fix psalm authentication

Author: transistive

psalm-baseline.xml

@@ -8,7 +8,8 @@
     xmlns="https://getpsalm.org/schema/config"
     xsi:schemaLocation="https://getpsalm.org/schema/config vendor/vimeo/psalm/config.xsd"
     hoistConstants="true"
-    errorBaseline="psalm-baseline.xml"
+    findUnusedBaselineEntry="true"
+    findUnusedCode="false"
 >
     <projectFiles>
         <directory name="src"/>

psalm.xml

@@ -82,7 +82,9 @@ public static function fromUrl(UriInterface $uri): AuthenticateInterface
         $userInfo = $uri->getUserInfo();
 
         if (substr_count($userInfo, ':') === 1) {
-            [$user, $pass] = explode(':', $userInfo);
+            /** @var array{0: string, 1: string} $explode */
+            $explode = explode(':', $userInfo);
+            [$user, $pass] = $explode;
 
             return self::basic($user, $pass);
         }

src/Authentication/Authenticate.php

@@ -13,6 +13,7 @@
 
 namespace Laudis\Neo4j\Authentication;
 
+use Laudis\Neo4j\Common\ResponseHelper;
 use function base64_encode;
 
 use Bolt\enum\Signature;
@@ -63,31 +64,25 @@ public function authenticateHttp(RequestInterface $request, UriInterface $uri, s
     public function authenticateBolt(V4_4|V5|V5_1|V5_2|V5_3|V5_4 $protocol, string $userAgent): array
     {
         if (method_exists($protocol, 'logon')) {
-            $response = $protocol->hello(['user_agent' => $userAgent])->getResponse();
-            if ($response->signature === Signature::FAILURE) {
-                throw Neo4jException::fromBoltResponse($response);
-            }
+            $protocol->hello(['user_agent' => $userAgent]);
+            ResponseHelper::getResponse($protocol);
 
-            $response = $protocol->logon([
+            $protocol->logon([
                 'scheme' => 'basic',
                 'principal' => $this->username,
                 'credentials' => $this->password,
-            ])->getResponse();
+            ]);
         } else {
-            $response = $protocol->hello([
+            $protocol->hello([
                 'user_agent' => $userAgent,
                 'scheme' => 'basic',
                 'principal' => $this->username,
                 'credentials' => $this->password,
-            ])->getResponse();
-        }
-
-        if ($response->signature === Signature::FAILURE) {
-            throw Neo4jException::fromBoltResponse($response);
+            ]);
         }
 
         /** @var array{server: string, connection_id: string, hints: list} */
-        return $response->content;
+        return ResponseHelper::getResponse($protocol)->content;
     }
 
     public function toString(UriInterface $uri): string

src/Authentication/BasicAuth.php

@@ -13,12 +13,14 @@
 
 namespace Laudis\Neo4j\Authentication;
 
-use Bolt\helpers\Auth;
-use Bolt\protocol\Response;
 use Bolt\protocol\V4_4;
 use Bolt\protocol\V5;
+use Bolt\protocol\V5_1;
+use Bolt\protocol\V5_2;
+use Bolt\protocol\V5_3;
+use Bolt\protocol\V5_4;
+use Laudis\Neo4j\Common\ResponseHelper;
 use Laudis\Neo4j\Contracts\AuthenticateInterface;
-use Laudis\Neo4j\Exception\Neo4jException;
 use Psr\Http\Message\RequestInterface;
 use Psr\Http\Message\UriInterface;
 
@@ -50,15 +52,28 @@ public function authenticateHttp(RequestInterface $request, UriInterface $uri, s
             ->withHeader('User-Agent', $userAgent);
     }
 
-    public function authenticateBolt(V4_4|V5 $protocol, string $userAgent): array
+    public function authenticateBolt(V4_4|V5|V5_1|V5_2|V5_3|V5_4 $protocol, string $userAgent): array
     {
-        $response = $protocol->hello(Auth::kerberos($this->token, $userAgent));
-        if ($response->getSignature() === Response::SIGNATURE_FAILURE) {
-            throw Neo4jException::fromBoltResponse($response);
+        if (method_exists($protocol, 'logon')) {
+            $protocol->hello(['user_agent' => $userAgent]);
+            ResponseHelper::getResponse($protocol);
+
+            $protocol->logon([
+                'scheme' => 'kerberos',
+                'principal' => '',
+                'credentials' => $this->token,
+            ]);
+        } else {
+            $protocol->hello([
+                'user_agent' => $userAgent,
+                'scheme' => 'kerberos',
+                'principal' => '',
+                'credentials' => $this->token,
+            ]);
         }
 
