build(deps): bump dependencies to most recent versions, phpunit to 13.1

.github/workflows/php.yml

@@ -14,12 +14,16 @@ jobs:
 
     runs-on: ubuntu-latest
 
+    strategy:
+      matrix:
+        php-version: [ '8.1', '8.2', '8.3', '8.4', '8.5' ]
+
     steps:
     - uses: actions/checkout@v4
 
     - uses: shivammathur/setup-php@v2
       with:
-        php-version: '8.2'
+        php-version: ${{ matrix.php-version }}
 
     - name: Validate composer.json and composer.lock
       run: composer validate --strict
@@ -29,9 +33,9 @@ jobs:
       uses: actions/cache@v4
       with:
         path: vendor
-        key: ${{ runner.os }}-php-${{ hashFiles('**/composer.lock') }}
+        key: ${{ runner.os }}-php-${{ matrix.php-version }}-${{ hashFiles('**/composer.lock') }}
         restore-keys: |
-          ${{ runner.os }}-php-
+          ${{ runner.os }}-php-${{ matrix.php-version }}-
 
     - name: Install dependencies
       run: composer install --prefer-dist --no-progress

composer.json

@@ -10,7 +10,7 @@
         }
     ],
     "require-dev": {
-        "phpunit/phpunit": "^10.5"
+        "phpunit/phpunit": "^10.5 || ^11.5 || ^12.5 || ^13"
     },
     "autoload": {
         "psr-4": {
@@ -26,7 +26,7 @@
         }
     },
     "require": {
-        "php": "^8.1.0",
+        "php": ">=8.1",
         "phpseclib/phpseclib": "^3.0.0",
         "guzzlehttp/psr7": "^2.6.0",
         "psr/log": "^3.0.0"

src/exceptions/AuthTokenException.php

@@ -38,7 +38,7 @@ abstract class AuthTokenException extends Exception
      * @param int $code — [optional] The Exception code
      * @param \Throwable|null $cause
      */
-    public function __construct($message, Throwable $cause = null)
+    public function __construct($message, ?Throwable $cause = null)
     {
 
         if (is_null($cause)) {

src/exceptions/AuthTokenParseException.php

@@ -30,7 +30,7 @@
 
 class AuthTokenParseException extends AuthTokenException
 {
-    public function __construct(string $message, Throwable $cause = null)
+    public function __construct(string $message, ?Throwable $cause = null)
     {
         parent::__construct($message, $cause);
     }

src/exceptions/CertificateNotTrustedException.php

@@ -33,7 +33,7 @@
 class CertificateNotTrustedException extends AuthTokenException
 {
 
-    public function __construct(X509 $certificate, Throwable $cause = null)
+    public function __construct(X509 $certificate, ?Throwable $cause = null)
     {
         parent::__construct("Certificate " . $certificate->getSubjectDN(X509::DN_STRING) . " is not trusted", $cause);
     }

src/exceptions/OCSPCertificateException.php

@@ -33,7 +33,7 @@
  */
 class OCSPCertificateException extends AuthTokenException
 {
-    public function __construct(string $message, Throwable $exception = null)
+    public function __construct(string $message, ?Throwable $exception = null)
     {
         parent::__construct($message, $exception);
     }

src/exceptions/UserCertificateOCSPCheckFailedException.php

@@ -31,7 +31,7 @@
  */
 class UserCertificateOCSPCheckFailedException extends AuthTokenException
 {
-    public function __construct(string $message, Throwable $cause = null)
+    public function __construct(string $message, ?Throwable $cause = null)
     {
         parent::__construct("User certificate revocation check has failed: " . $message, $cause);
     }

src/exceptions/UserCertificateRevokedException.php

@@ -31,7 +31,7 @@
  */
 class UserCertificateRevokedException extends AuthTokenException
 {
-    public function __construct(string $message = null)
+    public function __construct(?string $message = null)
     {
         if (is_null($message)) {
             parent::__construct("User certificate has been revoked");

src/validator/AuthTokenValidatorBuilder.php

@@ -37,7 +37,7 @@ class AuthTokenValidatorBuilder
     private AuthTokenValidationConfiguration $configuration;
     private $logger;
 
