From 5d5784c8a3f3244bc96ff1428e48f0ae875d81f4 Mon Sep 17 00:00:00 2001 From: Jitendra Adhikari Date: Sat, 14 Jul 2018 21:38:07 +0700 Subject: [PATCH 1/7] chore: dont use php7 syntax --- src/JWT.php | 2 +- src/ValidatesJWT.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/JWT.php b/src/JWT.php index a00ef2a..f517656 100644 --- a/src/JWT.php +++ b/src/JWT.php @@ -113,7 +113,7 @@ public function encode(array $payload, array $header = []) : string $this->validateKid($header); if (!isset($payload['iat']) && !isset($payload['exp'])) { - $payload['exp'] = ($this->timestamp ?? \time()) + $this->maxAge; + $payload['exp'] = ($this->timestamp ?: \time()) + $this->maxAge; } $header = $this->urlSafeEncode($header); diff --git a/src/ValidatesJWT.php b/src/ValidatesJWT.php index e5df902..c0a3f12 100644 --- a/src/ValidatesJWT.php +++ b/src/ValidatesJWT.php @@ -71,7 +71,7 @@ protected function validateKid(array $header) */ protected function validateTimestamps(array $payload) { - $timestamp = $this->timestamp ?? \time(); + $timestamp = $this->timestamp ?: \time(); $checks = [ ['exp', $this->leeway /* */ , static::ERROR_TOKEN_EXPIRED, 'Expired'], ['iat', $this->maxAge - $this->leeway, static::ERROR_TOKEN_EXPIRED, 'Expired'], From d9a49e6f86f981f66ae693964bda83aaa9d24cea Mon Sep 17 00:00:00 2001 From: Jitendra Adhikari Date: Sat, 14 Jul 2018 21:39:07 +0700 Subject: [PATCH 2/7] build(travis): lets try php 5.4, 5.5, 5.6 too --- .travis.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.travis.yml b/.travis.yml index 166caba..2e97361 100644 --- a/.travis.yml +++ b/.travis.yml @@ -9,6 +9,9 @@ git: language: php php: + - 5.4 + - 5.5 + - 5.6 - 7.0 - 7.1 - 7.2 @@ -16,6 +19,9 @@ php: install: - composer install --prefer-dist +before_script: + - for P in src tests; do find $P -type f -name '*.php' -exec php -l {} \;; done + script: - vendor/bin/phpunit --coverage-text --coverage-clover=coverage.xml From 9b8a704d7efeb3bbbfc50c8240a654bec441ea2e Mon Sep 17 00:00:00 2001 From: Jitendra Adhikari Date: Sat, 14 Jul 2018 21:39:58 +0700 Subject: [PATCH 3/7] build(travis): well no 5.4 actually --- .travis.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 2e97361..2a02978 100644 --- a/.travis.yml +++ b/.travis.yml @@ -9,7 +9,6 @@ git: language: php php: - - 5.4 - 5.5 - 5.6 - 7.0 From 4c50397ec9bb3c48377ac2b83b3fccae4e8f9269 Mon Sep 17 00:00:00 2001 From: Jitendra Adhikari Date: Sat, 14 Jul 2018 21:43:59 +0700 Subject: [PATCH 4/7] chore(composer): php/phpuni versions --- composer.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/composer.json b/composer.json index 6986a3b..4b2b780 100644 --- a/composer.json +++ b/composer.json @@ -23,9 +23,9 @@ } }, "require": { - "php": ">=7.0" + "php": ">=5.5" }, "require-dev": { - "phpunit/phpunit": "^6.0.0" + "phpunit/phpunit": "^4.8 || ^5.7 || ^6.5" } } From 3048b5841dec908d32ed4eabe2c9fef60496d168 Mon Sep 17 00:00:00 2001 From: Jitendra Adhikari Date: Sat, 14 Jul 2018 21:51:09 +0700 Subject: [PATCH 5/7] refactor: php5 --- composer.json | 3 ++- src/JWT.php | 20 ++++++++++---------- src/ValidatesJWT.php | 4 ++-- src/functions.php | 23 +++++++++++++++++++++++ tests/JWTTest.php | 40 ++++++++++++++++++++++------------------ 5 files changed, 59 insertions(+), 31 deletions(-) create mode 100644 src/functions.php diff --git a/composer.json b/composer.json index 4b2b780..5353c15 100644 --- a/composer.json +++ b/composer.json @@ -15,7 +15,8 @@ "autoload": { "psr-4": { "Ahc\\Jwt\\": "src/" - } + }, + "files": ["src/functions.php"] }, "autoload-dev": { "psr-4": { diff --git a/src/JWT.php b/src/JWT.php index f517656..9065741 100644 --- a/src/JWT.php +++ b/src/JWT.php @@ -3,7 +3,7 @@ namespace Ahc\Jwt; /** - * JSON Web Token (JWT) implementation in PHP7. + * JSON Web Token (JWT) implementation in PHP5.5+. * * @author Jitendra Adhikari * @license MIT @@ -68,7 +68,7 @@ class JWT * @param int $leeway Leeway for clock skew. Shouldnot be more than 2 minutes (120s). * @param string $pass The passphrase (only for RS* algos). */ - public function __construct($key, string $algo = 'HS256', int $maxAge = 3600, int $leeway = 0, string $pass = null) + public