···

       
1
       
1
       
+
       
SERVER_URL=

     

       
2
       
2
       
+
       
CLIENT_ID=

     

       
3
       
3
       
+
       
DEFAULT_PDS=

     

       
4
       
4
       
+
       
CONSTELLATION_INSTANCE=

     

       
5
       
5
       
+
       
SLINGSHOT_INSTANCE=

     

       
6
       
6
       
+
       
PLC_DIRECTORY=

     

       
7
       
7
       
+
       


     

       
8
       
8
       
+
       
AUTH_ACCOUNT=

     

       
9
       
9
       
+
       
AUTH_KEYTYPE=

     

       
10
       
10
       
+
       
AUTH_PUBKEY=

     

       
11
       
11
       
+
       
AUTH_PRIVKEY_HEX=

     

       
12
       
12
       
+
       
AUTH_PRIVKEY_MULTI=

     

       
13
       
13
       
+
       


     

       
14
       
14
       
+
       
PRETTY_URLS=

     

       
15
       
15
       
+
       
DEFAULT_THEME=

     

       
16
       
16
       
+
       
DEFAULT_FONT=

     

       
17
       
17
       
+
       
SSL_CERT_PATH=
     

···

       
12
       
12
       
 
       
        "jerome/fetch-php": "^3.2",

     

       
13
       
13
       
 
       
        "react/http": "^1.11",

     

       
14
       
14
       
 
       
        "react/promise": "^3.3",

     

       
15
       
15
       
-
       
        "react/dns": "^1.13"

     

       
15
       
15
       
+
       
        "react/dns": "^1.13",

     

       
16
       
16
       
+
       
        "lcobucci/jwt": "^5.6"

     

       
16
       
17
       
 
       
    },

     

       
17
       
18
       
 
       
    "require-dev": {

     

       
18
       
19
       
 
       
        "flightphp/tracy-extensions": "^0.2.7"

     

···

       
4
       
4
       
 
       
        "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",

     

       
5
       
5
       
 
       
        "This file is @generated automatically"

     

       
6
       
6
       
 
       
    ],

     

       
7
       
7
       
-
       
    "content-hash": "c6002ed16d9e230ae38c8eebfa96ea6f",

     

       
7
       
7
       
+
       
    "content-hash": "b58d32e8c5e8307c1994ae27ab44347d",

     

       
8
       
8
       
 
       
    "packages": [

     

       
9
       
9
       
 
       
        {

     

       
10
       
10
       
 
       
            "name": "chillerlan/php-http-message-utils",

     
···

       
1316
       
1316
       
 
       
            "time": "2025-10-31T00:53:04+00:00"

     

       
1317
       
1317
       
 
       
        },

     

       
1318
       
1318
       
 
       
        {

     

       
1319
       
1319
       
+
       
            "name": "lcobucci/jwt",

     

       
1320
       
1320
       
+
       
            "version": "5.6.0",

     

       
1321
       
1321
       
+
       
            "source": {

     

       
1322
       
1322
       
+
       
                "type": "git",

     

       
1323
       
1323
       
+
       
                "url": "https://github.com/lcobucci/jwt.git",

     

       
1324
       
1324
       
+
       
                "reference": "bb3e9f21e4196e8afc41def81ef649c164bca25e"

     

       
1325
       
1325
       
+
       
            },

     

       
1326
       
1326
       
+
       
            "dist": {

     

       
1327
       
1327
       
+
       
                "type": "zip",

     

       
1328
       
1328
       
+
       
                "url": "https://api.github.com/repos/lcobucci/jwt/zipball/bb3e9f21e4196e8afc41def81ef649c164bca25e",

     

       
1329
       
1329
       
+
       
                "reference": "bb3e9f21e4196e8afc41def81ef649c164bca25e",

     

       
1330
       
1330
       
+
       
                "shasum": ""

     

       
1331
       
1331
       
+
       
            },

     

       
1332
       
1332
       
+
       
            "require": {

     

       
1333
       
1333
       
+
       
                "ext-openssl": "*",

     

       
1334
       
1334
       
+
       
                "ext-sodium": "*",

     

       
1335
       
1335
       
+
       
                "php": "~8.2.0 || ~8.3.0 || ~8.4.0 || ~8.5.0",

     

       
1336
       
1336
       
+
       
                "psr/clock": "^1.0"

     

       
1337
       
1337
       
+
       
            },

     

       
1338
       
1338
       
+
       
            "require-dev": {

     

       
1339
       
1339
       
+
       
                "infection/infection": "^0.29",

     

       
1340
       
1340
       
+
       
                "lcobucci/clock": "^3.2",

     

       
1341
       
1341
       
+
       
                "lcobucci/coding-standard": "^11.0",

     

       
1342
       
1342
       
+
       
                "phpbench/phpbench": "^1.2",

     

       
1343
       
1343
       
+
       
                "phpstan/extension-installer": "^1.2",

     

       
1344
       
1344
       
+
       
                "phpstan/phpstan": "^1.10.7",

     

       
1345
       
1345
       
+
       
                "phpstan/phpstan-deprecation-rules": "^1.1.3",

     

       
1346
       
1346
       
+
       
                "phpstan/phpstan-phpunit": "^1.3.10",

     

       
1347
       
1347
       
+
       
                "phpstan/phpstan-strict-rules": "^1.5.0",

     

       
1348
       
1348
       
+
       
                "phpunit/phpunit": "^11.1"

     

       
1349
       
1349
       
+
       
            },

     

       
1350
       
1350
       
+
       
            "suggest": {

     

       
1351
       
1351
       
+
       
                "lcobucci/clock": ">= 3.2"

     

       
1352
       
1352
       
+
       
            },

     

       
1353
       
1353
       
+
       
            "type": "library",

     

       
1354
       
1354
       
+
       
            "autoload": {

     

       
1355
       
1355
       
+
       
                "psr-4": {

     

       
1356
       
1356
       
+
       
                    "Lcobucci\\JWT\\": "src"

     

       
1357
       
1357
       
+
       
                }

     

       
1358
       
1358
       
+
       
            },

     

       
1359
       
1359
       
+
       
            "notification-url": "https://packagist.org/downloads/",

     

       
1360
       
1360
       
+
       
            "license": [

     

       
1361
       
1361
       
+
       
                "BSD-3-Clause"

     

       
1362
       
1362
       
+
       
            ],

     

       
1363
       
1363
       
+
       
            "authors": [

     

       
1364
       
1364
       
+
       
                {

     

       
1365
       
1365
       
+
       
                    "name": "Luís Cobucci",

     

       
1366
       
1366
       
+
       
                    "email": "lcobucci@gmail.com",

     

       
1367
       
1367
       
+
       
                    "role": "Developer"

     

       
1368
       
1368
       
+
       
                }

     

       
1369
       
1369
       
+
       
            ],

     

       
1370
       
1370
       
+
       
            "description": "A simple library to work with JSON Web Token and JSON Web Signature",

     

       
1371
       
1371
       
+
       
            "keywords": [

     

       
1372
       
1372
       
+
       
                "JWS",

     

       
1373
       
1373
       
+
       
                "jwt"

     

       
1374
       
1374
       
+
       
            ],

     

       
1375
       
1375
       
+
       
            "support": {

     

       
1376
       
1376
       
+
       
                "issues": "https://github.com/lcobucci/jwt/issues",

     

       
1377
       
1377
       
+
       
                "source": "https://github.com/lcobucci/jwt/tree/5.6.0"

     

       
1378
       
1378
       
+
       
            },

     

       
1379
       
1379
       
+
       
            "funding": [

     

       
1380
       
1380
       
+
       
                {

     

       
1381
       
1381
       
+
       
                    "url": "https://github.com/lcobucci",

     

       
1382
       
1382
       
+
       
                    "type": "github"

     

       
1383
       
1383
       
+
       
                },

     

       
1384
       
1384
       
+
       
                {

     

       
1385
       
1385
       
+
       
                    "url": "https://www.patreon.com/lcobucci",

     

       
1386
       
1386
       
+
       
                    "type": "patreon"

     

       
1387
       
1387
       
+
       
                }

     

       
1388
       
1388
       
+
       
            ],

     

       
1389
       
1389
       
+
       
            "time": "2025-10-17T11:30:53+00:00"

     

       
1390
       
1390
       
+
       
        },

     

       
1391
       
1391
       
+
       
        {

     

       
1319
       
1392
       
 
       
            "name": "league/commonmark",

     

       
1320
       
1393
       
 
       
            "version": "2.7.1",

     

       
1321
       
1394
       
 
       
            "source": {

     
···

       
1724
       
1797
       
 
       
                "source": "https://github.com/nette/utils/tree/v4.0.8"

     

       
1725
       
1798
       
 
       
            },

     

       
1726
       
1799
       
 
       
            "time": "2025-08-06T21:43:34+00:00"

     

       
1800
       
1800
       
+
       
        },

     

       
1801
       
1801
       
+
       
        {

     

       
1802
       
1802
       
+
       
            "name": "psr/clock",

     

       
1803
       
1803
       
+
       
            "version": "1.0.0",

     

       
1804
       
1804
       
+
       
            "source": {

     

       
1805
       
1805
       
+
       
                "type": "git",

     

       
1806
       
1806
       
+
       
                "url": "https://github.com/php-fig/clock.git",

     

       
1807
       
1807
       
+
       
                "reference": "e41a24703d4560fd0acb709162f73b8adfc3aa0d"

     

       
1808
       
1808
       
+
       
            },

     

       
1809
       
1809
       
+
       
            "dist": {

     

       
1810
       
1810
       
+
       
                "type": "zip",

     

       
1811
       
1811
       
+
       
                "url": "https://api.github.com/repos/php-fig/clock/zipball/e41a24703d4560fd0acb709162f73b8adfc3aa0d",

     

       
1812
       
1812
       
+
       
                "reference": "e41a24703d4560fd0acb709162f73b8adfc3aa0d",

     

       
1813
       
1813
       
+
       
                "shasum": ""

     

       
1814
       
1814
       
+
       
            },

     

       
1815
       
1815
       
+
       
            "require": {

     

       
1816
       
1816
       
+
       
                "php": "^7.0 || ^8.0"

     

       
1817
       
1817
       
+
       
            },

     

       
1818
       
1818
       
+
       
            "type": "library",

     

       
1819
       
1819
       
+
       
            "autoload": {

     

       
1820
       
1820
       
+
       
                "psr-4": {

     

       
1821
       
1821
       
+
       
                    "Psr\\Clock\\": "src/"

     

       
1822
       
1822
       
+
       
                }

     

       
1823
       
1823
       
+
       
            },

     

       
1824
       
1824
       
+
       
            "notification-url": "https://packagist.org/downloads/",

     

       
1825
       
1825
       
+
       
            "license": [

     

       
1826
       
1826
       
+
       
                "MIT"

     

       
1827
       
1827
       
+
       
            ],

     

       
1828
       
1828
       
+
       
            "authors": [

     

       
1829
       
1829
       
+
       
                {

     

       
1830
       
1830
       
+
       
                    "name": "PHP-FIG",

     

       
1831
       
1831
       
+
       
                    "homepage": "https://www.php-fig.org/"

     

       
1832
       
1832
       
+
       
                }

     

       
1833
       
1833
       
+
       
            ],

     

       
1834
       
1834
       
+
       
            "description": "Common interface for reading the clock.",

     

       
1835
       
1835
       
+
       
            "homepage": "https://github.com/php-fig/clock",

     

       
1836
       
1836
       
+
       
            "keywords": [

     

       
1837
       
1837
       
+
       
                "clock",

     

       
1838
       
1838
       
+
       
                "now",

     

       
1839
       
1839
       
+
       
                "psr",

     

       
1840
       
1840
       
+
       
                "psr-20",

     

       
1841
       
1841
       
+
       
                "time"

     

       
1842
       
1842
       
+
       
            ],

     

       
1843
       
1843
       
+
       
            "support": {

     

       
1844
       
1844
       
+
       
                "issues": "https://github.com/php-fig/clock/issues",

     

       
1845
       
1845
       
+
       
                "source": "https://github.com/php-fig/clock/tree/1.0.0"

     

       
1846
       
1846
       
+
       
            },

     

       
1847
       
1847
       
+
       
            "time": "2022-11-25T14:36:26+00:00"

     

       
1727
       
1848
       
 
       
        },

     

       
1728
       
1849
       
 
       
        {

     

       
1729
       
1850
       
 
       
            "name": "psr/event-dispatcher",

     

···

       
1
       
1
       
+
       
<?php

     

       
2
       
2
       
+
       
define('SITE_TITLE', 'smallbird social');

     

       
3
       
3
       
+
       
define('SITE_PATH', ''); # or wherever you keep it

     

       
4
       
4
       
+
       
define('DB_LOCATION', __DIR__.'/data/sbs.db'); # or something like that. not in the same folder! it is ass in source control!!!

     

       
5
       
5
       
+
       
define('PUBLIC_API', "https://public.api.bsky.app");

     

       
6
       
6
       
+
       
# options:

     

       
7
       
7
       
+
       
# - https://public.api.bsky.app (bluesky)

     

       
8
       
8
       
+
       
# - that's it until the cool people at blacksky do theirs

     

       
9
       
9
       
+
       
define('FRONTPAGE_FEED', "at://did:plc:ffkgesg3jsv2j7aagkzrtcvt/app.bsky.feed.generator/aaagllxbcbsje");

     

       
10
       
10
       
+
       
define('SLINGSHOT_INSTANCE', "https://slingshot.microcosm.blue");

     

       
11
       
11
       
+
       
define('CONSTELLATION_INSTANCE', "https://constellation.smallbird.social");

     

       
12
       
12
       
+
       
# alternates:

     

       
13
       
13
       
+
       
# - constellation.microcosm.blue

     

       
14
       
14
       
+
       
# - constellation.snek.cc (run by natalie.sh)

     

       
15
       
15
       
+
       
# - constellation.smallbird.social (run by veryroundbird.house)

     

       
16
       
16
       
+
       
define('DEFAULT_PDS', "https://bsky.social");

     

       
17
       
17
       
+
       
# ideally pick a DEFAULT_PDS that has open registration, since this will be used to allow people to

     

       
18
       
18
       
+
       
# register new accounts.

     

       
19
       
19
       
+
       
# some options are

     

       
20
       
20
       
+
       
# - myatproto.social (run by blacksky)

     

       
21
       
21
       
+
       
# - cryptoanarchy.net (run by blacksky)

     

       
22
       
22
       
+
       
# - sprk.so

     

       
23
       
23
       
+
       
define('DEFAULT_RELAY', "https://relay.fire.hose.cam");

     

       
24
       
24
       
+
       
# some relay options:

     

       
25
       
25
       
+
       
# - bsky.network (you know who runs this)

     

       
26
       
26
       
+
       
# - relay1.us-east.bsky.network (bsky US east)

     

       
27
       
27
       
+
       
# - relay1.us-west.bsky.network (bsky US west)

     

       
28
       
28
       
+
       
# - relay3.fr.hose.cam (france)

     

       
29
       
29
       
+
       
# - relay.fire.hose.cam (montreal)

     

       
30
       
30
       
+
       
# - relay-ovh.demo.bsky.dev

     

       
31
       
31
       
+
       
# - atproto.africa (blacksky)

     

       
32
       
32
       
+
       
# - relay.upcloud.world (upcloud)

     

       
33
       
33
       
+
       
# - relay.hayescmd.net (edavis.dev)

     

       
34
       
34
       
+
       
# - relay.xero.systems (dane.is.extraordinarily.cool)

     

       
35
       
35
       
+
       
# - relay.feeds.blue (mackuba.eu; self-hosted only)

     

       
36
       
36
       
+
       
define('PLC_DIRECTORY', "https://plc.directory");

     

       
37
       
37
       
+
       
# other plc directory options:

     

       
38
       
38
       
+
       
# - https://plc.parakeet.at/

     

       
39
       
39
       
+
       
define('FAVORITE_FEEDS', [ // list of feeds you want to display in the sidebar to users not logged in

     

       
40
       
40
       
+
       
  "at://did:plc:ffkgesg3jsv2j7aagkzrtcvt/app.bsky.feed.generator/aaagllxbcbsje",

     

       
41
       
41
       
+
       
  "at://did:plc:xdtvlh4k3tntzp2vinmgehsz/app.bsky.feed.generator/aaaeb7hxb53jg",

     

       
42
       
42
       
+
       
  "at://did:plc:abv47bjgzjgoh3yrygwoi36x/app.bsky.feed.generator/aaai4f7awwzkc",

     

       
43
       
43
       
+
       
  "at://did:plc:dltmiiweocm22l656iffwn5a/app.bsky.feed.generator/aaagnt6bwkkb2",

     

       
44
       
44
       
+
       
  "at://did:plc:mlq4aycufcuolr7ax6sezpc4/app.bsky.feed.generator/aaad2auzj4ana"

     

       
45
       
45
       
+
       
]);

     

       
46
       
46
       
+
       
define('THEMES', [

     

       
47
       
47
       
+
       
  'blank', 'catppuccin', 'rosepine', 'dracula', 'solarized', 'tempus'

     

       
48
       
48
       
+
       
]);

     

       
49
       
49
       
+
       
define('PAGES', [

     

       
50
       
50
       
+
       
  'about' => 'About',

     

