Ensure listener config priorty is an integer

akrabat · akrabat · commit 39363a789e13 · 2024-08-07T12:32:45.000+01:00
Default to zero if not set and throw an exception if priority is not an
integer.
diff --git a/src/AuthorizationServerFactory.php b/src/AuthorizationServerFactory.php
@@ -8,6 +8,7 @@
 use League\OAuth2\Server\AuthorizationServer;
 use Psr\Container\ContainerInterface;
 
+use function is_int;
 use function is_string;
 use function sprintf;
 
@@ -78,7 +79,7 @@ private function addListeners(
         foreach ($listeners as $idx => $listenerConfig) {
             $event    = $listenerConfig[0];
             $listener = $listenerConfig[1];
-            $priority = $listenerConfig[2] ?? null;
+            $priority = $listenerConfig[2] ?? 0;
             if (is_string($listener)) {
                 if (! $container->has($listener)) {
                     throw new Exception\InvalidConfigException(sprintf(
@@ -92,6 +93,14 @@ private function addListeners(
                 }
                 $listener = $container->get($listener);
             }
+            if (! is_int($priority)) {
+                throw new Exception\InvalidConfigException(sprintf(
+                    'The third element of event_listeners config at index "%s" (priority) '
+                        . 'is expected to be an integer, received "%s"',
+                    $idx,
+                    $priority
+                ));
+            }
             $authServer->getEmitter()
                 ->addListener($event, $listener, $priority);
         }
diff --git a/test/AuthorizationServerFactoryTest.php b/test/AuthorizationServerFactoryTest.php
@@ -140,6 +140,39 @@ static function (RequestEvent $event): void {
         $result->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
     }
 
+    public function testInvokeWithListenerConfigFailsIfPriorityIsNotAnInteger(): void
+    {
+        $mockContainer = $this->getContainerMock();
+        $mockListener  = $this->createMock(ListenerInterface::class);
+        $mockContainer->set(ListenerInterface::class, $mockListener);
+
+        $config = [
+            'authentication' => [
+                'private_key'         => __DIR__ . '/TestAsset/private.key',
+                'encryption_key'      => 'iALlwJ1sH77dmFCJFo+pMdM6Af4bF/hCca1EDDx7MwE=',
+                'access_token_expire' => 'P1D',
+                'grants'              => [
+                    ClientCredentialsGrant::class => ClientCredentialsGrant::class,
+                ],
+                'event_listeners'     => [
+                    [
+                        RequestEvent::CLIENT_AUTHENTICATION_FAILED,
+                        ListenerInterface::class,
+                        'one',
+                    ],
+                ],
+            ],
+        ];
+
+        $mockContainer->set('config', $config);
+
+        $factory = new AuthorizationServerFactory();
+
+        $this->expectException(InvalidConfigException::class);
+
+        $factory($mockContainer);
+    }
+
     public function testInvokeWithListenerConfigMissingServiceThrowsException(): void
     {
         $mockContainer = $this->getContainerMock();
