Ellaisys\Cognito\AwsCognito
-	 */
+     * @return \Ellaisys\Cognito\AwsCognito
+     */
     public function cognito() {
         return $this->cognito;
     } //Function ends
 
 
     /**
-	 * Get the User Information from AWS Cognito
+     * Get the User Information from AWS Cognito
      *
-	 * @return  mixed
-	 */
+     * @return  mixed
+     */
     public function getRemoteUserData(string $username) {
         return $this->client->getUser($username);
     } //Function ends
 
 
     /**
-	 * Set the User Information into the local DB
+     * Set the User Information into the local DB
      *
-	 * @return  mixed
-	 */
+     * @return  mixed
+     */
     public function setLocalUserData(array $credentials) {
         try {
             //Get username key in the credentials
diff --git a/src/Guards/Traits/CognitoMFA.php b/src/Guards/Traits/CognitoMFA.php
diff --git a/src/Providers/AwsCognitoServiceProvider.php b/src/Providers/AwsCognitoServiceProvider.php

Original file line number	Diff line number	Diff line change
`@@ -33,4 +33,4 @@ public function render($request, Throwable $exception)`
`33`	`33`	`return parent::render($request, $exception);`
`34`	`34`	`}`
`35`	`35`
`36`		`-} //Class ends`
	`36`	`+} //Class ends`
Original file line number	Diff line number	Diff line change
`@@ -35,4 +35,4 @@ public function render($request, Throwable $exception)`
`35`	`35`	`return parent::render($request, $exception);`
`36`	`36`	`}`
`37`	`37`
`38`		`-} //Class ends`
	`38`	`+} //Class ends`
Original file line number	Diff line number	Diff line change
`@@ -32,4 +32,4 @@ public function render($request, Throwable $exception)`
`32`	`32`	`return parent::render($request, $exception);`
`33`	`33`	`}`
`34`	`34`
`35`		`-} //Class ends`
	`35`	`+} //Class ends`