Skip to content

Commit

Permalink
- move config generation to it's own method.
Browse files Browse the repository at this point in the history
- setSecret regenerates the config
  • Loading branch information
Jozz Scott committed May 27, 2024
1 parent d88bb28 commit 7ed993a
Show file tree
Hide file tree
Showing 2 changed files with 46 additions and 0 deletions.
26 changes: 26 additions & 0 deletions src/Providers/JWT/Lcobucci.php
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,18 @@ public function __construct(
$config = null
) {
parent::__construct($secret, $algo, $keys);
$this->generateConfig($config);
}

/**
* Generate the config.
*
* @param Configuration $config optional, to pass an existing configuration to be used
*
* @return $this
*/
private function generateConfig($config = null)
{
$this->signer = $this->getSigner();

if (!is_null($config)) {
Expand All @@ -91,6 +102,21 @@ public function __construct(
}
}

/**
* Set the secret used to sign the token and regenerate the config using the secret.
*
* @param string $secret
*
* @return $this
*/
public function setSecret($secret)
{
$this->secret = $secret;
$this->generateConfig();

return $this;
}

/**
* Gets the {@see $config} attribute.
*
Expand Down
20 changes: 20 additions & 0 deletions tests/Providers/JWT/LcobucciTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -189,6 +189,26 @@ public function testItShouldThrowAExceptionWhenTheAlgorithmPassedIsInvalid()
$this->getProvider('secret', 'AlgorithmWrong')->decode('foo.bar.baz');
}

public function testItShouldThrowAExceptionWhenTheSecretHasBeenUpdatedAndAnOldTokenIsUsed()
{
$orignal_secret = 'OF8SQY475aF8uiRuWunK9ZO6VdZDBemk';
$new_secret = 'vsd1z800ApIihL6HVNyhbGLRyBLD74sZ';

$payload = ['sub' => '1', 'exp' => $this->testNowTimestamp + 3600, 'iat' => $this->testNowTimestamp, 'iss' => '/foo'];

$provider = new Lcobucci($orignal_secret, 'HS256', []);
$token = $provider->encode($payload);

$this->assertSame($payload, $provider->decode($token));

$provider->setSecret($new_secret);

$this->expectException(TokenInvalidException::class);
$this->expectExceptionMessage('Token Signature could not be verified.');

$provider->decode($token);
}

public function testItShouldReturnThePublicKey()
{
$provider = $this->getProvider(
Expand Down

0 comments on commit 7ed993a

Please sign in to comment.