Fixed capitalization, tests
This commit is contained in:
parent
6b1d3178cf
commit
953e831d84
30
README.md
30
README.md
@ -1,4 +1,4 @@
|
||||
# SimpleJwt
|
||||
# SimpleJWT
|
||||
|
||||
This is a simple library for generating (signing) and verifying JWT tokens. It
|
||||
is by no means an advanced library. If you just need to sign and refresh tokens
|
||||
@ -27,23 +27,23 @@ Install using composer:
|
||||
|
||||
## Usage
|
||||
|
||||
You need a key for both generating and parsing tokens. Create a `JwtDerivedKey`
|
||||
or a `JwtPlaintextKey` and pass it to the `JwtToken` constructor:
|
||||
You need a key for both generating and parsing tokens. Create a `JWTDerivedKey`
|
||||
or a `JWTPlaintextKey` and pass it to the `JWTToken` constructor:
|
||||
|
||||
use NoccyLabs\SimpleJwt\Key\{JwtDerivedKey,JwtPlaintextKey}
|
||||
use NoccyLabs\SimpleJWT\Key\{JWTDerivedKey,JWTPlaintextKey}
|
||||
|
||||
// Derive a key using secret and salt...
|
||||
$key = new JwtDerivedKey("secret", "salt");
|
||||
$key = new JWTDerivedKey("secret", "salt");
|
||||
// ...or use a prepared plaintext key
|
||||
$key = new JwtPlaintextKey("This Should Be Binary Data..");
|
||||
$key = new JWTPlaintextKey("This Should Be Binary Data..");
|
||||
|
||||
### Generating tokens
|
||||
|
||||
|
||||
|
||||
use NoccyLabs\SimpleJwt\JwtToken;
|
||||
use NoccyLabs\SimpleJWT\JWTToken;
|
||||
|
||||
$tok = new JwtToken($key);
|
||||
$tok = new JWTToken($key);
|
||||
$tok->setExpiry("1h");
|
||||
$tok->claims->add("some/claim/MaxItems", 8);
|
||||
|
||||
@ -54,11 +54,11 @@ or a `JwtPlaintextKey` and pass it to the `JwtToken` constructor:
|
||||
|
||||
Parsing is done by passing the raw token as the 2nd parameter
|
||||
|
||||
use NoccyLabs\SimpleJwt\JwtToken;
|
||||
use NoccyLabs\SimpleJWT\JWTToken;
|
||||
|
||||
$str = "...received token...";
|
||||
|
||||
$tok = new JwtToken($key, $str);
|
||||
$tok = new JWTToken($key, $str);
|
||||
|
||||
if (!$tok->isValid()) {
|
||||
// This check works, but using the validator might be better
|
||||
@ -75,9 +75,9 @@ Parsing is done by passing the raw token as the 2nd parameter
|
||||
|
||||
### Validating tokens
|
||||
|
||||
use NoccyLabs\SimpleJwt\Validator\JwtValidator;
|
||||
use NoccyLabs\SimpleJWT\Validator\JWTValidator;
|
||||
|
||||
$validator = new JwtValidator();
|
||||
$validator = new JWTValidator();
|
||||
// Require that some claim exists
|
||||
$validator
|
||||
->requireIssuer("api.issuer.tld")
|
||||
@ -85,11 +85,11 @@ Parsing is done by passing the raw token as the 2nd parameter
|
||||
->addRequiredClaim("some/required/Claim");
|
||||
|
||||
try {
|
||||
// Pass a JwtToken to validateToken()...
|
||||
// Pass a JWTToken to validateToken()...
