diff --git a/.gitignore b/.gitignore index 0e907aa..cdea533 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ infection.log coverage.xml Dockerfile docker-compose.yml +.phpunit.result.cache diff --git a/.travis.yml b/.travis.yml index 3a9bdba..5cdf857 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,9 +1,10 @@ language: php php: -- 7.1 - 7.2 - 7.3 +- 7.4 install: +- composer validate --strict - travis_retry composer install --no-interaction --no-suggest --prefer-source --dev script: - composer pipeline diff --git a/README.md b/README.md index abd7653..7801d26 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ PSR-JWT is a middleware library which allows you to authorise JSON Web Tokens contained in a web request. It is [PSR-7](https://www.php-fig.org/psr/psr-7/) and [PSR-15](https://www.php-fig.org/psr/psr-15/) compliant and built on top of [ReallySimpleJWT](https://github.com/RobDWaller/ReallySimpleJWT). -The library also allows you to generate JSON Web Tokens and the PSR-7 PSR-15 compliant middleware can be added to any compatible framework, such as [Slim PHP](http://www.slimframework.com/). +The library also allows you to generate JSON Web Tokens and the PSR-7 / PSR-15 compliant middleware can be added to any compatible framework, such as [Slim PHP](http://www.slimframework.com/). For more information on JSON Web Tokens please read [RFC 7519](https://tools.ietf.org/html/rfc7519). Also to learn more about how to pass JSON Web Tokens to web applications please read up on bearer token authorisation in [RFC 6750](https://tools.ietf.org/html/rfc6750). @@ -14,7 +14,7 @@ For more information on JSON Web Tokens please read [RFC 7519](https://tools.iet - [Slim PHP Example Implementation](#slim-php-example-implementation) - [Generate JSON Web Token](#generate-json-web-token) - [Parse and Validate JSON Web Token](#parse-and-validate-json-web-token) - - [Retrieve Token From the Request](retrieve-token-from-the-request) + - [Retrieve Token From Request](#retrieve-token-from-request) - [Advanced Usage](#advanced-usage) - [Handlers](#handlers) - [Create Custom Handler](#create-custom-handler) @@ -72,7 +72,7 @@ $app->get('/jwt', function (Request $request, Response $response) { })->add(\PsrJwt\Factory\JwtMiddleware::html('Secret123!456$', 'jwt', 'Authorisation Failed')); ``` -### Generate a JSON Web Token +### Generate JSON Web Token To generate JSON Web Tokens PsrJwt offers a wrapper for the library [ReallySimpleJWT](https://github.com/RobDWaller/ReallySimpleJWT). You can create an instance of the ReallySimpleJWT builder by calling the built in factory method. @@ -108,11 +108,11 @@ $parser->parse(); For more information on creating, parsing and validating tokens please read the [ReallySimpleJWT](https://github.com/RobDWaller/ReallySimpleJWT/blob/master/readme.md) documentation. -### Retrieve Token From the Request +### Retrieve Token From Request If you would like to retrieve the JSON Web Token from the request outside of the normal middleware authorisation flow you can use the request helper class. -It allows you to retrive the token itself or just access the token's payload or header. +It allows you to retrieve the token itself or just access the token's payload or header. ```php require 'vendor/autoload.php'; @@ -171,6 +171,7 @@ Next you will need to extend the `PsrJwt\Auth\Authorise` class as this will give ```php // An example JWT Authorisation Handler. use PsrJwt\Auth\Authorise; +use PsrJwt\JwtAuthMiddleware; use Psr\Http\Server\RequestHandlerInterface; use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ServerRequestInterface; @@ -196,6 +197,15 @@ class MyHandler extends Authorise implements RequestHandlerInterface ); } } + +// Add Handler to Middleware. +$middleware = new JwtAuthMiddleware(new MyHandler('secret', 