Improve type safety with strict union types

jeromegamez · jeromegamez · commit 4be2466bde7f · 2025-12-05T12:39:20.000+01:00
diff --git a/UPGRADE-8.0.md b/UPGRADE-8.0.md
@@ -41,6 +41,7 @@ The following list has been generated with [roave/backward-compatibility-check](
 [BC] CHANGED: Default parameter value for parameter $code of Kreait\Firebase\Exception\Database\TransactionFailed#__construct() changed from 0 to NULL
 [BC] CHANGED: Default parameter value for parameter $code of Kreait\Firebase\Exception\Database\UnsupportedQuery#__construct() changed from 0 to NULL
 [BC] CHANGED: The number of required arguments for Kreait\Firebase\Exception\Database\UnsupportedQuery#__construct() increased from 1 to 2
+[BC] CHANGED: The parameter $accessToken of Kreait\Firebase\Contract\Auth#signInWithIdpAccessToken() changed from string to Lcobucci\JWT\Token|string
 [BC] CHANGED: The parameter $clearTextPassword of Kreait\Firebase\Contract\Auth#signInWithEmailAndPassword() changed from Stringable|string to a non-contravariant string
 [BC] CHANGED: The parameter $clearTextPassword of Kreait\Firebase\Contract\Auth#signInWithEmailAndPassword() changed from Stringable|string to string
 [BC] CHANGED: The parameter $clearTextPassword of Kreait\Firebase\Request\EditUserTrait#withClearTextPassword() changed from Stringable|string to a non-contravariant string
@@ -110,6 +111,10 @@ The following list has been generated with [roave/backward-compatibility-check](
 [BC] CHANGED: The parameter $providerId of Kreait\Firebase\Contract\Transitional\FederatedUserFetcher#getUserByProviderUid() changed from Stringable|string to string
 [BC] CHANGED: The parameter $providerUid of Kreait\Firebase\Contract\Transitional\FederatedUserFetcher#getUserByProviderUid() changed from Stringable|string to a non-contravariant string
 [BC] CHANGED: The parameter $providerUid of Kreait\Firebase\Contract\Transitional\FederatedUserFetcher#getUserByProviderUid() changed from Stringable|string to string
+[BC] CHANGED: The parameter $redirectUrl of Kreait\Firebase\Contract\Auth#signInWithIdpAccessToken() changed from no type to a non-contravariant string|null
+[BC] CHANGED: The parameter $redirectUrl of Kreait\Firebase\Contract\Auth#signInWithIdpAccessToken() changed from no type to string|null
+[BC] CHANGED: The parameter $redirectUrl of Kreait\Firebase\Contract\Auth#signInWithIdpIdToken() changed from no type to a non-contravariant string|null
+[BC] CHANGED: The parameter $redirectUrl of Kreait\Firebase\Contract\Auth#signInWithIdpIdToken() changed from no type to string|null
 [BC] CHANGED: The parameter $uid of Kreait\Firebase\Contract\Auth#changeUserEmail() changed from Stringable|string to a non-contravariant string
 [BC] CHANGED: The parameter $uid of Kreait\Firebase\Contract\Auth#changeUserEmail() changed from Stringable|string to string
 [BC] CHANGED: The parameter $uid of Kreait\Firebase\Contract\Auth#changeUserPassword() changed from Stringable|string to a non-contravariant string
diff --git a/composer.json b/composer.json
@@ -49,16 +49,17 @@
         "psr/http-message": "^1.1 || ^2.0"
     },
     "require-dev": {
-        "php-cs-fixer/shim": "^3.91.2",
         "google/cloud-firestore": "^1.54.3",
+        "php-cs-fixer/shim": "^3.91.2",
         "phpstan/extension-installer": "^1.4.3",
         "phpstan/phpstan": "^2.1.32",
         "phpstan/phpstan-deprecation-rules": "^2.0.3",
-        "phpstan/phpstan-strict-rules": "^2.0.7",
         "phpstan/phpstan-phpunit": "^2.0.8",
+        "phpstan/phpstan-strict-rules": "^2.0.7",
         "phpunit/phpunit": "^12.4.5",
         "psr/log": "^3.0.2",
         "rector/rector": "^2.2.11",
+        "rector/type-perfect": "^2.1",
         "shipmonk/composer-dependency-analyser": "^1.8.4",
         "symfony/var-dumper": "^7.4.0",
         "vlucas/phpdotenv": "^5.6.2"
diff --git a/src/Firebase/Auth.php b/src/Firebase/Auth.php
@@ -362,7 +362,7 @@ public function setCustomUserClaims(string $uid, ?array $claims): void
         $this->client->setCustomUserClaims($uid, $claims);
     }
 