|
||||
$valid = $validator->validateToken($tok);
|
||||
// ...or pass a JwtKeyInterface and the raw string to validate()
|
||||
// ...or pass a JWTKeyInterface and the raw string to validate()
|
||||
$valid = $validator->validate($key, $tokenstr);
|
||||
}
|
||||
catch (JwtValidatorException $e) {
|
||||
catch (JWTValidatorException $e) {
|
||||
// validation failed
|
||||
}
|
||||
|
@ -11,7 +11,15 @@
|
||||
],
|
||||
"autoload": {
|
||||
"psr-4": {
|
||||
"NoccyLabs\\SimpleJwt\\": "src/"
|
||||
}
|
||||
"NoccyLabs\\SimpleJWT\\": "src/"
|
||||
}
|
||||
},
|
||||
"require": {
|
||||
"php": "^7.4|^8.0",
|
||||
"ext-json": "*"
|
||||
},
|
||||
"require-dev": {
|
||||
"phpunit/phpunit": "^10.0",
|
||||
"phpstan/phpstan": "^1.10"
|
||||
}
|
||||
}
|
12
phpstan.neon
Normal file
12
phpstan.neon
Normal file
@ -0,0 +1,12 @@
|
||||
parameters:
|
||||
level: 5
|
||||
|
||||
excludePaths:
|
||||
- doc
|
||||
- vendor
|
||||
- tests
|
||||
|
||||
# Paths to include in the analysis
|
||||
paths:
|
||||
- src
|
||||
|
21
phpunit.xml
21
phpunit.xml
@ -1,22 +1,13 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/8.5/phpunit.xsd"
|
||||
bootstrap="vendor/autoload.php"
|
||||
executionOrder="depends,defects"
|
||||
forceCoversAnnotation="true"
|
||||
beStrictAboutCoversAnnotation="true"
|
||||
beStrictAboutOutputDuringTests="true"
|
||||
beStrictAboutTodoAnnotatedTests="true"
|
||||
verbose="true">
|
||||
<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/10.0/phpunit.xsd" bootstrap="vendor/autoload.php" executionOrder="depends,defects" beStrictAboutOutputDuringTests="true" cacheDirectory=".phpunit.cache" requireCoverageMetadata="true" beStrictAboutCoverageMetadata="true">
|
||||
<coverage>
|
||||
<include>
|
||||
<directory suffix=".php">src</directory>
|
||||
</include>
|
||||
</coverage>
|
||||
<testsuites>
|
||||
<testsuite name="default">
|
||||
<directory suffix="Test.php">tests</directory>
|
||||
</testsuite>
|
||||
</testsuites>
|
||||
|
||||
<filter>
|
||||
<whitelist processUncoveredFilesFromWhitelist="true">
|
||||
<directory suffix=".php">src</directory>
|
||||
</whitelist>
|
||||
</filter>
|
||||
</phpunit>
|
||||
|
@ -1,6 +1,6 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJwt\Collection;
|
||||
namespace NoccyLabs\SimpleJWT\Collection;
|
||||
|
||||
use ArrayAccess;
|
||||
use Countable;
|
||||
|
@ -1,6 +1,6 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJwt\Collection;
|
||||
namespace NoccyLabs\SimpleJWT\Collection;
|
||||
|
||||
|
||||
class PropertyException extends \RuntimeException
|
||||
|
@ -1,9 +1,9 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJwt;
|
||||
namespace NoccyLabs\SimpleJWT;
|
||||
|
||||
use NoccyLabs\SimpleJwt\Collection\PropertyBag;
|
||||
use NoccyLabs\SimpleJwt\Key\KeyInterface;
|
||||
use NoccyLabs\SimpleJWT\Collection\PropertyBag;
|
||||
use NoccyLabs\SimpleJWT\Key\KeyInterface;
|
||||
|
||||
/**
|
||||
*
|
||||
@ -13,7 +13,7 @@ use NoccyLabs\SimpleJwt\Key\KeyInterface;
|
||||
* @property-read header PropertyBag
|
||||
* @property-read claim PropertyBag
|
||||
*/
|
||||
class JwtToken
|
||||
class JWTToken
|
||||
{
|
||||
/** @var PropertyBag */
|
||||
private $header;
|
||||
@ -54,13 +54,13 @@ class JwtToken
|
||||
$this->generated = false;
|
||||
|
||||
[ $header, $payload, $signature ] = explode(".", trim($token), 3);
|
||||
