fix: cast 'alg' to int in AttestationStatement classes to resolve PHPStan errors

Author: Spomky

.ci-tools/phpstan-baseline.neon

@@ -369,6 +369,12 @@ parameters:
 			count: 1
 			path: ../src/symfony/src/Security/Http/Authenticator/WebauthnAuthenticator.php
 
+		-
+			rawMessage: Cannot cast mixed to int.
+			identifier: cast.int
+			count: 1
+			path: ../src/webauthn/src/AttestationStatement/AndroidKeyAttestationStatementSupport.php
+
 		-
 			rawMessage: Class Webauthn\AttestationStatement\CompoundAttestationStatementSupport has an uninitialized property $attestationStatementSupportManager. Give it default value or assign it in the constructor.
 			identifier: property.uninitialized
@@ -381,6 +387,18 @@ parameters:
 			count: 1
 			path: ../src/webauthn/src/AttestationStatement/CompoundAttestationStatementSupport.php
 
+		-
+			rawMessage: Cannot cast mixed to int.
+			identifier: cast.int
+			count: 2
+			path: ../src/webauthn/src/AttestationStatement/PackedAttestationStatementSupport.php
+
+		-
+			rawMessage: Cannot cast mixed to int.
+			identifier: cast.int
+			count: 2
+			path: ../src/webauthn/src/AttestationStatement/TPMAttestationStatementSupport.php
+
 		-
 			rawMessage: '''
 				Instanceof references deprecated class Webauthn\PublicKeyCredentialSource:

src/webauthn/src/AttestationStatement/AndroidKeyAttestationStatementSupport.php

@@ -121,8 +121,7 @@ public function isValid(
         $this->checkCertificate($leaf, $clientDataJSONHash, $authenticatorData);
 
         $signedData = $authenticatorData->authData . $clientDataJSONHash;
-        /** @var int $alg */
-        $alg = $attestationStatement->get('alg');
+        $alg = (int) $attestationStatement->get('alg');
         /** @var string $sig */
         $sig = $attestationStatement->get('sig');
 

src/webauthn/src/AttestationStatement/PackedAttestationStatementSupport.php

@@ -246,8 +246,7 @@ private function processWithCertificate(
         $this->checkCertificate($certificates[0], $authenticatorData);
 
         // Get the COSE algorithm identifier and the corresponding OpenSSL one
-        /** @var int $coseAlgorithmIdentifier */
-        $coseAlgorithmIdentifier = $attestationStatement->get('alg');
+        $coseAlgorithmIdentifier = (int) $attestationStatement->get('alg');
         $opensslAlgorithmIdentifier = Algorithms::getOpensslAlgorithmFor($coseAlgorithmIdentifier);
 
         // Verification of the signature
@@ -283,8 +282,7 @@ private function processWithSelfAttestation(
         );
         $publicKey = $publicKey->normalize();
         $publicKey = new Key($publicKey);
-        /** @var int $alg */
-        $alg = $attestationStatement->get('alg');
+        $alg = (int) $attestationStatement->get('alg');
         $publicKey->alg() === $alg || throw AttestationStatementVerificationException::create(
             'The algorithm of the attestation statement and the key are not identical.'
         );

src/webauthn/src/AttestationStatement/TPMAttestationStatementSupport.php

@@ -139,8 +139,7 @@ public function isValid(
         AuthenticatorData $authenticatorData
     ): bool {
         $attToBeSigned = $authenticatorData->authData . $clientDataJSONHash;
-        /** @var int $alg */
-        $alg = $attestationStatement->get('alg');
+        $alg = (int) $attestationStatement->get('alg');
         $attToBeSignedHash = hash(Algorithms::getHashAlgorithmFor($alg), $attToBeSigned, true);
         /** @var array{extraData: string} $parsedCertInfo */
         $parsedCertInfo = $attestationStatement->get('parsedCertInfo');
@@ -372,8 +371,7 @@ private function processWithCertificate(
         $this->checkCertificate($certificates[0], $authenticatorData);
 
         // Get the COSE algorithm identifier and the corresponding OpenSSL one
-        /** @var int $coseAlgorithmIdentifier */
-        $coseAlgorithmIdentifier = $attestationStatement->get('alg');
+        $coseAlgorithmIdentifier = (int) $attestationStatement->get('alg');
         $opensslAlgorithmIdentifier = Algorithms::getOpensslAlgorithmFor($coseAlgorithmIdentifier);
 
         /** @var string $certInfo */