simplesamlphp
diff --git a/‎composer.json‎
Lines changed: 2 additions & 2 deletions b/‎composer.json‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎modules/core/src/Auth/Process/AttributeLimit.php‎
Lines changed: 1 addition & 1 deletion b/‎modules/core/src/Auth/Process/AttributeLimit.php‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎modules/core/src/Controller/Exception.php‎
Lines changed: 2 additions & 2 deletions b/‎modules/core/src/Controller/Exception.php‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎modules/core/src/Storage/SQLPermanentStorage.php‎
Lines changed: 2 additions & 1 deletion b/‎modules/core/src/Storage/SQLPermanentStorage.php‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎modules/saml/src/Auth/Source/SP.php‎
Lines changed: 20 additions & 29 deletions b/‎modules/saml/src/Auth/Source/SP.php‎
Lines changed: 20 additions & 29 deletions
diff --git a/‎modules/saml/src/Error.php‎
Lines changed: 9 additions & 6 deletions b/‎modules/saml/src/Error.php‎
Lines changed: 9 additions & 6 deletions
diff --git a/‎modules/saml/src/IdP/SQLNameID.php‎
Lines changed: 2 additions & 2 deletions b/‎modules/saml/src/IdP/SQLNameID.php‎
Lines changed: 2 additions & 2 deletions
@@ -44,7 +44,7 @@
         "files": ["tests/_autoload_modules.php"]
     },
     "require": {
-        "php": "^8.1",
+        "php": "^8.2",
         "ext-date": "*",
         "ext-dom": "*",
         "ext-hash": "*",
@@ -142,5 +142,5 @@
             "echo 'Post-install tasks completed!'"
         ]
     },
-    "version": "v2.4.2"
+    "version": "v2.5.0"
 }
@@ -247,7 +247,7 @@ private function filterAttributeValues(array $values, ?array $allowedConfigValue
      * @param array|null  Array with regular expressions to test against. null is equivalent to an empty array.
      * @return string|null  Regular expression that matched, or null if no match.
      */
-    private static function matchAnyRegex(string $needle, ?array $regexps = null): string | null
+    private static function matchAnyRegex(string $needle, ?array $regexps = null): string|null
     {
         if ($regexps !== null) {
             foreach ($regexps as $x => $y) {
 
@@ -34,8 +34,8 @@ class Exception
      *
      * It initializes the global configuration and auth source configuration for the controllers implemented here.
      *
-     * @param \SimpleSAML\Configuration              $config The configuration to use by the controllers.
-     * @param \SimpleSAML\Session                    $session The session to use by the controllers.
+     * @param \SimpleSAML\Configuration $config The configuration to use by the controllers.
+     * @param \SimpleSAML\Session $session The session to use by the controllers.
      *
      * @throws \Exception
      */
 
@@ -206,7 +206,7 @@ public function exists(string $type, string $key1, string $key2): bool
      * @param string|null $key2
      * @return array|false
      */
-    public function getList(?string $type = null, ?string $key1 = null, ?string $key2 = null)
+    public function getList(?string $type = null, ?string $key1 = null, ?string $key2 = null): array|false
     {
         $conditions = $this->getCondition($type, $key1, $key2);
         $query = 'SELECT * FROM data WHERE ' . $conditions;
@@ -291,6 +291,7 @@ public function removeExpired(): int
         return $prepared->rowCount();
     }
 
+
     /**
      * Create a SQL condition statement based on parameters
      *
 
@@ -27,7 +27,7 @@
 use SimpleSAML\Store\StoreFactory;
 use SimpleSAML\Utils;
 
-class SP extends \SimpleSAML\Auth\Source
+class SP extends Auth\Source
 {
     /**
      * The entity ID of this SP.
@@ -699,12 +699,11 @@ private function startSSO2(Configuration $idpMetadata, array $state): void
      * This function does not return.
      *
      * @param \SAML2\Binding $binding  The binding.
-     * @param \SAML2\AuthnRequest  $ar  The authentication request.
+     * @param \SAML2\AuthnRequest $ar  The authentication request.
      */
-    public function sendSAML2AuthnRequest(Binding $binding, AuthnRequest $ar): void
+    public function sendSAML2AuthnRequest(Binding $binding, AuthnRequest $ar): never
     {
         $binding->send($ar);
-        Assert::true(false);
     }
 