$hash = JwtUtil::encode(hash_hmac("sha256", $header.".".$payload, $this->key->getBinaryKey(), true));
|
||||
$hash = JWTUtil::encode(hash_hmac("sha256", $header.".".$payload, $this->key->getBinaryKey(), true));
|
||||
if ($signature == $hash) {
|
||||
$this->valid = true;
|
||||
}
|
||||
|
||||
$this->header = new PropertyBag(json_decode(JwtUtil::decode($header), true));
|
||||
$this->claims = new PropertyBag(json_decode(JwtUtil::decode($payload), true));
|
||||
$this->header = new PropertyBag(json_decode(JWTUtil::decode($header), true));
|
||||
$this->claims = new PropertyBag(json_decode(JWTUtil::decode($payload), true));
|
||||
|
||||
if ($this->header->has('exp')) {
|
||||
$exp = intval($this->header->get('exp'));
|
||||
@ -136,9 +136,9 @@ class JwtToken
|
||||
|
||||
public function getSignedToken(): string
|
||||
{
|
||||
$header = JwtUtil::encode($this->header->getJson());
|
||||
$payload = JwtUtil::encode($this->claims->getJson());
|
||||
$hash = JwtUtil::encode(hash_hmac("sha256", $header.".".$payload, $this->key->getBinaryKey(), true));
|
||||
$header = JWTUtil::encode($this->header->getJson());
|
||||
$payload = JWTUtil::encode($this->claims->getJson());
|
||||
$hash = JWTUtil::encode(hash_hmac("sha256", $header.".".$payload, $this->key->getBinaryKey(), true));
|
||||
return $header.".".$payload.".".$hash;
|
||||
}
|
||||
|
@ -1,9 +1,9 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJwt;
|
||||
namespace NoccyLabs\SimpleJWT;
|
||||
|
||||
|
||||
class JwtUtil
|
||||
class JWTUtil
|
||||
{
|
||||
public static function encode($data) {
|
||||
return rtrim(str_replace(['+', '/'], ['-', '_'], base64_encode($data)), "=");
|
@ -1,8 +1,8 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJwt\Key;
|
||||
namespace NoccyLabs\SimpleJWT\Key;
|
||||
|
||||
class JwtDerivedKey implements KeyInterface
|
||||
class JWTDerivedKey implements KeyInterface
|
||||
{
|
||||
private $key;
|
||||
|
@ -1,8 +1,8 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJwt\Key;
|
||||
namespace NoccyLabs\SimpleJWT\Key;
|
||||
|
||||
class JwtPlaintextKey implements KeyInterface
|
||||
class JWTPlaintextKey implements KeyInterface
|
||||
{
|
||||
private $key;
|
||||
|
@ -1,6 +1,6 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJwt\Key;
|
||||
namespace NoccyLabs\SimpleJWT\Key;
|
||||
|
||||
interface KeyInterface
|
||||
{
|
||||
|
9
src/Validator/JWTClaimException.php
Normal file
9
src/Validator/JWTClaimException.php
Normal file
@ -0,0 +1,9 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJWT\Validator;
|
||||
|
||||
|
||||
class JWTClaimException extends JWTValidatorException
|
||||
{
|
||||
|
||||
}
|
8
src/Validator/JWTHeaderException.php
Normal file
8
src/Validator/JWTHeaderException.php
Normal file
@ -0,0 +1,8 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJWT\Validator;
|
||||
|
||||
class JWTHeaderException extends JWTValidatorException
|
||||
{
|
||||
|
||||
}
|
8
src/Validator/JWTTokenException.php
Normal file
8
src/Validator/JWTTokenException.php
Normal file
@ -0,0 +1,8 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJWT\Validator;
|
||||
|
||||
class JWTTokenException extends JWTValidatorException
|
||||
{
|
||||
|
||||
}
|
@ -1,11 +1,11 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJwt\Validator;
|
||||
namespace NoccyLabs\SimpleJWT\Validator;
|
||||
|
||||
use NoccyLabs\SimpleJwt\JwtToken;
|
||||
