Changelog: mention bc break

PHPCS: search comments for annotations

Prior to this change, phpcs would not allow imports for classes referenced in annotations only.

This change enables that.

Also, fix a wrong reference to `\LogicException` where in reality `\Surfnet\SamlBundle\Security\Exception\LogicException` was thrown.

Update to samlbundle exception.

Author: johanib

CHANGELOG.md

@@ -2,6 +2,9 @@
 - Add SF 7 support
 - Upgrade dev & qa tooling
 
+Backward compatibility breaks:  
+ * Minor: `\Surfnet\SamlBundle\SAML2\BridgeContainer::debugMessage` Will now throw a `\Surfnet\SamlBundle\Exception\InvalidArgumentException` instead of 'Fatal error: Uncaught TypeError' if an invalid `$message` is debugged.
+
 # 6.0.0
 - Add SF 6 support
 - Require PHP 8.1

ci/qa/phpcs.xml

@@ -23,6 +23,10 @@
   </rule>
 
   <rule ref="SlevomatCodingStandard.Namespaces.ReferenceUsedNamesOnly"/>
-  <rule ref="SlevomatCodingStandard.Namespaces.UnusedUses"/>
+  <rule ref="SlevomatCodingStandard.Namespaces.UnusedUses">
+    <properties>
+      <property name="searchAnnotations" type="bool" value="true"/>
+    </properties>
+  </rule>
   <rule ref="SlevomatCodingStandard.Namespaces.AlphabeticallySortedUses"/>
 </ruleset>

src/Http/ReceivedAuthnRequestPost.php

@@ -18,6 +18,7 @@
 
 namespace Surfnet\SamlBundle\Http;
 
+use Exception;
 use RobRichards\XMLSecLibs\XMLSecurityKey;
 use Surfnet\SamlBundle\Http\Exception\InvalidRequestException;
 use Surfnet\SamlBundle\SAML2\ReceivedAuthnRequest;
@@ -80,7 +81,7 @@ public function getRelayState(): ?string
     }
 
     /**
-     * @throws \Exception when signature is invalid (@see SAML2\Utils::validateSignature)
+     * @throws Exception when signature is invalid (@see SAML2\Utils::validateSignature)
      */
     public function verify(XMLSecurityKey $key): bool
     {

src/SAML2/BridgeContainer.php

@@ -21,8 +21,8 @@
 use BadMethodCallException;
 use DOMElement;
 use Psr\Log\LoggerInterface;
-use RuntimeException;
 use SAML2\Compat\AbstractContainer;
+use Surfnet\SamlBundle\Exception\InvalidArgumentException;
 
 /**
  * Container that is required so that we can make the SAML2 lib work.
@@ -57,7 +57,7 @@ public function debugMessage($message, $type): void
         }
 
         if (!is_string($message)) {
-            throw new RuntimeException("Debug message error: could not convert message to string.");
+            throw new InvalidArgumentException("Debug message error: could not convert message to string.");
         }
 
         $this->logger->debug($message, ['type' => $type]);

src/Security/Authentication/AuthenticatedSessionStateHandler.php

@@ -18,14 +18,15 @@
 
 namespace Surfnet\SamlBundle\Security\Authentication;
 
+use Surfnet\SamlBundle\Security\Exception\LogicException;
 use Surfnet\SamlBundle\Value\DateTime;
 
 interface AuthenticatedSessionStateHandler
 {
     /**
      * Sets the moment at which the user was authenticated
      *
-     * @throws \LogicException when an authentication moment was already logged
+     * @throws LogicException when an authentication moment was already logged
      */
     public function logAuthenticationMoment(): void;
 
@@ -34,7 +35,7 @@ public function isAuthenticationMomentLogged(): bool;
     /**
      * Gets the moment at which the user was authenticated
      *
-     * @throws \LogicException when no authentication moment was logged
+     * @throws LogicException when no authentication moment was logged
      */
     public function getAuthenticationMoment(): DateTime;