       
51
       
51
       
+
       
  'terms' => 'Terms',

     

       
52
       
52
       
+
       
  'privacy' => 'Privacy'

     

       
53
       
53
       
+
       
]);

     

       
54
       
54
       
+
       
define('LINKS', [

     

       
55
       
55
       
+
       
  'code' => 'https://tangled.org/@veryroundbird.house/smallbird-social',

     

       
56
       
56
       
+
       
  'bsky' => 'https://bsky.app/profile/smallbirdsocial.on.computer',

     

       
57
       
57
       
+
       
  'ko-fi' => 'https://ko-fi.com/veryroundbird'

     

       
58
       
58
       
+
       
]);

     

       
59
       
59
       
+
       
define('FONTS', [

     

       
60
       
60
       
+
       
   'alegreya' => 'alegreya',

     

       
61
       
61
       
+
       
   'geometria' => 'geometria',

     

       
62
       
62
       
+
       
   'recursive' => 'recursive mono casual', 

     

       
63
       
63
       
+
       
   'comicsans' => 'comic sans ms'

     

       
64
       
64
       
+
       
]);

     

       
65
       
65
       
+
       
define('PRETTY_URLS', false);

     

       
66
       
66
       
+
       
define('DEFAULT_THEME', "catppuccin");

     

       
67
       
67
       
+
       
define('DEFAULT_FONT', "recursive");

     

       
68
       
68
       
+
       
define('THREAD_POST_COUNT', 5);

     

       
69
       
69
       
+
       
?>
     

···

       
19
       
19
       
 
       
use Matrix\Async;

     

       
20
       
20
       
 
       
use GuzzleHttp\Psr7\HttpFactory;

     

       
21
       
21
       
 
       
use chillerlan\OAuth\OAuthOptions;

     

       
22
       
22
       
+
       
use chillerlan\OAuth\Storage\SessionStorage;

     

       
23
       
23
       
+
       
use DateTimeImmutable;

     

       
24
       
24
       
+
       
use Lcobucci\JWT\Token\Builder;

     

       
25
       
25
       
+
       
use Lcobucci\JWT\Encoding\ChainedFormatter;

     

       
26
       
26
       
+
       
use Lcobucci\JWT\Encoding\JoseEncoder;

     

       
27
       
27
       
+
       
use Lcobucci\JWT\Signer\Key\InMemory;

     

       
28
       
28
       
+
       
use Lcobucci\JWT\Signer\Ecdsa\Sha256;

     

       
22
       
29
       
 
       
use Smallnest\Bsky\BskyProvider;

     

       
23
       
30
       
 
       


     

       
31
       
31
       
+
       
session_start();

     

       
24
       
32
       
 
       
$bskyToucher = new BskyToucher();

     

       
25
       
33
       
 
       


     

       
26
       
34
       
 
       
$favoriteFeeds = array_map(function ($feed) use ($bskyToucher) {

     
···

       
59
       
67
       
 
       
Flight::set('publicApi', PUBLIC_API);

     

       
60
       
68
       
 
       
Flight::set('frontpageFeed', FRONTPAGE_FEED);

     

       
61
       
69
       
 
       
Flight::set('defaultRelay', DEFAULT_RELAY);

     

       
62
       
62
       
-
       
Flight::set('userAuth', null);

     

       
70
       
70
       
+
       
Flight::set('userAuth', array_key_exists('sbs_'.SITE_DOMAIN, $_SESSION) ? $_SESSION['sbs_'.SITE_DOMAIN] : null);

     

       
71
       
71
       
+
       
Flight::set('userPds', array_key_exists('sbs_'.SITE_DOMAIN.'_pds', $_SESSION) ? $_SESSION['sbs_'.SITE_DOMAIN.'_pds'] : null);

     

       
72
       
72
       
+
       
Flight::set('userInfo', array_key_exists('sbs_'.SITE_DOMAIN.'_userinfo', $_SESSION) ? $_SESSION['sbs_'.SITE_DOMAIN.'_userinfo'] : null);

     

       
63
       
73
       
 
       
Flight::set('flight.log_errors', false);

     

       
64
       
74
       
 
       
Flight::set('flight.handle_errors', false);

     

       
65
       
75
       
 
       
Flight::set('flight.content_length', false);

     
···

       
71
       
81
       
 
       
  'setTheme' => array_key_exists('sbs_theme', $_COOKIE) ? $_COOKIE['sbs_theme'] : DEFAULT_THEME,

     

       
72
       
82
       
 
       
  'setFont' => array_key_exists('sbs_font', $_COOKIE) ? $_COOKIE['sbs_font'] : DEFAULT_FONT,

     

       
73
       
83
       
 
       
  'userAuth' => Flight::get('userAuth'),

     

       
84
       
84
       
+
       
  'userPds' => Flight::get('userPds'),

     

       
85
       
85
       
+
       
  'userInfo' => Flight::Get('userInfo'),

     

       
74
       
86
       
 
       
  'favFeeds' => $favoriteFeeds,

     

       
75
       
87
       
 
       
  'pages' => PAGES,

     

       
76
       
88
       
 
       
  'links' => LINKS,

     
···

       
170
       
182
       
 
       
});

     

       
171
       
183
       
 
       


     

       
172
       
184
       
 
       
Flight::route('/login', function(): void {

     

       
173
       
173
       
-
       
  $options = new OAuthOptions([

     

       
174
       
174
       
-
       
  	'key'          => 'https://'.SITE_DOMAIN.CLIENT_ID,

     

       
175
       
175
       
-
       
  	'secret'       => CLIENT_SECRET,

     

       
176
       
176
       
-
       
  	'callbackURL'  => 'http://127.0.0.1/login',

     

       
177
       
177
       
-
       
  	'sessionStart' => true,

     

       
178
       
178
       
-
       
  ]);

     

       
179
       
179
       
-
       
  $connector = new React\Socket\Connector([

     

       
180
       
180
       
-
       
    'dns' => '1.1.1.1'

     

       
181
       
181
       
-
       
  ]);

     

       
182
       
182
       
-
       
  $http = new React\Http\Browser($connector);

     

       
183
       
183
       
-
       
  $client = new GuzzleHttp\Client([

     

       
184
       
184
       
-
       
    'verify' => true,

     

       
185
       
185
       
-
       
    'headers' => [

     

       
186
       
186
       
-
       
      'User-Agent' => USER_AGENT_STR

     

       
187
       
187
       
-
       
    ]

     

       
188
       
188
       
-
       
  ]);

     

       
189
       
189
       
-
       
  $httpFactory = new HttpFactory();

     

       
190
       
190
       
-
       
  $provider = new BskyProvider($options, $client, $httpFactory, $httpFactory, $httpFactory);

     

       
191
       
191
       
-
       
  $name = $provider->getName();

     

       
192
       
192
       
-
       
  if (isset($_GET['login']) && $_GET['login'] === $name) {

     

       
193
       
193
       
-
       
    $username = $_GET['username'];

     

       
185
       
185
       
+
       
  if (isset($_GET['username'])) {

     

       
186
       
186
       
+
       
  $username = $_GET['username'];

     

       
194
       
187
       
 
       
    $bskyToucher = new BskyToucher();

     

       
195
       
188
       
 
       
    $userInfo = $bskyToucher->getUserInfo($username);

     

       
196
       
189
       
 
       
    if (!$userInfo) die(1);

     

       
197
       
190
       
 
       
    $pds = $userInfo->pds;

     

       
191
       
191
       
+
       
    $options = new OAuthOptions([

     

       
192
       
192
       
+
       
      'key'          => 'https://'.SITE_DOMAIN.CLIENT_ID,

     

       
193
       
193
       
+
       
      'secret'       => CLIENT_SECRET,

     

       
194
       
194
       
+
       
      'callbackURL'  => 'https://'.SITE_DOMAIN.'/login',

     

       
195
       
195
       
+
       
      'sessionStart' => true,

     

       
196
       
196
       
+
       
      'sessionStorageVar' => 'sbs_'.SITE_DOMAIN

     

       
197
       
197
       
+
       
    ]);

     

       
198
       
198
       
+
       
    $storage = new SessionStorage($options);

     

       
199
       
199
       
+
       
    $connector = new React\Socket\Connector([

     

       
200
       
200
       
+
       
      'dns' => '1.1.1.1'

     

       
201
       
201
       
+
       
    ]);

     

       
202
       
202
       
+
       
    $http = new React\Http\Browser($connector);

     

       
203
       
203
       
+
       
    $httpFactory = new HttpFactory();

     

       
204
       
204
       
+
       
    $token_builder = Builder::new(new JoseEncoder(), ChainedFormatter::default());

     

       
205
       
205
       
+
       
    $algorithm    = new Sha256();

     

