22520725744

Committed 27 Feb 2026 09:30PM UTC coverage: 65.761% (-1.1%) from 66.864%

Build # 22520725744

Build Type

push

github

Committed by

daycry

Commit Message

Add StatelessAuthenticator and refactor token handling

Introduce StatelessAuthenticator as a shared base for JWT/AccessToken and centralize token extraction (getTokenFromRequest). Refactor JWT and AccessToken to extend it and simplify header/query parsing. Add Utils::generateNumericCode and use it in Email2FA/EmailActivator to replace duplicated generators. Centralize model() calls in traits (HasAccessTokens, HasDeviceSessions, HasTotp) via small private getters. Improve filters and error handling: add buildDeniedResponse in AbstractAuthFilter, adjust Group/Permission filters to return ResponseInterface and reuse the builder. Replace static authorization flags with instance properties in AuthenticationException/AuthorizationException and update ExceptionHandler to read them safely. Misc: small controller/type fixes, email helper guard, DeviceSessionModel null handling, active-group/permission query fixes, phpstan baseline updates, and adjust tests to expect 403 for denied JSON responses.

Run Details

56 of 68 new or added lines in 19 files covered. (82.35%)

115 existing lines in 7 files now uncovered.

2614 of 3975 relevant lines covered (65.76%)

42.9 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

40.0

/src/Exceptions/AuthorizationException.php

<?php

declare(strict_types=1);

/**
 * This file is part of Daycry Auth.
 *
 * (c) Daycry <daycry9@proton.me>
 *
 * For the full copyright and license information, please view
 * the LICENSE file that was distributed with this source code.
 */

namespace Daycry\Auth\Exceptions;

use CodeIgniter\Exceptions\RuntimeException;

class AuthorizationException extends RuntimeException
{
    /**
     * Whether the request was authorised.  Stored as an instance property
     * to avoid the race condition that a static property would introduce in
     * concurrent requests.
     */
    public bool $authorized = true;

    /**
     * HTTP 403 Forbidden — authenticated but not permitted.
     */
    protected $code = 403;

    public static function forUnknownGroup(string $group): self
    {
        return new self(lang('Auth.unknownGroup', [$group]));
    }

    public static function forUnknownPermission(string $permission): self
    {
        return new self(lang('Auth.unknownPermission', [$permission]));
    }

    public static function forUnauthorized(): self
    {
        $e             = new self(lang('Auth.notEnoughPrivilege'));
        $e->authorized = false;

        return $e;
    }
}

1	<?php
2
3	declare(strict_types=1);
4
5	/**
6	* This file is part of Daycry Auth.
7	*
8	* (c) Daycry <daycry9@proton.me>
9	*
10	* For the full copyright and license information, please view
11	* the LICENSE file that was distributed with this source code.
12	*/
13
14	namespace Daycry\Auth\Exceptions;
15
16	use CodeIgniter\Exceptions\RuntimeException;
17
18	class AuthorizationException extends RuntimeException
19	{
20	/**
21	* Whether the request was authorised. Stored as an instance property
22	* to avoid the race condition that a static property would introduce in
23	* concurrent requests.
24	*/
25	public bool $authorized = true;
26
27	/**
28	* HTTP 403 Forbidden — authenticated but not permitted.
29	*/
30	protected $code = 403;
31
32	public static function forUnknownGroup(string $group): self
33	{
34	return new self(lang('Auth.unknownGroup', [$group]));	3✔
35	}
36
37	public static function forUnknownPermission(string $permission): self
38	{
39	return new self(lang('Auth.unknownPermission', [$permission]));	3✔
40	}
41
42	public static function forUnauthorized(): self
43	{
NEW 44	$e = new self(lang('Auth.notEnoughPrivilege'));	×
NEW 45	$e->authorized = false;	×
46
NEW 47	return $e;	×
48	}
49	}

daycry / auth / 22520725744

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous