lcobucci/jwt 4.0 upgrade (#13)

Upgrade lcobucci/jwt to 4.0 and using the new features.

JWT doesn't use Claim anymore but DataSet object instead.
JWTHandler requires Configuration instead of Builder, and Signer and registers a Key object instead of using the secret directly.
Requires nesbot/carbon ^2.0 for testability.

.gitignore

@@ -4,3 +4,4 @@ report/
 .idea/
 composer.lock
 *.swp
+.phpunit.result.cache

composer.json

@@ -6,20 +6,24 @@
     "type": "library",
     "require": {
         "php": ">=7.4.0",
-        "lcobucci/jwt": "^3.2",
         "illuminate/auth": "^7.0 || ^8.0",
         "illuminate/config": "^7.0 || ^8.0",
         "illuminate/console": "^7.0 || ^8.0",
         "illuminate/contracts": "^7.0 || ^8.0",
         "illuminate/support": "^7.0 || ^8.0",
         "illuminate/cache": "^7.0 || ^8.0",
+        "lcobucci/jwt": "^4.0",
+        "nesbot/carbon": "^2.0",
         "vlucas/phpdotenv": "^4.0 || ^5.2"
     },
     "require-dev": {
         "phpunit/phpunit": "^9.0",
         "fzaninotto/faker": "^1.8",
         "mockery/mockery": "^1.2",
-        "php-coveralls/php-coveralls": "^2.1"
+        "php-coveralls/php-coveralls": "^2.1",
+        "phpstan/phpstan": "^0.12.90",
+        "phpstan/phpstan-deprecation-rules": "^0.12.6",
+        "phpstan/extension-installer": "^1.1"
     },
     "autoload": {
         "psr-4": {

src/Auth/JWTGuardConfig.php

@@ -27,9 +27,9 @@ final class JWTGuardConfig
     /**
      * JWTGuardConfig constructor.
      *
-     * @param int  $accessTokenTtl
-     * @param int  $refreshTokenTtl
-     * @param bool $ipCheckEnabled
+     * @param int      $accessTokenTtl
+     * @param int|null $refreshTokenTtl
+     * @param bool     $ipCheckEnabled
      */
     public function __construct(int $accessTokenTtl, ?int $refreshTokenTtl, bool $ipCheckEnabled)
     {

src/Contracts/JWT.php

@@ -39,24 +39,24 @@ public function getClaims(): array;
     public function getClaim(string $claim, bool $required = true);
 
     /**
-     * @return string
+     * @return string|null
      */
-    public function getIssuer(): string;
+    public function getIssuer(): ?string;
 
     /**
-     * @return string
+     * @return string|null
      */
-    public function getSubject(): string;
+    public function getSubject(): ?string;
 
     /**
      * @return \DateTimeImmutable|null
      */
     public function getExpiresAt(): ?\DateTimeImmutable;
 
     /**
-     * @return \DateTimeImmutable
+     * @return \DateTimeImmutable|null
      */
-    public function getIssuedAt(): \DateTimeImmutable;
+    public function getIssuedAt(): ?\DateTimeImmutable;
 
     /**
      * @return string|null

src/Contracts/Validator.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace SPie\LaravelJWT\Contracts;
+
+use Lcobucci\JWT\Token;
+
+/**
+ * Interface Validator
+ *
+ * @package SPie\LaravelJWT\Contracts
+ */
+interface Validator
+{
+    /**
+     * @param Token $token
+     *
+     * @return bool
+     */
+    public function validate(Token $token): bool;
+}

src/JWT.php

@@ -2,10 +2,9 @@
 
 namespace SPie\LaravelJWT;
 
-use Lcobucci\JWT\Claim;
 use Lcobucci\JWT\Token;
+use Lcobucci\JWT\UnencryptedToken;
 use SPie\LaravelJWT\Contracts\JWT as JWTContract;
-use SPie\LaravelJWT\Exceptions\MissingClaimException;
 
 /**
  * Class Token
@@ -16,86 +15,59 @@ final class JWT implements JWTContract
 {
 
     /**
-     * @var Token
+     * @var UnencryptedToken
      */
-    private Token $token;
+    private UnencryptedToken $token;
 
     /**
      * Token constructor.
      *
-     * @param Token $token
+     * @param UnencryptedToken $token
      */
-    public function __construct(Token $token)
+    public function __construct(UnencryptedToken $token)
     {
         $this->token = $token;
     }
 
-    /**
-     * @return Token
-     */
-    private function getToken(): Token
-    {
-        return $this->token;
-    }
-
     /**
      * @return string
      */
     public function getJWT(): string
     {
-        return $this->getToken();
+        return $this->token->toString();
     }
 
     /**
      * @return array
      */
     public function getClaims(): array
     {
-        return \array_map(
-            function (Claim $claim) {
-                return $claim->getValue();
-            },
-            $this->getToken()->getClaims()
-        );
+        return $this->token->claims()->all();
     }
 
     /**
      * @param string $claim
      * @param bool   $required
      *
      * @return mixed|null
-     *
-     * @throws MissingClaimException
      */
     public function getClaim(string $claim, bool $required = true)
     {
-        try {
-            return $this->getToken()->getClaim($claim);
-        } catch (\OutOfBoundsException $e) {
-            if ($required) {
-                throw new MissingClaimException($claim);
-            }
-        }
-
-        return null;
+        return $this->token->claims()->get($claim);
     }
 
     /**
-     * @return string
-     *
-     * @throws MissingClaimException
+     * @return string|null
      */
-    public function getIssuer(): string
+    public function getIssuer(): ?string
     {
         return $this->getClaim(self::CLAIM_ISSUER);
     }
 
     /**
-     * @return string
-     *
-     * @throws MissingClaimException
+     * @return string|null
      */
-    public function getSubject(): string
+    public function getSubject(): ?string
     {
         return $this->getClaim(self::CLAIM_SUBJECT);
     }
@@ -115,13 +87,16 @@ public function getExpiresAt(): ?\DateTimeImmutable
     }
 
     /**
-     * @return \DateTimeImmutable
-     *
-     * @throws \Exception
+     * @return \DateTimeImmutable|null
      */
-    public function getIssuedAt(): \DateTimeImmutable
+    public function getIssuedAt(): ?\DateTimeImmutable
     {
-        return (new \DateTimeImmutable())->setTimestamp($this->getClaim(self::CLAIM_ISSUED_AT));
+        $issuedAt = $this->getClaim(self::CLAIM_ISSUED_AT);
+        if (empty($issuedAt)) {
+            return null;
+        }
+
+        return (new \DateTimeImmutable())->setTimestamp($issuedAt);
     }
 
     /**