Fix multiple issues detected by static analysis

app/Api/v1/Controllers/SettingController.php

@@ -19,14 +19,13 @@ class SettingController extends Controller
     {
         $settings = Settings::all();
         $settingsResources = collect();
-        $settings->each(function ($item, $key) use ($settingsResources) {
+        $settings->each(function (mixed $item, string $key) use ($settingsResources) {
             $settingsResources->push([
                 'key' => $key,
                 'value' => $item
             ]);
         });
 
-        // return SettingResource::collection($tata);
         return response()->json($settingsResources->all(), 200);
     }
 

app/Api/v1/Resources/GroupResource.php

@@ -4,6 +4,11 @@ namespace App\Api\v1\Resources;
 
 use Illuminate\Http\Resources\Json\JsonResource;
 
+/**
+ * @property mixed $id
+ * @property string $name
+ * @property int|null $twofaccounts_count
+ */
 class GroupResource extends JsonResource
 {
     /**

app/Api/v1/Resources/TwoFAccountReadResource.php

@@ -2,6 +2,10 @@
 
 namespace App\Api\v1\Resources;
 
+/**
+ * @property mixed $id
+ * @property mixed $group_id
+ */
 class TwoFAccountReadResource extends TwoFAccountStoreResource
 {
     /**

app/Api/v1/Resources/TwoFAccountStoreResource.php

@@ -4,6 +4,17 @@ namespace App\Api\v1\Resources;
 
 use Illuminate\Http\Resources\Json\JsonResource;
 
+/**
+ * @property mixed $otp_type
+ * @property string $account
+ * @property string $service
+ * @property string $icon
+ * @property string $secret
+ * @property int $digits
+ * @property string $algorithm
+ * @property int|null $period
+ * @property int|null $counter
+ */
 class TwoFAccountStoreResource extends JsonResource
 {
     /**

app/Api/v1/Resources/UserResource.php

@@ -4,6 +4,11 @@ namespace App\Api\v1\Resources;
 
 use Illuminate\Http\Resources\Json\JsonResource;
 
+/**
+ * @property mixed $id
+ * @property string $name
+ * @property string $email
+ */
 class UserResource extends JsonResource
 {
     /**

app/Console/Commands/CheckDbConnection.php

@@ -35,7 +35,7 @@ class CheckDbConnection extends Command
     /**
      * Execute the console command.
      *
-     * @return mixed
+     * @return int
      */
     public function handle() : int
     {

app/Console/Commands/Utils/ResetTrait.php

@@ -11,7 +11,7 @@ trait ResetTrait
     /**
      * Reset icons
      */
-    protected function resetIcons()
+    protected function resetIcons() : void
     {
         $this->deleteIcons();
         $this->generateIcons();
@@ -20,7 +20,7 @@ trait ResetTrait
     /**
      * Delete all icons
      */
-    protected function deleteIcons()
+    protected function deleteIcons() : void
     {
         $filesForDelete = \Illuminate\Support\Facades\File::glob('public/icons/*.png');
         Storage::delete($filesForDelete);
@@ -31,7 +31,7 @@ trait ResetTrait
     /**
      * Generate icons for seeded accounts
      */
-    protected function generateIcons()
+    protected function generateIcons() : void
     {
         IconGenerator::generateIcon('amazon', IconGenerator::AMAZON);
         IconGenerator::generateIcon('apple', IconGenerator::APPLE);
@@ -49,7 +49,7 @@ trait ResetTrait
     /**
      * Reset DB
      */
-    protected function resetDB(string $seeder)
+    protected function resetDB(string $seeder) : void
     {
         $this->flushDB();
         $this->seedDB($seeder);
@@ -58,7 +58,7 @@ trait ResetTrait
     /**
      * Delete all DB tables
      */
-    protected function flushDB()
+    protected function flushDB() : void
     {
         // Reset the db
         DB::table('users')->delete();
@@ -78,7 +78,7 @@ trait ResetTrait
     /**
      * Seed the DB
      */
-    protected function seedDB(string $seeder)
+    protected function seedDB(string $seeder) : void
     {
         $this->callSilent('db:seed', [
             '--class' => $seeder

app/Http/Controllers/Auth/UserController.php

@@ -29,7 +29,7 @@ class UserController extends Controller
         }
 
         if (!config('2fauth.config.isDemoApp') ) {
-            tap($user)->update([
+            $user->update([
                 'name' => $validated['name'],
                 'email' => $validated['email'],
             ]);

app/Http/Controllers/Auth/WebAuthnManageController.php

@@ -54,7 +54,7 @@ class WebAuthnManageController extends Controller
         $validated = $request->validated();
 
