From 6443627f083668498704c7ddbb4b3eb80ac79d73 Mon Sep 17 00:00:00 2001 From: James Wagoner Date: Tue, 7 Mar 2023 22:54:16 -0600 Subject: [PATCH 1/7] bumping lcobucci/jwt to 5.x --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 65a4e79c..4e70b4c1 100644 --- a/composer.json +++ b/composer.json @@ -28,7 +28,7 @@ "illuminate/contracts": "^9.0|^10.0", "illuminate/http": "^9.0|^10.0", "illuminate/support": "^9.0|^10.0", - "lcobucci/jwt": "^4.0", + "lcobucci/jwt": "^5.0", "nesbot/carbon": "^2.0" }, "require-dev": { From 2dfe562474a31c46b02047de0ddbdf0f695e2543 Mon Sep 17 00:00:00 2001 From: James Wagoner Date: Tue, 7 Mar 2023 22:54:57 -0600 Subject: [PATCH 2/7] removing dropped create() method --- src/Providers/JWT/Lcobucci.php | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/Providers/JWT/Lcobucci.php b/src/Providers/JWT/Lcobucci.php index 4e08e561..30dfed4d 100644 --- a/src/Providers/JWT/Lcobucci.php +++ b/src/Providers/JWT/Lcobucci.php @@ -207,10 +207,6 @@ protected function getSigner() $signer = $this->signers[$this->algo]; - if (is_subclass_of($signer, Ecdsa::class)) { - return $signer::create(); - } - return new $signer(); } From dfccf731aac3d7b26530577143918714c85cafd9 Mon Sep 17 00:00:00 2001 From: James Wagoner Date: Tue, 7 Mar 2023 23:01:31 -0600 Subject: [PATCH 3/7] \Lcobucci\JWT\Token\Builder are now marked @immutable --- src/Providers/JWT/Lcobucci.php | 37 +++++++++++----------------------- 1 file changed, 12 insertions(+), 25 deletions(-) diff --git a/src/Providers/JWT/Lcobucci.php b/src/Providers/JWT/Lcobucci.php index 30dfed4d..0a007811 100644 --- a/src/Providers/JWT/Lcobucci.php +++ b/src/Providers/JWT/Lcobucci.php @@ -140,31 +140,18 @@ protected function getBuilderFromClaims(array $payload): Builder $builder = $this->config->builder(); foreach ($payload as $key => $value) { - switch ($key) { - case RegisteredClaims::ID: - $builder->identifiedBy($value); - break; - case RegisteredClaims::EXPIRATION_TIME: - $builder->expiresAt(DateTimeImmutable::createFromFormat('U', $value)); - break; - case RegisteredClaims::NOT_BEFORE: - $builder->canOnlyBeUsedAfter(DateTimeImmutable::createFromFormat('U', $value)); - break; - case RegisteredClaims::ISSUED_AT: - $builder->issuedAt(DateTimeImmutable::createFromFormat('U', $value)); - break; - case RegisteredClaims::ISSUER: - $builder->issuedBy($value); - break; - case RegisteredClaims::AUDIENCE: - $builder->permittedFor($value); - break; - case RegisteredClaims::SUBJECT: - $builder->relatedTo($value); - break; - default: - $builder->withClaim($key, $value); - } + $builder = match ($key) { + RegisteredClaims::ID => $builder->identifiedBy($value), + RegisteredClaims::EXPIRATION_TIME => $builder->expiresAt(DateTimeImmutable::createFromFormat('U', + $value)), + RegisteredClaims::NOT_BEFORE => $builder->canOnlyBeUsedAfter(DateTimeImmutable::createFromFormat('U', + $value)), + RegisteredClaims::ISSUED_AT => $builder->issuedAt(DateTimeImmutable::createFromFormat('U', $value)), + RegisteredClaims::ISSUER => $builder->issuedBy($value), + RegisteredClaims::AUDIENCE => $builder->permittedFor($value), + RegisteredClaims::SUBJECT => $builder->relatedTo($value), + default => $builder->withClaim($key, $value), + }; } return $builder; From bd4d3431d4085d73188eafdca242471faec20032 Mon Sep 17 00:00:00 2001 From: James Wagoner Date: Wed, 8 Mar 2023 18:53:55 -0600 Subject: [PATCH 4/7] get key contents method --- src/Providers/JWT/Provider.php | 28 ++++++++++++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) diff --git a/src/Providers/JWT/Provider.php b/src/Providers/JWT/Provider.php index 2ec62bdd..d4eb39ea 100644 --- a/src/Providers/JWT/Provider.php +++ b/src/Providers/JWT/Provider.php @@ -12,6 +12,8 @@ namespace Tymon\JWTAuth\Providers\JWT; use Illuminate\Support\Arr; +use Illuminate\Support\Str; +use