       
206
       
206
       
+
       
    $signing_key   = InMemory::file(CERT_PATH);

     

       
207
       
207
       
+
       
    $now   = new DateTimeImmutable();

     

       
208
       
208
       
+
       
    $token = $token_builder

     

       
209
       
209
       
+
       
      ->withHeader('alg', 'ES256')

     

       
210
       
210
       
+
       
      ->withHeader('typ', 'JWT')

     

       
211
       
211
       
+
       
      ->withHeader('kid', 'ocwgKj_O7H9at1sL6yWf9ZZ82NOM7D0xlN8HGIyWH6M')

     

       
212
       
212
       
+
       
      ->issuedBy('https://'.SITE_DOMAIN.CLIENT_ID)

     

       
213
       
213
       
+
       
      ->identifiedBy(uniqid())

     

       
214
       
214
       
+
       
      ->relatedTo('https://'.SITE_DOMAIN.CLIENT_ID)

     

       
215
       
215
       
+
       
      ->permittedFor($pds)

     

       
216
       
216
       
+
       
      ->issuedAt($now->modify('-5 seconds'))

     

       
217
       
217
       
+
       
      ->getToken($algorithm, $signing_key);

     

       
218
       
218
       
+
       
    $client = new GuzzleHttp\Client([

     

       
219
       
219
       
+
       
      'verify' => true,

     

       
220
       
220
       
+
       
      'headers' => [

     

       
221
       
221
       
+
       
        'User-Agent' => USER_AGENT_STR,

     

       
222
       
222
       
+
       
        'Authorization' => 'Bearer: '.$token->toString()

     

       
223
       
223
       
+
       
      ]

     

       
224
       
224
       
+
       
    ]);

     

       
225
       
225
       
+
       
    $provider = new BskyProvider($options, $client, $httpFactory, $httpFactory, $httpFactory);

     

       
198
       
226
       
 
       
    $provider->setPds($pds);

     

       
199
       
199
       
-
       
    $authUrl = $provider->getAuthorizationUrl();

     

       
200
       
200
       
-
       
    header('Location: '.$authUrl);

     

       
201
       
201
       
-
       
    die(1);

     

       
202
       
202
       
-
       
  } else if (isset($_GET['code'], $_GET['state'])) {

     

       
203
       
203
       
-
       
    $token = $provider->getAccessToken($_GET['code'], $_GET['state']);

     

       
204
       
204
       
-
       


     

       
205
       
205
       
-
       
  	// save the token in a permanent storage

     

       
206
       
206
       
-
       
  	// [...]

     

       
207
       
207
       
-
       


     

       
208
       
208
       
-
       
  	// access granted, redirect

     

       
209
       
209
       
-
       
  	header('Location: ?granted='.$name);

     

       
210
       
210
       
-
       
    die(1);

     

       
211
       
211
       
-
       
  } else if (isset($_GET['granted']) && $_GET['granted'] === $name) {

     

       
212
       
212
       
-
       
    die(1);

     

       
213
       
213
       
-
       
  } else if (isset($_GET['error'])) {

     

       
214
       
214
       
-
       
    die(1);

     

       
227
       
227
       
+
       
    $name = $provider->getName();

     

       
228
       
228
       
+
       
    if (isset($_GET['login']) && $_GET['login'] === $name) {

     

       
229
       
229
       
+
       
      $auth_url = $provider->getAuthorizationUrl([

     

       
230
       
230
       
+
       
        'client_assertion_type' => 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',

     

       
231
       
231
       
+
       
        'client_assertion' => $token->toString()

     

       
232
       
232
       
+
       
      ]);

     

       
233
       
233
       
+
       
      Flight::redirect($auth_url);

     

       
234
       
234
       
+
       
      die(1);

     

       
235
       
235
       
+
       
    } else if (isset($_GET['code'], $_GET['iss'])) {

     

       
236
       
236
       
+
       
      $storage->storeAccessToken($_GET['code'], $name);

     

       
237
       
237
       
+
       
      $_SESSION['sbs_'.SITE_DOMAIN.'_pds'] = $_GET['iss'];

     

       
238
       
238
       
+
       
      $_SESSION['sbs_'.SITE_DOMAIN.'_userinfo'] = $bskyToucher->getUserInfo();

     

       
239
       
239
       
+
       
      Flight::redirect('/');

     

       
240
       
240
       
+
       
      die(1);

     

       
241
       
241
       
+
       
    } else if (isset($_GET['error'])) {

     

       
242
       
242
       
+
       
      die(1);

     

       
243
       
243
       
+
       
    }

     

       
244
       
244
       
+
       
  } else {

     

       
245
       
245
       
+
       
    $latte = new Latte\Engine;

     

       
246
       
246
       
+
       
    $latte->render('./templates/login.latte', array_merge(Flight::get('standardParams'), [

     

       
247
       
247
       
+
       
      'mainClass' => 'form',

     

       
248
       
248
       
+
       
      'ogtitle' => SITE_TITLE." | login",

     

       
249
       
249
       
+
       
      'ogdesc' => SITE_DESC,

     

       
250
       
250
       
+
       
      'ogimage' => '',

     

       
251
       
251
       
+
       
      'ogurl' => 'https://'.SITE_DOMAIN.'/login'

     

       
252
       
252
       
+
       
    ]));

     

       
215
       
253
       
 
       
  }

     

       
216
       
216
       
-
       
  $latte = new Latte\Engine;

     

       
217
       
217
       
-
       
  $latte->render('./templates/login.latte', array_merge(Flight::get('standardParams'), [

     

       
218
       
218
       
-
       
    'mainClass' => 'form',

     

       
219
       
219
       
-
       
    'ogtitle' => SITE_TITLE." | login",

     

       
220
       
220
       
-
       
    'ogdesc' => SITE_DESC,

     

       
221
       
221
       
-
       
    'ogimage' => '',

     

       
222
       
222
       
-
       
    'ogurl' => 'https://'.SITE_DOMAIN.'/login'

     

       
223
       
223
       
-
       
  ]));

     

       
224
       
254
       
 
       
});

     

       
225
       
255
       
 
       


     

       
226
       
226
       
-
       
// https://shimaenaga.veryroundbird.house/oauth/authorize?client_id=https%3A%2F%2Ftangled.org%2Foauth%2Fclient-metadata.json&request_uri=urn%3Aietf%3Aparams%3Aoauth%3Arequest_uri%3Areq-2399ff42af66498132ebf8de809254b7

     

       
256
       
256
       
+
       
Flight::route('/logout', function(): void {

     

       
257
       
257
       
+
       
  unset($_SESSION['sbs_'.SITE_DOMAIN]);

     

       
258
       
258
       
+
       
  unset($_SESSION['sbs_'.SITE_DOMAIN.'_pds']);

     

       
259
       
259
       
+
       
  unset($_SESSION['sbs_'.SITE_DOMAIN.'_userinfo']);

     

       
260
       
260
       
+
       
  Flight::redirect('/');

     

       
261
       
261
       
+
       
});

     

       
227
       
262
       
 
       


     

       
228
       
263
       
 
       
Flight::route('/createaccount', function(): void {

     

       
229
       
264
       
 
       
  $latte = new Latte\Engine;

     

···

       
6
       
6
       
 
       


     

       
7
       
7
       
 
       
use chillerlan\OAuth\Core\OAuth2Interface;

     

       
8
       
8
       
 
       
use chillerlan\OAuth\Core\OAuth2Provider;

     

       
9
       
9
       
-
       
use chillerlan\OAuth\Core\PARTrait;

     

       
10
       
9
       
 
       
use chillerlan\OAuth\Core\PKCETrait;

     

       
11
       
10
       
 
       
use chillerlan\OAuth\OAuthOptions;

     

       
12
       
11
       
 
       
use chillerlan\OAuth\Storage\SessionStorage;

     

       
12
       
12
       
+
       
use chillerlan\HTTP\Utils\MessageUtil;

     

       
13
       
13
       
+
       
use chillerlan\HTTP\Utils\QueryUtil;

     

       
14
       
14
       
+
       
use chillerlan\OAuth\Providers\ProviderException;

     

       
13
       
15
       
 
       
use GuzzleHttp\Client;

     

       
14
       
16
       
 
       
use GuzzleHttp\Psr7\HttpFactory;

     

       
17
       
17
       
+
       
use Psr\Http\Message\UriInterface;

     

       
18
       
18
       
+
       
use function sprintf;

     

       
15
       
19
       
 
       


     

       
16
       
20
       
 
       
class BskyProvider extends OAuth2Provider implements \chillerlan\OAuth\Core\PAR, \chillerlan\OAuth\Core\PKCE {

     

       
17
       
17
       
-
       
  use \chillerlan\OAuth\Core\PARTrait;

     

