acquia · itafroma · Sep 30, 2020 · Sep 27, 2020 · Sep 27, 2020 · Sep 27, 2020
diff --git a/.editorconfig b/.editorconfig
@@ -10,7 +10,7 @@ charset = utf-8
 indent_style = space
 indent_size = 4
 
-[*.{xml,yml,yaml}]
+[*.{xml,xml.*,yml,yaml}]
 indent_size = 2
 
 [Makefile]

diff --git a/.gitignore b/.gitignore
@@ -13,6 +13,7 @@ composer.lock
 
 # Ignore local PHPUnit configuration
 /phpunit.xml
+/.phpunit.result.cache
 
 # Ignore PHP-CS-Fixer files
 /.php_cs

diff --git a/.travis.yml b/.travis.yml
@@ -7,19 +7,36 @@
 language: php
 
 php:
+  - 7.4
   - 7.3
   - 7.2
-  - 7.1
-  - 7.0
-  - 5.6
+
+env:
+  - PSR_MESSAGE_BRIDGE_VERSION=2.0 SYMFONY_VERSION=5.1
+  - PSR_MESSAGE_BRIDGE_VERSION=2.0 SYMFONY_VERSION=4.4
+  - PSR_MESSAGE_BRIDGE_VERSION=1.3 SYMFONY_VERSION=5.1
+  - PSR_MESSAGE_BRIDGE_VERSION=1.3 SYMFONY_VERSION=4.4
+  - PSR_MESSAGE_BRIDGE_VERSION=1.2 SYMFONY_VERSION=5.1
+  - PSR_MESSAGE_BRIDGE_VERSION=1.2 SYMFONY_VERSION=4.4
+  - PSR_MESSAGE_BRIDGE_VERSION=1.2 SYMFONY_VERSION=3.4
+  - PSR_MESSAGE_BRIDGE_VERSION=1.1.2 SYMFONY_VERSION=4.4
+  - PSR_MESSAGE_BRIDGE_VERSION=1.1.2 SYMFONY_VERSION=3.4
 
 before_install:
   - travis_retry composer self-update
   - phpenv config-rm xdebug.ini
   - echo "memory_limit=2G" >> ~/.phpenv/versions/$(phpenv version-name)/etc/conf.d/travis.ini
 
-before_script:
+install:
+  - composer require "symfony/psr-http-message-bridge:${PSR_MESSAGE_BRIDGE_VERSION}" --no-update
+  - composer require "symfony/security-bundle:${SYMFONY_VERSION}" --no-update
   - travis_retry make install
 
 script:
   - make test
+
+jobs:
+  include:
+    - stage: coverage
+      script: make coverage
+      env: PSR_MESSAGE_BRIDGE_VERSION=2.0 SYMFONY_VERSION=5.1
diff --git a/Makefile b/Makefile
@@ -4,17 +4,16 @@ install:
 	composer install --no-interaction
 
 clean:
-	rm -rf vendor/ dist/
+	rm -rf vendor/ dist/ composer.lock .php_cs.cache .phpunit.result.cache
 
 test: install
 	./vendor/bin/phpunit
 	./vendor/bin/php-cs-fixer fix --dry-run -v
 	./vendor/bin/phpmd  src/,test/ text ./phpmd.xml
-	./vendor/bin/phpcpd src/ test/
-	./vendor/bin/phploc src/
 
 coverage: install
-	./vendor/bin/phpunit --coverage-clover=dist/tests.clover
+	phpdbg -qrr ./vendor/bin/phpunit --coverage-clover dist/tests.clover
+	./vendor/bin/php-coveralls -v --coverage_clover='./dist/tests.clover' --json_path='./dist/coveralls-upload.json'
 
 update:
 	composer update --no-interaction

diff --git a/README.md b/README.md
@@ -14,7 +14,7 @@ Use [Composer](http://getcomposer.org) and add it as a dependency to your projec
 ```json
 {
     "require": {
-        "acquia/http-hmac-php": "^4.0"
+        "acquia/http-hmac-php": "^5.0"
     }
 }
 ```

