How to avoid warning: when correctly marking call_user_func in PhpStorm/Lumen, make sure to throw exception in corresponding 'try' block?
P粉009186469
2023-09-03 22:55:00
<p>I have authentication middleware in my Lumen application like this: </p>
<pre class="brush:php;toolbar:false;">class Authenticate
{
public function handle(Request $request, Closure $next, string|null $guard = null): mixed
{
try {
/**@var \Illuminate\Auth\RequestGuard $requestGuard*/
$requestGuard = $this->auth->guard($guard);
$signedIn = $requestGuard->check();
// ...
} catch (NoUserIdProvidedException) {
// ...
}
// ...
}
}</pre>
<p>It works fine, but PhpStorm reports that the exceptions (I removed most of them from the example, there are a few) are not thrown by the containing block, although they are. </p>
<p>It seems that deep inside RequestGuard it uses call_user_func</p>
<pre class="brush:php;toolbar:false;">return $this->user = call_user_func(
$this->callback, $this->request, $this->getProvider()
);</pre>
<p>Call the closure set in the AuthServiceProvider, which uses a middleware method on the custom Security class: </p>
<pre class="brush:php;toolbar:false;">class AuthServiceProvider extends ServiceProvider
{
public function boot(): void
{
$this->app['auth']->viaRequest('api', function ($request) {
$security = new Security();
return $security->middleware($request);
});
}
}</pre>
<p>In my opinion, the documentation block for the middleware is correct</p>
<pre class="brush:php;toolbar:false;">/*** @param Request $request
* @return bool|object|null
* @throws InvalidDomainUser
* @throws NoDomainUserException
* @throws NoTokenOnRecordException
* @throws NoTokenProvidedException
* @throws NoUserException
* @throws NoUserIdProvidedException*/
public function middleware(Request $request): object|bool|null
{</pre>
<p>Add a document block, for example: </p>
<pre class="brush:php;toolbar:false;">/*** @throws NoUserIdProvidedException*/</pre>
<p>In the closure, the authentication provider or handling code does not make the warning go away, is there a way to comment or type hint the code to avoid false positives? I don't want to just turn off the inspection. </p>
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
The way the guard works seemed a bit too complicated for static analysis, so I refactored to move the underlying custom code out of the guard and directly into the middleware, which worked and is now correctly detected abnormal.
class Authenticate { public function handle(Request $request, Closure $next, string|null $guard = null): mixed { try { $security = new Security(); $user = $security->middleware($request); $signedIn = !empty($user->id); // ... } catch (NoUserIdProvidedException) { // ... } // ... } }The security class is custom logic. The important thing is that the document block with @throws is close enough to be found by the IDE
class Security{ /** * @param Request $request * @return bool|object|null * @throws InvalidDomainUser * @throws NoDomainUserException * @throws NoTokenOnRecordException * @throws NoTokenProvidedException * @throws NoUserException * @throws NoUserIdProvidedException */ public function middleware(Request $request): object|bool|null { // .... } }