"laminas/laminas-diactoros": "^3.3.1",
"laminas/laminas-httphandlerrunner": "^2.10.0",
"laminas/laminas-progressbar": "^2.13",
- "minishlink/web-push": "^v9.0.0-rc2",
+ "minishlink/web-push": "^v9.0.1",
"nikic/fast-route": "2.0.0-beta1",
"paragonie/constant_time_encoding": "^3.0",
"pelago/emogrifier": "^7.2.0",
"sebastian/diff": "^5.1.1",
"symfony/polyfill-php82": "^1.30.0",
"symfony/polyfill-php83": "^1.30",
- "web-token/jwt-library": "^3.3.50",
+ "web-token/jwt-library": "3.3.50 as dev-3.3.x",
"willdurand/negotiation": "^3.1"
},
"replace": {
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
- "content-hash": "70268093034722fc94f786ec6395a6bf",
+ "content-hash": "7fb0b03afd912128e100c108aa1b7fd1",
"packages": [
{
"name": "brick/math",
"url": "https://github.com/WoltLab/jwt-library.git",
"reference": "18b89d806835d351ebebab3eeb8103a45cfd10b5"
},
- "dist": {
- "type": "zip",
- "url": "https://api.github.com/repos/WoltLab/jwt-library/zipball/18b89d806835d351ebebab3eeb8103a45cfd10b5",
- "reference": "18b89d806835d351ebebab3eeb8103a45cfd10b5",
- "shasum": ""
- },
"require": {
"brick/math": "^0.9|^0.10|^0.11|^0.12",
"ext-json": "*",
"aliases": [],
"minimum-stability": "stable",
"stability-flags": {
- "minishlink/web-push": 5,
"nikic/fast-route": 10
},
"prefer-stable": false,
"url": "https://github.com/WoltLab/jwt-library.git",
"reference": "18b89d806835d351ebebab3eeb8103a45cfd10b5"
},
- "dist": {
- "type": "zip",
- "url": "https://api.github.com/repos/WoltLab/jwt-library/zipball/18b89d806835d351ebebab3eeb8103a45cfd10b5",
- "reference": "18b89d806835d351ebebab3eeb8103a45cfd10b5",
- "shasum": ""
- },
"require": {
"brick/math": "^0.9|^0.10|^0.11|^0.12",
"ext-json": "*",
"RFC7520",
"Symfony"
],
- "support": {
- "source": "https://github.com/WoltLab/jwt-library/tree/3.3.50"
- },
- "funding": [
- {
- "type": "github",
- "url": "https://github.com/Spomky"
- },
- {
- "type": "patreon",
- "url": "https://www.patreon.com/FlorentMorselli"
- }
- ],
"install-path": "../web-token/jwt-library"
},
{
"install-path": "../willdurand/negotiation"
}
],
- "dev": false,
+ "dev": true,
"dev-package-names": []
}
<?php return array(
'root' => array(
'name' => '__root__',
- 'pretty_version' => 'dev-master',
- 'version' => 'dev-master',
- 'reference' => '37708311277ea8a294ac6ee74bfe8f055446016b',
+ 'pretty_version' => '6.1.x-dev',
+ 'version' => '6.1.9999999.9999999-dev',
+ 'reference' => 'fe4913df9ac21beb9718c8dc312246df476fc7ff',
'type' => 'project',
'install_path' => __DIR__ . '/../',
'aliases' => array(),
- 'dev' => false,
+ 'dev' => true,
),
'versions' => array(
'__root__' => array(
- 'pretty_version' => 'dev-master',
- 'version' => 'dev-master',
- 'reference' => '37708311277ea8a294ac6ee74bfe8f055446016b',
+ 'pretty_version' => '6.1.x-dev',
+ 'version' => '6.1.9999999.9999999-dev',
+ 'reference' => 'fe4913df9ac21beb9718c8dc312246df476fc7ff',
'type' => 'project',
'install_path' => __DIR__ . '/../',
'aliases' => array(),
/**
* @param ClaimChecker[] $checkers
*/
- public function __construct(array $checkers)
+ public function __construct(iterable $checkers)
{
foreach ($checkers as $checker) {
$this->add($checker);
* @param HeaderChecker[] $checkers