       
18
       
21
       
 
       
  use \chillerlan\OAuth\Core\PKCETrait;

     

       
19
       
22
       
 
       
  

     

       
20
       
23
       
 
       
	public const IDENTIFIER               = 'BSKYPROVIDER';

     
···

       
52
       
55
       
 
       
    $this->parAuthorizationURL = (string)$pds->withPath('/oauth/par');

     

       
53
       
56
       
 
       
    

     

       
54
       
57
       
 
       
		return $this;

     

       
58
       
58
       
+
       
	}

     

       
59
       
59
       
+
       
  

     

       
60
       
60
       
+
       
	public function getParRequestUri(array $body):UriInterface{

     

       
61
       
61
       
+
       
		// send the request with the same method and parameters as the token requests

     

       
62
       
62
       
+
       
		// @link https://datatracker.ietf.org/doc/html/rfc9126#name-request

     

       
63
       
63
       
+
       
		$response = $this->sendAccessTokenRequest($this->parAuthorizationURL, $body);

     

       
64
       
64
       
+
       
		$status   = $response->getStatusCode();

     

       
65
       
65
       
+
       
		$json     = MessageUtil::decodeJSON($response, true);

     

       
66
       
66
       
+
       


     

       
67
       
67
       
+
       
		// something went horribly wrong

     

       
68
       
68
       
+
       
		if($status !== 201){

     

       
69
       
69
       
+
       


     

       
70
       
70
       
+
       
			// @link https://datatracker.ietf.org/doc/html/rfc9126#section-2.3

     

       
71
       
71
       
+
       
			if(isset($json['error'], $json['error_description'])){

     

       
72
       
72
       
+
       
				throw new ProviderException(sprintf('PAR error: "%s" (%s)', $json['error'], $json['error_description']));

     

       
73
       
73
       
+
       
			}

     

       
74
       
74
       
+
       


     

       
75
       
75
       
+
       
			throw new ProviderException(sprintf('PAR request error: (HTTP/%s)', $status)); // @codeCoverageIgnore

     

       
76
       
76
       
+
       
		}

     

       
77
       
77
       
+
       


     

       
78
       
78
       
+
       
		$url = QueryUtil::merge($this->authorizationURL, $this->getParAuthorizationURLRequestParams($json));

     

       
79
       
79
       
+
       


     

       
80
       
80
       
+
       
		return $this->uriFactory->createUri($url);

     

       
81
       
81
       
+
       
	}

     

       
82
       
82
       
+
       
  

     

       
83
       
83
       
+
       
	protected function getParAuthorizationURLRequestParams(array $response):array{

     

       
84
       
84
       
+
       


     

       
85
       
85
       
+
       
		if(!isset($response['request_uri'])){

     

       
86
       
86
       
+
       
			throw new ProviderException('PAR response error: "request_uri" missing');

     

       
87
       
87
       
+
       
		}

     

       
88
       
88
       
+
       


     

       
89
       
89
       
+
       
		return [

     

       
90
       
90
       
+
       
			'client_id'   => $this->options->key,

     

       
91
       
91
       
+
       
			'request_uri' => $response['request_uri'],

     

       
92
       
92
       
+
       
		];

     

       
55
       
93
       
 
       
	}

     

       
56
       
94
       
 
       
}

     

       
57
       
95
       
 
       
?>
     

···

       
25
       
25
       
 
       
use Psr\Http\Message\RequestInterface;

     

       
26
       
26
       
 
       
use Psr\Http\Message\ResponseInterface;

     

       
27
       
27
       
 
       
use Fusonic\OpenGraph\Consumer;

     

       
28
       
28
       
+
       
use chillerlan\OAuth\Storage\SessionStorage;

     

       
28
       
29
       
 
       


     

       
29
       
30
       
 
       
class BskyToucher {

     

       
30
       
31
       
 
       
  private $bskyApiBase = 'https://public.api.bsky.app/xrpc/';

     

···

       
2
       
2
       
 
       


     

       
3
       
3
       
 
       
smallbird social is meant to run as lightweight as possible and stores no data on its own server. if you are using a veryroundbird.house pds, your data and activity is on *that* server, but it only stores what's necessary to, you know, interact with the atproto ecosystem. so, user ID information, your posts, follows, likes, etc.

     

       
4
       
4
       
 
       


     

       
5
       
5
       
+
       
the server also caches publicly-available post and user data to speed up requests. none of this data is kept longer than, like, a few days unless it's requested again.

     

       
6
       
6
       
+
       


     

       
5
       
7
       
 
       
there is some minimal tracking via goatcounter, but your data will never touch advertisers and it doesn't track individual users; i mostly just want to know what the site usage numbers are and where people found it from.

     

       
6
       
8
       
 
       
  

     

       
7
       
9
       
 
       
i have never been asked to or required to turn over data to any law enforcement agency.
     

···

       
1
       
1
       
+
       
## terms of use

     

       
2
       
2
       
+
       


     

       
3
       
3
       
+
       
i reserve the right to block any IPs that are hitting the site too hard. i also reserve the right to end service at any time if for some reason it gets too hard to maintain or something like that. some features may be jank, broken, or missing due to the limitations of my approach and time.

     

       
4
       
4
       
+
       


     

       
5
       
5
       
+
       
just be normal, ok. use the site like a normal person. that's what it's for.
     

···

       
1
       
1
       
-
       
SERVER_URL=

     

       
2
       
2
       
-
       
CLIENT_ID=

     

       
3
       
3
       
-
       
DEFAULT_PDS=

     

       
4
       
4
       
-
       
CONSTELLATION_INSTANCE=

     

       
5
       
5
       
-
       
SLINGSHOT_INSTANCE=

     

       
6
       
6
       
-
       
PLC_DIRECTORY=

     

       
7
       
7
       
-
       


     

       
8
       
8
       
-
       
AUTH_ACCOUNT=

     

       
9
       
9
       
-
       
AUTH_KEYTYPE=

     

       
10
       
10
       
-
       
AUTH_PUBKEY=

     

       
11
       
11
       
-
       
AUTH_PRIVKEY_HEX=

     

       
12
       
12
       
-
       
AUTH_PRIVKEY_MULTI=

     

       
13
       
13
       
-
       


     

       
14
       
14
       
-
       
PRETTY_URLS=

     

       
15
       
15
       
-
       
DEFAULT_THEME=

     

       
16
       
16
       
-
       
DEFAULT_FONT=

     

       
17
       
17
       
-
       
SSL_CERT_PATH=
     

···

       
1
       
1
       
-
       
<?php

     

       
2
       
2
       
-
       
define('SITE_TITLE', 'smallbird social');

     

       
3
       
3
       
-
       
define('SITE_PATH', ''); # or wherever you keep it

     

       
4
       
4
       
-
       
define('DB_LOCATION', __DIR__.'/data/sbs.db'); # or something like that. not in the same folder! it is ass in source control!!!

     

       
5
       
5
       
-
       
define('PUBLIC_API', "https://public.api.bsky.app");

     

       
6
       
6
       
-
       
# options:

     

       
7
       
7
       
-
       
# - https://public.api.bsky.app (bluesky)

     

       
8
       
8
       
-
       
# - that's it until the cool people at blacksky do theirs

     

       
9
       
9
       
-
       
define('FRONTPAGE_FEED', "at://did:plc:ffkgesg3jsv2j7aagkzrtcvt/app.bsky.feed.generator/aaagllxbcbsje");

     

       
10
       
10
       
-
       
define('SLINGSHOT_INSTANCE', "https://slingshot.microcosm.blue");

     

       
11
       
11
       
-
       
define('CONSTELLATION_INSTANCE', "https://constellation.smallbird.social");

     

       
12
       
12
       
-
       
# alternates:

     

       
13
       
13
       
-
       
# - constellation.microcosm.blue

     

       
14
       
14
       
-
       
# - constellation.snek.cc (run by natalie.sh)

     

       
15
       
15
       
-
       
# - constellation.smallbird.social (run by veryroundbird.house)

     

       
16
       
16
       
-
       
define('DEFAULT_PDS', "https://bsky.social");

     

       
17
       
17
       
-
       
# ideally pick a DEFAULT_PDS that has open registration, since this will be used to allow people to

     

       
18
       
18
       
-
       
# register new accounts.

     

       
19
       
19
       
-
       
# some options are

     

       
20
       
20
       
-
       
# - myatproto.social (run by blacksky)

     

       
21
       
21
       
-
       
# - cryptoanarchy.net (run by blacksky)

     

       
22
       
22
       
-
       
# - sprk.so

     

       
23
       
23
       
-
       
define('DEFAULT_RELAY', "https://relay.fire.hose.cam");

     

       
24
       
24
       
-
       
# some relay options:

     

       
25
       
25
       
-
       
# - bsky.network (you know who runs this)

     