 
@@ -714,12 +713,11 @@ public function sendSAML2AuthnRequest(Binding $binding, AuthnRequest $ar): void
      * This function does not return.
      *
      * @param \SAML2\Binding $binding  The binding.
-     * @param \SAML2\LogoutRequest  $ar  The logout request.
+     * @param \SAML2\LogoutRequest $ar  The logout request.
      */
-    public function sendSAML2LogoutRequest(Binding $binding, LogoutRequest $lr): void
+    public function sendSAML2LogoutRequest(Binding $binding, LogoutRequest $lr): never
     {
         $binding->send($lr);
-        Assert::true(false);
     }
 
 
@@ -729,15 +727,14 @@ public function sendSAML2LogoutRequest(Binding $binding, LogoutRequest $lr): voi
      * @param string $idp  The entity ID of the IdP.
      * @param array $state  The state array for the current authentication.
      */
-    public function startSSO(string $idp, array $state): void
+    public function startSSO(string $idp, array $state): never
     {
         $idpMetadata = $this->getIdPMetadata($idp);
 
         $type = $idpMetadata->getString('metadata-set');
         Assert::oneOf($type, ['saml20-idp-remote']);
 
         $this->startSSO2($idpMetadata, $state);
-        Assert::true(false); // Should not return
     }
 
 
@@ -746,7 +743,7 @@ public function startSSO(string $idp, array $state): void
      *
      * @param array $state  The state array.
      */
-    private function startDisco(array $state): void
+    private function startDisco(array $state): never
     {
         $id = Auth\State::saveState($state, 'saml:sp:sso');
 
@@ -784,7 +781,7 @@ private function startDisco(array $state): void
      *
      * @param array &$state  Information about the current authentication.
      */
-    public function authenticate(array &$state): void
+    public function authenticate(array &$state): never
     {
         // We are going to need the authId in order to retrieve this authentication source later
         $state['saml:sp:AuthId'] = $this->authId;
@@ -822,11 +819,9 @@ public function authenticate(array &$state): void
 
         if ($idp === null) {
             $this->startDisco($state);
-            Assert::true(false);
+        } else {
+            $this->startSSO($idp, $state);
         }
-
-        $this->startSSO($idp, $state);
-        Assert::true(false);
     }
 
 
@@ -949,7 +944,7 @@ public function reauthenticate(array &$state): void
      *
      * @throws \SAML2\Exception\Protocol\NoPassiveException In case the authentication request was passive.
      */
-    public static function askForIdPChange(array &$state): void
+    public static function askForIdPChange(array &$state): never
     {
         Assert::keyExists($state, 'saml:sp:IdPMetadata');
         Assert::keyExists($state, 'saml:sp:AuthId');
@@ -969,7 +964,6 @@ public static function askForIdPChange(array &$state): void
 
         $httpUtils = new Utils\HTTP();
         $httpUtils->redirectTrustedURL($url, ['AuthState' => $id]);
-        Assert::true(false);
     }
 
 
@@ -985,7 +979,7 @@ public static function askForIdPChange(array &$state): void
      * - 'saml:sp:AuthId': the identifier of the current authentication source.
      * @throws \SAML2\Exception\Protocol\NoPassiveException In case the authentication request was passive.
      */
-    public static function tryStepUpAuth(array &$state): void
+    public static function tryStepUpAuth(array &$state): never
     {
         Assert::keyExists($state, 'saml:idp');
         Assert::keyExists($state, 'saml:sp:AuthId');
@@ -1000,7 +994,6 @@ public static function tryStepUpAuth(array &$state): void
         /** @var \SimpleSAML\Module\saml\Auth\Source\SP $as */
         $as = new Auth\Simple($state['saml:sp:AuthId']);
         $as->login($state);
-        Assert::true(false);
     }
 
 
@@ -1011,7 +1004,7 @@ public static function tryStepUpAuth(array &$state): void
      *
      * @param array $state The state array.
      */
-    public static function reauthLogout(array $state): void
+    public static function reauthLogout(array $state): never
     {
         Logger::debug('Proxy: logging the user out before re-authentication.');
 
@@ -1022,7 +1015,6 @@ public static function reauthLogout(array $state): void
 
         $idp = IdP::getByState($state);
         $idp->handleLogoutRequest($state, null);
-        Assert::true(false);
     }
 