use NoccyLabs\SimpleJwt\Key\KeyInterface;
|
||||
use NoccyLabs\SimpleJWT\JWTToken;
|
||||
use NoccyLabs\SimpleJWT\Key\KeyInterface;
|
||||
|
||||
class JwtValidator
|
||||
class JWTValidator
|
||||
{
|
||||
private $requireHeaders = [];
|
||||
|
||||
@ -41,32 +41,32 @@ class JwtValidator
|
||||
$this->requireAudience = (array)$audience;
|
||||
}
|
||||
|
||||
public function validateToken(JwtToken $token)
|
||||
public function validateToken(JWTToken $token)
|
||||
{
|
||||
if (!$token->isValid()) {
|
||||
throw new JwtTokenException("The token is not valid");
|
||||
throw new JWTTokenException("The token is not valid");
|
||||
}
|
||||
|
||||
if (!$token->header->hasAll($this->requireHeaders)) {
|
||||
throw new JwtHeaderException("The token is missing one or more required headers");
|
||||
throw new JWTHeaderException("The token is missing one or more required headers");
|
||||
}
|
||||
|
||||
if (!$token->claims->hasAll($this->requireClaims)) {
|
||||
throw new JwtHeaderException("The token is missing one or more required claims");
|
||||
throw new JWTHeaderException("The token is missing one or more required claims");
|
||||
}
|
||||
|
||||
if ($this->requireIssuer) {
|
||||
$hasIssuer = $token->header->has("iss");
|
||||
if ((!$hasIssuer)
|
||||
|| (!in_array($token->header->get("iss"), $this->requireIssuer)))
|
||||
throw new JwtTokenException("Invalid issuer");
|
||||
throw new JWTTokenException("Invalid issuer");
|
||||
}
|
||||
|
||||
if ($this->requireAudience) {
|
||||
$hasAudience = $token->header->has("aud");
|
||||
if ((!$hasAudience)
|
||||
|| (!in_array($token->header->get("aud"), $this->requireAudience)))
|
||||
throw new JwtTokenException("Invalid audience");
|
||||
throw new JWTTokenException("Invalid audience");
|
||||
}
|
||||
|
||||
return true;
|
||||
@ -74,7 +74,7 @@ class JwtValidator
|
||||
|
||||
public function validate(KeyInterface $key, string $raw)
|
||||
{
|
||||
$token = new JwtToken($key, $raw);
|
||||
$token = new JWTToken($key, $raw);
|
||||
if ($this->validateToken($token)) {
|
||||
return $token;
|
||||
}
|
8
src/Validator/JWTValidatorException.php
Normal file
8
src/Validator/JWTValidatorException.php
Normal file
@ -0,0 +1,8 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJWT\Validator;
|
||||
|
||||
class JWTValidatorException extends \RuntimeException
|
||||
{
|
||||
|
||||
}
|
@ -1,9 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJwt\Validator;
|
||||
|
||||
|
||||
class JwtClaimException extends JwtValidatorException
|
||||
{
|
||||
|
||||
}
|
@ -1,8 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJwt\Validator;
|
||||
|
||||
class JwtHeaderException extends JwtValidatorException
|
||||
{
|
||||
|
||||
}
|
@ -1,8 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJwt\Validator;
|
||||
|
||||
class JwtTokenException extends JwtValidatorException
|
||||
{
|
||||
|
||||
}
|
@ -1,8 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJwt\Validator;
|
||||
|
||||
class JwtValidatorException extends \RuntimeException
|
||||
{
|
||||
|
||||
}
|
@ -1,17 +1,20 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJwt;
|
||||
namespace NoccyLabs\SimpleJWT;
|
||||
|
||||
use NoccyLabs\SimpleJwt\Key\JwtPlaintextKey;
|
||||
use NoccyLabs\SimpleJWT\Key\JWTPlaintextKey;
|
||||
|
||||
class JwtTokenTest extends \PhpUnit\Framework\TestCase
|
||||