       
26
       
26
       
-
       
# - relay1.us-east.bsky.network (bsky US east)

     

       
27
       
27
       
-
       
# - relay1.us-west.bsky.network (bsky US west)

     

       
28
       
28
       
-
       
# - relay3.fr.hose.cam (france)

     

       
29
       
29
       
-
       
# - relay.fire.hose.cam (montreal)

     

       
30
       
30
       
-
       
# - relay-ovh.demo.bsky.dev

     

       
31
       
31
       
-
       
# - atproto.africa (blacksky)

     

       
32
       
32
       
-
       
# - relay.upcloud.world (upcloud)

     

       
33
       
33
       
-
       
# - relay.hayescmd.net (edavis.dev)

     

       
34
       
34
       
-
       
# - relay.xero.systems (dane.is.extraordinarily.cool)

     

       
35
       
35
       
-
       
# - relay.feeds.blue (mackuba.eu; self-hosted only)

     

       
36
       
36
       
-
       
define('PLC_DIRECTORY', "https://plc.directory");

     

       
37
       
37
       
-
       
# other plc directory options:

     

       
38
       
38
       
-
       
# - https://plc.parakeet.at/

     

       
39
       
39
       
-
       
define('FAVORITE_FEEDS', [ // list of feeds you want to display in the sidebar to users not logged in

     

       
40
       
40
       
-
       
  "at://did:plc:ffkgesg3jsv2j7aagkzrtcvt/app.bsky.feed.generator/aaagllxbcbsje",

     

       
41
       
41
       
-
       
  "at://did:plc:xdtvlh4k3tntzp2vinmgehsz/app.bsky.feed.generator/aaaeb7hxb53jg",

     

       
42
       
42
       
-
       
  "at://did:plc:abv47bjgzjgoh3yrygwoi36x/app.bsky.feed.generator/aaai4f7awwzkc",

     

       
43
       
43
       
-
       
  "at://did:plc:dltmiiweocm22l656iffwn5a/app.bsky.feed.generator/aaagnt6bwkkb2",

     

       
44
       
44
       
-
       
  "at://did:plc:mlq4aycufcuolr7ax6sezpc4/app.bsky.feed.generator/aaad2auzj4ana"

     

       
45
       
45
       
-
       
]);

     

       
46
       
46
       
-
       
define('THEMES', [

     

       
47
       
47
       
-
       
  'blank', 'catppuccin', 'rosepine', 'dracula', 'solarized', 'tempus'

     

       
48
       
48
       
-
       
]);

     

       
49
       
49
       
-
       
define('PAGES', [

     

       
50
       
50
       
-
       
  'about' => 'About',

     

       
51
       
51
       
-
       
  'terms' => 'Terms',

     

       
52
       
52
       
-
       
  'privacy' => 'Privacy'

     

       
53
       
53
       
-
       
]);

     

       
54
       
54
       
-
       
define('LINKS', [

     

       
55
       
55
       
-
       
  'code' => 'https://tangled.org/@veryroundbird.house/smallbird-social',

     

       
56
       
56
       
-
       
  'bsky' => 'https://bsky.app/profile/smallbirdsocial.on.computer',

     

       
57
       
57
       
-
       
  'ko-fi' => 'https://ko-fi.com/veryroundbird'

     

       
58
       
58
       
-
       
]);

     

       
59
       
59
       
-
       
define('FONTS', [

     

       
60
       
60
       
-
       
   'alegreya' => 'alegreya',

     

       
61
       
61
       
-
       
   'geometria' => 'geometria',

     

       
62
       
62
       
-
       
   'recursive' => 'recursive mono casual', 

     

       
63
       
63
       
-
       
   'comicsans' => 'comic sans ms'

     

       
64
       
64
       
-
       
]);

     

       
65
       
65
       
-
       
define('PRETTY_URLS', false);

     

       
66
       
66
       
-
       
define('DEFAULT_THEME', "catppuccin");

     

       
67
       
67
       
-
       
define('DEFAULT_FONT', "recursive");

     

       
68
       
68
       
-
       
define('THREAD_POST_COUNT', 5);

     

       
69
       
69
       
-
       
?>
     

···

       
1
       
1
       
 
       
<nav>

     

       
2
       
2
       
 
       
  <ul>

     

       
3
       
3
       
 
       
    {if $userAuth}

     

       
4
       
4
       
+
       
      <li><a href="/u/{$userInfo->handle}">profile</a></li>

     

       
4
       
5
       
 
       
      <li><a href="/settings">settings</a></li>

     

       
5
       
5
       
-
       
      <li><a href="#">log out</a></li>

     

       
6
       
6
       
+
       
      <li><a href="/logout">log out</a></li>

     

       
6
       
7
       
 
       
    {else}

     

       
7
       
8
       
 
       
      <li><a href="/createaccount">create</a></li>

     

       
8
       
9
       
 
       
      <li><a href="/login">log in</a></li>

     

···

       
24
       
24
       
 
       
    data-theme="{$setTheme}"

     

       
25
       
25
       
 
       
    data-font="{$setFont}"

     

       
26
       
26
       
 
       
  >

     

       
27
       
27
       
+
       
    <!--

     

       
28
       
28
       
+
       
      {print_r($_SESSION)}

     

       
29
       
29
       
+
       
      {print_r(PHP_SESSION_DISABLED)}

     

       
30
       
30
       
+
       
    -->

     

       
27
       
31
       
 
       
    <div id="page">

     

       
28
       
32
       
 
       
      <header>

     

       
29
       
33
       
 
       
        <h1><a href="/">{include '_partials/logo.latte'}{$siteTitle}</a></h1>

     

···

       
35
       
35
       
 
       
	public function getParRequestUri(array $body):UriInterface{

     

       
36
       
36
       
 
       
		// send the request with the same method and parameters as the token requests

     

       
37
       
37
       
 
       
		// @link https://datatracker.ietf.org/doc/html/rfc9126#name-request

     

       
38
       
38
       
-
       
    print_r($this->parAuthorizationURL);

     

       
39
       
38
       
 
       
		$response = $this->sendAccessTokenRequest($this->parAuthorizationURL, $body);

     

       
40
       
39
       
 
       
		$status   = $response->getStatusCode();

     

       
41
       
40
       
 
       
		$json     = MessageUtil::decodeJSON($response, true);

     

       
42
       
42
       
-
       
    print_r($body);

     

       
43
       
43
       
-
       
    print_r($json);

     

       
44
       
41
       
 
       


     

       
45
       
42
       
 
       
		// something went horribly wrong

     

       
46
       
43
       
 
       
		if($status !== 200){

     

       
44
       
44
       
+
       
      print_r($json);

     

       
47
       
45
       
 
       


     

       
48
       
46
       
 
       
			// @link https://datatracker.ietf.org/doc/html/rfc9126#section-2.3

     

       
49
       
47
       
 
       
			if(isset($json['error'], $json['error_description'])){

     

···

       
26
       
26
       
 
       
    'Psr\\Http\\Message\\' => array($vendorDir . '/psr/http-factory/src', $vendorDir . '/psr/http-message/src'),

     

       
27
       
27
       
 
       
    'Psr\\Http\\Client\\' => array($vendorDir . '/psr/http-client/src'),

     

       
28
       
28
       
 
       
    'Psr\\EventDispatcher\\' => array($vendorDir . '/psr/event-dispatcher/src'),

     

       
29
       
29
       
+
       
    'Psr\\Clock\\' => array($vendorDir . '/psr/clock/src'),

     

       
29
       
30
       
 
       
    'Nette\\' => array($vendorDir . '/nette/schema/src', $vendorDir . '/nette/utils/src'),

     

       
30
       
31
       
 
       
    'Matrix\\' => array($vendorDir . '/jerome/matrix/src/Matrix'),

     

       
31
       
32
       
 
       
    'Masterminds\\' => array($vendorDir . '/masterminds/html5/src'),

     

       
32
       
33
       
 
       
    'League\\Config\\' => array($vendorDir . '/league/config/src'),

     

       
33
       
34
       
 
       
    'League\\CommonMark\\' => array($vendorDir . '/league/commonmark/src'),

     

       
35
       
35
       
+
       
    'Lcobucci\\JWT\\' => array($vendorDir . '/lcobucci/jwt/src'),

     

       
34
       
36
       
 
       
    'Latte\\' => array($vendorDir . '/latte/latte/src/Latte'),

     

       
35
       
37
       
 
       
    'GuzzleHttp\\Psr7\\' => array($vendorDir . '/guzzlehttp/psr7/src'),

     

       
36
       
38
       
 
       
    'GuzzleHttp\\Promise\\' => array($vendorDir . '/guzzlehttp/promises/src'),

     

···

       
52
       
52
       
 
       
