Compare commits
6 Commits
Author | SHA1 | Date |
---|---|---|
Chris | f83998e6c7 | |
Chris | 369514589f | |
Chris | b0566e3148 | |
Chris | c5dd773026 | |
Chris | 5c422226fd | |
Chris | e30ded1e66 |
|
@ -0,0 +1,7 @@
|
||||||
|
pipeline:
|
||||||
|
phpunit:
|
||||||
|
image: walkero/phpunit-alpine:php8.1-phpunit9
|
||||||
|
commands:
|
||||||
|
- composer install
|
||||||
|
- vendor/bin/phpunit --testdox --no-progress
|
||||||
|
- vendor/bin/phpstan --no-progress
|
|
@ -0,0 +1,14 @@
|
||||||
|
# SimpleJWT ChangeLog
|
||||||
|
|
||||||
|
## 0.2.1
|
||||||
|
|
||||||
|
- Mostly code cleanup
|
||||||
|
|
||||||
|
## 0.2.0
|
||||||
|
|
||||||
|
- Class- and filenames have had their case changed (`Jwt`→`JWT`)
|
||||||
|
- Added phpstan for static analysis
|
||||||
|
|
||||||
|
## 0.1.0
|
||||||
|
|
||||||
|
- Initial release
|
|
@ -70,13 +70,35 @@ class JWTToken
|
||||||
$this->valid = false;
|
$this->valid = false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($this->header->has('nbf')) {
|
||||||
|
$nbf = intval($this->header->get('nbf'));
|
||||||
|
if ($nbf >= time()) {
|
||||||
|
// Invalid if before
|
||||||
|
$this->valid = false;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns true if the expiry is not in the past.
|
||||||
|
*
|
||||||
|
* NOTE: This function will return true if the expiry header is missing, and
|
||||||
|
* it will not validate any claims. For actual verification of a token matching
|
||||||
|
* issuers, audience or other claims, see Validator\JWTValidator.
|
||||||
|
*
|
||||||
|
* @return bool True if the token expiry timestamp is missing or in the future
|
||||||
|
*/
|
||||||
public function isValid(): bool
|
public function isValid(): bool
|
||||||
{
|
{
|
||||||
return $this->valid;
|
return $this->valid;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns true if the token was generated as opposed to parsed.
|
||||||
|
*
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
public function isGenerated(): bool
|
public function isGenerated(): bool
|
||||||
{
|
{
|
||||||
return $this->generated;
|
return $this->generated;
|
||||||
|
@ -90,16 +112,44 @@ class JWTToken
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Add a claim to a token. Throws an exception if the claim already exists.
|
||||||
|
*
|
||||||
|
* @param string $name The name of the claim
|
||||||
|
* @param mixed $value Claim value
|
||||||
|
* @throws \NoccyLabs\SimpleJWT\Collection\PropertyException if the claim already exists.
|
||||||
|
*/
|
||||||
public function addClaim(string $name, $value)
|
public function addClaim(string $name, $value)
|
||||||
{
|
{
|
||||||
$this->claims->add($name, $value);
|
$this->claims->add($name, $value);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Add a claim to a token. If the claim already exists it will be updated with
|
||||||
|
* the provided value.
|
||||||
|
*
|
||||||
|
* @param string $name The name of the claim
|
||||||
|
* @param mixed $value Claim value
|
||||||
|
*/
|
||||||
public function setClaim(string $name, $value)
|
public function setClaim(string $name, $value)
|
||||||
{
|
{
|
||||||
$this->claims->set($name, $value);
|
$this->claims->set($name, $value);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Set the time of expiry for the token.
