[1.0.x] BankID

Thank you for applying!

Please read Review process for security advisory coverage: What to expect → for more details and Security advisory coverage application checklist → to understand what reviewers look for. Tips for ensuring a smooth review → gives some hints for a smoother review.

The important notes are the following.

• If you have not done it yet, you should run phpcs --standard=Drupal,DrupalPractice on the project, which alone fixes most of what reviewers would report.
• For the time this application is open, only your commits are allowed.
• The purpose of this application is giving you a new drupal.org role that allows you to opt projects into security advisory coverage, either projects you already created, or projects you will create. The project status won't be changed by this application and no other user will be able to opt projects into security advisory policy.
• We only accept an application per user. If you change your mind about the project to use for this application, or it is necessary to use a different project for the application, please update the issue summary with the link to the correct project and the issue title with the project name and the branch to review.

To the reviewers

Please read How to review security advisory coverage applications → , Application workflow → , What to cover in an application review → , and Tools to use for reviews → .

The important notes are the following.

• It is preferable to wait for a Code Review Administrator before commenting on newly created applications. Code Review Administrators will do some preliminary checks that are necessary before any change on the project files is suggested.
• Reviewers should show the output of a CLI tool → only once per application.
• It may be best to have the applicant fix things before further review.

For new reviewers, I would also suggest to first read In which way the issue queue for coverage applications is different from other project queues → .

1. Fix PHPCS issues.

phpcs --standard=Drupal,DrupalPractice --extensions=php,module,inc,install,test,profile,theme,css,info,txt,md,yml bankid/

FILE: bankid/bankid.info.yml
-------------------------------------------------------------------------------
FOUND 1 ERROR AND 1 WARNING AFFECTING 2 LINES
-------------------------------------------------------------------------------
 1 | WARNING | [ ] Remove "version" from the info file, it will be added by drupal.org packaging automatically
 8 | ERROR   | [x] Expected 1 newline at end of file; 0 found
-------------------------------------------------------------------------------
PHPCBF CAN FIX THE 1 MARKED SNIFF VIOLATIONS AUTOMATICALLY
-------------------------------------------------------------------------------

FILE: bankid/assets/FPTestcert4_20230629_passphrase.txt
-------------------------------------------------------------------------------
FOUND 1 ERROR AFFECTING 1 LINE
-------------------------------------------------------------------------------
 1 | ERROR | [x] Expected 1 newline at end of file; 0 found
-------------------------------------------------------------------------------
PHPCBF CAN FIX THE 1 MARKED SNIFF VIOLATIONS AUTOMATICALLY
-------------------------------------------------------------------------------

FILE: bankid/bankid.services.yml
----------------------------------------------------------------------
FOUND 1 ERROR AFFECTING 1 LINE
----------------------------------------------------------------------
 12 | ERROR | [x] Expected 1 newline at end of file; 0 found
----------------------------------------------------------------------
PHPCBF CAN FIX THE 1 MARKED SNIFF VIOLATIONS AUTOMATICALLY
----------------------------------------------------------------------

FILE: bankid/README.md
-------------------------------------------------------------------------
FOUND 1 ERROR AND 5 WARNINGS AFFECTING 6 LINES
-------------------------------------------------------------------------
  48 | WARNING | [ ] Line exceeds 80 characters; contains 83 characters
  80 | WARNING | [ ] Line exceeds 80 characters; contains 88 characters
  83 | WARNING | [ ] Line exceeds 80 characters; contains 112 characters
  88 | WARNING | [ ] Line exceeds 80 characters; contains 99 characters
  89 | WARNING | [ ] Line exceeds 80 characters; contains 115 characters
 105 | ERROR   | [x] Expected 1 newline at end of file; 0 found
-------------------------------------------------------------------------
PHPCBF CAN FIX THE 1 MARKED SNIFF VIOLATIONS AUTOMATICALLY
-------------------------------------------------------------------------

FILE: bankid/bankid.links.task.yml
----------------------------------------------------------------------
FOUND 1 ERROR AFFECTING 1 LINE
----------------------------------------------------------------------
 4 | ERROR | [x] Expected 1 newline at end of file; 0 found
----------------------------------------------------------------------
PHPCBF CAN FIX THE 1 MARKED SNIFF VIOLATIONS AUTOMATICALLY
----------------------------------------------------------------------