            'Psr\\Http\\Message\\' => 17,

     

       
53
       
53
       
 
       
            'Psr\\Http\\Client\\' => 16,

     

       
54
       
54
       
 
       
            'Psr\\EventDispatcher\\' => 20,

     

       
55
       
55
       
+
       
            'Psr\\Clock\\' => 10,

     

       
55
       
56
       
 
       
        ),

     

       
56
       
57
       
 
       
        'N' => 

     

       
57
       
58
       
 
       
        array (

     
···

       
66
       
67
       
 
       
        array (

     

       
67
       
68
       
 
       
            'League\\Config\\' => 14,

     

       
68
       
69
       
 
       
            'League\\CommonMark\\' => 18,

     

       
70
       
70
       
+
       
            'Lcobucci\\JWT\\' => 13,

     

       
69
       
71
       
 
       
            'Latte\\' => 6,

     

       
70
       
72
       
 
       
        ),

     

       
71
       
73
       
 
       
        'G' => 

     
···

       
176
       
178
       
 
       
        array (

     

       
177
       
179
       
 
       
            0 => __DIR__ . '/..' . '/psr/event-dispatcher/src',

     

       
178
       
180
       
 
       
        ),

     

       
181
       
181
       
+
       
        'Psr\\Clock\\' => 

     

       
182
       
182
       
+
       
        array (

     

       
183
       
183
       
+
       
            0 => __DIR__ . '/..' . '/psr/clock/src',

     

       
184
       
184
       
+
       
        ),

     

       
179
       
185
       
 
       
        'Nette\\' => 

     

       
180
       
186
       
 
       
        array (

     

       
181
       
187
       
 
       
            0 => __DIR__ . '/..' . '/nette/schema/src',

     
···

       
196
       
202
       
 
       
        'League\\CommonMark\\' => 

     

       
197
       
203
       
 
       
        array (

     

       
198
       
204
       
 
       
            0 => __DIR__ . '/..' . '/league/commonmark/src',

     

       
205
       
205
       
+
       
        ),

     

       
206
       
206
       
+
       
        'Lcobucci\\JWT\\' => 

     

       
207
       
207
       
+
       
        array (

     

       
208
       
208
       
+
       
            0 => __DIR__ . '/..' . '/lcobucci/jwt/src',

     

       
199
       
209
       
 
       
        ),

     

       
200
       
210
       
 
       
        'Latte\\' => 

     

       
201
       
211
       
 
       
        array (

     

···

       
1409
       
1409
       
 
       
            "install-path": "../latte/latte"

     

       
1410
       
1410
       
 
       
        },

     

       
1411
       
1411
       
 
       
        {

     

       
1412
       
1412
       
+
       
            "name": "lcobucci/jwt",

     

       
1413
       
1413
       
+
       
            "version": "5.6.0",

     

       
1414
       
1414
       
+
       
            "version_normalized": "5.6.0.0",

     

       
1415
       
1415
       
+
       
            "source": {

     

       
1416
       
1416
       
+
       
                "type": "git",

     

       
1417
       
1417
       
+
       
                "url": "https://github.com/lcobucci/jwt.git",

     

       
1418
       
1418
       
+
       
                "reference": "bb3e9f21e4196e8afc41def81ef649c164bca25e"

     

       
1419
       
1419
       
+
       
            },

     

       
1420
       
1420
       
+
       
            "dist": {

     

       
1421
       
1421
       
+
       
                "type": "zip",

     

       
1422
       
1422
       
+
       
                "url": "https://api.github.com/repos/lcobucci/jwt/zipball/bb3e9f21e4196e8afc41def81ef649c164bca25e",

     

       
1423
       
1423
       
+
       
                "reference": "bb3e9f21e4196e8afc41def81ef649c164bca25e",

     

       
1424
       
1424
       
+
       
                "shasum": ""

     

       
1425
       
1425
       
+
       
            },

     

       
1426
       
1426
       
+
       
            "require": {

     

       
1427
       
1427
       
+
       
                "ext-openssl": "*",

     

       
1428
       
1428
       
+
       
                "ext-sodium": "*",

     

       
1429
       
1429
       
+
       
                "php": "~8.2.0 || ~8.3.0 || ~8.4.0 || ~8.5.0",

     

       
1430
       
1430
       
+
       
                "psr/clock": "^1.0"

     

       
1431
       
1431
       
+
       
            },

     

       
1432
       
1432
       
+
       
            "require-dev": {

     

       
1433
       
1433
       
+
       
                "infection/infection": "^0.29",

     

       
1434
       
1434
       
+
       
                "lcobucci/clock": "^3.2",

     

       
1435
       
1435
       
+
       
                "lcobucci/coding-standard": "^11.0",

     

       
1436
       
1436
       
+
       
                "phpbench/phpbench": "^1.2",

     

       
1437
       
1437
       
+
       
                "phpstan/extension-installer": "^1.2",

     

       
1438
       
1438
       
+
       
                "phpstan/phpstan": "^1.10.7",

     

       
1439
       
1439
       
+
       
                "phpstan/phpstan-deprecation-rules": "^1.1.3",

     

       
1440
       
1440
       
+
       
                "phpstan/phpstan-phpunit": "^1.3.10",

     

       
1441
       
1441
       
+
       
                "phpstan/phpstan-strict-rules": "^1.5.0",

     

       
1442
       
1442
       
+
       
                "phpunit/phpunit": "^11.1"

     

       
1443
       
1443
       
+
       
            },

     

       
1444
       
1444
       
+
       
            "suggest": {

     

       
1445
       
1445
       
+
       
                "lcobucci/clock": ">= 3.2"

     

       
1446
       
1446
       
+
       
            },

     

       
1447
       
1447
       
+
       
            "time": "2025-10-17T11:30:53+00:00",

     

       
1448
       
1448
       
+
       
            "type": "library",

     

       
1449
       
1449
       
+
       
            "installation-source": "dist",

     

       
1450
       
1450
       
+
       
            "autoload": {

     

       
1451
       
1451
       
+
       
                "psr-4": {

     

       
1452
       
1452
       
+
       
                    "Lcobucci\\JWT\\": "src"

     

       
1453
       
1453
       
+
       
                }

     

       
1454
       
1454
       
+
       
            },

     

       
1455
       
1455
       
+
       
            "notification-url": "https://packagist.org/downloads/",

     

       
1456
       
1456
       
+
       
            "license": [

     

       
1457
       
1457
       
+
       
                "BSD-3-Clause"

     

       
1458
       
1458
       
+
       
            ],

     

       
1459
       
1459
       
+
       
            "authors": [

     

       
1460
       
1460
       
+
       
                {

     

       
1461
       
1461
       
+
       
                    "name": "Luís Cobucci",

     

       
1462
       
1462
       
+
       
                    "email": "lcobucci@gmail.com",

     

       
1463
       
1463
       
+
       
                    "role": "Developer"

     

       
1464
       
1464
       
+
       
                }

     

       
1465
       
1465
       
+
       
            ],

     

       
1466
       
1466
       
+
       
            "description": "A simple library to work with JSON Web Token and JSON Web Signature",

     

       
1467
       
1467
       
+
       
            "keywords": [

     

       
1468
       
1468
       
+
       
                "JWS",

     

       
1469
       
1469
       
+
       
                "jwt"

     

       
1470
       
1470
       
+
       
            ],

     

       
1471
       
1471
       
+
       
            "support": {

     

       
1472
       
1472
       
+
       
                "issues": "https://github.com/lcobucci/jwt/issues",

     

       
1473
       
1473
       
+
       
                "source": "https://github.com/lcobucci/jwt/tree/5.6.0"

     

       
1474
       
1474
       
+
       
            },

     

       
1475
       
1475
       
+
       
            "funding": [

     

       
1476
       
1476
       
+
       
                {

     

       
1477
       
1477
       
+
       
                    "url": "https://github.com/lcobucci",

     

       
1478
       
1478
       
+
       
                    "type": "github"

     

       
1479
       
1479
       
+
       
                },

     

       
1480
       
1480
       
+
       
                {

     

       
1481
       
1481
       
+
       
                    "url": "https://www.patreon.com/lcobucci",

     

       
1482
       
1482
       
+
       
                    "type": "patreon"

     

       
1483
       
1483
       
+
       
                }

     

       
1484
       
1484
       
+
       
            ],

     

       
1485
       
1485
       
+
       
            "install-path": "../lcobucci/jwt"

     

       
1486
       
1486
       
+
       
        },

     

       
1487
       
1487
       
+
       
        {

     

       
1412
       
1488
       
 
       
            "name": "league/commonmark",

     

       
1413
       
1489
       
 
       
            "version": "2.7.1",

     

       
1414
       
1490
       
 
       