 
@@ -1031,7 +1023,7 @@ public static function reauthLogout(array $state): void
      *
      * @param array $state  The authentication state.
      */
-    public static function reauthPostLogin(array $state): void
+    public static function reauthPostLogin(array $state): never
     {
         Assert::keyExists($state, 'ReturnCallback');
 
@@ -1042,7 +1034,6 @@ public static function reauthPostLogin(array $state): void
 
         // resume the login process
         call_user_func($state['ReturnCallback'], $state);
-        Assert::true(false);
     }
 
 
@@ -1054,7 +1045,7 @@ public static function reauthPostLogin(array $state): void
      * @param \SimpleSAML\IdP $idp The IdP we are logging out from.
      * @param array &$state The state array with the state during logout.
      */
-    public static function reauthPostLogout(IdP $idp, array $state): void
+    public static function reauthPostLogout(IdP $idp, array $state): never
     {
         Assert::keyExists($state, 'saml:sp:AuthId');
 
@@ -1069,7 +1060,6 @@ public static function reauthPostLogout(IdP $idp, array $state): void
 
         Logger::debug('Proxy: logging in again.');
         $sp->authenticate($state);
-        Assert::true(false);
     }
 
 
@@ -1160,7 +1150,7 @@ public function logout(array &$state): void
      * @param string $idp  The entity id of the IdP.
      * @param array $attributes  The attributes.
      */
-    public function handleResponse(array $state, string $idp, array $attributes): void
+    public function handleResponse(array $state, string $idp, array $attributes): never
     {
         Assert::keyExists($state, 'LogoutState');
         Assert::keyExists($state['LogoutState'], 'saml:logout:Type');
@@ -1187,6 +1177,7 @@ public function handleResponse(array $state, string $idp, array $attributes): vo
         if (isset($state['saml:sp:NameID'])) {
             $authProcState['saml:sp:NameID'] = $state['saml:sp:NameID'];
         }
+
         if (isset($state['saml:sp:SessionIndex'])) {
             $authProcState['saml:sp:SessionIndex'] = $state['saml:sp:SessionIndex'];
         }
@@ -1203,7 +1194,7 @@ public function handleResponse(array $state, string $idp, array $attributes): vo
      *
      * @param string $idpEntityId  The entity ID of the IdP.
      */
-    public function handleLogout(string $idpEntityId): void
+    public function handleLogout(string $idpEntityId): never
     {
         /* Call the logout callback we registered in onProcessingCompleted(). */
         $this->callLogoutCallback($idpEntityId);
@@ -1224,7 +1215,7 @@ public function handleLogout(string $idpEntityId): void
      * manually check the URL on beforehand. Please refer to the 'trusted.url.domains'
      * configuration directive for more information about allowing (or disallowing) URLs.
      */
-    public static function handleUnsolicitedAuth(string $authId, array $state, string $redirectTo): void
+    public static function handleUnsolicitedAuth(string $authId, array $state, string $redirectTo): never
     {
         $session = Session::getSessionFromRequest();
         $session->doLogin($authId, Auth\State::getPersistentAuthData($state));
@@ -1239,7 +1230,7 @@ public static function handleUnsolicitedAuth(string $authId, array $state, strin
      *
      * @param array $authProcState  The processing chain state.
      */
-    public static function onProcessingCompleted(array $authProcState): void
+    public static function onProcessingCompleted(array $authProcState): never
     {
         Assert::keyExists($authProcState, 'saml:sp:IdP');
         Assert::keyExists($authProcState, 'saml:sp:State');
 
@@ -4,7 +4,10 @@
 
 namespace SimpleSAML\Module\saml;
 
-use SAML2\Constants;
+use SimpleSAML\Error as SSPError;
+use SimpleSAML\Module\saml\Error as SAMLError;
+use SimpleSAML\Module\saml\Error\NoPassive;
+use SimpleSAML\SAML2\Constants;
 use Throwable;
 