FILE: bankid/bankid.module
-------------------------------------------------------------------------------
FOUND 7 ERRORS AFFECTING 7 LINES
-------------------------------------------------------------------------------
  1 | ERROR | [x] Missing file doc comment
  6 | ERROR | [x] Additional blank lines found at end of doc comment
 16 | ERROR | [ ] bankid_install() is an installation hook and must be declared in an install file
 23 | ERROR | [x] TRUE, FALSE and NULL must be uppercase; expected "TRUE" but found "true"
 24 | ERROR | [x] TRUE, FALSE and NULL must be uppercase; expected "TRUE" but found "true"
 30 | ERROR | [x] TRUE, FALSE and NULL must be uppercase; expected "TRUE" but found "true"
 41 | ERROR | [ ] bankid_uninstall() is an installation hook and must be declared in an install file
-------------------------------------------------------------------------------
PHPCBF CAN FIX THE 5 MARKED SNIFF VIOLATIONS AUTOMATICALLY
-------------------------------------------------------------------------------

FILE: bankid/src/Plugin/Block/BankIDAuthenticateBlock.php
-------------------------------------------------------------------------------
FOUND 1 ERROR AFFECTING 1 LINE
-------------------------------------------------------------------------------
 7 | ERROR | [x] Use statements should be sorted alphabetically. The first wrong one is Drupal\Core\Block\BlockPluginInterface.
-------------------------------------------------------------------------------
PHPCBF CAN FIX THE 1 MARKED SNIFF VIOLATIONS AUTOMATICALLY
-------------------------------------------------------------------------------

FILE: bankid/src/BankIDClient.php
-------------------------------------------------------------------------------
FOUND 2 ERRORS AFFECTING 2 LINES
-------------------------------------------------------------------------------
   6 | ERROR | [x] Use statements should be sorted alphabetically. The first wrong one is Drupal\key\KeyRepository.
 330 | ERROR | [ ] Private method name "BankIDClient::requestExceptionToBankIDResponse" is not in lowerCamel format
-------------------------------------------------------------------------------
PHPCBF CAN FIX THE 1 MARKED SNIFF VIOLATIONS AUTOMATICALLY
-------------------------------------------------------------------------------

FILE: bankid/src/IntegrationManager.php
-------------------------------------------------------------------------------
FOUND 1 ERROR AFFECTING 1 LINE
-------------------------------------------------------------------------------
 7 | ERROR | [x] Use statements should be sorted alphabetically. The first wrong one is Drupal\bankid\Annotation\Integration.
-------------------------------------------------------------------------------
PHPCBF CAN FIX THE 1 MARKED SNIFF VIOLATIONS AUTOMATICALLY
-------------------------------------------------------------------------------

FILE: bankid/src/IntegrationBase.php
-------------------------------------------------------------------------------
FOUND 1 ERROR AFFECTING 1 LINE
-------------------------------------------------------------------------------
 6 | ERROR | [x] Use statements should be sorted alphabetically. The first wrong one is Drupal\Core\Database\Connection.
-------------------------------------------------------------------------------
PHPCBF CAN FIX THE 1 MARKED SNIFF VIOLATIONS AUTOMATICALLY
-------------------------------------------------------------------------------

FILE: bankid/src/Form/BankidSettingsForm.php
-------------------------------------------------------------------------------
FOUND 1 ERROR AFFECTING 1 LINE
-------------------------------------------------------------------------------
 6 | ERROR | [x] Use statements should be sorted alphabetically. The first wrong one is Drupal\Core\Form\ConfigFormBase.
-------------------------------------------------------------------------------
PHPCBF CAN FIX THE 1 MARKED SNIFF VIOLATIONS AUTOMATICALLY
-------------------------------------------------------------------------------

FILE: bankid/src/Form/BankIDAuthenticateForm.php
-------------------------------------------------------------------------------
FOUND 1 ERROR AFFECTING 1 LINE
-------------------------------------------------------------------------------
 6 | ERROR | [x] Use statements should be sorted alphabetically. The first wrong one is Drupal\Core\Form\FormBase.
-------------------------------------------------------------------------------
PHPCBF CAN FIX THE 1 MARKED SNIFF VIOLATIONS AUTOMATICALLY
-------------------------------------------------------------------------------

FILE: bankid/src/Controller/BankIDController.php
-------------------------------------------------------------------------------
FOUND 1 ERROR AFFECTING 1 LINE
-------------------------------------------------------------------------------
 8 | ERROR | [x] Use statements should be sorted alphabetically. The first wrong one is Symfony\Component\DependencyInjection\ContainerInterface.
-------------------------------------------------------------------------------
PHPCBF CAN FIX THE 1 MARKED SNIFF VIOLATIONS AUTOMATICALLY
-------------------------------------------------------------------------------

