From 4b7047cde2126878b9d3d289d32316a74209a5c4 Mon Sep 17 00:00:00 2001
From: John Holt <7570055+John-Holt-Tessella@users.noreply.github.com>
Date: Thu, 2 Nov 2023 16:50:16 +0000
Subject: [PATCH] On Build: Satisfy Psalm Config (#689)

* Move globals in OIDC and tidy, remove static ref in Download, conform to php7 in processing

* implement strpos properly

---------

Co-authored-by: John Holt <John.Holt@diamond.ac.uk>
---
 api/src/Authentication/Type/OIDC.php | 25 ++++++++++++-------------
 api/src/Page/Download.php            |  4 ++--
 api/src/Page/Processing.php          |  2 +-
 3 files changed, 15 insertions(+), 16 deletions(-)

diff --git a/api/src/Authentication/Type/OIDC.php b/api/src/Authentication/Type/OIDC.php
index 5ea92dcd2..c8971f488 100644
--- a/api/src/Authentication/Type/OIDC.php
+++ b/api/src/Authentication/Type/OIDC.php
@@ -8,11 +8,12 @@
 
 class OIDC extends AuthenticationParent implements AuthenticationInterface
 {
-    private $providerConfig = array();
+    //** Cache for providerConfig */
+    private $providerConfigCache = null;
 
-    private function getEndpoints() {
-        if (empty($this->providerConfig)) {
-            global $sso_url, $oidc_client_id, $oidc_client_secret;
+    private function getProviderConfig() {
+        global $sso_url, $oidc_client_id, $oidc_client_secret;
+        if (is_null($this->providerConfigCache)) {            
 
             $ch = curl_init();
             curl_setopt($ch, CURLOPT_URL, 'https://' . $sso_url . '/.well-known/openid-configuration');
@@ -27,21 +28,21 @@ private function getEndpoints() {
                 || !isset($newProviderConfig->authorization_endpoint) 
                 || !isset($newProviderConfig->token_endpoint)) {
                 error_log("OIDC Authentication provider replied with invalid JSON body");
-                return;
+                return null;
             }
             $newProviderConfig->b64ClientCreds = base64_encode(
                 $oidc_client_id . ":" . $oidc_client_secret
             );
 
-            $this->providerConfig = $newProviderConfig;
+            $this->providerConfigCache = $newProviderConfig;
         }
+        return $this->providerConfigCache;
     }
 
     private function getUser($token)
     {        
-        $this->getEndpoints();
         $ch = curl_init();
-        curl_setopt($ch, CURLOPT_URL, $this->providerConfig->userinfo_endpoint);
+        curl_setopt($ch, CURLOPT_URL, $this->getProviderConfig()->userinfo_endpoint);
         curl_setopt($ch, CURLOPT_HEADER, 0);
         curl_setopt($ch, CURLOPT_HTTPHEADER, array('Authorization: Bearer ' . $token));
         curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
@@ -74,11 +75,10 @@ function check()
 
     function authorise() 
     {
-        $this->getEndpoints();
         global $oidc_client_id;
         $redirect_url = Utils::filterParamFromUrl($_SERVER["HTTP_REFERER"], "code");
 
-        return ( $this->providerConfig->authorization_endpoint . 
+        return ( $this->getProviderConfig()->authorization_endpoint . 
             '?response_type=code&client_id=' . $oidc_client_id . 
             '&redirect_uri=' . $redirect_url
         );
@@ -86,20 +86,19 @@ function authorise()
 
     function authenticateByCode($code) 
     {   
-        $this->getEndpoints();
         global $cacert, $oidc_client_secret, $oidc_client_id, $cookie_key;
 
         $redirect_url = Utils::filterParamFromUrl($_SERVER["HTTP_REFERER"], "code");
         
         $ch = curl_init();
-        curl_setopt($ch, CURLOPT_URL, $this->providerConfig->token_endpoint . 
+        curl_setopt($ch, CURLOPT_URL, $this->getProviderConfig()->token_endpoint . 
             '?grant_type=authorization_code&redirect_uri=' . 
             $redirect_url . 
             "&code=" . $code
         );
         curl_setopt($ch, CURLOPT_HEADER, 0);
         curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
-        curl_setopt($ch, CURLOPT_HTTPHEADER, array('Authorization: Basic ' . $this->providerConfig->b64ClientCreds));
+        curl_setopt($ch, CURLOPT_HTTPHEADER, array('Authorization: Basic ' . $this->getProviderConfig()->b64ClientCreds));
         $response = curl_exec($ch);
         curl_close($ch);
    
diff --git a/api/src/Page/Download.php b/api/src/Page/Download.php
index 8b24a186b..1b5823b7a 100644
--- a/api/src/Page/Download.php
+++ b/api/src/Page/Download.php
@@ -527,13 +527,13 @@ function set_mime_content($response, $filename, $prefix = null)
 
     function _set_disposition_attachment($response, $filename) {
         $response->headers->set("Content-Disposition",
-            ResponseHeaderBag::makeDisposition(ResponseHeaderBag::DISPOSITION_ATTACHMENT, $filename)
+            (new ResponseHeaderBag())->makeDisposition(ResponseHeaderBag::DISPOSITION_ATTACHMENT, $filename)
         );
     }
 
     function _set_disposition_inline($response) {
         $response->headers->set("Content-Disposition",
-            ResponseHeaderBag::makeDisposition(ResponseHeaderBag::DISPOSITION_INLINE, '')
+        (new ResponseHeaderBag())->makeDisposition(ResponseHeaderBag::DISPOSITION_INLINE, '')
         );
     }
 
diff --git a/api/src/Page/Processing.php b/api/src/Page/Processing.php
index bfe1bd9d2..20546718c 100644
--- a/api/src/Page/Processing.php
+++ b/api/src/Page/Processing.php
@@ -424,7 +424,7 @@ function _get_downstreams($dcid = null, $aid = null) {
             if ($downstream["PARAMETERS"]) {
                 $str_params = explode(',', $downstream["PARAMETERS"]);
                 foreach ($str_params as $str_param) {
-                    if (str_contains($str_param, '=')) {
+                    if (strpos($str_param, '=') !== false) {
                         list($key, $value) = explode('=', $str_param);
                         $params[$key] = $value;
                     }