diff --git a/composer.json b/composer.json
@@ -14,26 +14,24 @@
         "issues": "https://github.com/acquia/http-hmac-php/issues"
     },
     "require": {
-        "php": "~5.6 || ~7.0",
-        "psr/http-message": "~1.0.0"
+        "php": "^7.2",
+        "psr/http-message": "^1.0"
     },
     "suggest": {
-        "guzzlehttp/guzzle": "~6.0",
-        "symfony/psr-http-message-bridge": "^1.1.2 | ^2.0",
-        "symfony/security": "^3.0 | ^4.0",
-        "laminas/laminas-diactoros": "^1.8 || ^2.2"
+        "guzzlehttp/guzzle": "^6.0",
+        "laminas/laminas-diactoros": "^1.8 || ^2.2",
+        "symfony/security": "^3.0 || ^4.0 || ^5.0"
     },
     "require-dev": {
-        "guzzlehttp/guzzle": "~6.0",
-        "phploc/phploc": "^4.0",
+        "friendsofphp/php-cs-fixer": "^2.16",
+        "guzzlehttp/guzzle": "^6.0",
+        "nyholm/psr7": "^1.0",
+        "php-coveralls/php-coveralls": "^2.2",
         "phpmd/phpmd": "^2.0",
-        "phpunit/phpunit": "~5.7",
-        "sebastian/phpcpd": "^2.0",
-        "friendsofphp/php-cs-fixer": "^2.11",
-        "symfony/psr-http-message-bridge": "^1.1.2 | ^2.0",
-        "symfony/security": "^3.0 | ^4.0",
-        "symfony/security-bundle": "^3.0 | ^4.0",
-        "laminas/laminas-diactoros": "^1.8 || ^2.2"
+        "phpunit/phpunit": "^8.0",
+        "symfony/psr-http-message-bridge": "^1.1.2 || ^2.0",
+        "symfony/phpunit-bridge": "^3.0 || ^4.0 || ^5.0",
+        "symfony/security-bundle": "^3.0 || ^4.0 || ^5.0"
     },
     "replace": {
         "acquia/hmac-request": "self.version"

diff --git a/phpunit.xml.dist b/phpunit.xml.dist
@@ -1,12 +1,15 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:noNamespaceSchemaLocation="http://schema.phpunit.de/5.4/phpunit.xsd"
+         xsi:noNamespaceSchemaLocation="http://schema.phpunit.de/8.0/phpunit.xsd"
          bootstrap="./vendor/autoload.php">
   <testsuites>
     <testsuite name="http-hmac-php">
       <directory>./test</directory>
     </testsuite>
   </testsuites>
+  <listeners>
+    <listener class="Symfony\Bridge\PhpUnit\SymfonyTestsListener"/>
+  </listeners>
   <filter>
     <whitelist processUncoveredFilesFromWhitelist="true">
       <directory suffix=".php">src/</directory>

diff --git a/src/RequestSignerInterface.php b/src/RequestSignerInterface.php
@@ -39,8 +39,8 @@ public function getTimestampedRequest(RequestInterface $request, \DateTime $date
     /**
      * Adds a hashed a hash for the request body.
      *
-     * @param \Acquia\Hmac\KeyInterface $key
-     *   The request for which to generate the hashed Body.
+     * @param \Psr\Http\Message\RequestInterface $request
+     *   The request being signed.
      *
      * @return \Psr\Http\Message\RequestInterface $request
      *   A cloned request. If the request has a body, the

diff --git a/src/Symfony/HmacAuthenticationListener.php b/src/Symfony/HmacAuthenticationListener.php
@@ -2,17 +2,16 @@
 
 namespace Acquia\Hmac\Symfony;
 
-use Symfony\Component\HttpKernel\Event\GetResponseEvent;
+use Symfony\Component\HttpKernel\Event\RequestEvent;
 use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
-use Symfony\Component\Security\Http\Firewall\ListenerInterface;
 
 /**
  * Handles an authentication event.
  */
-class HmacAuthenticationListener implements ListenerInterface
+class HmacAuthenticationListener
 {
     /**
      * @var \Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface
@@ -50,9 +49,12 @@ public function __construct(TokenStorageInterface $tokenStorage, AuthenticationM
     }
 
     /**
-     * {@inheritDoc}
+     * Handles the incoming request.
+     *
+     * @param \Symfony\Component\HttpKernel\Event\RequestEvent $event
+     *   The event corresponding to the request.
      */
-    public function handle(GetResponseEvent $event)
+    public function __invoke(RequestEvent $event)
     {
         $request = $event->getRequest();
 

diff --git a/src/Symfony/HmacAuthenticationProvider.php b/src/Symfony/HmacAuthenticationProvider.php
@@ -3,11 +3,7 @@
 namespace Acquia\Hmac\Symfony;
 
 use Acquia\Hmac\RequestAuthenticatorInterface;
-use Laminas\Diactoros\ResponseFactory;
-use Laminas\Diactoros\ServerRequestFactory;
-use Laminas\Diactoros\StreamFactory;
-use Laminas\Diactoros\UploadedFileFactory;
-use Symfony\Bridge\PsrHttpMessage\Factory\DiactorosFactory;
+use Nyholm\Psr7\Factory\Psr17Factory;
 use Symfony\Bridge\PsrHttpMessage\Factory\PsrHttpFactory;
 use Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
@@ -40,12 +36,8 @@ public function __construct(RequestAuthenticatorInterface $authenticator)
      */
     public function authenticate(TokenInterface $token)
     {
-        if (class_exists(DiactorosFactory::class)) {
-            $httpMessageFactory = new DiactorosFactory();
-        } else {
-            $httpMessageFactory = new PsrHttpFactory(new ServerRequestFactory(), new StreamFactory(), new UploadedFileFactory(), new ResponseFactory());
-        }
-
+        $psr17Factory = new Psr17Factory();
+        $httpMessageFactory = new PsrHttpFactory($psr17Factory, $psr17Factory, $psr17Factory, $psr17Factory);
         $psr7Request = $httpMessageFactory->createRequest($token->getRequest());
 