-    public function __construct(LoggerInterface $logger = null)
+    public function __construct(?LoggerInterface $logger = null)
     {
         $this->configuration = new AuthTokenValidationConfiguration();
         $this->logger = $logger;

src/validator/AuthTokenValidatorImpl.php

@@ -64,7 +64,7 @@ final class AuthTokenValidatorImpl implements AuthTokenValidator
     /**
      * @copyright 2022 Petr Muzikant pmuzikant@email.cz
      */
-    public function __construct(AuthTokenValidationConfiguration $configuration, LoggerInterface $logger = null)
+    public function __construct(AuthTokenValidationConfiguration $configuration, ?LoggerInterface $logger = null)
     {
         $this->logger = $logger;
         $this->configuration = $configuration;

src/validator/certvalidators/SubjectCertificateNotRevokedValidator.php

@@ -54,7 +54,7 @@ public function __construct(SubjectCertificateTrustedValidator $trustValidator,
         OcspServiceProvider $ocspServiceProvider, 
         int $allowedOcspResponseTimeSkew,
         int $maxOcspResponseThisUpdateAge,
-        LoggerInterface $logger = null)
+        ?LoggerInterface $logger = null)
     {
         $this->logger = $logger;
         $this->trustValidator = $trustValidator;

src/validator/certvalidators/SubjectCertificatePolicyValidator.php

@@ -33,7 +33,7 @@ final class SubjectCertificatePolicyValidator implements SubjectCertificateValid
     private $disallowedSubjectCertificatePolicyIds = [];
     private $logger;
 
-    public function __construct(array $disallowedSubjectCertificatePolicyIds, LoggerInterface $logger = null)
+    public function __construct(array $disallowedSubjectCertificatePolicyIds, ?LoggerInterface $logger = null)
     {
         $this->logger = $logger;
         $this->disallowedSubjectCertificatePolicyIds = $disallowedSubjectCertificatePolicyIds;

src/validator/certvalidators/SubjectCertificatePurposeValidator.php

@@ -39,7 +39,7 @@ final class SubjectCertificatePurposeValidator implements SubjectCertificateVali
     private const EXTENDED_KEY_USAGE_CLIENT_AUTHENTICATION = "id-kp-clientAuth";
     private $logger;
 
-    public function __construct(LoggerInterface $logger = null)
+    public function __construct(?LoggerInterface $logger = null)
     {
         $this->logger = $logger;
     }

src/validator/certvalidators/SubjectCertificateTrustedValidator.php

@@ -36,7 +36,7 @@ final class SubjectCertificateTrustedValidator implements SubjectCertificateVali
     private X509 $subjectCertificateIssuerCertificate;
     private $logger;
 
-    public function __construct(TrustedCertificates $trustedCACertificates, LoggerInterface $logger = null)
+    public function __construct(TrustedCertificates $trustedCACertificates, ?LoggerInterface $logger = null)
     {
         $this->logger = $logger;
         $this->trustedCACertificates = $trustedCACertificates;

tests/ocsp/OcspRequestTest.php

@@ -75,7 +75,6 @@ public function testWhenAddCertificateIdSuccess(): void
 
         $reflection = new ReflectionClass(get_class($request));
         $property = $reflection->getProperty('ocspRequest');
-        $property->setAccessible(true);
 
         $this->assertEquals($this->getExpectedRequestWithCertID(), $property->getValue($request));
     }
@@ -87,7 +86,6 @@ public function testWhenAddNonceExtensionSuccess(): void
 
         $reflection = new ReflectionClass(get_class($request));
         $property = $reflection->getProperty('ocspRequest');
-        $property->setAccessible(true);
 
         $this->assertEquals($this->getExpectedWithNonce(), $property->getValue($request));
     }

tests/ocsp/OcspResponseTest.php

@@ -130,7 +130,6 @@ public function testWhenResponseTypeNotBasicResponseThrows(): void
 
         $reflection = new ReflectionClass(get_class($response));
         $property = $reflection->getProperty('ocspResponse');
-        $property->setAccessible(true);
         $mockResponse = $property->getValue($response);
         $mockResponse['responseBytes']['responseType'] = "responseType";
         $property->setValue($response, $mockResponse);
@@ -147,7 +146,6 @@ public function testWhenMissingResponseThrows(): void
 