         $webAuthnCredential = WebAuthnCredential::where('id', $credential)->firstOrFail();
-        $webAuthnCredential->name = $validated['name'];
+        $webAuthnCredential->name = $validated['name']; // @phpstan-ignore-line
         $webAuthnCredential->save();
 
         return response()->json([

app/Http/Middleware/Authenticate.php

@@ -32,7 +32,8 @@ class Authenticate extends Middleware
 
         foreach ($guards as $guard) {
             if ($this->auth->guard($guard)->check()) {
-                return $this->auth->shouldUse($guard);
+                $this->auth->shouldUse($guard);
+                return;
             }
         }
 

app/Http/Middleware/KickOutInactiveUser.php

@@ -16,9 +16,10 @@ class KickOutInactiveUser
      *
      * @param  \Illuminate\Http\Request  $request
      * @param  \Closure  $next
+     * @param  string $guards
      * @return mixed
      */
-    public function handle($request, Closure $next, ...$quards)
+    public function handle($request, Closure $next, ...$guards)
     {
         // We do not track activity of:
         // - Guest

app/Http/Middleware/LogUserLastSeen.php

@@ -13,7 +13,7 @@ class LogUserLastSeen
      *
      * @param  \Illuminate\Http\Request  $request
      * @param  \Closure  $next
-     * @param  string|null $guards
+     * @param  string $guards
      * @return mixed
      */
     public function handle($request, Closure $next, ...$guards)

app/Models/Group.php

@@ -7,6 +7,9 @@ use Illuminate\Database\Eloquent\Model;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 
+/**
+ * @property int $twofaccounts_count
+ */
 class Group extends Model
 {
 

app/Models/TwoFAccount.php

@@ -50,8 +50,6 @@ class TwoFAccount extends Model implements Sortable
     const DEFAULT_ALGORITHM = self::SHA1;
 
     private const IMAGELINK_STORAGE_PATH = 'imagesLink/';
-    private const ICON_STORAGE_PATH      = 'public/icons/';
-
 
     /**
      * List of OTP types supported by 2FAuth
@@ -152,24 +150,6 @@ class TwoFAccount extends Model implements Sortable
         // });
     }
 
-    /**
-     * Fill the model with an array of attributes.
-     *
-     * @param  array  $attributes
-     * @return $this
-     *
-     * @throws \Illuminate\Database\Eloquent\MassAssignmentException
-     */
-    // public function fill(array $attributes)
-    // {
-    //     parent::fill($attributes);
-
-    //     if ($this->otp_type == self::TOTP && !$this->period) $this->period = self::DEFAULT_PERIOD;
-    //     if ($this->otp_type == self::HOTP && !$this->counter) $this->counter = self::DEFAULT_COUNTER;
-
-    //     return $this;
-    // }
-
 
     /**
      * Settings for @spatie/eloquent-sortable package
@@ -307,7 +287,7 @@ class TwoFAccount extends Model implements Sortable
      */
     public function setCounterAttribute($value)
     {
-        $this->attributes['counter'] = is_null($value) && $this->otp_type === self::HOTP ? self::DEFAULT_COUNTER : $value;
+        $this->attributes['counter'] = blank($value) && $this->otp_type === self::HOTP ? self::DEFAULT_COUNTER : $value;
     }
 
 
@@ -316,6 +296,8 @@ class TwoFAccount extends Model implements Sortable
      * 
      * @throws InvalidSecretException The secret is not a valid base32 encoded string
      * @throws UndecipherableException The secret cannot be deciphered
+     * @throws UnsupportedOtpTypeException The defined OTP type is not supported
+     * @throws InvalidOtpParameterException One OTP parameter is invalid
      * @return TotpDto|HotpDto 
      */
     public function getOTP()
@@ -332,7 +314,15 @@ class TwoFAccount extends Model implements Sortable
         $this->initGenerator();
         
         try {
-            if ( $this->otp_type === self::TOTP || $this->otp_type === self::STEAM_TOTP ) {
+            if ( $this->otp_type === self::HOTP ) {
+
+                $OtpDto = new HotpDto();
+                $OtpDto->otp_type   = $this->otp_type;
+                $counter = $this->generator->getParameter('counter');
+                $OtpDto->password   = $this->generator->at($counter);
+                $OtpDto->counter    = $this->counter = $counter + 1;
+            }
+            else {
 
                 $OtpDto = new TotpDto();
                 $OtpDto->otp_type   = $this->otp_type;
@@ -342,15 +332,6 @@ class TwoFAccount extends Model implements Sortable
                                             : SteamTotp::getAuthCode(base64_encode(Base32::decodeUpper($this->secret)));
                 $OtpDto->period         = $this->period;
             }
-            else if ( $this->otp_type === self::HOTP ) {
-
-                $OtpDto = new HotpDto();
-                $OtpDto->otp_type   = $this->otp_type;
-                $counter = $this->generator->getCounter();
-                $OtpDto->password   = $this->generator->at($counter);
-                $OtpDto->counter    = $this->counter = $counter + 1;
-
-            }
 
             Log::info(sprintf('New OTP generated for TwoFAccount (%s)', $this->id ? 'id:'.$this->id: 'preview'));
     
