Fix broken unit-test

.github/workflows/php.yml

@@ -10,8 +10,8 @@ on:
       - '.config/phpcs.xml.dist'
       - '.config/phpunit.xml.dist'
       - '.github/workflows/php.yml'
-      - 'composer.json'
-      - 'composer.lock'
+      - 'solid/composer.json'
+      - 'solid/composer.lock'
     branches: [ main ]
     types: [ opened, reopened, synchronize ]
   # This event occurs when there is a push to the repository.
@@ -21,8 +21,8 @@ on:
       - '.config/phpcs.xml.dist'
       - '.config/phpunit.xml.dist'
       - '.github/workflows/php.yml'
-      - 'composer.json'
-      - 'composer.lock'
+      - 'solid/composer.json'
+      - 'solid/composer.lock'
   # Allow manually triggering the workflow.
   workflow_dispatch:
 
@@ -57,14 +57,27 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - run: >-
-            composer validate
-            --check-lock
-            --no-plugins
-            --no-scripts
-            --strict
+          composer validate
+          --check-lock
+          --no-plugins
+          --no-scripts
+          --strict
         working-directory: "solid"
   # 02.test.php.test-unit.yml
   php-unittest:
+    container:
+      image: ghcr.io/${{ github.repository }}:main-${{ matrix.nextcloud_version }}
+      env:
+        COMPOSER_AUTH: '{"github-oauth": {"github.com": "${{ secrets.GITHUB_TOKEN }}"}}'
+        NEXTCLOUD_PATH: /usr/src/nextcloud/apps
+        NEXTCLOUD_UPDATE: 1
+        XDEBUG_MODE: coverage
+      volumes:
+        - /usr/bin/composer:/usr/bin/composer
+    defaults:
+      run:
+        shell: bash
+        working-directory: /usr/src/nextcloud/apps/solid/
     name: PHP Unit Tests
     needs:
       - lint-php-syntax
@@ -78,27 +91,24 @@ jobs:
           - 29
           - 30
     steps:
-      - uses: actions/checkout@v4
-      - uses: shivammathur/setup-php@v2
-        with:
-          ini-values: error_reporting=E_ALL, display_errors=On
-          php-version: 8.3
+      - uses: actions/checkout@v5
+      # @CHECKME: cp site.conf /etc/apache2/sites-enabled/000-default.conf (?)
+      - name: Setup Test Environment
+        run: |
+          git config --global --add safe.directory "${NEXTCLOUD_PATH}"
+          /entrypoint.sh "echo"
+          bash "${GITHUB_WORKSPACE}/init.sh"
+          rm -r "${NEXTCLOUD_PATH}/solid/"
+          cp --archive --verbose "${GITHUB_WORKSPACE}/." "${NEXTCLOUD_PATH}"
+        working-directory: /usr/src/nextcloud/
       - name: Install and Cache Composer dependencies
-        uses: "ramsey/composer-install@v2"
+        uses: ramsey/composer-install@v3
         with:
-          working-directory: "solid"
+          working-directory: /usr/src/nextcloud/apps/solid
         env:
           COMPOSER_AUTH: '{"github-oauth": {"github.com": "${{ secrets.GITHUB_TOKEN }}"}}'
-      - run: |
-            docker run \
-            --env 'XDEBUG_MODE=coverage' \
-            --rm \
-            --volume="./solid:/var/www/html/apps/solid" \
-            ghcr.io/${{ github.repository }}:main-${{ matrix.nextcloud_version }} \
-            bash -c 'NEXTCLOUD_UPDATE=1 /entrypoint.sh "echo" \
-              && sudo -u www-data bash /init.sh \
-              && cd /var/www/html/apps/solid \
-              && bin/phpunit --configuration phpunit.xml'
+      - name: Run PHPUnit
+        run: bin/phpunit --configuration phpunit.xml
 
   # 03.quality.php.scan.dependencies-vulnerabilities.yml
   scan-dependencies-vulnerabilities:
@@ -109,12 +119,12 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - run: >-
-            composer audit
-            --abandoned=report
-            --locked
-            --no-dev
-            --no-plugins
-            --no-scripts
+          composer audit
+          --abandoned=report
+          --locked
+          --no-dev
+          --no-plugins
+          --no-scripts
         working-directory: "solid"
   # 03.quality.php.lint-quality.yml
   php-lint-quality:

solid/lib/Controller/ServerController.php

@@ -156,6 +156,10 @@ public function authorize() {
 //			return $result->addHeader('Access-Control-Allow-Origin', '*');
 		}
 
+		if (! isset($_GET['client_id'])) {
+			return new JSONResponse('Bad request, missing client_id', 400);
+		}
+
 		if (isset($_GET['request'])) {
 			$jwtConfig = Configuration::forSymmetricSigner(new Sha256(), InMemory::plainText($this->config->getPrivateKey()));
 			try {
@@ -323,7 +327,9 @@ public function session() {
 	 */
 	public function token() {
 		$request = \Laminas\Diactoros\ServerRequestFactory::fromGlobals($_SERVER, $_GET, $_POST, $_COOKIE, $_FILES);
-		$grantType = $request->getParsedBody()['grant_type'];
+
+		$grantType = $request->getParsedBody()['grant_type'] ?? null;
+
 		switch ($grantType) {
 			case "authorization_code":
 				$code = $request->getParsedBody()['code'];
@@ -342,9 +348,9 @@ public function token() {
 			break;
 		}
 
-		$clientId = $request->getParsedBody()['client_id'];
+		$clientId = $request->getParsedBody()['client_id'] ?? null;
 
-		$httpDpop = $request->getServerParams()['HTTP_DPOP'];
+		$httpDpop = $request->getServerParams()['HTTP_DPOP'] ?? null;
 
 		$response = new \Laminas\Diactoros\Response();
 		$server	= new \Pdsinterop\Solid\Auth\Server($this->authServerFactory, $this->authServerConfig, $response);
@@ -361,7 +367,7 @@ public function token() {
 			);
 		}
 
-		return $this->respond($response); // ->addHeader('Access-Control-Allow-Origin', '*');
+		return $this->respond($response);
 	}
 
 	/**
@@ -389,8 +395,13 @@ public function logout() {
 	 * @NoCSRFRequired
 	 */
 	public function register() {
-		$clientData = file_get_contents('php://input');
-		$clientData = json_decode($clientData, true);
+		$postData = file_get_contents('php://input');
+		$clientData = json_decode($postData, true);
+
+		if (! isset($clientData)) {
+			return new JSONResponse("Missing client data", Http::STATUS_BAD_REQUEST);
+		}
+
 		if (! isset($clientData['redirect_uris'])) {
 			return new JSONResponse("Missing redirect URIs", Http::STATUS_BAD_REQUEST);
 		}