-    public function createCustomToken(string $uid, array $claims = [], $ttl = 3600): UnencryptedToken
+    public function createCustomToken(string $uid, array $claims = [], int|DateInterval|string $ttl = 3600): UnencryptedToken
     {
         if ($this->tokenGenerator === null) {
             throw new AuthError('Custom Token Generation is disabled because the current credentials do not permit it');
@@ -395,7 +395,7 @@ public function parseToken(string $tokenString): UnencryptedToken
         return $parsedToken;
     }
 
-    public function verifyIdToken($idToken, bool $checkIfRevoked = false, ?int $leewayInSeconds = null): UnencryptedToken
+    public function verifyIdToken(Token|string $idToken, bool $checkIfRevoked = false, ?int $leewayInSeconds = null): UnencryptedToken
     {
         $verifier = $this->idTokenVerifier;
 
@@ -481,7 +481,7 @@ public function verifyPasswordResetCode(string $oobCode): string
         return $responseData['email'];
     }
 
-    public function confirmPasswordReset(string $oobCode, $newPassword, bool $invalidatePreviousSessions = true): string
+    public function confirmPasswordReset(string $oobCode, string $newPassword, bool $invalidatePreviousSessions = true): string
     {
         $newPassword = ClearTextPassword::fromString($newPassword)->value;
 
@@ -508,7 +508,7 @@ public function revokeRefreshTokens(string $uid): void
         $this->client->revokeRefreshTokens($uid);
     }
 
-    public function unlinkProvider($uid, $provider): UserRecord
+    public function unlinkProvider(string $uid, array|string $provider): UserRecord
     {
         $uid = Uid::fromString($uid)->value;
 
@@ -519,7 +519,7 @@ public function unlinkProvider($uid, $provider): UserRecord
         return $this->getUserRecordFromResponseAfterUserUpdate($response);
     }
 
-    public function signInAsUser($user, ?array $claims = null): SignInResult
+    public function signInAsUser(UserRecord|string $user, ?array $claims = null): SignInResult
     {
         $claims ??= [];
         $uid = $user instanceof UserRecord ? $user->uid : $user;
@@ -533,7 +533,7 @@ public function signInAsUser($user, ?array $claims = null): SignInResult
         return $this->client->handleSignIn(SignInWithCustomToken::fromValue($customToken->toString()));
     }
 
-    public function signInWithCustomToken($token): SignInResult
+    public function signInWithCustomToken(Token|string $token): SignInResult
     {
         $token = $token instanceof Token ? $token->toString() : $token;
 
@@ -547,15 +547,15 @@ public function signInWithRefreshToken(string $refreshToken): SignInResult
         return $this->client->handleSignIn(SignInWithRefreshToken::fromValue($refreshToken));
     }
 
-    public function signInWithEmailAndPassword($email, $clearTextPassword): SignInResult
+    public function signInWithEmailAndPassword(string $email, string $clearTextPassword): SignInResult
     {
         $email = Email::fromString($email)->value;
         $clearTextPassword = ClearTextPassword::fromString($clearTextPassword)->value;
 
         return $this->client->handleSignIn(SignInWithEmailAndPassword::fromValues($email, $clearTextPassword));
     }
 
-    public function signInWithEmailAndOobCode($email, string $oobCode): SignInResult
+    public function signInWithEmailAndOobCode(string $email, string $oobCode): SignInResult
     {
         $email = Email::fromString($email)->value;
 