Lcobucci\JWT\Signer\Key\InMemory; abstract class Provider { @@ -137,7 +139,9 @@ public function getKeys() */ public function getPublicKey() { - return Arr::get($this->keys, 'public'); + $public = Arr::get($this->keys, 'public'); + + return $this->getKeyContents($public); } /** @@ -147,7 +151,9 @@ public function getPublicKey() */ public function getPrivateKey() { - return Arr::get($this->keys, 'private'); + $private = Arr::get($this->keys, 'private'); + + return $this->getKeyContents($private); } /** @@ -181,6 +187,24 @@ protected function getVerificationKey() return $this->isAsymmetric() ? $this->getPublicKey() : $this->getSecret(); } + /** + * Properly load pem files + * + * @param string $key + * + * @return string + */ + protected function getKeyContents(string $key) + { + if (Str::of($key)->startsWith('file:')) { + $key = InMemory::file($key); + } else { + $key = InMemory::base64Encoded($key); + } + + return $key->contents; + } + /** * Determine if the algorithm is asymmetric, and thus requires a public/private key combo. * From 8093907e6967e70a3b7febe9037947a7309955b2 Mon Sep 17 00:00:00 2001 From: James Wagoner Date: Wed, 8 Mar 2023 18:54:29 -0600 Subject: [PATCH 5/7] ignore --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 187e79cd..9729c46b 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ composer.lock build coverage.xml .phpunit.result.cache +.idea From 0a3054432e8ba44b709b4763e18cbf5064c48a74 Mon Sep 17 00:00:00 2001 From: James Wagoner Date: Wed, 8 Mar 2023 19:05:43 -0600 Subject: [PATCH 6/7] file:// string just doesn't seem to work right --- src/Providers/JWT/Provider.php | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/src/Providers/JWT/Provider.php b/src/Providers/JWT/Provider.php index d4eb39ea..a7812ff9 100644 --- a/src/Providers/JWT/Provider.php +++ b/src/Providers/JWT/Provider.php @@ -151,9 +151,7 @@ public function getPublicKey() */ public function getPrivateKey() { - $private = Arr::get($this->keys, 'private'); - - return $this->getKeyContents($private); + return Arr::get($this->keys, 'public'); } /** @@ -196,8 +194,8 @@ protected function getVerificationKey() */ protected function getKeyContents(string $key) { - if (Str::of($key)->startsWith('file:')) { - $key = InMemory::file($key); + if (Str::of($key)->endsWith('.pem')) { + $key = InMemory::file(storage_path($key)); } else { $key = InMemory::base64Encoded($key); } From 49b367fb16991253b2fe8e0575e780ef88515635 Mon Sep 17 00:00:00 2001 From: James Wagoner Date: Wed, 8 Mar 2023 19:17:03 -0600 Subject: [PATCH 7/7] taking over package --- composer.json | 34 ++-------------------------------- 1 file changed, 2 insertions(+), 32 deletions(-) diff --git a/composer.json b/composer.json index 4e70b4c1..955e6e3e 100644 --- a/composer.json +++ b/composer.json @@ -1,27 +1,7 @@ { - "name": "tymon/jwt-auth", - "description": "JSON Web Token Authentication for Laravel and Lumen", - "keywords": [ - "auth", - "authentication", - "json web token", - "jwt", - "laravel" - ], - "homepage": "https://github.com/tymondesigns/jwt-auth", - "support": { - "issues": "https://github.com/tymondesigns/jwt-auth/issues", - "source": "https://github.com/tymondesigns/jwt-auth" - }, + "name": "nexus/common", + "description": "JSON Web Token Authentication for Laravel", "license": "MIT", - "authors": [ - { - "name": "Sean Tymon", - "email": "tymon148@gmail.com", - "homepage": "https://tymon.xyz", - "role": "Developer" - } - ], "require": { "php": "^8.0", "illuminate/auth": "^9.0|^10.0", @@ -49,10 +29,6 @@ } }, "extra": { - "branch-alias": { - "dev-develop": "1.0-dev", - "dev-2.x": "2.0-dev" - }, "laravel": { "aliases": { "JWTAuth": "Tymon\\JWTAuth\\Facades\\JWTAuth", @@ -63,12 +39,6 @@ ] } }, - "funding": [ - { - "type": "patreon", - "url": "https://www.patreon.com/seantymon" - } - ], "config": { "sort-packages": true },