* @param TokenTypeSupport[] $tokenTypes
*/
- public function __construct(array $checkers, array $tokenTypes)
+ public function __construct(iterable $checkers, iterable $tokenTypes)
{
foreach ($checkers as $checker) {
$this->add($checker);
namespace Jose\Component\Console;
use Jose\Component\KeyManagement\JWKFactory;
+use Symfony\Component\Console\Attribute\AsCommand;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
use InvalidArgumentException;
use Jose\Component\Core\JWK;
use Jose\Component\Core\Util\JsonConverter;
+use Symfony\Component\Console\Attribute\AsCommand;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
use InvalidArgumentException;
use Jose\Component\KeyManagement\X5UFactory;
+use Symfony\Component\Console\Attribute\AsCommand;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
/**
* @param Algorithm[] $algorithms
*/
- public function __construct(array $algorithms)
+ public function __construct(iterable $algorithms)
{
foreach ($algorithms as $algorithm) {
$this->add($algorithm);
/**
* @param Algorithm[] $algorithms
*/
- public function __construct(array $algorithms = [])
+ public function __construct(iterable $algorithms = [])
{
foreach ($algorithms as $algorithm) {
$this->add($algorithm->name(), $algorithm);
namespace Jose\Component\Encryption\Compression;
+/**
+ * @deprecated This class is deprecated and will be removed in v4.0. Compression is not recommended for JWE.
+ */
interface CompressionMethod
{
/**
use InvalidArgumentException;
use function array_key_exists;
+/**
+ * @deprecated This class is deprecated and will be removed in v4.0. Compression is not recommended for JWE.
+ */
class CompressionMethodManager
{
/**
*/
private array $compressionMethods = [];
- public function __construct(array $methods = [])
+ /**
+ * @param CompressionMethod[] $methods
+ */
+ public function __construct(iterable $methods = [])
{
foreach ($methods as $method) {
$this->add($method);
use InvalidArgumentException;
+/**
+ * @deprecated This class is deprecated and will be removed in v4.0. Compression is not recommended for JWE.
+ */
class CompressionMethodManagerFactory
{
/**
use Throwable;
use function is_string;
+/**
+ * @deprecated This class is deprecated and will be removed in v4.0. Compression is not recommended for JWE.
+ */
final class Deflate implements CompressionMethod
{
private int $compressionLevel = -1;
public function __construct(
AlgorithmManager $algorithmManager,
- null|AlgorithmManager $contentEncryptionAlgorithmManager,
- private readonly CompressionMethodManager $compressionManager
+ null|AlgorithmManager $contentEncryptionAlgorithmManager = null,
+ private readonly null|CompressionMethodManager $compressionManager = null
) {
+ if ($compressionManager !== null) {
+ trigger_deprecation(
+ 'web-token/jwt-library',
+ '3.3.0',
+ 'The parameter "$compressionManager" is deprecated and will be removed in 4.0.0. Compression is not recommended for JWE. Please set "null" instead.'
+ );
+ }
if ($contentEncryptionAlgorithmManager !== null) {
trigger_deprecation(
'web-token/jwt-library',
/**
* Returns the compression method manager.
+ * @deprecated This method is deprecated and will be removed in v4.0. Compression is not recommended for JWE.
