From b3332cc6c52ed394fecb82d823b9161805006618 Mon Sep 17 00:00:00 2001 From: RobDWaller Date: Tue, 18 Feb 2020 07:34:16 +0000 Subject: [PATCH 1/9] Updated dependency versions in composer.json and set minimum php version to 7.2. --- composer.json | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/composer.json b/composer.json index 4cb68b8..e8ecf19 100644 --- a/composer.json +++ b/composer.json @@ -11,21 +11,21 @@ } ], "require": { - "php": ">=7.1.0", - "rbdwllr/reallysimplejwt": "^2.0", + "php": ">=7.2.0", + "rbdwllr/reallysimplejwt": "^3.0", "psr/http-message": "^1.0", "psr/http-server-middleware": "^1.0", - "nyholm/psr7": "^1.1" + "nyholm/psr7": "^1.2" }, "require-dev": { - "phpunit/phpunit": "^7.0", + "phpunit/phpunit": "^8.0", "phpstan/phpstan": "^0.11", "phpstan/phpstan-mockery": "^0.11", - "phpmd/phpmd": "2.6.*", + "phpmd/phpmd": "^2.7", "squizlabs/php_codesniffer": "^3.0", - "mockery/mockery": "^1.2", - "infection/infection": "^0.12.2", - "phploc/phploc": "^4.0", + "mockery/mockery": "^1.3", + "infection/infection": "^0.14", + "phploc/phploc": "^5.0", "sebastian/phpcpd": "^4.0" }, "autoload": { From 6fb04fa576e9f29e2d7c3ce474b1e9ae90b1f4f6 Mon Sep 17 00:00:00 2001 From: RobDWaller Date: Tue, 18 Feb 2020 07:34:52 +0000 Subject: [PATCH 2/9] Updated ci pipeline to run against php 7.4 and drop php 7.1 support. --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 3a9bdba..d94641d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,8 +1,8 @@ language: php php: -- 7.1 - 7.2 - 7.3 +- 7.4 install: - travis_retry composer install --no-interaction --no-suggest --prefer-source --dev script: From 31a948651753898da241755881d588ee14d4925a Mon Sep 17 00:00:00 2001 From: RobDWaller Date: Tue, 18 Feb 2020 07:35:25 +0000 Subject: [PATCH 3/9] Updated phpunit.xml config to version 8.5 of library. --- phpunit.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpunit.xml b/phpunit.xml index b934da9..4f36b59 100644 --- a/phpunit.xml +++ b/phpunit.xml @@ -1,6 +1,6 @@ Date: Tue, 18 Feb 2020 07:38:28 +0000 Subject: [PATCH 4/9] Updated unit tests to work with updated mockery pacakge tearDown interface. --- tests/Auth/AuthoriseTest.php | 2 +- tests/Handler/HtmlTest.php | 2 +- tests/JwtAuthMiddlewareTest.php | 2 +- tests/Parser/BearerTest.php | 2 +- tests/Parser/BodyTest.php | 2 +- tests/Parser/CookieTest.php | 2 +- tests/Parser/ParseTest.php | 2 +- tests/Parser/QueryTest.php | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/Auth/AuthoriseTest.php b/tests/Auth/AuthoriseTest.php index 84d3f8b..e8ce02e 100644 --- a/tests/Auth/AuthoriseTest.php +++ b/tests/Auth/AuthoriseTest.php @@ -461,7 +461,7 @@ public function testGetTokenNoToken() $result = $method->invokeArgs($auth, [$request]); } - public function tearDown() + public function tearDown(): void { m::close(); } diff --git a/tests/Handler/HtmlTest.php b/tests/Handler/HtmlTest.php index f961d35..67488de 100644 --- a/tests/Handler/HtmlTest.php +++ b/tests/Handler/HtmlTest.php @@ -214,7 +214,7 @@ public function testAuthoriseUnauthorized() $this->assertSame('

Fail!