         try {

diff --git a/src/Symfony/HmacResponseListener.php b/src/Symfony/HmacResponseListener.php
@@ -3,14 +3,10 @@
 namespace Acquia\Hmac\Symfony;
 
 use Acquia\Hmac\ResponseSigner;
-use Laminas\Diactoros\ResponseFactory;
-use Laminas\Diactoros\ServerRequestFactory;
-use Laminas\Diactoros\StreamFactory;
-use Laminas\Diactoros\UploadedFileFactory;
-use Symfony\Bridge\PsrHttpMessage\Factory\DiactorosFactory;
+use Nyholm\Psr7\Factory\Psr17Factory;
 use Symfony\Bridge\PsrHttpMessage\Factory\PsrHttpFactory;
 use Symfony\Bridge\PsrHttpMessage\Factory\HttpFoundationFactory;
-use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
+use Symfony\Component\HttpKernel\Event\ResponseEvent;
 use Symfony\Component\HttpKernel\KernelEvents;
 use Symfony\Component\EventDispatcher\EventSubscriberInterface;
 
@@ -20,9 +16,9 @@
 class HmacResponseListener implements EventSubscriberInterface
 {
     /**
-     * @param FilterResponseEvent $event
+     * @param \Symfony\Component\HttpKernel\Event\ResponseEvent $event
      */
-    public function onKernelResponse(FilterResponseEvent $event)
+    public function onKernelResponse(ResponseEvent $event)
     {
         if (!$event->isMasterRequest()) {
             return;
@@ -32,12 +28,8 @@ public function onKernelResponse(FilterResponseEvent $event)
         $response = $event->getResponse();
 
         if ($request->attributes->has('hmac.key')) {
-            if (class_exists(DiactorosFactory::class)) {
-                $httpMessageFactory = new DiactorosFactory();
-            } else {
-                $httpMessageFactory = new PsrHttpFactory(new ServerRequestFactory(), new StreamFactory(), new UploadedFileFactory(), new ResponseFactory());
-            }
-
+            $psr17Factory = new Psr17Factory();
+            $httpMessageFactory = new PsrHttpFactory($psr17Factory, $psr17Factory, $psr17Factory, $psr17Factory);
             $foundationFactory = new HttpFoundationFactory();
 
             $psr7Request = $httpMessageFactory->createRequest($request);

diff --git a/test/AcquiaSpecTest.php b/test/AcquiaSpecTest.php
@@ -24,7 +24,7 @@ class AcquiaSpecTest extends TestCase
     /**
      * {@inheritDoc}
      */
-    protected function setUp()
+    protected function setUp(): void
     {
         $this->keys = [
             'efdde334-fe7b-11e4-a322-1697f925ec7b' => 'W5PeGMxSItNerkNFqQMfYiJvH14WzVJMy54CPoTAYoI=',
@@ -76,11 +76,11 @@ public function testSpec($input, $expectations)
 
         $signedAuthHeader = $signedRequest->getHeaderLine('Authorization');
 
-        $this->assertContains('id="' . $input['id'] . '"', $signedAuthHeader);
-        $this->assertContains('nonce="' . $input['nonce'] . '"', $signedAuthHeader);
-        $this->assertContains('realm="' . rawurlencode($input['realm']) . '"', $signedAuthHeader);
-        $this->assertContains('signature="' . $expectations['message_signature'] . '"', $signedAuthHeader);
-        $this->assertContains('version="2.0"', $signedAuthHeader);
+        $this->assertStringContainsString('id="' . $input['id'] . '"', $signedAuthHeader);
+        $this->assertStringContainsString('nonce="' . $input['nonce'] . '"', $signedAuthHeader);
+        $this->assertStringContainsString('realm="' . rawurlencode($input['realm']) . '"', $signedAuthHeader);
+        $this->assertStringContainsString('signature="' . $expectations['message_signature'] . '"', $signedAuthHeader);
+        $this->assertStringContainsString('version="2.0"', $signedAuthHeader);
 
