Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

allow upgrade to lcobucci/jwt for php 8.3 compatibility #76

Closed
wants to merge 1 commit into from
Closed

allow upgrade to lcobucci/jwt for php 8.3 compatibility #76

wants to merge 1 commit into from

Conversation

mathroc
Copy link

@mathroc mathroc commented Dec 15, 2023
edited
Loading

@mathroc mathroc marked this pull request as ready for review December 15, 2023 08:36
@SMillerDev
Copy link

It seems this needs a complete migration to JWT 5.x, since some methods no longer exist in that version.

@mathroc
Copy link
Author

mathroc commented Dec 18, 2023

yeah, I'm not using this library myself, just starting on making our project php 8.3 compatible. so I'm not sure how it should be dealt with.

There's at least the Push::getJsonWebToken() method to upgrade.

I read the upgrade documentation about it but I still don't really know what should be done.

If you can tell me, if using forSymmetricSigner() with an in-memory key (which one??) is ok, I can update this merge request

@SMillerDev
Copy link

If you can tell me, if using forSymmetricSigner() with an in-memory key (which one??) is ok, I can update this merge request

Yeah, not sure about that either. It was added in f6d5ec5 for p8 keys, but I'm not sure what the exact reason for this algorithm was.

@pprkut
Copy link

pprkut commented Jan 11, 2024

I think the suggestion from the update docs to use the Blake2b algorithm sounds fair, at least as a first try.

Looking at the apple docs it mentions that apple only supports the ES256 algorithm, which would mean we'd have to use ECDSA though, based on what I found.

@pprkut
Copy link

pprkut commented Jan 11, 2024

If I understood correctly, we should use it like this now:

$key = InMemory::file($this->providerCertFile);
return Configuration::forSymmetricSigner(
    new Signer\Ecdsa(),
    $key,
)->builder()
 ->issuedBy($this->providerTeamId)
 ->issuedAt(new DateTimeImmutable())
 ->withHeader('kid', $this->providerKeyId)
 ->getToken(new Sha256(), $key)
 ->toString();

Looking at https://github.com/lcobucci/jwt/blob/5.3.x/src/Configuration.php though, none of the options passed to forSymmetricSigner are used for anything though. Really wondering what the value of those is, unless I'm missing something 😕

@brianstoop
Copy link

If the none of the options really matter and we only use the Configuration method to get a builder, why initiate the builder ourselves? The documentation about issues a token has an example of this already: https://lcobucci-jwt.readthedocs.io/en/latest/issuing-tokens/.

It would be something like:

$key          = InMemory::file($this->providerCertFile);
$tokenBuilder = (new Builder(new JoseEncoder(), ChainedFormatter::default()));
return $tokenBuilder->issuedBy($this->providerTeamId)
                    ->issuedAt(new DateTimeImmutable())
                    ->withHeader('kid', $this->providerKeyId)
                    ->getToken(new Sha256(), $key)
                    ->toString();

@pprkut
Copy link

pprkut commented Apr 29, 2024

This is implemented by #79 now

@pprkut pprkut closed this Apr 29, 2024
@mathroc mathroc deleted the patch-2 branch April 29, 2024 09:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@mathroc @SMillerDev @pprkut @brianstoop