', $result->getBody()->__toString()); } - public function tearDown() + public function tearDown(): void { m::close(); } diff --git a/tests/JwtAuthMiddlewareTest.php b/tests/JwtAuthMiddlewareTest.php index a05a7e1..3402800 100644 --- a/tests/JwtAuthMiddlewareTest.php +++ b/tests/JwtAuthMiddlewareTest.php @@ -230,7 +230,7 @@ public function testInvokeFail() $this->assertSame('Unauthorized: Signature is invalid.', $result->getReasonPhrase()); } - public function tearDown() + public function tearDown(): void { m::close(); } diff --git a/tests/Parser/BearerTest.php b/tests/Parser/BearerTest.php index f2e920f..b541c55 100644 --- a/tests/Parser/BearerTest.php +++ b/tests/Parser/BearerTest.php @@ -55,7 +55,7 @@ public function testParseInvalid() $this->assertEmpty($result); } - public function tearDown() + public function tearDown(): void { m::close(); } diff --git a/tests/Parser/BodyTest.php b/tests/Parser/BodyTest.php index 44da163..a13e9bf 100644 --- a/tests/Parser/BodyTest.php +++ b/tests/Parser/BodyTest.php @@ -141,7 +141,7 @@ public function testParseBodyObjectNoObject() $this->assertSame('', $result); } - public function tearDown() + public function tearDown(): void { m::close(); } diff --git a/tests/Parser/CookieTest.php b/tests/Parser/CookieTest.php index 9c5b61b..ac2c107 100644 --- a/tests/Parser/CookieTest.php +++ b/tests/Parser/CookieTest.php @@ -38,7 +38,7 @@ public function testParse() $this->assertSame('abc.def.ghi', $result); } - public function tearDown() + public function tearDown(): void { m::close(); } diff --git a/tests/Parser/ParseTest.php b/tests/Parser/ParseTest.php index 0460806..25b93fd 100644 --- a/tests/Parser/ParseTest.php +++ b/tests/Parser/ParseTest.php @@ -89,7 +89,7 @@ public function testFindTokenFail() $this->assertEmpty($result); } - public function tearDown() + public function tearDown(): void { m::close(); } diff --git a/tests/Parser/QueryTest.php b/tests/Parser/QueryTest.php index af7c60d..07ce9cb 100644 --- a/tests/Parser/QueryTest.php +++ b/tests/Parser/QueryTest.php @@ -38,7 +38,7 @@ public function testParse() $this->assertSame('abc.def.ghi', $result); } - public function tearDown() + public function tearDown(): void { m::close(); } From 9c58bf032021874748672979e214390198a34101 Mon Sep 17 00:00:00 2001 From: RobDWaller Date: Tue, 18 Feb 2020 07:48:11 +0000 Subject: [PATCH 5/9] Updated the JWT Factory to work with version 3.0 of ReallySimpleJWT. --- src/Factory/Jwt.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/Factory/Jwt.php b/src/Factory/Jwt.php index f8b1d2c..2668132 100644 --- a/src/Factory/Jwt.php +++ b/src/Factory/Jwt.php @@ -8,6 +8,7 @@ use ReallySimpleJWT\Validate; use ReallySimpleJWT\Encode; use ReallySimpleJWT\Parse; +use ReallySimpleJWT\Secret; use ReallySimpleJWT\Jwt as RSJwt; /** @@ -28,6 +29,7 @@ public function builder(): Build return new Build( 'JWT', new Validate(), + new Secret(), new Encode() ); } From f81b08216dffc62252208c1eb5404b553c747780 Mon Sep 17 00:00:00 2001 From: RobDWaller Date: Tue, 18 Feb 2020 07:49:06 +0000 Subject: [PATCH 6/9] Updated gitignore to ignore .phpunit.result.cache file. --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 0e907aa..cdea533 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ infection.log coverage.xml Dockerfile docker-compose.yml +.phpunit.result.cache From 273f23252dc82894992e7e3e084ac36244fa3bd4 Mon Sep 17 00:00:00 2001 From: RobDWaller Date: Tue, 3 Mar 2020 07:14:49 +0000 Subject: [PATCH 7/9] Updated README documentation after testing custom handler implementation in the integration testing tool. --- README.