class JWTTokenTest extends \PHPUnit\Framework\TestCase
|
||||
{
|
||||
|
||||
/**
|
||||
* @covers
|
||||
*/
|
||||
public function testGeneratingTokens()
|
||||
{
|
||||
$key = new JwtPlaintextKey("test");
|
||||
$key = new JWTPlaintextKey("test");
|
||||
|
||||
$tok = new JwtToken($key);
|
||||
$tok = new JWTToken($key);
|
||||
$tok->addClaim("foo", true);
|
||||
|
||||
$token = $tok->getSignedToken();
|
||||
@ -20,16 +23,19 @@ class JwtTokenTest extends \PhpUnit\Framework\TestCase
|
||||
$this->assertTrue($tok->isGenerated());
|
||||
}
|
||||
|
||||
/**
|
||||
* @covers
|
||||
*/
|
||||
public function testParsingTokens()
|
||||
{
|
||||
$key = new JwtPlaintextKey("test");
|
||||
$key = new JWTPlaintextKey("test");
|
||||
|
||||
$tok = new JwtToken($key);
|
||||
$tok = new JWTToken($key);
|
||||
$tok->addClaim("foo", true);
|
||||
|
||||
$token = $tok->getSignedToken();
|
||||
|
||||
$parsed = new JwtToken($key, $token);
|
||||
$parsed = new JWTToken($key, $token);
|
||||
|
||||
$this->assertTrue($parsed->isValid());
|
||||
$this->assertFalse($parsed->isGenerated());
|
||||
|
@ -1,16 +1,19 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJwt;
|
||||
namespace NoccyLabs\SimpleJWT;
|
||||
|
||||
|
||||
class JwtUtilTest extends \PhpUnit\Framework\TestCase
|
||||
class JWTUtilTest extends \PHPUnit\Framework\TestCase
|
||||
{
|
||||
|
||||
/**
|
||||
* @covers
|
||||
*/
|
||||
public function testTheEncodingShouldBeSymmetric()
|
||||
{
|
||||
$v1a = "HelloWorld";
|
||||
$v1b = JwtUtil::encode($v1a);
|
||||
$v1c = JwtUtil::decode($v1b);
|
||||
$v1b = JWTUtil::encode($v1a);
|
||||
$v1c = JWTUtil::decode($v1b);
|
||||
|
||||
$this->assertEquals($v1a, $v1c);
|
||||
$this->assertNotEquals($v1a, $v1b);
|
||||
|
@ -1,34 +1,40 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJwt\Key;
|
||||
namespace NoccyLabs\SimpleJWT\Key;
|
||||
|
||||
|
||||
class JwtDerivedKeyTest extends \PhpUnit\Framework\TestCase
|
||||
class JWTDerivedKeyTest extends \PHPUnit\Framework\TestCase
|
||||
{
|
||||
/**
|
||||
* @covers
|
||||
*/
|
||||
public function testTheDerivedKeysShouldBeConsistent()
|
||||
{
|
||||
$key1a = new JwtDerivedKey("foo", "foosalt");
|
||||
$key1b = new JwtDerivedKey("foo", "foosalt");
|
||||
$key1a = new JWTDerivedKey("foo", "foosalt");
|
||||
$key1b = new JWTDerivedKey("foo", "foosalt");
|
||||
$this->assertNotNull($key1a);
|
||||
$this->assertEquals($key1a->getBinaryKey(), $key1b->getBinaryKey());
|
||||
|
||||
$key2a = new JwtDerivedKey("bar", "foosalt");
|
||||
$key2b = new JwtDerivedKey("bar", "barsalt");
|
||||
$key2c = new JwtDerivedKey("bar", "barsalt");
|
||||
$key2a = new JWTDerivedKey("bar", "foosalt");
|
||||
$key2b = new JWTDerivedKey("bar", "barsalt");
|
||||
$key2c = new JWTDerivedKey("bar", "barsalt");
|
||||
$this->assertNotNull($key2a);
|
||||
$this->assertNotEquals($key2a->getBinaryKey(), $key2b->getBinaryKey());
|
||||
$this->assertEquals($key2b->getBinaryKey(), $key2c->getBinaryKey());
|
||||
}
|
||||
|
||||
/**
|
||||
* @covers
|
||||
*/
|
||||
public function testTheDerivedKeysShouldBeUnique()
|
||||
{
|
||||
$keys = [];
|
||||
$keys[] = (new JwtDerivedKey("foo", "foosalt"))->getBinaryKey();
|
||||
$keys[] = (new JwtDerivedKey("foo", "barsalt"))->getBinaryKey();
|
||||
$keys[] = (new JwtDerivedKey("foo", "bazsalt"))->getBinaryKey();
|
||||
$keys[] = (new JwtDerivedKey("bar", "foosalt"))->getBinaryKey();