         $reflection = new ReflectionClass(get_class($response));
         $property = $reflection->getProperty('ocspResponse');
-        $property->setAccessible(true);
         $mockResponse = $property->getValue($response);
         $mockResponse['responseBytes']['response'] = null;
         $property->setValue($response, $mockResponse);
@@ -168,7 +166,6 @@ public function testWhenNoCertificatesInResponseThrows(): void
 
         $reflection = new ReflectionClass(get_class($response));
         $property = $reflection->getProperty('ocspResponse');
-        $property->setAccessible(true);
         $mockResponse = $property->getValue($response);
         $mockResponse['responseBytes']['response']['certs'] = [];
 
@@ -190,7 +187,6 @@ public function testWhenResponseSignatureIsNotValidThrows(): void
 
         $reflection = new ReflectionClass(get_class($response));
         $property = $reflection->getProperty('ocspResponse');
-        $property->setAccessible(true);
         $mockResponse = $property->getValue($response);
         $mockResponse['responseBytes']['response']['signature'] = "somesignature";
 
@@ -205,7 +201,6 @@ public function testWhenSignatureAlgorithmIsSha3(): void
 
         $reflection = new ReflectionClass(get_class($response));
         $property = $reflection->getProperty('ocspResponse');
-        $property->setAccessible(true);
         $mockResponse = $property->getValue($response);
         $mockResponse['responseBytes']['response']['signatureAlgorithm']['algorithm'] = "NNNsha3-256NNN";
         $property->setValue($response, $mockResponse);
@@ -225,7 +220,6 @@ public function testWhenSignatureAlgorithmIsNotSupportedThenThrows(): void
 
         $reflection = new ReflectionClass(get_class($response));
         $property = $reflection->getProperty('ocspResponse');
-        $property->setAccessible(true);
         $mockResponse = $property->getValue($response);
         $mockResponse['responseBytes']['response']['signatureAlgorithm']['algorithm'] = "someAlgo";
         $property->setValue($response, $mockResponse);
@@ -241,7 +235,6 @@ public function testWhenNextUpdateInResponse(): void
 
         $reflection = new ReflectionClass(get_class($response));
         $property = $reflection->getProperty('ocspResponse');
-        $property->setAccessible(true);
         $mockResponse = $property->getValue($response);
         $mockResponse['responseBytes']['response']['tbsResponseData']['responses'][0]['nextUpdate'] = 'Fri, 17 Sep 2021 18:25:24 +0000';
         $property->setValue($response, $mockResponse);
@@ -258,7 +251,6 @@ public function testWhenNonceExtensionDoesNotExistNullShouldReturned(): void
 
         $reflection = new ReflectionClass(get_class($response));
         $property = $reflection->getProperty('ocspResponse');
-        $property->setAccessible(true);
         $mockResponse = $property->getValue($response);
         $mockResponse['responseBytes']['response']['tbsResponseData']['responseExtensions'][0]['extnId'] = "id-pkix-ocsp-nonce1";
         $property->setValue($response, $mockResponse);

tests/util/AsnUtilTest.php

@@ -35,7 +35,7 @@ public function testTranscodeSignatureToDer(): void
         $result = AsnUtil::transcodeSignatureToDER($decodedSignature);
         $valueArr = [];
         for ($i = 0; $i < strlen($result); $i++) {
-            $valueArr[$i] = ord(substr($result, $i));
+            $valueArr[$i] = ord($result[$i]);
         }
         // First byte value
         $this->assertEquals($valueArr[0], 48);

tests/validator/certvalidators/SubjectCertificateNotRevokedValidatorTest.php

@@ -373,7 +373,6 @@ private function getSubjectCertificateNotRevokedValidator(OcspServiceProvider $o
     private static function setSubjectCertificateIssuerCertificate(SubjectCertificateTrustedValidator $trustedValidator): void
     {
         $reflector = new ReflectionProperty(SubjectCertificateTrustedValidator::class, 'subjectCertificateIssuerCertificate');
-        $reflector->setAccessible(true);
         $reflector->setValue($trustedValidator, Certificates::getTestEsteid2018CA());
     }
 }