Add type restrictions to Oauth directory #15687
Conversation
Vici37
force-pushed
the
add-type-restrictions-to-oauth
branch
from
f7312bf to
110f338
Compare
src/oauth/authorization_header.cr
Outdated
| @@ -6,7 +6,7 @@ struct OAuth::AuthorizationHeader | |||
| @first = true | |||
| end | |||
|
|
|||
| def add(key, value) | |||
| def add(key : String, value : String?) : Bool? | |||
There was a problem hiding this comment.
suggestion: The return type Bool? is technically correct. But it doesn't make sense.
Bool is inferred from the last expression. It just accidentally leaks an irrelevant internal detail. The return type should be only Nil.
| def add(key : String, value : String?) : Bool? | |
| def add(key : String, value : String?) : Nil |
| @@ -2,7 +2,7 @@ | |||
| # | |||
| # Use `#authenticate` to authenticate an `HTTP::Client`. | |||
| abstract class OAuth2::AccessToken | |||
| def self.new(pull : JSON::PullParser) | |||
| def self.new(pull : JSON::PullParser) : OAuth2::AccessToken | |||
There was a problem hiding this comment.
suggestion: Use self to designate this method as a constructor.
| def self.new(pull : JSON::PullParser) : OAuth2::AccessToken | |
| def self.new(pull : JSON::PullParser) : self |
Technically, this is might not even be necessary because the method name .new implies a constructor. But it's still best to follow the expected type annotation scheme for constructors.
Ditto below.
src/oauth2/access_token/mac.cr
Outdated
| @@ -34,7 +34,7 @@ class OAuth2::AccessToken::Mac < OAuth2::AccessToken | |||
| request.headers["Authorization"] = header | |||
| end | |||
|
|
|||
| def self.signature(ts, nonce, method, uri, host, port, ext, mac_algorithm, mac_key) : String | |||
| def self.signature(ts : Int64 | Int32, nonce : String, method : String, uri : String, host : String, port : Int32 | String, ext : String, mac_algorithm : String, mac_key : String) : String | |||
There was a problem hiding this comment.
suggestion: Unions between numeric types should almost always be resolved to either an abstract type like Int or the biggest possible type (to make use of autocasting).
ts is a unix timestamp, so in theory it should probably be UInt64.
But that won't autocast from any signed integer type.
Maybe Int is best then... or leave it unrestrictected?
There was a problem hiding this comment.
I only see ts used for its string construction of the normalized_request_string, so unrestricted makes sense, too. I didn't realize ts stood for timestamp, ha. I can remove the restriction on that argument for now.
Vici37
force-pushed
the
add-type-restrictions-to-oauth
branch
from
110f338 to
674981b
Compare
|
@Vici37 Please avoid force-pushes on PRs with active review, in order to preserve history and make the reviewer's jobs easier (cf. https://github.com/crystal-lang/crystal/blob/master/CONTRIBUTING.md#making-good-pull-requests). That means, no rebasing. Just keep old commits around and push new ones (which can include merges with master). |
|
Whoops! Yup, my mistake, sorry about that. Happy to have learned that lesson through a relatively small PR 😅 |
| @@ -72,7 +72,7 @@ class OAuth::Consumer | |||
| # [RFC 5849, Section 2.1](https://tools.ietf.org/html/rfc5849#section-2.1). | |||
| # | |||
| # Raises `OAuth::Error` if there was an error getting the request token. | |||
| def get_request_token(oauth_callback = "oob") # : RequestToken | |||
| def get_request_token(oauth_callback : String = "oob") : OAuth::RequestToken | |||
There was a problem hiding this comment.
Full path is not needed.
| def get_request_token(oauth_callback : String = "oob") : OAuth::RequestToken | |
| def get_request_token(oauth_callback : String = "oob") : RequestToken |
| @@ -81,7 +81,7 @@ class OAuth::Consumer | |||
| # Returns an authorize URI from a given request token to redirect the user | |||
| # to obtain an access token, as specified by | |||
| # [RFC 5849, Section 2.2](https://tools.ietf.org/html/rfc5849#section-2.2). | |||
| def get_authorize_uri(request_token, oauth_callback = nil) : String | |||
| def get_authorize_uri(request_token : OAuth::RequestToken, oauth_callback : String? = nil) : String | |||
There was a problem hiding this comment.
ditto
| def get_authorize_uri(request_token : OAuth::RequestToken, oauth_callback : String? = nil) : String | |
| def get_authorize_uri(request_token : RequestToken, oauth_callback : String? = nil) : String |
| @@ -116,7 +116,7 @@ class OAuth::Consumer | |||
| # [RFC 5849, Section 2.3](https://tools.ietf.org/html/rfc5849#section-2.3). | |||
| # | |||
| # Raises `OAuth::Error` if there was an error getting the access token. | |||
| def get_access_token(request_token, oauth_verifier, extra_params = nil) : AccessToken | |||
| def get_access_token(request_token : OAuth::RequestToken, oauth_verifier : String, extra_params : Hash(String, String)? = nil) : AccessToken | |||
There was a problem hiding this comment.
ditto
| def get_access_token(request_token : OAuth::RequestToken, oauth_verifier : String, extra_params : Hash(String, String)? = nil) : AccessToken | |
| def get_access_token(request_token : RequestToken, oauth_verifier : String, extra_params : Hash(String, String)? = nil) : AccessToken |
| @@ -34,7 +34,7 @@ class OAuth2::AccessToken::Mac < OAuth2::AccessToken | |||
| request.headers["Authorization"] = header | |||
| end | |||
|
|
|||
| def self.signature(ts, nonce, method, uri, host, port, ext, mac_algorithm, mac_key) : String | |||
| def self.signature(ts, nonce : String, method : String, uri : String, host : String, port : Int32 | String, ext : String, mac_algorithm : String, mac_key : String) : String | |||
There was a problem hiding this comment.
String restriction for port seems a bit odd...
There was a problem hiding this comment.
Ha, agreed, good catch. Looks to be caused by this spec that's passing in "4000" for the port
This is the output of compiling cr-source-typer and running it with the below incantation:
This is related to #15682 .