|
||||
$keys[] = (new JwtDerivedKey("bar", "barsalt"))->getBinaryKey();
|
||||
$keys[] = (new JwtDerivedKey("bar", "bazsalt"))->getBinaryKey();
|
||||
$keys[] = (new JWTDerivedKey("foo", "foosalt"))->getBinaryKey();
|
||||
$keys[] = (new JWTDerivedKey("foo", "barsalt"))->getBinaryKey();
|
||||
$keys[] = (new JWTDerivedKey("foo", "bazsalt"))->getBinaryKey();
|
||||
$keys[] = (new JWTDerivedKey("bar", "foosalt"))->getBinaryKey();
|
||||
$keys[] = (new JWTDerivedKey("bar", "barsalt"))->getBinaryKey();
|
||||
$keys[] = (new JWTDerivedKey("bar", "bazsalt"))->getBinaryKey();
|
||||
|
||||
$unique = array_unique($keys);
|
||||
$this->assertEquals(count($keys), count($unique));
|
||||
|
@ -1,16 +1,19 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJwt\Key;
|
||||
namespace NoccyLabs\SimpleJWT\Key;
|
||||
|
||||
|
||||
class JwtPlaintextKeyTest extends \PhpUnit\Framework\TestCase
|
||||
class JWTPlaintextKeyTest extends \PHPUnit\Framework\TestCase
|
||||
{
|
||||
/**
|
||||
* @covers
|
||||
*/
|
||||
public function testThePlaintextKeyShouldBeReturned()
|
||||
{
|
||||
$key = new JwtPlaintextKey("foo");
|
||||
$key = new JWTPlaintextKey("foo");
|
||||
$this->assertEquals("foo", $key->getBinaryKey());
|
||||
|
||||
$key = new JwtPlaintextKey("bar");
|
||||
$key = new JWTPlaintextKey("bar");
|
||||
$this->assertEquals("bar", $key->getBinaryKey());
|
||||
}
|
||||
}
|
@ -1,49 +1,56 @@
|
||||
<?php
|
||||
|
||||
namespace NoccyLabs\SimpleJwt\Validator;
|
||||
namespace NoccyLabs\SimpleJWT\Validator;
|
||||
|
||||
use NoccyLabs\SimpleJwt\JwtToken;
|
||||
use NoccyLabs\SimpleJwt\Key\JwtPlaintextKey;
|
||||
use NoccyLabs\SimpleJWT\JWTToken;
|
||||
use NoccyLabs\SimpleJWT\Key\JWTPlaintextKey;
|
||||
|
||||
class JwtValidatorTest extends \PhpUnit\Framework\TestCase
|
||||
class JWTValidatorTest extends \PHPUnit\Framework\TestCase
|
||||
{
|
||||
|
||||
/**
|
||||
* @covers
|
||||
*/
|
||||
public function testValidTokensShouldPassWithDefaultConfiguration()
|
||||
{
|
||||
$key = new JwtPlaintextKey("key");
|
||||
$token = new JwtToken($key);
|
||||
$key = new JWTPlaintextKey("key");
|
||||
$token = new JWTToken($key);
|
||||
|
||||
$validator = new JwtValidator();
|
||||
$validator = new JWTValidator();
|
||||
$valid = $validator->validateToken($token);
|
||||
$this->assertEquals(true, $valid);
|
||||
}
|
||||
|
||||
/**
|
||||
* @covers
|
||||
*/
|
||||
public function testExpiredTokensShouldFailWithException()
|
||||
{
|
||||
$key = new JwtPlaintextKey("key");
|
||||
$token = new JwtToken($key);
|
||||
$key = new JWTPlaintextKey("key");
|
||||
$token = new JWTToken($key);
|
||||
$token->header->set("exp", 0);
|
||||
|
||||
$token = new JwtToken($key, $token->getSignedToken());
|
||||
$token = new JWTToken($key, $token->getSignedToken());
|
||||
|
||||
$validator = new JwtValidator();
|
||||
$this->expectException(JwtTokenException::class);
|
||||
$validator = new JWTValidator();
|
||||
$this->expectException(JWTTokenException::class);
|
||||
$valid = $validator->validateToken($token);
|
||||
}
|
||||
|
||||
/**
|
||||
* @covers
|
||||
* @dataProvider tokenGenerator
|
||||
*/
|
||||
public function testPinningIssuer($issuer,$audience,$key,$token)
|
||||
{
|
||||
$goodIssuer = "a-dom.tld";
|
||||
$jwtKey = new JwtPlaintextKey($key);
|
||||
$jwtToken = new JwtToken($jwtKey, $token);
|
||||