function __construct($key, $algo = 'HS256', $maxAge = 3600, $leeway = 0, $pass = null) { $this->validateConfig($key, $algo, $maxAge, $leeway); @@ -91,7 +91,7 @@ public function __construct($key, string $algo = 'HS256', int $maxAge = 3600, in * * @return self */ - public function registerKeys(array $keys): self + public function registerKeys(array $keys) { $this->keys = \array_merge($this->keys, $keys); @@ -106,7 +106,7 @@ public function registerKeys(array $keys): self * * @return string URL safe JWT token. */ - public function encode(array $payload, array $header = []) : string + public function encode(array $payload, array $header = []) { $header = ['typ' => 'JWT', 'alg' => $this->algo] + $header; @@ -130,7 +130,7 @@ public function encode(array $payload, array $header = []) : string * * @return array */ - public function decode(string $token) : array + public function decode($token) { if (\substr_count($token, '.') < 2) { throw new JWTException('Invalid token: Incomplete segments', static::ERROR_TOKEN_INVALID); @@ -156,7 +156,7 @@ public function decode(string $token) : array * * @param int|null $timestamp */ - public function setTestTimestamp(int $timestamp = null) : JWT + public function setTestTimestamp($timestamp = null) { $this->timestamp = $timestamp; @@ -170,7 +170,7 @@ public function setTestTimestamp(int $timestamp = null) : JWT * * @return string */ - protected function sign(string $input) : string + protected function sign($input) { // HMAC SHA. if (\substr($this->algo, 0, 2) === 'HS') { @@ -194,7 +194,7 @@ protected function sign(string $input) : string * * @return bool */ - protected function verify(string $input, string $signature) : bool + protected function verify($input, $signature) { $algo = $this->algos[$this->algo]; @@ -221,7 +221,7 @@ protected function verify(string $input, string $signature) : bool * * @return string */ - protected function urlSafeEncode($data) : string + protected function urlSafeEncode($data) { if (\is_array($data)) { $data = \json_encode($data, JSON_UNESCAPED_SLASHES); @@ -241,7 +241,7 @@ protected function urlSafeEncode($data) : string * * @return array|\stdClass|string */ - protected function urlSafeDecode(string $data, bool $asJson = true) + protected function urlSafeDecode($data, $asJson = true) { if (!$asJson) { return \base64_decode(\strtr($data, '-_', '+/')); diff --git a/src/ValidatesJWT.php b/src/ValidatesJWT.php index c0a3f12..1e0484c 100644 --- a/src/ValidatesJWT.php +++ b/src/ValidatesJWT.php @@ -17,7 +17,7 @@ trait ValidatesJWT * * @codeCoverageIgnore */ - protected function validateConfig($key, string $algo, int $maxAge, int $leeway) + protected function validateConfig($key, $algo, $maxAge, $leeway) { if (empty($key)) { throw new JWTException('Signing key cannot be empty', static::ERROR_KEY_EMPTY); @@ -100,7 +100,7 @@ protected function validateKey() $key = 'file://' . $key; } - $this->key = \openssl_get_privatekey($key, $this->passphrase ?? ''); + $this->key = \openssl_get_privatekey($key, $this->passphrase ?: ''); } if (!\is_resource($this->key)) { diff --git a/src/functions.php b/src/functions.php new file mode 100644 index 0000000..9a0a8c4 --- /dev/null +++ b/src/functions.php @@ -0,0 +1,23 @@ += 0; $i--) { + $ret |= ord($res[$i]); + } + + return !$ret; + } +} +// @codeCoverageIgnoreEnd diff --git a/tests/JWTTest.php b/tests/JWTTest.php index 88e0ed3..488618a 100644 --- a/tests/JWTTest.php +++ b/tests/JWTTest.php @@ -9,7 +9,7 @@ class JWTTest extends \PHPUnit\Framework\TestCase { /** @dataProvider data1 */ - public function test_decode_encoded_token(string $key, string $algo, int $age, int $leeway, array $payload, array $header = []) + public function test_decode_encoded_token($key, $algo, $age, $leeway, array $payload, array $header = []) { $jwt = new JWT($key, $algo, $age, $leeway); $token = $jwt->encode($payload, $header); @@ -26,14 +26,15 @@ public function test_decode_encoded_token(string $key, string $algo, int $age, i $this->assertSame($payload, $decoded); } + /** + * @expectedException \Ahc\Jwt\JWTException + */ public function test_json_fail() { - $this->expectException(JWTException::class); - $jwt = new JWT('very^secre7'); try { - $jwt->encode([random_bytes(10)]); + $jwt->encode([base64_decode('mF6u28o4K2cD3w==')]); } catch (\Exception $e) { $this->assertSame($e->getCode(), JWT::ERROR_JSON_FAILED, $e->getMessage()); @@ -41,11 +42,12 @@ public function test_json_fail() } } - /** @dataProvider data2 */ - public function test_decode_fail(string $key, string $algo, int $age, int $leeway, int $offset, int $error, $token) + /** + * @dataProvider data2 + * @expectedException \Ahc\Jwt\JWTException + */ + public function test_decode_fail($key, $algo, $age, $leeway, $offset, $error, $token) { - $this->expectException(JWTException::class); - $jwt = new JWT($key, $algo, $age, $leeway); $token = is_string($token) ? $token : $jwt->encode($token); @@ -63,7 +65,7 @@ public function test_decode_fail(string $key, string $algo, int $age, int $leewa } /** @dataProvider data1 */ - public function test_rs_decode_encoded(string $key, string $algo, int $age, int $leeway, array $payload, array $header = []) + public function test_rs_decode_encoded($key, $algo, $age, $leeway, array $payload, array $header = []) { $key = __DIR__ . '/stubs/priv.key'; $jwt = new JWT($key, str_replace('HS', 'RS', $algo), $age, $leeway); @@ -81,11 +83,12 @@ public function test_rs_decode_encoded(string $key, string $algo, int $age, int $this->assertSame($payload, $decoded); } - /** @dataProvider data3 */ - public function test_rs_invalid_key(string $method, string $key, $arg) + /** + * @dataProvider data3 + * @expectedException \Ahc\Jwt\JWTException + */ + public function test_rs_invalid_key($method, $key, $arg) { - $this->expectException(JWTException::class); - $jwt = new JWT($key, 'RS256'); try { @@ -109,19 +112,20 @@ public function test_kid() return $jwt; } + /** + * @expectedException \Ahc\Jwt\JWTException + * @expectedExceptionMessage Invalid token: Unknown key ID + */ public function test_kid_invalid() { // keys can be sent as array too $jwt = new JWT(['key1' => 'secret1', 'key2' => 'secret2'], 'HS256'); - $this->expectException(JWTException::class); - $this->expectExceptionMessage('Invalid token: Unknown key ID'); - // Use key3 $jwt->encode(['a' => 1, 'exp' => time() + 1000], ['kid' => 'key3']); } - public function data1() : array + public function data1() { return [ ['secret', 'HS256', rand(10, 1000), rand(1, 10), [ @@ -152,7 +156,7 @@ public function data1() : array ]; } - public function data2() : array + public function data2() { return [ ['topsecret', 'HS256', 5, 0, 0, JWT::ERROR_TOKEN_INVALID, 'a.b'], From 88418ebf259d7d6e3a5ed41c4bbabb064a070297 Mon Sep 17 00:00:00 2001 From: Jitendra Adhikari Date: Sat, 14 Jul 2018 22:38:29 +0700 Subject: [PATCH 6/7] chore: update php support msg --- composer.json | 2 +- readme.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/composer.json b/composer.json index 5353c15..1f3af45 100644 --- a/composer.json +++ b/composer.json @@ -1,6 +1,6 @@ { "name": "adhocore/jwt", - "description": "Ultra lightweight JSON web token (JWT) library for PHP7.", + "description": "Ultra lightweight JSON web token (JWT) library for PHP5.5+.", "type": "library", "keywords": [ "jwt", "jwt-php", "auth", "json-web-token", "token" diff --git a/readme.md b/readme.md index cd76f3b..3bfc622 100644 --- a/readme.md +++ b/readme.md @@ -8,7 +8,7 @@ [![Software License](https://img.shields.io/badge/license-MIT-brightgreen.svg?style=flat-square)](LICENSE) -- Lightweight JSON Web Token (JWT) library for PHP7. +- Lightweight JSON Web Token (JWT) library for PHP5.5 or newer. ## Installation ``` From afa98d13df41a84ac5e6afc6f9fd64088f4433b4 Mon Sep 17 00:00:00 2001 From: Jitendra Adhikari Date: Sat, 14 Jul 2018 15:39:33 +0000 Subject: [PATCH 7/7] Apply fixes from StyleCI [ci skip] [skip ci] --- tests/JWTTest.php | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/JWTTest.php b/tests/JWTTest.php index 488618a..981fac2 100644 --- a/tests/JWTTest.php +++ b/tests/JWTTest.php @@ -3,7 +3,6 @@ namespace Ahc\Jwt\Test; use Ahc\Jwt\JWT; -use Ahc\Jwt\JWTException; /** @coversDefaultClass \Ahc\Jwt\JWT */ class JWTTest extends \PHPUnit\Framework\TestCase