@@ -475,12 +456,15 @@ class TwoFAccount extends Model implements Sortable
 
     /**
      * Returns the OTP type of the instanciated OTP generator
+     * 
+     * @return mixed
      */
     private function getGeneratorOtpType()
     {
         return Arr::get($this->generatorClassMap, get_class($this->generator));
     }
 
+
     /**
      * Returns an otpauth URI built with model attribute values
      */
@@ -494,6 +478,8 @@ class TwoFAccount extends Model implements Sortable
 
     /**
      * Instanciates the OTP generator with model attribute values
+     * @throws UnsupportedOtpTypeException The defined OTP type is not supported
+     * @throws InvalidOtpParameterException One OTP parameter is invalid
      */
     private function initGenerator() : void
     {
@@ -604,7 +590,7 @@ class TwoFAccount extends Model implements Sortable
     /**
      * Returns an acceptable value
      */
-    private function decryptOrReturn($value)
+    private function decryptOrReturn(mixed $value) : mixed
     {
         // Decipher when needed
         if ( Settings::get('useEncryption') && $value )
@@ -625,7 +611,7 @@ class TwoFAccount extends Model implements Sortable
     /**
      * Encrypt a value
      */
-    private function encryptOrReturn($value)
+    private function encryptOrReturn(mixed $value) : mixed
     {
         // should be replaced by laravel 8 attribute encryption casting
         return Settings::get('useEncryption') ? Crypt::encryptString($value) : $value;

app/Providers/AuthServiceProvider.php

@@ -15,7 +15,6 @@ class AuthServiceProvider extends ServiceProvider
     /**
      * The policy mappings for the application.
      *
-     * @var array
      */
     // protected $policies = [
     //     'App\Models\Model' => 'App\Policies\ModelPolicy',

app/Providers/RouteServiceProvider.php

@@ -41,7 +41,7 @@ class RouteServiceProvider extends ServiceProvider
         $this->routes(function () {
             Route::prefix('api/v1')
                 ->middleware('api.v1')
-                ->namespace($this->getApiNamespace(1))
+                ->namespace($this->getApiNamespace('1'))
                 ->group(base_path('routes/api/v1.php'));
 
             // Route::prefix('api/v2')

app/Services/LogoService.php

@@ -15,12 +15,12 @@ class LogoService
     protected $tfas;
 
     /**
-     * @var
+     * @var string
      */
     const TFA_JSON = 'tfa.json';
 
     /**
-     * @var
+     * @var string
      */
     const TFA_URL = 'https://2fa.directory/api/v3/tfa.json';
 
@@ -146,7 +146,7 @@ class LogoService
     /**
      * Prepare and make some replacement to optimize logo fetching
      * 
-     * @param string $str
+     * @param string $domain
      * @return string Optimized domain name
      */
     protected function cleanDomain(string $domain) : string

app/Services/SettingService.php

@@ -36,7 +36,7 @@ class SettingService
     /**
      * Get a setting
      *
-     * @param string|array $setting A single setting name or an associative array of name:value settings
+     * @param string $setting A single setting name
      * @return mixed string|int|boolean|null
      */
     public function get($setting)
@@ -135,7 +135,7 @@ class SettingService
     /**
      * Replaces boolean by a patterned string as appstrack/laravel-options package does not support var type
      * 
-     * @param mixed $settings
+     * @param mixed $value
      * @return string
      */
     private function replaceBoolean(mixed $value)
@@ -147,7 +147,7 @@ class SettingService
     /**
      * Replaces patterned string that represent booleans with real booleans
      * 
-     * @param mixed $settings
+     * @param mixed $value
      * @return mixed
      */
     private function restoreType(mixed $value)

app/Services/TwoFAccountService.php

@@ -82,6 +82,8 @@ class TwoFAccountService
             throw new InvalidGoogleAuthMigration();
         }
 
+        $twofaccounts = array();
+        
         foreach ($otpParameters->getIterator() as $key => $otp_parameters) {
 
              try {
@@ -123,9 +125,11 @@ class TwoFAccountService
 
 
     /**
+     * Explode a comma separated list of IDs to an array of IDs
      * 
+     * @param int|array|string $ids
      */
-    private static function commaSeparatedToArray($ids)
+    private static function commaSeparatedToArray($ids) : mixed
     {
         if(is_string($ids))
         {
@@ -142,10 +146,10 @@ class TwoFAccountService
     /**
      * Return the given collection with items marked as Duplicates (using id=-1) if a similar record exists in database
      * 
-     * @param \Illuminate\Support\Collection
+     * @param \Illuminate\Support\Collection $twofaccounts
      * @return \Illuminate\Support\Collection
      */
-    private static function markAsDuplicate($twofaccounts) : Collection
+    private static function markAsDuplicate(Collection $twofaccounts) : Collection
     {
         $storage = TwoFAccount::all();
 

routes/console.php

@@ -1,6 +1,7 @@
 <?php
 
 use Illuminate\Foundation\Inspiring;
+use Illuminate\Support\Facades\Artisan;
 
 /*
 |--------------------------------------------------------------------------