 /**
@@ -13,7 +16,7 @@
  * @package SimpleSAMLphp
  */
 
-class Error extends \SimpleSAML\Error\Exception
+class Error extends SSPError\Exception
 {
     /**
      * Create a SAML 2 error.
@@ -84,9 +87,9 @@ public function getStatusMessage(): ?string
      * @param \Throwable $e  The original exception.
      * @return \SimpleSAML\Error\Exception  The new exception.
      */
-    public static function fromException(Throwable $e): \SimpleSAML\Error\Exception
+    public static function fromException(Throwable $e): SSPError\Exception
     {
-        if ($e instanceof \SimpleSAML\Module\saml\Error) {
+        if ($e instanceof SAMLError) {
             // Return the original exception unchanged
             return $e;
         } else {
@@ -113,15 +116,15 @@ public static function fromException(Throwable $e): \SimpleSAML\Error\Exception
      *
      * @return \SimpleSAML\Error\Exception  An exception representing this error.
      */
-    public function toException(): \SimpleSAML\Error\Exception
+    public function toException(): SSPError\Exception
     {
         $e = null;
 
         switch ($this->status) {
             case Constants::STATUS_RESPONDER:
                 switch ($this->subStatus) {
                     case Constants::STATUS_NO_PASSIVE:
-                        $e = new \SimpleSAML\Module\saml\Error\NoPassive(
+                        $e = new NoPassive(
                             Constants::STATUS_RESPONDER,
                             $this->statusMessage,
                         );
 