         /** @var array{server: string, connection_id: string, hints: list} */
-        return $response->getContent();
+        return ResponseHelper::getResponse($protocol);
     }
 
     public function toString(UriInterface $uri): string

src/Authentication/KerberosAuth.php

@@ -13,10 +13,14 @@
 
 namespace Laudis\Neo4j\Authentication;
 
-use Bolt\helpers\Auth;
-use Bolt\protocol\Response;
+use Bolt\enum\Signature;
 use Bolt\protocol\V4_4;
 use Bolt\protocol\V5;
+use Bolt\protocol\V5_1;
+use Bolt\protocol\V5_2;
+use Bolt\protocol\V5_3;
+use Bolt\protocol\V5_4;
+use Laudis\Neo4j\Common\ResponseHelper;
 use Laudis\Neo4j\Contracts\AuthenticateInterface;
 use Laudis\Neo4j\Exception\Neo4jException;
 use Psr\Http\Message\RequestInterface;
@@ -42,15 +46,24 @@ public function authenticateHttp(RequestInterface $request, UriInterface $uri, s
         return $request->withHeader('User-Agent', $userAgent);
     }
 
-    public function authenticateBolt(V4_4|V5 $protocol, string $userAgent): array
+    public function authenticateBolt(V4_4|V5|V5_1|V5_2|V5_3|V5_4 $protocol, string $userAgent): array
     {
-        $response = $protocol->hello(Auth::none($userAgent));
-        if ($response->getSignature() === Response::SIGNATURE_FAILURE) {
-            throw Neo4jException::fromBoltResponse($response);
+        if (method_exists($protocol, 'logon')) {
+            $protocol->hello(['user_agent' => $userAgent]);
+            ResponseHelper::getResponse($protocol);
+
+            $protocol->logon([
+                'scheme' => 'none',
+            ]);
+        } else {
+            $protocol->hello([
+                'user_agent' => $userAgent,
+                'scheme' => 'none',
+            ]);
         }
 
         /** @var array{server: string, connection_id: string, hints: list} */
-        return $response->getContent();
+        return ResponseHelper::getResponse($protocol)->content;
     }
 
     public function toString(UriInterface $uri): string

src/Authentication/NoAuth.php

@@ -13,10 +13,14 @@
 
 namespace Laudis\Neo4j\Authentication;
 
-use Bolt\helpers\Auth;
-use Bolt\protocol\Response;
+use Bolt\enum\Signature;
 use Bolt\protocol\V4_4;
 use Bolt\protocol\V5;
+use Bolt\protocol\V5_1;
+use Bolt\protocol\V5_2;
+use Bolt\protocol\V5_3;
+use Bolt\protocol\V5_4;
+use Laudis\Neo4j\Common\ResponseHelper;
 use Laudis\Neo4j\Contracts\AuthenticateInterface;
 use Laudis\Neo4j\Exception\Neo4jException;
 use Psr\Http\Message\RequestInterface;
@@ -47,15 +51,26 @@ public function authenticateHttp(RequestInterface $request, UriInterface $uri, s
             ->withHeader('User-Agent', $userAgent);
     }
 
-    public function authenticateBolt(V4_4|V5 $protocol, string $userAgent): array
+    public function authenticateBolt(V4_4|V5|V5_1|V5_2|V5_3|V5_4 $protocol, string $userAgent): array
     {
-        $response = $protocol->hello(Auth::bearer($this->token, $userAgent));
-        if ($response->getSignature() === Response::SIGNATURE_FAILURE) {
-            throw Neo4jException::fromBoltResponse($response);
+        if (method_exists($protocol, 'logon')) {
+            $protocol->hello(['user_agent' => $userAgent]);
+            ResponseHelper::getResponse($protocol);
+
+            $protocol->logon([
+                'scheme' => 'bearer',
+                'credentials' => $this->token,
+            ]);
+        } else {
+            $protocol->hello([
+                'user_agent' => $userAgent,
+                'scheme' => 'bearer',
+                'credentials' => $this->token,
+            ]);
         }
 
         /** @var array{server: string, connection_id: string, hints: list} */
-        return $response->getContent();
+        return ResponseHelper::getResponse($protocol)->content;
     }
 
     public function toString(UriInterface $uri): string