@@ -578,62 +578,54 @@ public function signInAnonymously(): SignInResult
         throw new FailedToSignIn('Failed to sign in anonymously: No ID token or UID available');
     }
 
-    public function signInWithIdpAccessToken($provider, string $accessToken, $redirectUrl = null, ?string $oauthTokenSecret = null, ?string $linkingIdToken = null, ?string $rawNonce = null): SignInResult
+    public function signInWithIdpAccessToken(string $provider, Token|string $accessToken, ?string $redirectUrl = null, ?string $oauthTokenSecret = null, ?string $linkingIdToken = null, ?string $rawNonce = null): SignInResult
     {
-        $redirectUrl = trim((string) ($redirectUrl ?? 'http://localhost'));
-        $linkingIdToken = trim((string) $linkingIdToken);
-        $oauthTokenSecret = trim((string) $oauthTokenSecret);
-        $rawNonce = trim((string) $rawNonce);
+        $accessToken = $accessToken instanceof Token ? $accessToken->toString() : $accessToken;
+        $redirectUrl = trim($redirectUrl ?? 'http://localhost');
 
-        if ($oauthTokenSecret !== '') {
+        if ($oauthTokenSecret !== null) {
             $action = SignInWithIdpCredentials::withAccessTokenAndOauthTokenSecret($provider, $accessToken, $oauthTokenSecret);
         } else {
             $action = SignInWithIdpCredentials::withAccessToken($provider, $accessToken);
         }
 
-        if ($linkingIdToken !== '') {
+        if ($linkingIdToken !== null) {
             $action = $action->withLinkingIdToken($linkingIdToken);
         }
 
-        if ($rawNonce !== '') {
+        if ($rawNonce !== null) {
             $action = $action->withRawNonce($rawNonce);
         }
 
-        if ($redirectUrl !== '') {
-            $action = $action->withRequestUri($redirectUrl);
-        }
+        $action = $action->withRequestUri($redirectUrl);
 
         return $this->client->handleSignIn($action);
     }
 
-    public function signInWithIdpIdToken($provider, $idToken, $redirectUrl = null, ?string $linkingIdToken = null, ?string $rawNonce = null): SignInResult
+    public function signInWithIdpIdToken(string $provider, Token|string $idToken, ?string $redirectUrl = null, ?string $linkingIdToken = null, ?string $rawNonce = null): SignInResult
     {
-        $redirectUrl = trim((string) ($redirectUrl ?? 'http://localhost'));
-        $linkingIdToken = trim((string) $linkingIdToken);
-        $rawNonce = trim((string) $rawNonce);
+        $redirectUrl = trim(($redirectUrl ?? 'http://localhost'));
 
         if ($idToken instanceof Token) {
             $idToken = $idToken->toString();
         }
 
         $action = SignInWithIdpCredentials::withIdToken($provider, $idToken);
 
-        if ($rawNonce !== '') {
+        if ($rawNonce !== null) {
             $action = $action->withRawNonce($rawNonce);
         }
 
-        if ($linkingIdToken !== '') {
+        if ($linkingIdToken !== null) {
             $action = $action->withLinkingIdToken($linkingIdToken);
         }
 
-        if ($redirectUrl !== '') {
-            $action = $action->withRequestUri($redirectUrl);
-        }
+        $action = $action->withRequestUri($redirectUrl);
 
         return $this->client->handleSignIn($action);
     }
 
-    public function createSessionCookie($idToken, $ttl): string
+    public function createSessionCookie(Token|string $idToken, DateInterval|int $ttl): string
     {
         if ($idToken instanceof Token) {
             $idToken = $idToken->toString();
diff --git a/src/Firebase/Contract/Auth.php b/src/Firebase/Contract/Auth.php
@@ -29,7 +29,6 @@
 use Kreait\Firebase\Request\UpdateUser;
 use Lcobucci\JWT\Token;
 use Lcobucci\JWT\UnencryptedToken;
-use Psr\Http\Message\UriInterface;
 use Traversable;
 