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index abd7653..77d4f44 100644 --- a/README.md +++ b/README.md @@ -112,7 +112,7 @@ For more information on creating, parsing and validating tokens please read the If you would like to retrieve the JSON Web Token from the request outside of the normal middleware authorisation flow you can use the request helper class. -It allows you to retrive the token itself or just access the token's payload or header. +It allows you to retrieve the token itself or just access the token's payload or header. ```php require 'vendor/autoload.php'; @@ -171,6 +171,7 @@ Next you will need to extend the `PsrJwt\Auth\Authorise` class as this will give ```php // An example JWT Authorisation Handler. use PsrJwt\Auth\Authorise; +use PsrJwt\JwtAuthMiddleware; use Psr\Http\Server\RequestHandlerInterface; use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ServerRequestInterface; @@ -196,6 +197,15 @@ class MyHandler extends Authorise implements RequestHandlerInterface ); } } + +// Add Handler to Middleware. +$middleware = new JwtAuthMiddleware(new MyHandler('secret', 'token-key')); + +// Add Middleware to Slim PHP route. +$app->get('/my/route', function (ServerRequestInterface $request, ResponseInterface $response) { + $response->getBody()->write("OK!"); + return $response; +})->add($middleware); ``` ## License From 09ed85b948778778651537827d17cbf0339f7e4f Mon Sep 17 00:00:00 2001 From: RobDWaller Date: Mon, 9 Mar 2020 07:06:53 +0000 Subject: [PATCH 8/9] Added composer validate check to travis ci to make sure composer is correct. --- .travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis.yml b/.travis.yml index d94641d..5cdf857 100644 --- a/.travis.yml +++ b/.travis.yml @@ -4,6 +4,7 @@ php: - 7.3 - 7.4 install: +- composer validate --strict - travis_retry composer install --no-interaction --no-suggest --prefer-source --dev script: - composer pipeline From ce194468fc2ccc8ae46b543056f9c286454baa22 Mon Sep 17 00:00:00 2001 From: RobDWaller Date: Mon, 9 Mar 2020 07:18:07 +0000 Subject: [PATCH 9/9] Made minor amends and fixes to the README documentation. --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 77d4f44..7801d26 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ PSR-JWT is a middleware library which allows you to authorise JSON Web Tokens contained in a web request. It is [PSR-7](https://www.php-fig.org/psr/psr-7/) and [PSR-15](https://www.php-fig.org/psr/psr-15/) compliant and built on top of [ReallySimpleJWT](https://github.com/RobDWaller/ReallySimpleJWT). -The library also allows you to generate JSON Web Tokens and the PSR-7 PSR-15 compliant middleware can be added to any compatible framework, such as [Slim PHP](http://www.slimframework.com/). +The library also allows you to generate JSON Web Tokens and the PSR-7 / PSR-15 compliant middleware can be added to any compatible framework, such as [Slim PHP](http://www.slimframework.com/). For more information on JSON Web Tokens please read [RFC 7519](https://tools.ietf.org/html/rfc7519). Also to learn more about how to pass JSON Web Tokens to web applications please read up on bearer token authorisation in [RFC 6750](https://tools.ietf.org/html/rfc6750). @@ -14,7 +14,7 @@ For more information on JSON Web Tokens please read [RFC 7519](https://tools.iet - [Slim PHP Example Implementation](#slim-php-example-implementation) - [Generate JSON Web Token](#generate-json-web-token) - [Parse and Validate JSON Web Token](#parse-and-validate-json-web-token) - - [Retrieve Token From the Request](retrieve-token-from-the-request) + - [Retrieve Token From Request](#retrieve-token-from-request) - [Advanced Usage](#advanced-usage) - [Handlers](#handlers) - [Create Custom Handler](#create-custom-handler) @@ -72,7 +72,7 @@ $app->get('/jwt', function (Request $request, Response $response) { })->add(\PsrJwt\Factory\JwtMiddleware::html('Secret123!456$', 'jwt', 'Authorisation Failed')); ``` -### Generate a JSON Web Token +### Generate JSON Web Token To generate JSON Web Tokens PsrJwt offers a wrapper for the library [ReallySimpleJWT](https://github.com/RobDWaller/ReallySimpleJWT). You can create an instance of the ReallySimpleJWT builder by calling the built in factory method. @@ -108,7 +108,7 @@ $parser->parse(); For more information on creating, parsing and validating tokens please read the [ReallySimpleJWT](https://github.com/RobDWaller/ReallySimpleJWT/blob/master/readme.md) documentation. -### Retrieve Token From the Request +### Retrieve Token From Request If you would like to retrieve the JSON Web Token from the request outside of the normal middleware authorisation flow you can use the request helper class.