FILE: bankid/bankid.libraries.yml
----------------------------------------------------------------------
FOUND 1 ERROR AFFECTING 1 LINE
----------------------------------------------------------------------
 14 | ERROR | [x] Expected 1 newline at end of file; 0 found
----------------------------------------------------------------------
PHPCBF CAN FIX THE 1 MARKED SNIFF VIOLATIONS AUTOMATICALLY
----------------------------------------------------------------------

FILE: bankid/css/bankid.css
-------------------------------------------------------------------------------
FOUND 24 ERRORS AFFECTING 21 LINES
-------------------------------------------------------------------------------
  5 | ERROR | [x] Expected 1 space after colon in style definition; 0 found
  8 | ERROR | [x] Expected 1 space after colon in style definition; 0 found
 11 | ERROR | [x] Expected 1 space after colon in style definition; 0 found
 14 | ERROR | [x] Expected 1 space after colon in style definition; 0 found
 17 | ERROR | [x] Expected 1 space after colon in style definition; 0 found
 20 | ERROR | [x] Expected 1 space after colon in style definition; 0 found
 23 | ERROR | [x] Line indented incorrectly; expected 2 spaces, found 1
 23 | ERROR | [x] Expected 1 space after colon in style definition; 0 found
 26 | ERROR | [x] Expected 1 space after colon in style definition; 0 found
 29 | ERROR | [x] Expected 1 space after colon in style definition; 0 found
 32 | ERROR | [x] Expected 1 space after colon in style definition; 0 found
 35 | ERROR | [x] Expected 1 space after colon in style definition; 0 found
 38 | ERROR | [x] Expected 1 space after colon in style definition; 0 found
 41 | ERROR | [x] Selectors must be on a single line
 42 | ERROR | [x] Blank lines are not allowed between class names
 42 | ERROR | [x] Expected 1 space before opening brace of class definition; newline found
 43 | ERROR | [x] Expected 1 space after colon in style definition; 0 found
 44 | ERROR | [x] Expected 1 space after colon in style definition; 0 found
 46 | ERROR | [x] Selectors must be on a single line
 47 | ERROR | [x] Blank lines are not allowed between class names
 47 | ERROR | [x] Expected 1 space before opening brace of class definition; newline found
 48 | ERROR | [x] Expected 1 space after colon in style definition; 0 found
 49 | ERROR | [x] Expected 1 space after colon in style definition; 0 found
 51 | ERROR | [x] Expected 1 newline at end of file; 0 found
-------------------------------------------------------------------------------
PHPCBF CAN FIX THE 24 MARKED SNIFF VIOLATIONS AUTOMATICALLY
-------------------------------------------------------------------------------

2. FILE: bankid.info.yml

package: Custom

This line is used by custom modules created for specific sites. It is not a package name used for projects hosted on drupal.org.

3. FILE: bankid.routing.yml

#_permission: true

Remove commented code.

4. FILE: bankid.module

/**
 * Implements hook_install().
 */
function bankid_install() {
  // Create the database table.
  \Drupal::database()->schema()->createTable('bankid_mapping', [
    'description' => 'Stores BankID user mappings.',
    'fields' => [
      'uid' => [
        'type' => 'int',
        'unsigned' => true,
        'not null' => true,
        'description' => 'User ID',
      ],
      'id' => [
        'type' => 'varchar',
        'length' => 255,
        'not null' => true,
        'description' => 'ID',
      ],
    ],
    'primary key' => ['uid'],
  ]);
}

/**
 * Implements hook_uninstall().
 */
function bankid_uninstall() {
  // Drop the database table.
  \Drupal::database()->schema()->dropTable('bankid_mapping');
}

The install and uninstall hook must be implemented in the module's .install file.

5. FILE: src/BankIDClient.php

  /**
   * BankIDClient constructor.
   *
   * @param \Drupal\Core\Config\ConfigFactory $config_factory
   *   The config factory.
   * @param \Drupal\key\KeyRepository $key_repository
   *   The key repository.
   */
  public function __construct(ConfigFactory $config_factory, KeyRepository $key_repository) {

FILE: src/BankIDResponse.php

  /**
   * BankIDResponse constructor.
   *
   * @param string $status
   *   The status of the response.
   * @param null|array $body
   *   The body of the response.
   */
  public function __construct($status, $body = NULL) {

FILE: src/IntegrationBase.php

  /**
   * {@inheritdoc}
   */
  public function __construct(array $configuration, $plugin_id, $plugin_definition, ConfigFactoryInterface $config_factory, UserStorageInterface $user_storage, DefaultPasswordGenerator $password_generator, Connection $connection) {