 /**
@@ -440,24 +439,24 @@ public function signInAnonymously(): SignInResult;
      * @see https://cloud.google.com/identity-platform/docs/reference/rest/v1/accounts/signInWithIdp
      *
      * @param non-empty-string $provider
-     * @param non-empty-string $accessToken
-     * @param UriInterface|non-empty-string|null $redirectUrl
+     * @param Token|non-empty-string $accessToken
+     * @param non-empty-string|null $redirectUrl
      * @param non-empty-string|null $oauthTokenSecret
      * @param non-empty-string|null $linkingIdToken
      * @param non-empty-string|null $rawNonce
      *
      * @throws FailedToSignIn
      */
-    public function signInWithIdpAccessToken(string $provider, string $accessToken, $redirectUrl = null, ?string $oauthTokenSecret = null, ?string $linkingIdToken = null, ?string $rawNonce = null): SignInResult;
+    public function signInWithIdpAccessToken(string $provider, Token|string $accessToken, ?string $redirectUrl = null, ?string $oauthTokenSecret = null, ?string $linkingIdToken = null, ?string $rawNonce = null): SignInResult;
 
     /**
      * @param non-empty-string $provider
      * @param Token|non-empty-string $idToken
-     * @param UriInterface|non-empty-string|null $redirectUrl
+     * @param non-empty-string|null $redirectUrl
      * @param non-empty-string|null $linkingIdToken
      * @param non-empty-string|null $rawNonce
      *
      * @throws FailedToSignIn
      */
-    public function signInWithIdpIdToken(string $provider, Token|string $idToken, $redirectUrl = null, ?string $linkingIdToken = null, ?string $rawNonce = null): SignInResult;
+    public function signInWithIdpIdToken(string $provider, Token|string $idToken, ?string $redirectUrl = null, ?string $linkingIdToken = null, ?string $rawNonce = null): SignInResult;
 }
diff --git a/src/Firebase/Messaging.php b/src/Firebase/Messaging.php
@@ -15,6 +15,7 @@
 use Kreait\Firebase\Messaging\AppInstance;
 use Kreait\Firebase\Messaging\AppInstanceApiClient;
 use Kreait\Firebase\Messaging\Message;
+use Kreait\Firebase\Messaging\Messages;
 use Kreait\Firebase\Messaging\MessageTarget;
 use Kreait\Firebase\Messaging\MulticastSendReport;
 use Kreait\Firebase\Messaging\Processor\SetApnsContentAvailableIfNeeded;
@@ -66,7 +67,7 @@ public function send(Message|array $message, bool $validateOnly = false): array
         throw $error;
     }
 
-    public function sendMulticast($message, $registrationTokens, bool $validateOnly = false): MulticastSendReport
+    public function sendMulticast(Message|array $message, RegistrationTokens|RegistrationToken|array|string $registrationTokens, bool $validateOnly = false): MulticastSendReport
     {
         $message = $message instanceof Message ? $message : new RawMessageFromArray($message);
         $registrationTokens = RegistrationTokens::fromValue($registrationTokens);
@@ -80,7 +81,7 @@ public function sendMulticast($message, $registrationTokens, bool $validateOnly
         return $this->sendAll($messages, $validateOnly);
     }
 
-    public function sendAll($messages, bool $validateOnly = false): MulticastSendReport
+    public function sendAll(array|Messages $messages, bool $validateOnly = false): MulticastSendReport
     {
         $messages = $this->ensureMessages($messages);
         $requests = $this->createSendRequests($messages, $validateOnly);
@@ -113,12 +114,12 @@ public function sendAll($messages, bool $validateOnly = false): MulticastSendRep
         return MulticastSendReport::withItems($sendReports);
     }
 
-    public function validate($message): array
+    public function validate(Message|array $message): array
     {
         return $this->send($message, true);
     }
 
-    public function validateRegistrationTokens($registrationTokenOrTokens): array
+    public function validateRegistrationTokens(RegistrationTokens|RegistrationToken|array|string $registrationTokenOrTokens): array
     {
         $tokens = RegistrationTokens::fromValue($registrationTokenOrTokens);
 
@@ -136,7 +137,7 @@ public function subscribeToTopic(string|Topic $topic, RegistrationTokens|Registr
         return $this->subscribeToTopics([$topic], $registrationTokenOrTokens);
     }
 