*/
- public function getCompressionMethodManager(): CompressionMethodManager
+ public function getCompressionMethodManager(): null|CompressionMethodManager
{
return $this->compressionManager;
}
private function getCompressionMethod(array $completeHeader): ?CompressionMethod
{
- if (! array_key_exists('zip', $completeHeader)) {
+ if ($this->compressionManager === null || ! array_key_exists('zip', $completeHeader)) {
return null;
}
{
public function __construct(
private readonly AlgorithmManagerFactory $algorithmManagerFactory,
- private readonly CompressionMethodManagerFactory $compressionMethodManagerFactory
+ private readonly null|CompressionMethodManagerFactory $compressionMethodManagerFactory = null
) {
+ if ($compressionMethodManagerFactory !== null) {
+ trigger_deprecation(
+ 'web-token/jwt-library',
+ '3.3.0',
+ 'The parameter "$compressionMethodManagerFactory" is deprecated and will be removed in 4.0.0. Compression is not recommended for JWE. Please set "null" instead.'
+ );
+ }
}
/**
* Creates a JWE Builder object using the given key encryption algorithms, content encryption algorithms and
* compression methods.
*
- * @param string[] $keyEncryptionAlgorithms
- * @param string[] $contentEncryptionAlgorithm
- * @param string[] $compressionMethods
+ * @param array<string> $encryptionAlgorithms
+ * @param null|array<string> $contentEncryptionAlgorithm
+ * @param null|string[] $compressionMethods
*/
public function create(
- array $keyEncryptionAlgorithms,
- array $contentEncryptionAlgorithm,
- array $compressionMethods
+ array $encryptionAlgorithms,
+ null|array $contentEncryptionAlgorithm = null,
+ null|array $compressionMethods = null
): JWEBuilder {
- $keyEncryptionAlgorithmManager = $this->algorithmManagerFactory->create($keyEncryptionAlgorithms);
- $contentEncryptionAlgorithmManager = $this->algorithmManagerFactory->create($contentEncryptionAlgorithm);
- $compressionMethodManager = $this->compressionMethodManagerFactory->create($compressionMethods);
-
- return new JWEBuilder(
- $keyEncryptionAlgorithmManager,
- $contentEncryptionAlgorithmManager,
- $compressionMethodManager
+ if ($contentEncryptionAlgorithm !== null) {
+ trigger_deprecation(
+ 'web-token/jwt-library',
+ '3.3.0',
+ 'The parameter "$contentEncryptionAlgorithm" is deprecated and will be removed in 4.0.0. Please set "null" instead.'
+ );
+ $encryptionAlgorithms = array_merge($encryptionAlgorithms, $contentEncryptionAlgorithm);
+ }
+ $encryptionAlgorithmManager = $this->algorithmManagerFactory->create($encryptionAlgorithms);
+ $compressionMethodManager = $compressionMethods === null ? null : $this->compressionMethodManagerFactory?->create(
+ $compressionMethods
);
+
+ return new JWEBuilder($encryptionAlgorithmManager, null, $compressionMethodManager);
}
}
public function __construct(
AlgorithmManager $algorithmManager,
null|AlgorithmManager $contentEncryptionAlgorithmManager,
- private readonly CompressionMethodManager $compressionMethodManager
+ private readonly null|CompressionMethodManager $compressionMethodManager = null
) {
+ if ($compressionMethodManager !== null) {
+ trigger_deprecation(
+ 'web-token/jwt-library',
+ '3.3.0',
+ 'The parameter "$compressionMethodManager" is deprecated and will be removed in 4.0.0. Compression is not recommended for JWE. Please set "null" instead.'
+ );
+ }
if ($contentEncryptionAlgorithmManager !== null) {
trigger_deprecation(
'web-token/jwt-library',
/**
* Returns the compression method manager.
+ * @deprecated This method is deprecated and will be removed in v4.0. Compression is not recommended for JWE.