FILE: src/IntegrationManager.php

  /**
   * Creates the discovery object.
   *
   * @param \Traversable $namespaces
   *   An object that implements \Traversable which contains the root paths
   *   keyed by the corresponding namespace to look for plugin implementations.
   * @param \Drupal\Core\Cache\CacheBackendInterface $cache_backend
   *   Cache backend instance to use.
   * @param \Drupal\Core\Extension\ModuleHandlerInterface $module_handler
   *   The module handler to invoke the alter hook with.
   */
  public function __construct(\Traversable $namespaces, CacheBackendInterface $cache_backend, ModuleHandlerInterface $module_handler) {

FILE: src/Controller/BankIDController.php

  /**
   * Class constructor.
   *
   * @param \Drupal\bankid\BankIDClient $bankid
   *   The BankID service.
   */
  public function __construct(BankIDClient $bankid) {

The documentation comment for constructors is not mandatory anymore, If it is given, the description must be Constructs a new [class name] object. where [class name] includes the class namespace.

Hi,
Thanks for your help @vishalkadam !
I have now fixed the phpcs errors and warnings and created a new release 1.0.5.

Is there anything else I should fix?

Hi @Thomas Alsén Please go through comment #2for understating review process. No need to create newt release, you can fix issue in 1.0.x. Reviewer will review code from branch 1.0.x.

FILE: bankid.module

/**
 * @file
 * Contains hooks and other functions for the BankID module.
 */

The usual description for a .module file is Hook implementations for the [module name] module. where [module name] is the module name given in the .info.yml file.

/**
 * Implements hook_form_FORM_ID_alter().
 *
 * Hide passwords fields on user edit form if the user was provisioned via
 * BankID as they don't have a Drupal password.
 */
function bankid_form_user_form_alter(array &$form, FormStateInterface $form_state, $form_id) {

The description for that hook should also say for which form that hook is implemented, either by indicating that with the name of the class that implements the form (namespace included) or the form ID (which is usually indicated by getFormId()).

Hi,
Thanks again @Vishal Kadam!
I've now updated bankid.module comment an pushed to branch 1.0.x.
Is there anything else I should fix?

I'm also wondering why the module release is not showing in https://localize.drupal.org/translate/languages/sv/translate?project=ban...

Do I need to do anything to get it to show?

This project is is already in Drupal security advisory coverage.

@Rushikesh Raval The purpose of this application is to provide a new role on drupal.org that allows applicants to opt projects into security advisory coverage.

I'm also wondering why the module release is not showing in https://localize.drupal.org/translate/languages/sv/translate?project=ban...

Do I need to do anything to get it to show?

@Thomas Alsén I'm afraid I don't have the knowledge to provide a solution for this specific issue.

Rest looks fine to me.

Let’s wait for a Code Review Administrator to take a look and if everything goes fine, you will get the role.

Thanks guys!

@Thomas Alsén Do not mark the issue as fixed. The Code Review Administrator will review the application and update the status.

@Rushikesh Raval Thank you for pointing out this. Even if this is not the case, it could happen that the application got the vetted role removed for a good reason and applies to get it back. (Clearly, in those cases, applying to get it back is not sufficient.)

If a reviewer finds a case where the project used for the application is covered by the security advisory policy, the reviewer is welcome to post a comment in the application issue. I will then verify if the applicant got the vetted role revoked for some reason.

@apaderno I assume that this project is created by Thomas Alsén → . on May 29, 2024 and other Maintainer Peter Törnstrand → is added to project on Jun 25, 2024. and Peter Törnstrand → have alreay vetted role. So may be Peter Törnstrand have opt this project for security advisory coverage.

@Rushikesh Raval In these applications, we give the vetted role to applicants, who will then opt their projects into security advisory coverage.

Project moderators (people like me who give the vetted role to drupal.org accounts) do not opt the project used for an application into security advisory coverage. When I set an application to Fixed, it just means I gave that role to the applicant.

Thank you for your contribution!
I updated your account so you can now opt into security advisory coverage for any project you created and every project you will create.

These are some recommended readings to help you with maintainership:

• Dries → ' post on Responsible maintainers
• Maintainership →
• Git version control system →
• Issue procedures and etiquette →
• Maintaining and responding to issues for a project →
• Release naming conventions → .

You can find more contributors chatting on Slack → or IRC → in #drupal-contribute. So, come hang out and stay involved → !

Thank you for your patience with the review process. Anyone is welcome to participate in the review process. Please consider reviewing other projects that are pending review → . I encourage you to learn more about that process and join the group of reviewers.

I thank the dedicated reviewers as well.

Automatically closed - issue fixed for 2 weeks with no activity.