-    public function subscribeToTopics(iterable $topics, $registrationTokenOrTokens): array
+    public function subscribeToTopics(iterable $topics, RegistrationTokens|RegistrationToken|array|string $registrationTokenOrTokens): array
     {
         $topicObjects = [];
 
@@ -166,7 +167,7 @@ public function unsubscribeFromTopics(array $topics, RegistrationTokens|Registra
         return $this->appInstanceApi->unsubscribeFromTopics($topics, $tokens);
     }
 
-    public function unsubscribeFromAllTopics($registrationTokenOrTokens): array
+    public function unsubscribeFromAllTopics(RegistrationTokens|RegistrationToken|array|string $registrationTokenOrTokens): array
     {
         $tokens = RegistrationTokens::fromValue($registrationTokenOrTokens);
 
diff --git a/tests/Integration/AuthTestCase.php b/tests/Integration/AuthTestCase.php
@@ -865,7 +865,7 @@ public function signInWithIdpAccessToken(): void
         // I don't know how to retrieve a current user access token programmatically, so we'll
         // test the failure case only here
         $this->expectException(FailedToSignIn::class);
-        $this->auth->signInWithIdpAccessToken('google.com', 'invalid', Utils::uriFor('http://localhost'));
+        $this->auth->signInWithIdpAccessToken('google.com', 'invalid');
     }
 
     #[Test]