         // Prove that the digest generates the correct signature.
         $signedMessage = $digest->sign($expectations['signable_message'], $input['secret']);

diff --git a/test/AuthorizationHeaderTest.php b/test/AuthorizationHeaderTest.php
@@ -23,7 +23,7 @@ class AuthorizationHeaderTest extends TestCase
     /**
      * {@inheritDoc}
      */
-    protected function setUp()
+    protected function setUp(): void
     {
         // @codingStandardsIgnoreStart
         $this->header = 'acquia-http-hmac headers="X-Custom-Signer1;X-Custom-Signer2",id="e7fe97fa-a0c8-4a42-ab8e-2c26d52df059",nonce="a9938d07-d9f0-480c-b007-f1e956bcd027",realm="CIStore",signature="0duvqeMauat7pTULg3EgcSmBjrorrcRkGKxRDtZEa1c=",version="2.0"';
@@ -113,14 +113,14 @@ public function testCaseInsensitiveRequestMethod()
 
     /**
      * Ensures an exception is thrown if a request does not have an Authorization header.
-     *
-     * @expectedException \Acquia\Hmac\Exception\MalformedRequestException
-     * @expectedExceptionMessage Authorization header is required.
      */
     public function testCreateFromRequestNoAuthorizationHeader()
     {
         $request = new Request('GET', 'http://example.com');
 
+        $this->expectException(MalformedRequestException::class);
+        $this->expectExceptionMessage('Authorization header is required.');
+
         try {
             AuthorizationHeader::createFromRequest($request);
         } catch (MalformedRequestException $e) {
@@ -136,9 +136,6 @@ public function testCreateFromRequestNoAuthorizationHeader()
      *   The authorization header field.
      *
      * @dataProvider requiredFieldsProvider
-     *
-     * @expectedException \Acquia\Hmac\Exception\MalformedRequestException
-     * @expectedExceptionMessage Authorization header requires a realm, id, version, nonce and a signature.
      */
     public function testParseAuthorizationHeaderRequiredFields($field)
     {
@@ -147,6 +144,9 @@ public function testParseAuthorizationHeaderRequiredFields($field)
         ];
         $request = new Request('GET', 'http://example.com', $headers);
 
+        $this->expectException(MalformedRequestException::class);
+        $this->expectExceptionMessage('Authorization header requires a realm, id, version, nonce and a signature.');
+
         try {
             AuthorizationHeader::createFromRequest($request);
         } catch (MalformedRequestException $e) {
@@ -171,9 +171,6 @@ public function requiredFieldsProvider()
 
     /**
      * Ensures an exception is thrown when a required field is missing.
-     *
-     * @expectedException \Acquia\Hmac\Exception\MalformedRequestException
-     * @expectedExceptionMessage One or more required authorization header fields (ID, nonce, realm, version) are missing.
      */
     public function testAuthorizationHeaderBuilderRequiresFields()
     {
@@ -187,6 +184,9 @@ public function testAuthorizationHeaderBuilderRequiresFields()
         $builder->setNonce('a9938d07-d9f0-480c-b007-f1e956bcd027');
         $builder->setVersion('2.0');
 
+        $this->expectException(MalformedRequestException::class);
+        $this->expectExceptionMessage('One or more required authorization header fields (ID, nonce, realm, version) are missing.');
+
         try {
             $builder->getAuthorizationHeader();
         } catch (MalformedRequestException $e) {
@@ -197,9 +197,6 @@ public function testAuthorizationHeaderBuilderRequiresFields()
 
     /**
      * Ensures an exception is thrown when the required X-Authorization-Timestamp field is missing.
-     *
-     * @expectedException \Acquia\Hmac\Exception\MalformedRequestException
-     * @expectedExceptionMessage X-Authorization-Timestamp header missing from request.
      */
     public function testAuthorizationHeaderBuilderRequiresTimestamp()
     {
@@ -213,6 +210,9 @@ public function testAuthorizationHeaderBuilderRequiresTimestamp()
         $builder->setNonce('a9938d07-d9f0-480c-b007-f1e956bcd027');
         $builder->setVersion('2.0');
 
+        $this->expectException(MalformedRequestException::class);
+        $this->expectExceptionMessage('X-Authorization-Timestamp header missing from request.');
+
         try {
             $builder->getAuthorizationHeader();
         } catch (MalformedRequestException $e) {

diff --git a/test/DigestTest.php b/test/DigestTest.php
@@ -25,7 +25,7 @@ class DigestTest extends TestCase
     /**
      * {@inheritDoc}
      */
-    protected function setUp()
+    protected function setUp(): void
     {
         $this->authSecret = 'TXkgU2VjcmV0IEtleSBUaGF0IGlzIFZlcnkgU2VjdXJl';
         $this->message    = 'The quick brown fox jumps over the lazy dog.';
-Original file line number
+Diff line change
@@ Expand Up @@
     ```json
     {
         "require": {
-            "acquia/http-hmac-php": "^4.0"
+            "acquia/http-hmac-php": "^5.0"
         }
     }
     ```
@@ Expand Down @@