@@ -53,7 +53,7 @@ private static function read(string $query, array $params = [], array $config =
      * @param array $config
      * @return int|false The number of rows affected by the query or false on error.
      */
-    private static function write(string $query, array $params = [], array $config = [])
+    private static function write(string $query, array $params = [], array $config = []): int|false
     {
         if (!empty($config)) {
             $database = Database::getInstance(Configuration::loadFromArray($config));
@@ -121,7 +121,7 @@ private static function createAndRead(string $query, array $params = [], array $
      * @param array $config
      * @return int|false The number of rows affected by the query or false on error.
      */
-    private static function createAndWrite(string $query, array $params = [], array $config = [])
+    private static function createAndWrite(string $query, array $params = [], array $config = []): int|false
     {
         self::create($config);
         return self::write($query, $params, $config);
Original file line number	Diff line number	Diff line change
`@@ -247,7 +247,7 @@ private function filterAttributeValues(array $values, ?array $allowedConfigValue`
`247`	`247`	`* @param array\|null Array with regular expressions to test against. null is equivalent to an empty array.`
`248`	`248`	`* @return string\|null Regular expression that matched, or null if no match.`
`249`	`249`	`*/`
`250`		`- private static function matchAnyRegex(string $needle, ?array $regexps = null): string \| null`
	`250`	`+ private static function matchAnyRegex(string $needle, ?array $regexps = null): string\|null`
`251`	`251`	`{`
`252`	`252`	`if ($regexps !== null) {`
`253`	`253`	`foreach ($regexps as $x => $y) {`
Original file line number	Diff line number	Diff line change
`@@ -34,8 +34,8 @@ class Exception`
`34`	`34`	`*`
`35`	`35`	`* It initializes the global configuration and auth source configuration for the controllers implemented here.`
`36`	`36`	`*`
`37`		`- * @param \SimpleSAML\Configuration $config The configuration to use by the controllers.`
`38`		`- * @param \SimpleSAML\Session $session The session to use by the controllers.`
	`37`	`+ * @param \SimpleSAML\Configuration $config The configuration to use by the controllers.`
	`38`	`+ * @param \SimpleSAML\Session $session The session to use by the controllers.`
`39`	`39`	`*`
`40`	`40`	`* @throws \Exception`
`41`	`41`	`*/`
Original file line number	Diff line number	Diff line change
`@@ -206,7 +206,7 @@ public function exists(string $type, string $key1, string $key2): bool`
`206`	`206`	`* @param string\|null $key2`
`207`	`207`	`* @return array\|false`
`208`	`208`	`*/`
`209`		`- public function getList(?string $type = null, ?string $key1 = null, ?string $key2 = null)`
	`209`	`+ public function getList(?string $type = null, ?string $key1 = null, ?string $key2 = null): array\|false`
`210`	`210`	`{`
`211`	`211`	`$conditions = $this->getCondition($type, $key1, $key2);`
`212`	`212`	`$query = 'SELECT * FROM data WHERE ' . $conditions;`
`@@ -291,6 +291,7 @@ public function removeExpired(): int`
`291`	`291`	`return $prepared->rowCount();`
`292`	`292`	`}`
`293`	`293`
	`294`	`+`
`294`	`295`	`/**`
`295`	`296`	`* Create a SQL condition statement based on parameters`
`296`	`297`	`*`
Original file line number	Diff line number	Diff line change
`@@ -27,7 +27,7 @@`
`27`	`27`	`use SimpleSAML\Store\StoreFactory;`
`28`	`28`	`use SimpleSAML\Utils;`
`29`	`29`
`30`		`-class SP extends \SimpleSAML\Auth\Source`
	`30`	`+class SP extends Auth\Source`
`31`	`31`	`{`
`32`	`32`	`/**`
`33`	`33`	`* The entity ID of this SP.`
`@@ -699,12 +699,11 @@ private function startSSO2(Configuration $idpMetadata, array $state): void`
`699`	`699`	`* This function does not return.`
`700`	`700`	`*`
`701`	`701`	`* @param \SAML2\Binding $binding The binding.`
`702`		`- * @param \SAML2\AuthnRequest $ar The authentication request.`
	`702`	`+ * @param \SAML2\AuthnRequest $ar The authentication request.`
`703`	`703`	`*/`
`704`		`- public function sendSAML2AuthnRequest(Binding $binding, AuthnRequest $ar): void`
	`704`	`+ public function sendSAML2AuthnRequest(Binding $binding, AuthnRequest $ar): never`
`705`	`705`	`{`
`706`	`706`	`$binding->send($ar);`
`707`		`- Assert::true(false);`
`708`	`707`	`}`
`709`	`708`
`710`	`709`
`@@ -714,12 +713,11 @@ public function sendSAML2AuthnRequest(Binding $binding, AuthnRequest $ar): void`
`714`	`713`	`* This function does not return.`
`715`	`714`	`*`
`716`	`715`	`* @param \SAML2\Binding $binding The binding.`