Original file line number	Diff line number	Diff line change
`@@ -362,7 +362,7 @@ public function setCustomUserClaims(string $uid, ?array $claims): void`
`362`	`362`	`$this->client->setCustomUserClaims($uid, $claims);`
`363`	`363`	`}`
`364`	`364`
`365`		`- public function createCustomToken(string $uid, array $claims = [], $ttl = 3600): UnencryptedToken`
	`365`	`+ public function createCustomToken(string $uid, array $claims = [], int\|DateInterval\|string $ttl = 3600): UnencryptedToken`
`366`	`366`	`{`
`367`	`367`	`if ($this->tokenGenerator === null) {`
`368`	`368`	`throw new AuthError('Custom Token Generation is disabled because the current credentials do not permit it');`
`@@ -395,7 +395,7 @@ public function parseToken(string $tokenString): UnencryptedToken`
`395`	`395`	`return $parsedToken;`
`396`	`396`	`}`
`397`	`397`
`398`		`- public function verifyIdToken($idToken, bool $checkIfRevoked = false, ?int $leewayInSeconds = null): UnencryptedToken`
	`398`	`+ public function verifyIdToken(Token\|string $idToken, bool $checkIfRevoked = false, ?int $leewayInSeconds = null): UnencryptedToken`
`399`	`399`	`{`
`400`	`400`	`$verifier = $this->idTokenVerifier;`
`401`	`401`
`@@ -481,7 +481,7 @@ public function verifyPasswordResetCode(string $oobCode): string`
`481`	`481`	`return $responseData['email'];`
`482`	`482`	`}`
`483`	`483`
`484`		`- public function confirmPasswordReset(string $oobCode, $newPassword, bool $invalidatePreviousSessions = true): string`
	`484`	`+ public function confirmPasswordReset(string $oobCode, string $newPassword, bool $invalidatePreviousSessions = true): string`
`485`	`485`	`{`
`486`	`486`	`$newPassword = ClearTextPassword::fromString($newPassword)->value;`
`487`	`487`
`@@ -508,7 +508,7 @@ public function revokeRefreshTokens(string $uid): void`
`508`	`508`	`$this->client->revokeRefreshTokens($uid);`
`509`	`509`	`}`
`510`	`510`
`511`		`- public function unlinkProvider($uid, $provider): UserRecord`
	`511`	`+ public function unlinkProvider(string $uid, array\|string $provider): UserRecord`
`512`	`512`	`{`
`513`	`513`	`$uid = Uid::fromString($uid)->value;`
`514`	`514`
`@@ -519,7 +519,7 @@ public function unlinkProvider($uid, $provider): UserRecord`
`519`	`519`	`return $this->getUserRecordFromResponseAfterUserUpdate($response);`
`520`	`520`	`}`
`521`	`521`
`522`		`- public function signInAsUser($user, ?array $claims = null): SignInResult`
	`522`	`+ public function signInAsUser(UserRecord\|string $user, ?array $claims = null): SignInResult`
`523`	`523`	`{`
`524`	`524`	`$claims ??= [];`
`525`	`525`	`$uid = $user instanceof UserRecord ? $user->uid : $user;`
`@@ -533,7 +533,7 @@ public function signInAsUser($user, ?array $claims = null): SignInResult`
`533`	`533`	`return $this->client->handleSignIn(SignInWithCustomToken::fromValue($customToken->toString()));`
`534`	`534`	`}`
`535`	`535`
`536`		`- public function signInWithCustomToken($token): SignInResult`
	`536`	`+ public function signInWithCustomToken(Token\|string $token): SignInResult`
`537`	`537`	`{`
`538`	`538`	`$token = $token instanceof Token ? $token->toString() : $token;`
`539`	`539`
`@@ -547,15 +547,15 @@ public function signInWithRefreshToken(string $refreshToken): SignInResult`
`547`	`547`	`return $this->client->handleSignIn(SignInWithRefreshToken::fromValue($refreshToken));`
`548`	`548`	`}`
`549`	`549`
`550`		`- public function signInWithEmailAndPassword($email, $clearTextPassword): SignInResult`
	`550`	`+ public function signInWithEmailAndPassword(string $email, string $clearTextPassword): SignInResult`
`551`	`551`	`{`
`552`	`552`	`$email = Email::fromString($email)->value;`
`553`	`553`	`$clearTextPassword = ClearTextPassword::fromString($clearTextPassword)->value;`
`554`	`554`
`555`	`555`	`return $this->client->handleSignIn(SignInWithEmailAndPassword::fromValues($email, $clearTextPassword));`
`556`	`556`	`}`
`557`	`557`
`558`		`- public function signInWithEmailAndOobCode($email, string $oobCode): SignInResult`
	`558`	`+ public function signInWithEmailAndOobCode(string $email, string $oobCode): SignInResult`