|
||||||
|
*
|
||||||
|
* The expiry can be supplied as:
|
||||||
|
* - \DateTime instance
|
||||||
|
* - Unixtime as an integer
|
||||||
|
* - A string represening the expiry time
|
||||||
|
* - A period followed by a letter (m,h,d,w)
|
||||||
|
* - null, to unset the expiry
|
||||||
|
*
|
||||||
|
* @param string|int|\DateTime $expiry
|
||||||
|
* @return void
|
||||||
|
* @throws \InvalidArgumentException if the argument can not be interpreted
|
||||||
|
*/
|
||||||
public function setExpiry($expiry)
|
public function setExpiry($expiry)
|
||||||
{
|
{
|
||||||
if ($expiry instanceof \DateTime) {
|
if ($expiry instanceof \DateTime) {
|
||||||
|
|
|
@ -47,6 +47,18 @@ class JWTValidator
|
||||||
throw new JWTTokenException("The token is not valid");
|
throw new JWTTokenException("The token is not valid");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($token->claims->has("nbf")) {
|
||||||
|
$notBefore = intval($token->claims->get("nbf"));
|
||||||
|
if (time() < $notBefore)
|
||||||
|
throw new JWTTokenException("Token not yet valid");
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($token->claims->has("exp")) {
|
||||||
|
$notAfter = intval($token->claims->get("exp"));
|
||||||
|
if (time() > $notAfter)
|
||||||
|
throw new JWTTokenException("Token no longer valid");
|
||||||
|
}
|
||||||
|
|
||||||
if (!$token->header->hasAll($this->requireHeaders)) {
|
if (!$token->header->hasAll($this->requireHeaders)) {
|
||||||
throw new JWTHeaderException("The token is missing one or more required headers");
|
throw new JWTHeaderException("The token is missing one or more required headers");
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,7 +8,10 @@ class JWTTokenTest extends \PHPUnit\Framework\TestCase
|
||||||
{
|
{
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @covers
|
* @covers NoccyLabs\SimpleJWT\JWTToken
|
||||||
|
* @covers NoccyLabs\SimpleJWT\Key\JWTPlaintextKey
|
||||||
|
* @covers NoccyLabs\SimpleJWT\Collection\PropertyBag
|
||||||
|
* @covers NoccyLabs\SimpleJWT\JWTUtil
|
||||||
*/
|
*/
|
||||||
public function testGeneratingTokens()
|
public function testGeneratingTokens()
|
||||||
{
|
{
|
||||||
|
@ -24,7 +27,10 @@ class JWTTokenTest extends \PHPUnit\Framework\TestCase
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @covers
|
* @covers NoccyLabs\SimpleJWT\JWTToken
|
||||||
|
* @covers NoccyLabs\SimpleJWT\Key\JWTPlaintextKey
|
||||||
|
* @covers NoccyLabs\SimpleJWT\Collection\PropertyBag
|
||||||
|
* @covers NoccyLabs\SimpleJWT\JWTUtil
|
||||||
*/
|
*/
|
||||||
public function testParsingTokens()
|
public function testParsingTokens()
|
||||||
{
|
{
|
|
@ -7,7 +7,8 @@ class JWTUtilTest extends \PHPUnit\Framework\TestCase
|
||||||
{
|
{
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @covers
|
* @covers \NoccyLabs\SimpleJWT\JWTUtil::encode
|
||||||
|
* @covers \NoccyLabs\SimpleJWT\JWTUtil::decode
|
||||||
*/
|
*/
|
||||||
public function testTheEncodingShouldBeSymmetric()
|
public function testTheEncodingShouldBeSymmetric()
|
||||||
{
|
{
|
|
@ -6,7 +6,7 @@ namespace NoccyLabs\SimpleJWT\Key;
|
||||||
class JWTDerivedKeyTest extends \PHPUnit\Framework\TestCase
|
class JWTDerivedKeyTest extends \PHPUnit\Framework\TestCase
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* @covers
|
* @covers \NoccyLabs\SimpleJWT\Key\JWTDerivedKey
|
||||||
*/
|
*/
|
||||||
public function testTheDerivedKeysShouldBeConsistent()
|
public function testTheDerivedKeysShouldBeConsistent()
|
||||||
{
|
{
|
||||||
|
@ -24,7 +24,7 @@ class JWTDerivedKeyTest extends \PHPUnit\Framework\TestCase
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @covers
|
* @covers \NoccyLabs\SimpleJWT\Key\JWTDerivedKey
|
||||||
*/
|
*/
|
||||||
public function testTheDerivedKeysShouldBeUnique()
|
public function testTheDerivedKeysShouldBeUnique()
|
||||||
{
|
{
|
|
@ -6,7 +6,7 @@ namespace NoccyLabs\SimpleJWT\Key;
|
||||||
