upgrade php-jwt to v6

danilopolani · Feb 20, 2023 · 37a62ea · 37a62ea
1 parent 5755939
commit 37a62ea
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 8 deletions.
diff --git a/composer.json b/composer.json
@@ -17,7 +17,7 @@
     ],
     "require": {
         "php": "^8.0.2",
-        "firebase/php-jwt": "^5.4",
+        "firebase/php-jwt": "^6.4",
         "illuminate/auth": "^9.0|^10.0",
         "illuminate/http": "^9.0|^10.0",
         "illuminate/contracts": "^9.0|^10.0",

diff --git a/src/FusionAuthJwt.php b/src/FusionAuthJwt.php
@@ -5,6 +5,7 @@
 use DaniloPolani\FusionAuthJwt\Exceptions\InvalidTokenAlgorithmException;
 use DaniloPolani\FusionAuthJwt\Exceptions\InvalidTokenException;
 use Firebase\JWT\JWT;
+use Firebase\JWT\Key;
 use Illuminate\Support\Facades\Cache;
 use Illuminate\Support\Facades\Config;
 use Illuminate\Support\Facades\Http;
@@ -40,16 +41,16 @@ class FusionAuthJwt
      */
     public static function decode(string $jwt): array
     {
-        $supportedAlgs = Config::get('fusionauth.supported_algs');
+        $algorithm = Config::get('fusionauth.supported_algs.0');
 
-        if (!in_array($supportedAlgs[0] ?? null, [self::ALGO_RS256, self::ALGO_HS256])) {
+        if (!in_array($algorithm, [self::ALGO_RS256, self::ALGO_HS256])) {
             throw new InvalidTokenAlgorithmException('Unsupported token signing algorithm configured. Must be either RS256 or HS256.');
         }
 
-        if ($supportedAlgs[0] === self::ALGO_RS256) {
-            $data = JWT::decode($jwt, self::fetchPublicKeys(), $supportedAlgs);
+        if ($algorithm === self::ALGO_RS256) {
+            $data = JWT::decode($jwt, self::fetchPublicKeys($algorithm));
         } else {
-            $data = JWT::decode($jwt, Config::get('fusionauth.client_secret'), $supportedAlgs);
+            $data = JWT::decode($jwt, new Key(Config::get('fusionauth.client_secret'), $algorithm));
         }
 
         self::validate($data);
@@ -88,14 +89,16 @@ public static function validate(object $token): void
      *
      * @return array
      */
-    protected static function fetchPublicKeys(): array
+    protected static function fetchPublicKeys(string $algorithm): array
     {
         return Cache::remember(
             'fusionauth.public_keys',
             self::JWKS_CACHE_TTL,
             fn () => Http::get('https://' . Config::get('fusionauth.domain') . '/api/jwt/public-key')
                 ->throw()
-                ->json('publicKeys', [])
+                ->collect('publicKeys', [])
+                ->map(fn (string $key) => new Key($key, $algorithm))
+                ->toArray()
         );
     }
 }