`559`	`559`	`{`
`560`	`560`	`$email = Email::fromString($email)->value;`
`561`	`561`
`@@ -578,62 +578,54 @@ public function signInAnonymously(): SignInResult`
`578`	`578`	`throw new FailedToSignIn('Failed to sign in anonymously: No ID token or UID available');`
`579`	`579`	`}`
`580`	`580`
`581`		`- public function signInWithIdpAccessToken($provider, string $accessToken, $redirectUrl = null, ?string $oauthTokenSecret = null, ?string $linkingIdToken = null, ?string $rawNonce = null): SignInResult`
	`581`	`+ public function signInWithIdpAccessToken(string $provider, Token\|string $accessToken, ?string $redirectUrl = null, ?string $oauthTokenSecret = null, ?string $linkingIdToken = null, ?string $rawNonce = null): SignInResult`
`582`	`582`	`{`
`583`		`- $redirectUrl = trim((string) ($redirectUrl ?? 'http://localhost'));`
`584`		`- $linkingIdToken = trim((string) $linkingIdToken);`
`585`		`- $oauthTokenSecret = trim((string) $oauthTokenSecret);`
`586`		`- $rawNonce = trim((string) $rawNonce);`
	`583`	`+ $accessToken = $accessToken instanceof Token ? $accessToken->toString() : $accessToken;`
	`584`	`+ $redirectUrl = trim($redirectUrl ?? 'http://localhost');`
`587`	`585`
`588`		`- if ($oauthTokenSecret !== '') {`
	`586`	`+ if ($oauthTokenSecret !== null) {`
`589`	`587`	`$action = SignInWithIdpCredentials::withAccessTokenAndOauthTokenSecret($provider, $accessToken, $oauthTokenSecret);`
`590`	`588`	`} else {`
`591`	`589`	`$action = SignInWithIdpCredentials::withAccessToken($provider, $accessToken);`
`592`	`590`	`}`
`593`	`591`
`594`		`- if ($linkingIdToken !== '') {`
	`592`	`+ if ($linkingIdToken !== null) {`
`595`	`593`	`$action = $action->withLinkingIdToken($linkingIdToken);`
`596`	`594`	`}`
`597`	`595`
`598`		`- if ($rawNonce !== '') {`
	`596`	`+ if ($rawNonce !== null) {`
`599`	`597`	`$action = $action->withRawNonce($rawNonce);`
`600`	`598`	`}`
`601`	`599`
`602`		`- if ($redirectUrl !== '') {`
`603`		`- $action = $action->withRequestUri($redirectUrl);`
`604`		`- }`
	`600`	`+ $action = $action->withRequestUri($redirectUrl);`
`605`	`601`
`606`	`602`	`return $this->client->handleSignIn($action);`
`607`	`603`	`}`
`608`	`604`
`609`		`- public function signInWithIdpIdToken($provider, $idToken, $redirectUrl = null, ?string $linkingIdToken = null, ?string $rawNonce = null): SignInResult`
	`605`	`+ public function signInWithIdpIdToken(string $provider, Token\|string $idToken, ?string $redirectUrl = null, ?string $linkingIdToken = null, ?string $rawNonce = null): SignInResult`
`610`	`606`	`{`
`611`		`- $redirectUrl = trim((string) ($redirectUrl ?? 'http://localhost'));`
`612`		`- $linkingIdToken = trim((string) $linkingIdToken);`
`613`		`- $rawNonce = trim((string) $rawNonce);`
	`607`	`+ $redirectUrl = trim(($redirectUrl ?? 'http://localhost'));`
`614`	`608`
`615`	`609`	`if ($idToken instanceof Token) {`
`616`	`610`	`$idToken = $idToken->toString();`
`617`	`611`	`}`
`618`	`612`
`619`	`613`	`$action = SignInWithIdpCredentials::withIdToken($provider, $idToken);`
`620`	`614`
`621`		`- if ($rawNonce !== '') {`
	`615`	`+ if ($rawNonce !== null) {`
`622`	`616`	`$action = $action->withRawNonce($rawNonce);`
`623`	`617`	`}`
`624`	`618`
`625`		`- if ($linkingIdToken !== '') {`
	`619`	`+ if ($linkingIdToken !== null) {`
`626`	`620`	`$action = $action->withLinkingIdToken($linkingIdToken);`
`627`	`621`	`}`
`628`	`622`
`629`		`- if ($redirectUrl !== '') {`
`630`		`- $action = $action->withRequestUri($redirectUrl);`
`631`		`- }`
	`623`	`+ $action = $action->withRequestUri($redirectUrl);`
`632`	`624`
`633`	`625`	`return $this->client->handleSignIn($action);`
`634`	`626`	`}`
`635`	`627`
`636`		`- public function createSessionCookie($idToken, $ttl): string`
	`628`	`+ public function createSessionCookie(Token\|string $idToken, DateInterval\|int $ttl): string`
`637`	`629`	`{`
`638`	`630`	`if ($idToken instanceof Token) {`
`639`	`631`	`$idToken = $idToken->toString();`
Original file line number	Diff line number	Diff line change
`@@ -15,6 +15,7 @@`