`717`		`- * @param \SAML2\LogoutRequest $ar The logout request.`
	`716`	`+ * @param \SAML2\LogoutRequest $ar The logout request.`
`718`	`717`	`*/`
`719`		`- public function sendSAML2LogoutRequest(Binding $binding, LogoutRequest $lr): void`
	`718`	`+ public function sendSAML2LogoutRequest(Binding $binding, LogoutRequest $lr): never`
`720`	`719`	`{`
`721`	`720`	`$binding->send($lr);`
`722`		`- Assert::true(false);`
`723`	`721`	`}`
`724`	`722`
`725`	`723`
`@@ -729,15 +727,14 @@ public function sendSAML2LogoutRequest(Binding $binding, LogoutRequest $lr): voi`
`729`	`727`	`* @param string $idp The entity ID of the IdP.`
`730`	`728`	`* @param array $state The state array for the current authentication.`
`731`	`729`	`*/`
`732`		`- public function startSSO(string $idp, array $state): void`
	`730`	`+ public function startSSO(string $idp, array $state): never`
`733`	`731`	`{`
`734`	`732`	`$idpMetadata = $this->getIdPMetadata($idp);`
`735`	`733`
`736`	`734`	`$type = $idpMetadata->getString('metadata-set');`
`737`	`735`	`Assert::oneOf($type, ['saml20-idp-remote']);`
`738`	`736`
`739`	`737`	`$this->startSSO2($idpMetadata, $state);`
`740`		`- Assert::true(false); // Should not return`
`741`	`738`	`}`
`742`	`739`
`743`	`740`
`@@ -746,7 +743,7 @@ public function startSSO(string $idp, array $state): void`
`746`	`743`	`*`
`747`	`744`	`* @param array $state The state array.`
`748`	`745`	`*/`
`749`		`- private function startDisco(array $state): void`
	`746`	`+ private function startDisco(array $state): never`
`750`	`747`	`{`
`751`	`748`	`$id = Auth\State::saveState($state, 'saml:sp:sso');`
`752`	`749`
`@@ -784,7 +781,7 @@ private function startDisco(array $state): void`
`784`	`781`	`*`
`785`	`782`	`* @param array &$state Information about the current authentication.`
`786`	`783`	`*/`
`787`		`- public function authenticate(array &$state): void`
	`784`	`+ public function authenticate(array &$state): never`
`788`	`785`	`{`
`789`	`786`	`// We are going to need the authId in order to retrieve this authentication source later`
`790`	`787`	`$state['saml:sp:AuthId'] = $this->authId;`
`@@ -822,11 +819,9 @@ public function authenticate(array &$state): void`
`822`	`819`
`823`	`820`	`if ($idp === null) {`
`824`	`821`	`$this->startDisco($state);`
`825`		`- Assert::true(false);`
	`822`	`+ } else {`
	`823`	`+ $this->startSSO($idp, $state);`
`826`	`824`	`}`
`827`		`-`
`828`		`- $this->startSSO($idp, $state);`
`829`		`- Assert::true(false);`
`830`	`825`	`}`
`831`	`826`
`832`	`827`
`@@ -949,7 +944,7 @@ public function reauthenticate(array &$state): void`
`949`	`944`	`*`
`950`	`945`	`* @throws \SAML2\Exception\Protocol\NoPassiveException In case the authentication request was passive.`
`951`	`946`	`*/`
`952`		`- public static function askForIdPChange(array &$state): void`
	`947`	`+ public static function askForIdPChange(array &$state): never`
`953`	`948`	`{`
`954`	`949`	`Assert::keyExists($state, 'saml:sp:IdPMetadata');`
`955`	`950`	`Assert::keyExists($state, 'saml:sp:AuthId');`
`@@ -969,7 +964,6 @@ public static function askForIdPChange(array &$state): void`
`969`	`964`
`970`	`965`	`$httpUtils = new Utils\HTTP();`
`971`	`966`	`$httpUtils->redirectTrustedURL($url, ['AuthState' => $id]);`
`972`		`- Assert::true(false);`
`973`	`967`	`}`
`974`	`968`
`975`	`969`
`@@ -985,7 +979,7 @@ public static function askForIdPChange(array &$state): void`
`985`	`979`	`* - 'saml:sp:AuthId': the identifier of the current authentication source.`
`986`	`980`	`* @throws \SAML2\Exception\Protocol\NoPassiveException In case the authentication request was passive.`
`987`	`981`	`*/`
`988`		`- public static function tryStepUpAuth(array &$state): void`
	`982`	`+ public static function tryStepUpAuth(array &$state): never`
`989`	`983`	`{`
`990`	`984`	`Assert::keyExists($state, 'saml:idp');`
`991`	`985`	`Assert::keyExists($state, 'saml:sp:AuthId');`
`@@ -1000,7 +994,6 @@ public static function tryStepUpAuth(array &$state): void`
`1000`	`994`	`/** @var \SimpleSAML\Module\saml\Auth\Source\SP $as */`
`1001`	`995`	`$as = new Auth\Simple($state['saml:sp:AuthId']);`
`1002`	`996`	`$as->login($state);`
`1003`		`- Assert::true(false);`
`1004`	`997`	`}`
`1005`	`998`
`1006`	`999`
`@@ -1011,7 +1004,7 @@ public static function tryStepUpAuth(array &$state): void`
`1011`	`1004`	`*`
`1012`	`1005`	`* @param array $state The state array.`
`1013`	`1006`	`*/`
`1014`		`- public static function reauthLogout(array $state): void`
	`1007`	`+ public static function reauthLogout(array $state): never`
`1015`	`1008`	`{`
`1016`	`1009`	`Logger::debug('Proxy: logging the user out before re-authentication.');`