class JWTPlaintextKeyTest extends \PHPUnit\Framework\TestCase
|
class JWTPlaintextKeyTest extends \PHPUnit\Framework\TestCase
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* @covers
|
* @covers \NoccyLabs\SimpleJWT\Key\JWTPlaintextKey
|
||||||
*/
|
*/
|
||||||
public function testThePlaintextKeyShouldBeReturned()
|
public function testThePlaintextKeyShouldBeReturned()
|
||||||
{
|
{
|
|
@ -9,7 +9,11 @@ class JWTValidatorTest extends \PHPUnit\Framework\TestCase
|
||||||
{
|
{
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @covers
|
* @covers \NoccyLabs\SimpleJWT\Key\JWTPlaintextKey
|
||||||
|
* @covers \NoccyLabs\SimpleJWT\JWTToken
|
||||||
|
* @covers \NoccyLabs\SimpleJWT\Validator\JWTValidator
|
||||||
|
* @covers NoccyLabs\SimpleJWT\Collection\PropertyBag
|
||||||
|
* @covers NoccyLabs\SimpleJWT\JWTUtil
|
||||||
*/
|
*/
|
||||||
public function testValidTokensShouldPassWithDefaultConfiguration()
|
public function testValidTokensShouldPassWithDefaultConfiguration()
|
||||||
{
|
{
|
||||||
|
@ -22,7 +26,12 @@ class JWTValidatorTest extends \PHPUnit\Framework\TestCase
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @covers
|
* @covers \NoccyLabs\SimpleJWT\Validator\JWTValidator
|
||||||
|
* @covers \NoccyLabs\SimpleJWT\Key\JWTPlaintextKey
|
||||||
|
* @covers \NoccyLabs\SimpleJWT\JWTToken
|
||||||
|
* @covers \NoccyLabs\SimpleJWT\Validator\JWTTokenException
|
||||||
|
* @covers NoccyLabs\SimpleJWT\Collection\PropertyBag
|
||||||
|
* @covers NoccyLabs\SimpleJWT\JWTUtil
|
||||||
*/
|
*/
|
||||||
public function testExpiredTokensShouldFailWithException()
|
public function testExpiredTokensShouldFailWithException()
|
||||||
{
|
{
|
||||||
|
@ -38,7 +47,12 @@ class JWTValidatorTest extends \PHPUnit\Framework\TestCase
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @covers
|
* @covers \NoccyLabs\SimpleJWT\Validator\JWTValidator
|
||||||
|
* @covers \NoccyLabs\SimpleJWT\Key\JWTPlaintextKey
|
||||||
|
* @covers \NoccyLabs\SimpleJWT\JWTToken
|
||||||
|
* @covers \NoccyLabs\SimpleJWT\Validator\JWTTokenException
|
||||||
|
* @covers NoccyLabs\SimpleJWT\Collection\PropertyBag
|
||||||
|
* @covers NoccyLabs\SimpleJWT\JWTUtil
|
||||||
* @dataProvider tokenGenerator
|
* @dataProvider tokenGenerator
|
||||||
*/
|
*/
|
||||||
public function testPinningIssuer($issuer,$audience,$key,$token)
|
public function testPinningIssuer($issuer,$audience,$key,$token)
|
||||||
|
@ -59,7 +73,12 @@ class JWTValidatorTest extends \PHPUnit\Framework\TestCase
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @covers
|
* @covers \NoccyLabs\SimpleJWT\Validator\JWTValidator
|
||||||
|
* @covers \NoccyLabs\SimpleJWT\Key\JWTPlaintextKey
|
||||||
|
* @covers \NoccyLabs\SimpleJWT\JWTToken
|
||||||
|
* @covers \NoccyLabs\SimpleJWT\Validator\JWTTokenException
|
||||||
|
* @covers NoccyLabs\SimpleJWT\Collection\PropertyBag
|
||||||
|
* @covers NoccyLabs\SimpleJWT\JWTUtil
|
||||||
* @dataProvider tokenGenerator
|
* @dataProvider tokenGenerator
|
||||||
*/
|
*/
|
||||||
public function testPinningAudience($issuer,$audience,$key,$token)
|
public function testPinningAudience($issuer,$audience,$key,$token)
|
||||||
|
@ -80,7 +99,12 @@ class JWTValidatorTest extends \PHPUnit\Framework\TestCase
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @covers
|
* @covers \NoccyLabs\SimpleJWT\Validator\JWTValidator
|
||||||
|
* @covers \NoccyLabs\SimpleJWT\Key\JWTPlaintextKey
|
||||||
|
* @covers \NoccyLabs\SimpleJWT\JWTToken
|
||||||
|
* @covers \NoccyLabs\SimpleJWT\Validator\JWTTokenException
|
||||||
|
* @covers NoccyLabs\SimpleJWT\Collection\PropertyBag
|
||||||
|
* @covers NoccyLabs\SimpleJWT\JWTUtil
|
||||||
* @dataProvider tokenGenerator
|
* @dataProvider tokenGenerator
|
||||||
*/
|
*/
|
||||||
public function testPinningBoth($issuer,$audience,$key,$token)
|
public function testPinningBoth($issuer,$audience,$key,$token)
|
Loading…
Reference in New Issue