`15`	`15`	`use Kreait\Firebase\Messaging\AppInstance;`
`16`	`16`	`use Kreait\Firebase\Messaging\AppInstanceApiClient;`
`17`	`17`	`use Kreait\Firebase\Messaging\Message;`
	`18`	`+use Kreait\Firebase\Messaging\Messages;`
`18`	`19`	`use Kreait\Firebase\Messaging\MessageTarget;`
`19`	`20`	`use Kreait\Firebase\Messaging\MulticastSendReport;`
`20`	`21`	`use Kreait\Firebase\Messaging\Processor\SetApnsContentAvailableIfNeeded;`
`@@ -66,7 +67,7 @@ public function send(Message\|array $message, bool $validateOnly = false): array`
`66`	`67`	`throw $error;`
`67`	`68`	`}`
`68`	`69`
`69`		`- public function sendMulticast($message, $registrationTokens, bool $validateOnly = false): MulticastSendReport`
	`70`	`+ public function sendMulticast(Message\|array $message, RegistrationTokens\|RegistrationToken\|array\|string $registrationTokens, bool $validateOnly = false): MulticastSendReport`
`70`	`71`	`{`
`71`	`72`	`$message = $message instanceof Message ? $message : new RawMessageFromArray($message);`
`72`	`73`	`$registrationTokens = RegistrationTokens::fromValue($registrationTokens);`
`@@ -80,7 +81,7 @@ public function sendMulticast($message, $registrationTokens, bool $validateOnly`
`80`	`81`	`return $this->sendAll($messages, $validateOnly);`
`81`	`82`	`}`
`82`	`83`
`83`		`- public function sendAll($messages, bool $validateOnly = false): MulticastSendReport`
	`84`	`+ public function sendAll(array\|Messages $messages, bool $validateOnly = false): MulticastSendReport`
`84`	`85`	`{`
`85`	`86`	`$messages = $this->ensureMessages($messages);`
`86`	`87`	`$requests = $this->createSendRequests($messages, $validateOnly);`
`@@ -113,12 +114,12 @@ public function sendAll($messages, bool $validateOnly = false): MulticastSendRep`
`113`	`114`	`return MulticastSendReport::withItems($sendReports);`
`114`	`115`	`}`
`115`	`116`
`116`		`- public function validate($message): array`
	`117`	`+ public function validate(Message\|array $message): array`
`117`	`118`	`{`
`118`	`119`	`return $this->send($message, true);`
`119`	`120`	`}`
`120`	`121`
`121`		`- public function validateRegistrationTokens($registrationTokenOrTokens): array`
	`122`	`+ public function validateRegistrationTokens(RegistrationTokens\|RegistrationToken\|array\|string $registrationTokenOrTokens): array`
`122`	`123`	`{`
`123`	`124`	`$tokens = RegistrationTokens::fromValue($registrationTokenOrTokens);`
`124`	`125`
`@@ -136,7 +137,7 @@ public function subscribeToTopic(string\|Topic $topic, RegistrationTokens\|Registr`
`136`	`137`	`return $this->subscribeToTopics([$topic], $registrationTokenOrTokens);`
`137`	`138`	`}`
`138`	`139`
`139`		`- public function subscribeToTopics(iterable $topics, $registrationTokenOrTokens): array`
	`140`	`+ public function subscribeToTopics(iterable $topics, RegistrationTokens\|RegistrationToken\|array\|string $registrationTokenOrTokens): array`
`140`	`141`	`{`
`141`	`142`	`$topicObjects = [];`
`142`	`143`
`@@ -166,7 +167,7 @@ public function unsubscribeFromTopics(array $topics, RegistrationTokens\|Registra`
`166`	`167`	`return $this->appInstanceApi->unsubscribeFromTopics($topics, $tokens);`
`167`	`168`	`}`
`168`	`169`
`169`		`- public function unsubscribeFromAllTopics($registrationTokenOrTokens): array`
	`170`	`+ public function unsubscribeFromAllTopics(RegistrationTokens\|RegistrationToken\|array\|string $registrationTokenOrTokens): array`
`170`	`171`	`{`
`171`	`172`	`$tokens = RegistrationTokens::fromValue($registrationTokenOrTokens);`
`172`	`173`
Original file line number	Diff line number	Diff line change
`@@ -865,7 +865,7 @@ public function signInWithIdpAccessToken(): void`
`865`	`865`	`// I don't know how to retrieve a current user access token programmatically, so we'll`
`866`	`866`	`// test the failure case only here`
`867`	`867`	`$this->expectException(FailedToSignIn::class);`
`868`		`- $this->auth->signInWithIdpAccessToken('google.com', 'invalid', Utils::uriFor('http://localhost'));`
	`868`	`+ $this->auth->signInWithIdpAccessToken('google.com', 'invalid');`
`869`	`869`	`}`
`870`	`870`
`871`	`871`	`#[Test]`