'token-key')); + +// Add Middleware to Slim PHP route. +$app->get('/my/route', function (ServerRequestInterface $request, ResponseInterface $response) { + $response->getBody()->write("OK!"); + return $response; +})->add($middleware); ``` ## License diff --git a/composer.json b/composer.json index 4cb68b8..e8ecf19 100644 --- a/composer.json +++ b/composer.json @@ -11,21 +11,21 @@ } ], "require": { - "php": ">=7.1.0", - "rbdwllr/reallysimplejwt": "^2.0", + "php": ">=7.2.0", + "rbdwllr/reallysimplejwt": "^3.0", "psr/http-message": "^1.0", "psr/http-server-middleware": "^1.0", - "nyholm/psr7": "^1.1" + "nyholm/psr7": "^1.2" }, "require-dev": { - "phpunit/phpunit": "^7.0", + "phpunit/phpunit": "^8.0", "phpstan/phpstan": "^0.11", "phpstan/phpstan-mockery": "^0.11", - "phpmd/phpmd": "2.6.*", + "phpmd/phpmd": "^2.7", "squizlabs/php_codesniffer": "^3.0", - "mockery/mockery": "^1.2", - "infection/infection": "^0.12.2", - "phploc/phploc": "^4.0", + "mockery/mockery": "^1.3", + "infection/infection": "^0.14", + "phploc/phploc": "^5.0", "sebastian/phpcpd": "^4.0" }, "autoload": { diff --git a/phpunit.xml b/phpunit.xml index b934da9..4f36b59 100644 --- a/phpunit.xml +++ b/phpunit.xml @@ -1,6 +1,6 @@ invokeArgs($auth, [$request]); } - public function tearDown() + public function tearDown(): void { m::close(); } diff --git a/tests/Handler/HtmlTest.php b/tests/Handler/HtmlTest.php index f961d35..67488de 100644 --- a/tests/Handler/HtmlTest.php +++ b/tests/Handler/HtmlTest.php @@ -214,7 +214,7 @@ public function testAuthoriseUnauthorized() $this->assertSame('

Fail!

', $result->getBody()->__toString()); } - public function tearDown() + public function tearDown(): void { m::close(); } diff --git a/tests/JwtAuthMiddlewareTest.php b/tests/JwtAuthMiddlewareTest.php index a05a7e1..3402800 100644 --- a/tests/JwtAuthMiddlewareTest.php +++ b/tests/JwtAuthMiddlewareTest.php @@ -230,7 +230,7 @@ public function testInvokeFail() $this->assertSame('Unauthorized: Signature is invalid.', $result->getReasonPhrase()); } - public function tearDown() + public function tearDown(): void { m::close(); } diff --git a/tests/Parser/BearerTest.php b/tests/Parser/BearerTest.php index f2e920f..b541c55 100644 --- a/tests/Parser/BearerTest.php +++ b/tests/Parser/BearerTest.php @@ -55,7 +55,7 @@ public function testParseInvalid() $this->assertEmpty($result); } - public function tearDown() + public function tearDown(): void { m::close(); } diff --git a/tests/Parser/BodyTest.php b/tests/Parser/BodyTest.php index 44da163..a13e9bf 100644 --- a/tests/Parser/BodyTest.php +++ b/tests/Parser/BodyTest.php @@ -141,7 +141,7 @@ public function testParseBodyObjectNoObject() $this->assertSame('', $result); } - public function tearDown() + public function tearDown(): void { m::close(); } diff --git a/tests/Parser/CookieTest.php b/tests/Parser/CookieTest.php index 9c5b61b..ac2c107 100644 --- a/tests/Parser/CookieTest.php +++ b/tests/Parser/CookieTest.php @@ -38,7 +38,7 @@ public function testParse() $this->assertSame('abc.def.ghi', $result); } - public function tearDown() + public function tearDown(): void { m::close(); } diff --git a/tests/Parser/ParseTest.php b/tests/Parser/ParseTest.php index 0460806..25b93fd 100644 --- a/tests/Parser/ParseTest.php +++ b/tests/Parser/ParseTest.php @@ -89,7 +89,7 @@ public function testFindTokenFail() $this->assertEmpty($result); } - public function tearDown() + public function tearDown(): void { m::close(); } diff --git a/tests/Parser/QueryTest.php b/tests/Parser/QueryTest.php index af7c60d..07ce9cb 100644 --- a/tests/Parser/QueryTest.php +++ b/tests/Parser/QueryTest.php @@ -38,7 +38,7 @@ public function testParse() $this->assertSame('abc.def.ghi', $result); } - public function tearDown() + public function tearDown(): void { m::close(); }