$jwtKey = new JWTPlaintextKey($key);
|
||||
$jwtToken = new JWTToken($jwtKey, $token);
|
||||
|
||||
$validator = new JwtValidator();
|
||||
$validator = new JWTValidator();
|
||||
$validator->requireIssuer($goodIssuer);
|
||||
if ($goodIssuer != $issuer) {
|
||||
$this->expectException(JwtTokenException::class);
|
||||
$this->expectException(JWTTokenException::class);
|
||||
}
|
||||
$valid = $validator->validateToken($jwtToken);
|
||||
if ($goodIssuer == $issuer) {
|
||||
@ -52,18 +59,19 @@ class JwtValidatorTest extends \PhpUnit\Framework\TestCase
|
||||
}
|
||||
|
||||
/**
|
||||
* @covers
|
||||
* @dataProvider tokenGenerator
|
||||
*/
|
||||
public function testPinningAudience($issuer,$audience,$key,$token)
|
||||
{
|
||||
$goodAudience = [ "a-dom.tld", "app.a-dom.tld" ];
|
||||
$jwtKey = new JwtPlaintextKey($key);
|
||||
$jwtToken = new JwtToken($jwtKey, $token);
|
||||
$jwtKey = new JWTPlaintextKey($key);
|
||||
$jwtToken = new JWTToken($jwtKey, $token);
|
||||
|
||||
$validator = new JwtValidator();
|
||||
$validator = new JWTValidator();
|
||||
$validator->requireAudience($goodAudience);
|
||||
if (!in_array($audience, $goodAudience)) {
|
||||
$this->expectException(JwtTokenException::class);
|
||||
$this->expectException(JWTTokenException::class);
|
||||
}
|
||||
$valid = $validator->validateToken($jwtToken);
|
||||
if (in_array($audience, $goodAudience)) {
|
||||
@ -72,20 +80,21 @@ class JwtValidatorTest extends \PhpUnit\Framework\TestCase
|
||||
}
|
||||
|
||||
/**
|
||||
* @covers
|
||||
* @dataProvider tokenGenerator
|
||||
*/
|
||||
public function testPinningBoth($issuer,$audience,$key,$token)
|
||||
{
|
||||
$goodIssuer = "a-dom.tld";
|
||||
$goodAudience = [ "a-dom.tld", "app.a-dom.tld" ];
|
||||
$jwtKey = new JwtPlaintextKey($key);
|
||||
$jwtToken = new JwtToken($jwtKey, $token);
|
||||
$jwtKey = new JWTPlaintextKey($key);
|
||||
$jwtToken = new JWTToken($jwtKey, $token);
|
||||
|
||||
$validator = new JwtValidator();
|
||||
$validator = new JWTValidator();
|
||||
$validator->requireIssuer($goodIssuer);
|
||||
$validator->requireAudience($goodAudience);
|
||||
if (($goodIssuer != $issuer) || (!in_array($audience, $goodAudience))) {
|
||||
$this->expectException(JwtTokenException::class);
|
||||
$this->expectException(JWTTokenException::class);
|
||||
}
|
||||
$valid = $validator->validateToken($jwtToken);
|
||||
if (($goodIssuer == $issuer) && (in_array($audience, $goodAudience))) {
|
||||
@ -93,21 +102,21 @@ class JwtValidatorTest extends \PhpUnit\Framework\TestCase
|
||||
}
|
||||
}
|
||||
|
||||
public function tokenGenerator()
|
||||
public static function tokenGenerator()
|
||||
{
|
||||
$keyrand = function () {
|
||||
return substr(sha1(microtime(true).rand(0,65535)), 5, 10);
|
||||
};
|
||||
$token = function ($head,$claims,$key) {
|
||||
$jwtKey = new JwtPlaintextKey($key);
|
||||
$tok = new JwtToken($jwtKey);
|
||||
$jwtKey = new JWTPlaintextKey($key);
|
||||
$tok = new JWTToken($jwtKey);
|
||||
$tok->header->setAll($head);
|
||||
$tok->claims->setAll($claims);
|
||||
return $tok->getSignedToken();
|
||||
};
|
||||
$row = function ($iss, $aud, array $claims) use ($keyrand, $token) {
|
||||
$key = $keyrand();
|
||||
$jwtKey = new JwtPlaintextKey($key);
|
||||
$jwtKey = new JWTPlaintextKey($key);
|
||||
return [
|
||||
$iss,
|
||||
$aud,
|
||||
|
Loading…
Reference in New Issue
Block a user