Skip to content

Commit 77933e9

Browse files
ArWallefArWallef
committed
feat: adapt to firebase/php-jwt 6
1 parent 3c7ca08 commit 77933e9

5 files changed

Lines changed: 12 additions & 8 deletions

File tree

src/Auth/BasicToJwtBearerAuthenticate.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ class BasicToJwtBearerAuthenticate extends CakeBasicAuthenticate
3030

3131
public function afterIdentify(Event $event, array $user)
3232
{
33-
$token = JWT::encode(['sub' => $user[$this->getConfig('field')], 'exp' => time() + $this->getConfig('duration')], Security::getSalt());
33+
$token = JWT::encode(['sub' => $user[$this->getConfig('field')], 'exp' => time() + $this->getConfig('duration')], Security::getSalt(), 'HS256');
3434
$event->getSubject()->response = $event->getSubject()->response->withHeader($this->getConfig('headerKey'), $token);
3535
$event->result = $user;
3636
}

src/Auth/JwtBearerAuthenticate.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@
1111
use Firebase\JWT\ExpiredException;
1212
use Firebase\JWT\SignatureInvalidException;
1313
use Firebase\JWT\JWT;
14+
use Firebase\JWT\Key;
1415
use Cake\Http\Exception\UnauthorizedException;
1516

1617
class JwtBearerAuthenticate extends CakeBasicAuthenticate
@@ -106,7 +107,7 @@ protected function _decode($token)
106107
{
107108
$config = $this->_config;
108109
try {
109-
$payload = JWT::decode($token, $config['key'] ?: Security::getSalt(), $config['allowedAlgs']);
110+
$payload = JWT::decode($token, new Key($config['key'] ?: Security::getSalt(), $config['allowedAlgs']));
110111

111112
return $payload;
112113
} catch (ExpiredException $e) {

src/Auth/Storage/CacheStorage.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22
namespace Trois\Utils\Auth\Storage;
33

44
use Firebase\JWT\JWT;
5+
use Firebase\JWT\Key;
56
use Cake\Utility\Security;
67
use Cake\Cache\Cache;
78
use Cake\Core\InstanceConfigTrait;
@@ -81,7 +82,7 @@ protected function _decode($token)
8182
{
8283
$config = $this->_config;
8384
try {
84-
$payload = JWT::decode($token, $this->_config['token']['key'] ?: Security::getSalt(), $this->_config['token']['allowedAlgs']);
85+
$payload = JWT::decode($token, new Key($this->_config['token']['key'] ?: Security::getSalt(), $this->_config['token']['allowedAlgs']));
8586
return $payload;
8687
} catch (ExpiredException $e) {
8788
throw new UnauthorizedException($e->getMessage());

src/Auth/TwoFactorAuthenticate.php

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22
namespace Trois\Utils\Auth;
33

44
use Firebase\JWT\JWT;
5+
use Firebase\JWT\Key;
56
use Firebase\JWT\ExpiredException;
67
use Firebase\JWT\SignatureInvalidException;
78
use Cake\Controller\ComponentRegistry;
@@ -82,7 +83,7 @@ protected function _decode($token)
8283
{
8384
$config = $this->_config;
8485
try {
85-
$payload = JWT::decode($token, Security::salt(), $this->getConfig('token.allowedAlgs'));
86+
$payload = JWT::decode($token, new Key(Security::salt(), $this->getConfig('token.allowedAlgs')));
8687
return $payload;
8788
} catch (ExpiredException $e) {
8889
$this->_registry->getController()->Flash->error($e->getMessage());
@@ -125,7 +126,7 @@ public function authenticate(ServerRequest $request, Response $response)
125126

126127
// create code + token
127128
$this->genCode();
128-
$this->token = JWT::encode(['username' => $user[$this->getConfig('fields.username')],'code' => $hasher->hash($this->code),'exp' => time() + $this->getConfig('token.duration')], Security::salt());
129+
$this->token = JWT::encode(['username' => $user[$this->getConfig('fields.username')],'code' => $hasher->hash($this->code),'exp' => time() + $this->getConfig('token.duration')], Security::salt(), 'HS256');
129130

130131
// transmit
131132
$transmitted = $this->_transmit($this->code, $user, $request, $response);
@@ -168,7 +169,7 @@ public function authenticate(ServerRequest $request, Response $response)
168169
if (!$hasher->check($password, $payload->code)) return false;
169170

170171
// set Bearer token for BearerTokenAuth
171-
$this->token = JWT::encode(['sub' => $user[$this->getConfig('token.sub')],'exp' => time() + $this->getConfig('token.duration')], Security::salt());
172+
$this->token = JWT::encode(['sub' => $user[$this->getConfig('token.sub')],'exp' => time() + $this->getConfig('token.duration')], Security::salt(), 'HS256');
172173

173174
// if no cookie then pass token as an argument
174175
if($this->_registry->getController()->Auth->getConfig('storage') != 'Session')

src/Utility/Crypto/JWT.php

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,18 +5,19 @@
55
use Firebase\JWT\ExpiredException;
66
use Firebase\JWT\SignatureInvalidException;
77
use Firebase\JWT\JWT as FJWT;
8+
use Firebase\JWT\Key;
89

910
class JWT {
1011

1112
public static function encode(array $token, $salt = null)
1213
{
13-
return FJWT::encode($token, $salt? $salt: Security::getSalt());
14+
return FJWT::encode($token, $salt? $salt: Security::getSalt(), 'HS256');
1415
}
1516

1617
public static function decode($token, $salt = null, $allowedAlgs = ['HS256'])
1718
{
1819
try {
19-
$decoded = FJWT::decode($token, $salt? $salt: Security::getSalt(), $allowedAlgs);
20+
$decoded = FJWT::decode($token, new Key($salt? $salt: Security::getSalt(), $allowedAlgs));
2021
} catch (ExpiredException $e) {
2122
throw new \Exception("Token expired", 1);
2223
} catch (SignatureInvalidException $e) {

0 commit comments

Comments
 (0)