`1017`	`1010`
`@@ -1022,7 +1015,6 @@ public static function reauthLogout(array $state): void`
`1022`	`1015`
`1023`	`1016`	`$idp = IdP::getByState($state);`
`1024`	`1017`	`$idp->handleLogoutRequest($state, null);`
`1025`		`- Assert::true(false);`
`1026`	`1018`	`}`
`1027`	`1019`
`1028`	`1020`
`@@ -1031,7 +1023,7 @@ public static function reauthLogout(array $state): void`
`1031`	`1023`	`*`
`1032`	`1024`	`* @param array $state The authentication state.`
`1033`	`1025`	`*/`
`1034`		`- public static function reauthPostLogin(array $state): void`
	`1026`	`+ public static function reauthPostLogin(array $state): never`
`1035`	`1027`	`{`
`1036`	`1028`	`Assert::keyExists($state, 'ReturnCallback');`
`1037`	`1029`
`@@ -1042,7 +1034,6 @@ public static function reauthPostLogin(array $state): void`
`1042`	`1034`
`1043`	`1035`	`// resume the login process`
`1044`	`1036`	`call_user_func($state['ReturnCallback'], $state);`
`1045`		`- Assert::true(false);`
`1046`	`1037`	`}`
`1047`	`1038`
`1048`	`1039`
`@@ -1054,7 +1045,7 @@ public static function reauthPostLogin(array $state): void`
`1054`	`1045`	`* @param \SimpleSAML\IdP $idp The IdP we are logging out from.`
`1055`	`1046`	`* @param array &$state The state array with the state during logout.`
`1056`	`1047`	`*/`
`1057`		`- public static function reauthPostLogout(IdP $idp, array $state): void`
	`1048`	`+ public static function reauthPostLogout(IdP $idp, array $state): never`
`1058`	`1049`	`{`
`1059`	`1050`	`Assert::keyExists($state, 'saml:sp:AuthId');`
`1060`	`1051`
`@@ -1069,7 +1060,6 @@ public static function reauthPostLogout(IdP $idp, array $state): void`
`1069`	`1060`
`1070`	`1061`	`Logger::debug('Proxy: logging in again.');`
`1071`	`1062`	`$sp->authenticate($state);`
`1072`		`- Assert::true(false);`
`1073`	`1063`	`}`
`1074`	`1064`
`1075`	`1065`
`@@ -1160,7 +1150,7 @@ public function logout(array &$state): void`
`1160`	`1150`	`* @param string $idp The entity id of the IdP.`
`1161`	`1151`	`* @param array $attributes The attributes.`
`1162`	`1152`	`*/`
`1163`		`- public function handleResponse(array $state, string $idp, array $attributes): void`
	`1153`	`+ public function handleResponse(array $state, string $idp, array $attributes): never`
`1164`	`1154`	`{`
`1165`	`1155`	`Assert::keyExists($state, 'LogoutState');`
`1166`	`1156`	`Assert::keyExists($state['LogoutState'], 'saml:logout:Type');`
`@@ -1187,6 +1177,7 @@ public function handleResponse(array $state, string $idp, array $attributes): vo`
`1187`	`1177`	`if (isset($state['saml:sp:NameID'])) {`
`1188`	`1178`	`$authProcState['saml:sp:NameID'] = $state['saml:sp:NameID'];`
`1189`	`1179`	`}`
	`1180`	`+`
`1190`	`1181`	`if (isset($state['saml:sp:SessionIndex'])) {`
`1191`	`1182`	`$authProcState['saml:sp:SessionIndex'] = $state['saml:sp:SessionIndex'];`
`1192`	`1183`	`}`
`@@ -1203,7 +1194,7 @@ public function handleResponse(array $state, string $idp, array $attributes): vo`
`1203`	`1194`	`*`
`1204`	`1195`	`* @param string $idpEntityId The entity ID of the IdP.`
`1205`	`1196`	`*/`
`1206`		`- public function handleLogout(string $idpEntityId): void`
	`1197`	`+ public function handleLogout(string $idpEntityId): never`
`1207`	`1198`	`{`
`1208`	`1199`	`/* Call the logout callback we registered in onProcessingCompleted(). */`
`1209`	`1200`	`$this->callLogoutCallback($idpEntityId);`
`@@ -1224,7 +1215,7 @@ public function handleLogout(string $idpEntityId): void`
`1224`	`1215`	`* manually check the URL on beforehand. Please refer to the 'trusted.url.domains'`
`1225`	`1216`	`* configuration directive for more information about allowing (or disallowing) URLs.`
`1226`	`1217`	`*/`
`1227`		`- public static function handleUnsolicitedAuth(string $authId, array $state, string $redirectTo): void`
	`1218`	`+ public static function handleUnsolicitedAuth(string $authId, array $state, string $redirectTo): never`
`1228`	`1219`	`{`
`1229`	`1220`	`$session = Session::getSessionFromRequest();`
`1230`	`1221`	`$session->doLogin($authId, Auth\State::getPersistentAuthData($state));`
`@@ -1239,7 +1230,7 @@ public static function handleUnsolicitedAuth(string $authId, array $state, strin`
`1239`	`1230`	`*`
`1240`	`1231`	`* @param array $authProcState The processing chain state.`
`1241`	`1232`	`*/`
`1242`		`- public static function onProcessingCompleted(array $authProcState): void`
	`1233`	`+ public static function onProcessingCompleted(array $authProcState): never`
`1243`	`1234`	`{`
`1244`	`1235`	`Assert::keyExists($authProcState, 'saml:sp:IdP');`
`1245`	`1236`	`Assert::keyExists($authProcState, 'saml:sp:State');`