*/
- public function getCompressionMethodManager(): CompressionMethodManager
+ public function getCompressionMethodManager(): null|CompressionMethodManager
{
return $this->compressionMethodManager;
}
private function decompressIfNeeded(string $payload, array $completeHeaders): string
{
- if (array_key_exists('zip', $completeHeaders)) {
- $compression_method = $this->compressionMethodManager->get($completeHeaders['zip']);
- $payload = $compression_method->uncompress($payload);
+ if ($this->compressionMethodManager === null || ! array_key_exists('zip', $completeHeaders)) {
+ return $payload;
}
- return $payload;
+ $compression_method = $this->compressionMethodManager->get($completeHeaders['zip']);
+
+ return $compression_method->uncompress($payload);
}
private function checkCompleteHeader(array $completeHeaders): void
{
public function __construct(
private readonly AlgorithmManagerFactory $algorithmManagerFactory,
- private readonly CompressionMethodManagerFactory $compressionMethodManagerFactory
+ private readonly null|CompressionMethodManagerFactory $compressionMethodManagerFactory = null
) {
+ if ($compressionMethodManagerFactory !== null) {
+ trigger_deprecation(
+ 'web-token/jwt-library',
+ '3.3.0',
+ 'The parameter "$compressionMethodManagerFactory" is deprecated and will be removed in 4.0.0. Compression is not recommended for JWE. Please set "null" instead.'
+ );
+ }
}
/**
* Creates a JWE Decrypter object using the given key encryption algorithms, content encryption algorithms and
* compression methods.
*
- * @param string[] $keyEncryptionAlgorithms
- * @param string[] $contentEncryptionAlgorithms
- * @param string[] $compressionMethods
+ * @param string[] $encryptionAlgorithms
+ * @param null|string[] $contentEncryptionAlgorithms
+ * @param null|string[] $compressionMethods
*/
public function create(
- array $keyEncryptionAlgorithms,
- array $contentEncryptionAlgorithms,
- array $compressionMethods
+ array $encryptionAlgorithms,
+ null|array $contentEncryptionAlgorithms = null,
+ null|array $compressionMethods = null
): JWEDecrypter {
- $algorithmManager = $this->algorithmManagerFactory->create(
- array_merge($keyEncryptionAlgorithms, $contentEncryptionAlgorithms)
+ if ($contentEncryptionAlgorithms !== null) {
+ $encryptionAlgorithms = array_merge($encryptionAlgorithms, $contentEncryptionAlgorithms);
+ }
+
+ $algorithmManager = $this->algorithmManagerFactory->create($encryptionAlgorithms);
+ $compressionMethodManager = $compressionMethods === null ? null : $this->compressionMethodManagerFactory?->create(
+ $compressionMethods
);
- $compressionMethodManager = $this->compressionMethodManagerFactory->create($compressionMethods);
return new JWEDecrypter($algorithmManager, null, $compressionMethodManager);
}
*/
public function create(
array $serializers,
- array $keyEncryptionAlgorithms,
- array $contentEncryptionAlgorithms,
- array $compressionMethods,
+ array $encryptionAlgorithms,
+ null|array $contentEncryptionAlgorithms = null,
+ null|array $compressionMethods = null,
array $headerCheckers = []
): JWELoader {
+ if ($contentEncryptionAlgorithms !== null) {
+ $encryptionAlgorithms = array_merge($encryptionAlgorithms, $contentEncryptionAlgorithms);
+ }
$serializerManager = $this->jweSerializerManagerFactory->create($serializers);
- $jweDecrypter = $this->jweDecrypterFactory->create(
- $keyEncryptionAlgorithms,
- $contentEncryptionAlgorithms,
- $compressionMethods
- );
+ $jweDecrypter = $this->jweDecrypterFactory->create($encryptionAlgorithms, null, $compressionMethods);
if ($this->headerCheckerManagerFactory !== null) {
$headerCheckerManager = $this->headerCheckerManagerFactory->create($headerCheckers);
} else {
/**
* @param JWESerializer[] $serializers
*/
- public function __construct(array $serializers)
+ public function __construct(iterable $serializers)
