misc improvements - stronger types, exception refactor

src/Features/CrossDomainRedirect.php

@@ -15,7 +15,7 @@ class CrossDomainRedirect implements Feature
         RedirectResponse::macro('domain', function (string $domain) {
             /** @var RedirectResponse $this */
 
-            // replace first occurance of hostname fragment with $domain
+            // Replace first occurrence of the hostname fragment with $domain
             $url = $this->getTargetUrl();
             $hostname = parse_url($url, PHP_URL_HOST);
             $position = strpos($url, $hostname);

src/Features/UniversalRoutes.php

@@ -13,9 +13,10 @@ use Stancl\Tenancy\Tenancy;
 
 class UniversalRoutes implements Feature
 {
-    public static $middlewareGroup = 'universal';
+    public static string $middlewareGroup = 'universal';
 
-    public static $identificationMiddlewares = [
+    // todo docblock
+    public static array $identificationMiddlewares = [
         Middleware\InitializeTenancyByDomain::class,
         Middleware\InitializeTenancyBySubdomain::class,
     ];
@@ -39,7 +40,7 @@ class UniversalRoutes implements Feature
         }
     }
 
-    public static function routeHasMiddleware(Route $route, $middleware): bool
+    public static function routeHasMiddleware(Route $route, string $middleware): bool
     {
         if (in_array($middleware, $route->middleware(), true)) {
             return true;

src/Features/UserImpersonation.php

@@ -4,7 +4,6 @@ declare(strict_types=1);
 
 namespace Stancl\Tenancy\Features;
 
-use Carbon\Carbon;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Support\Facades\Auth;
 use Stancl\Tenancy\Contracts\Feature;
@@ -14,7 +13,8 @@ use Stancl\Tenancy\Tenancy;
 
 class UserImpersonation implements Feature
 {
-    public static $ttl = 60; // seconds
+    /** The lifespan of impersonation tokens (in seconds). */
+    public static int $ttl = 60;
 
     public function bootstrap(Tenancy $tenancy): void
     {
@@ -28,25 +28,20 @@ class UserImpersonation implements Feature
         });
     }
 
-    /**
-     * Impersonate a user and get an HTTP redirect response.
-     *
-     * @param string|ImpersonationToken $token
-     * @param int $ttl
-     */
-    public static function makeResponse($token, int $ttl = null): RedirectResponse
+    /** Impersonate a user and get an HTTP redirect response. */
+    public static function makeResponse(string|ImpersonationToken $token, int $ttl = null): RedirectResponse
     {
         $token = $token instanceof ImpersonationToken ? $token : ImpersonationToken::findOrFail($token);
+        $ttl ??= static::$ttl;
 
-        if (((string) $token->tenant_id) !== ((string) tenant()->getTenantKey())) {
-            abort(403);
-        }
+        $tokenExpired = $token->created_at->diffInSeconds(now()) > $ttl;
 
-        $ttl = $ttl ?? static::$ttl;
+        abort_if($tokenExpired, 403);
 
-        if ($token->created_at->diffInSeconds(Carbon::now()) > $ttl) {
-            abort(403);
-        }
+        $tokenTenantId = (string) $token->tenant_id;
+        $currentTenantId = (string) tenant()->getTenantKey();
+
+        abort_unless($tokenTenantId === $currentTenantId, 403);
 
         Auth::guard($token->auth_guard)->loginUsingId($token->user_id);