{
foreach ($serializers as $serializer) {
$this->add($serializer);
namespace Jose\Component\KeyManagement\KeyConverter;
+use Brick\Math\BigInteger;
use InvalidArgumentException;
use OpenSSLCertificate;
use ParagonIE\ConstantTime\Base64UrlSafe;
use ParagonIE\Sodium\Core\Ed25519;
use RuntimeException;
use SpomkyLabs\Pki\CryptoEncoding\PEM;
+use SpomkyLabs\Pki\CryptoTypes\AlgorithmIdentifier\AlgorithmIdentifier;
use SpomkyLabs\Pki\CryptoTypes\Asymmetric\PrivateKey;
use SpomkyLabs\Pki\CryptoTypes\Asymmetric\PublicKey;
+use SpomkyLabs\Pki\CryptoTypes\Asymmetric\RSA\RSASSAPSSPrivateKey;
use Throwable;
use function array_key_exists;
use function assert;
private static function tryToLoadOtherKeyTypes(string $input): array
{
$pem = PEM::fromString($input);
+ return match ($pem->type()) {
+ PEM::TYPE_PUBLIC_KEY => self::loadPublicKey($pem),
+ PEM::TYPE_PRIVATE_KEY => self::loadPrivateKey($pem),
+ default => throw new InvalidArgumentException('Unsupported key type'),
+ };
+ }
+
+ /**
+ * @return array<string, mixed>
+ */
+ private static function loadPrivateKey(PEM $pem): array
+ {
try {
$key = PrivateKey::fromPEM($pem);
- $curve = self::getCurve($key->algorithmIdentifier()->oid());
- $values = [
- 'kty' => 'OKP',
- 'crv' => $curve,
- 'd' => Base64UrlSafe::encodeUnpadded($key->privateKeyData()),
- ];
- return self::populatePoints($key, $values);
- } catch (Throwable) {
+ switch ($key->algorithmIdentifier()->oid()) {
+ case AlgorithmIdentifier::OID_RSASSA_PSS_ENCRYPTION:
+ assert($key instanceof RSASSAPSSPrivateKey);
+ return [
+ 'kty' => 'RSA',
+ 'n' => self::convertDecimalToBas64Url($key->modulus()),
+ 'e' => self::convertDecimalToBas64Url($key->publicExponent()),
+ 'd' => self::convertDecimalToBas64Url($key->privateExponent()),
+ 'dp' => self::convertDecimalToBas64Url($key->exponent1()),
+ 'dq' => self::convertDecimalToBas64Url($key->exponent2()),
+ 'p' => self::convertDecimalToBas64Url($key->prime1()),
+ 'q' => self::convertDecimalToBas64Url($key->prime2()),
+ 'qi' => self::convertDecimalToBas64Url($key->coefficient()),
+ ];
+ case AlgorithmIdentifier::OID_ED25519:
+ case AlgorithmIdentifier::OID_ED448:
+ case AlgorithmIdentifier::OID_X25519:
+ case AlgorithmIdentifier::OID_X448:
+ $curve = self::getCurve($key->algorithmIdentifier()->oid());
+ $values = [
+ 'kty' => 'OKP',
+ 'crv' => $curve,
+ 'd' => Base64UrlSafe::encodeUnpadded($key->privateKeyData()),
+ ];
+ return self::populatePoints($key, $values);
+ default:
+ throw new InvalidArgumentException('Unsupported key type');
+ }
+ } catch (Throwable $e) {
+ throw new InvalidArgumentException('Unable to load the key.', 0, $e);
}
- try {
- $key = PublicKey::fromPEM($pem);
- $curve = self::getCurve($key->algorithmIdentifier()->oid());
- self::checkType($curve);
- return [
- 'kty' => 'OKP',
- 'crv' => $curve,
- 'x' => Base64UrlSafe::encodeUnpadded((string) $key->subjectPublicKey()),
- ];
- } catch (Throwable) {
+ }
+
+ /**
+ * @return array<string, mixed>
+ */
+ private static function loadPublicKey(PEM $pem): array
+ {
+ $key = PublicKey::fromPEM($pem);
+ switch ($key->algorithmIdentifier()->oid()) {
+ case AlgorithmIdentifier::OID_ED25519:
+ case AlgorithmIdentifier::OID_ED448:
+ case AlgorithmIdentifier::OID_X25519:
+ case AlgorithmIdentifier::OID_X448:
+ $curve = self::getCurve($key->algorithmIdentifier()->oid());
+ self::checkType($curve);
+ return [
+ 'kty' => 'OKP',
+ 'crv' => $curve,
+ 'x' => Base64UrlSafe::encodeUnpadded((string) $key->subjectPublicKey()),
+ ];
+ default:
+ throw new InvalidArgumentException('Unsupported key type');
}
- throw new InvalidArgumentException('Unsupported key type');
+ }
+
+ private static function convertDecimalToBas64Url(string $decimal): string
+ {
+ return Base64UrlSafe::encodeUnpadded(BigInteger::fromBase($decimal, 10)->toBytes());
}
/**
* compression methods.
*
* @param array<string> $jwe_serializers
- * @param array<string> $keyEncryptionAlgorithms
- * @param array<string> $contentEncryptionAlgorithms
- * @param array<string> $compressionMethods
+ * @param array<string> $encryptionAlgorithms
+ * @param null|array<string> $contentEncryptionAlgorithms
+ * @param null|array<string> $compressionMethods
* @param array<string> $jws_serializers
* @param array<string> $signatureAlgorithms
*/
public function create(
array $jwe_serializers,
- array $keyEncryptionAlgorithms,
- array $contentEncryptionAlgorithms,
- array $compressionMethods,
+ array $encryptionAlgorithms,
+ null|array $contentEncryptionAlgorithms,
+ null|array $compressionMethods,
array $jws_serializers,
array $signatureAlgorithms
): NestedTokenBuilder {
- $jweBuilder = $this->jweBuilderFactory->create(
- $keyEncryptionAlgorithms,
- $contentEncryptionAlgorithms,
- $compressionMethods
- );
+ if ($contentEncryptionAlgorithms !== null) {
+ $encryptionAlgorithms = array_merge($encryptionAlgorithms, $contentEncryptionAlgorithms);
+ }
+ $jweBuilder = $this->jweBuilderFactory->create($encryptionAlgorithms, null, $compressionMethods);
$jweSerializerManager = $this->jweSerializerManagerFactory->create($jwe_serializers);
$jwsBuilder = $this->jwsBuilderFactory->create($signatureAlgorithms);
$jwsSerializerManager = $this->jwsSerializerManagerFactory->create($jws_serializers);
* @param array<string> $jweSerializers
* @param array<string> $keyEncryptionAlgorithms
* @param array<string> $contentEncryptionAlgorithms
- * @param array<string> $compressionMethods
+ * @param null|array<string> $compressionMethods
* @param array<string> $jweHeaderCheckers
* @param array<string> $jwsSerializers
* @param array<string> $signatureAlgorithms
public function create(
array $jweSerializers,
array $keyEncryptionAlgorithms,
- array $contentEncryptionAlgorithms,
- array $compressionMethods,
+ null|array $contentEncryptionAlgorithms,
+ null|array $compressionMethods,
array $jweHeaderCheckers,
array $jwsSerializers,
array $signatureAlgorithms,
/**
* @param JWSSerializer[] $serializers
*/
- public function __construct(array $serializers)
+ public function __construct(iterable $serializers)
{
foreach ($serializers as $serializer) {
$this->add($serializer);
"ext-json": "*",
"ext-mbstring": "*",
"brick/math": "^0.9|^0.10|^0.11|^0.12",
- "paragonie/constant_time_encoding": "^2.6",
+ "paragonie/constant_time_encoding": "^3.0",
"paragonie/sodium_compat": "^1.20",
"psr/clock": "^1.0",
"psr/http-factory": "^1.0",
"psr/http-client": "^1.0",
- "spomky-labs/pki-framework": "^1.0",
+ "spomky-labs/pki-framework": "^1.2.1",
"symfony/console": "^5.4|^6.0|^7.0",
"symfony/http-client": "^5.4|^6.0|^7.0",
"symfony/polyfill-mbstring": "^1.12"
projects / GitHub / WoltLab / WCF.git / commitdiff