            "version_normalized": "2.7.1.0",

     
···

       
1832
       
1908
       
 
       
                "source": "https://github.com/nette/utils/tree/v4.0.8"

     

       
1833
       
1909
       
 
       
            },

     

       
1834
       
1910
       
 
       
            "install-path": "../nette/utils"

     

       
1911
       
1911
       
+
       
        },

     

       
1912
       
1912
       
+
       
        {

     

       
1913
       
1913
       
+
       
            "name": "psr/clock",

     

       
1914
       
1914
       
+
       
            "version": "1.0.0",

     

       
1915
       
1915
       
+
       
            "version_normalized": "1.0.0.0",

     

       
1916
       
1916
       
+
       
            "source": {

     

       
1917
       
1917
       
+
       
                "type": "git",

     

       
1918
       
1918
       
+
       
                "url": "https://github.com/php-fig/clock.git",

     

       
1919
       
1919
       
+
       
                "reference": "e41a24703d4560fd0acb709162f73b8adfc3aa0d"

     

       
1920
       
1920
       
+
       
            },

     

       
1921
       
1921
       
+
       
            "dist": {

     

       
1922
       
1922
       
+
       
                "type": "zip",

     

       
1923
       
1923
       
+
       
                "url": "https://api.github.com/repos/php-fig/clock/zipball/e41a24703d4560fd0acb709162f73b8adfc3aa0d",

     

       
1924
       
1924
       
+
       
                "reference": "e41a24703d4560fd0acb709162f73b8adfc3aa0d",

     

       
1925
       
1925
       
+
       
                "shasum": ""

     

       
1926
       
1926
       
+
       
            },

     

       
1927
       
1927
       
+
       
            "require": {

     

       
1928
       
1928
       
+
       
                "php": "^7.0 || ^8.0"

     

       
1929
       
1929
       
+
       
            },

     

       
1930
       
1930
       
+
       
            "time": "2022-11-25T14:36:26+00:00",

     

       
1931
       
1931
       
+
       
            "type": "library",

     

       
1932
       
1932
       
+
       
            "installation-source": "dist",

     

       
1933
       
1933
       
+
       
            "autoload": {

     

       
1934
       
1934
       
+
       
                "psr-4": {

     

       
1935
       
1935
       
+
       
                    "Psr\\Clock\\": "src/"

     

       
1936
       
1936
       
+
       
                }

     

       
1937
       
1937
       
+
       
            },

     

       
1938
       
1938
       
+
       
            "notification-url": "https://packagist.org/downloads/",

     

       
1939
       
1939
       
+
       
            "license": [

     

       
1940
       
1940
       
+
       
                "MIT"

     

       
1941
       
1941
       
+
       
            ],

     

       
1942
       
1942
       
+
       
            "authors": [

     

       
1943
       
1943
       
+
       
                {

     

       
1944
       
1944
       
+
       
                    "name": "PHP-FIG",

     

       
1945
       
1945
       
+
       
                    "homepage": "https://www.php-fig.org/"

     

       
1946
       
1946
       
+
       
                }

     

       
1947
       
1947
       
+
       
            ],

     

       
1948
       
1948
       
+
       
            "description": "Common interface for reading the clock.",

     

       
1949
       
1949
       
+
       
            "homepage": "https://github.com/php-fig/clock",

     

       
1950
       
1950
       
+
       
            "keywords": [

     

       
1951
       
1951
       
+
       
                "clock",

     

       
1952
       
1952
       
+
       
                "now",

     

       
1953
       
1953
       
+
       
                "psr",

     

       
1954
       
1954
       
+
       
                "psr-20",

     

       
1955
       
1955
       
+
       
                "time"

     

       
1956
       
1956
       
+
       
            ],

     

       
1957
       
1957
       
+
       
            "support": {

     

       
1958
       
1958
       
+
       
                "issues": "https://github.com/php-fig/clock/issues",

     

       
1959
       
1959
       
+
       
                "source": "https://github.com/php-fig/clock/tree/1.0.0"

     

       
1960
       
1960
       
+
       
            },

     

       
1961
       
1961
       
+
       
            "install-path": "../psr/clock"

     

       
1835
       
1962
       
 
       
        },

     

       
1836
       
1963
       
 
       
        {

     

       
1837
       
1964
       
 
       
            "name": "psr/event-dispatcher",

     

···

       
3
       
3
       
 
       
        'name' => '__root__',

     

       
4
       
4
       
 
       
        'pretty_version' => 'dev-main',

     

       
5
       
5
       
 
       
        'version' => 'dev-main',

     

       
6
       
6
       
-
       
        'reference' => '9928676233cfb9f6f6af89926171714328098c47',

     

       
6
       
6
       
+
       
        'reference' => '1ea5f55bde378131812f28e47f7d5b6558b04018',

     

       
7
       
7
       
 
       
        'type' => 'library',

     

       
8
       
8
       
 
       
        'install_path' => __DIR__ . '/../../',

     

       
9
       
9
       
 
       
        'aliases' => array(),

     
···

       
13
       
13
       
 
       
        '__root__' => array(

     

       
14
       
14
       
 
       
            'pretty_version' => 'dev-main',

     

       
15
       
15
       
 
       
            'version' => 'dev-main',

     

       
16
       
16
       
-
       
            'reference' => '9928676233cfb9f6f6af89926171714328098c47',

     

       
16
       
16
       
+
       
            'reference' => '1ea5f55bde378131812f28e47f7d5b6558b04018',

     

       
17
       
17
       
 
       
            'type' => 'library',

     

       
18
       
18
       
 
       
            'install_path' => __DIR__ . '/../../',

     

       
19
       
19
       
 
       
            'aliases' => array(),

     
···

       
181
       
181
       
 
       
            'aliases' => array(),

     

       
182
       
182
       
 
       
            'dev_requirement' => false,

     

       
183
       
183
       
 
       
        ),

     

       
184
       
184
       
+
       
        'lcobucci/jwt' => array(

     

       
185
       
185
       
+
       
            'pretty_version' => '5.6.0',

     

       
186
       
186
       
+
       
            'version' => '5.6.0.0',

     

       
187
       
187
       
+
       
            'reference' => 'bb3e9f21e4196e8afc41def81ef649c164bca25e',

     

       
188
       
188
       
+
       
            'type' => 'library',

     

       
189
       
189
       
+
       
            'install_path' => __DIR__ . '/../lcobucci/jwt',

     

       
190
       
190
       
+
       
            'aliases' => array(),

     

       
191
       
191
       
+
       
            'dev_requirement' => false,

     

       
192
       
192
       
+
       
        ),

     

       
184
       
193
       
 
       
        'league/commonmark' => array(

     

       
185
       
194
       
 
       
            'pretty_version' => '2.7.1',

     

       
186
       
195
       
 
       
            'version' => '2.7.1.0',

     
···

       
229
       
238
       
 
       
            'reference' => 'c930ca4e3cf4f17dcfb03037703679d2396d2ede',

     

       
230
       
239
       
 
       
            'type' => 'library',

     

       
231
       
240
       
 
       
            'install_path' => __DIR__ . '/../nette/utils',

     

       
241
       
241
       
+
       
            'aliases' => array(),

     

       
242
       
242
       
+
       
            'dev_requirement' => false,

     

       
243
       
243
       
+
       
        ),

     

       
244
       
244
       
+
       
        'psr/clock' => array(

     

       
245
       
245
       
+
       
            'pretty_version' => '1.0.0',

     

       
246
       
246
       
+
       
            'version' => '1.0.0.0',

     

       
247
       
247
       
+
       
            'reference' => 'e41a24703d4560fd0acb709162f73b8adfc3aa0d',

     

       
248
       
248
       
+
       
            'type' => 'library',

     

       
249
       
249
       
+
       
            'install_path' => __DIR__ . '/../psr/clock',

     

       
232
       
250
       
 
       
            'aliases' => array(),

     

       
233
       
251
       
 
       
            'dev_requirement' => false,

     

       
234
       
252
       
 
       
        ),

     

···

       
1
       
1
       
+
       
Copyright (c) 2014, Luís Cobucci

     

       
2
       
2
       
+
       
All rights reserved.

     

       
3
       
3
       
+
       


     

       
4
       
4
       
+
       
Redistribution and use in source and binary forms, with or without

     

       
5
       
5
       
+
       
modification, are permitted provided that the following conditions are met:

     

       
6
       
6
       
+
       


     

       
7
       
7
       
+
       
* Redistributions of source code must retain the above copyright notice, this

     

       
8
       
8
       
+
       
  list of conditions and the following disclaimer.

     

       
9
       
9
       
+
       


     

       
10
       
10
       
+
       
* Redistributions in binary form must reproduce the above copyright notice,

     

       
11
       
11
       
+
       
  this list of conditions and the following disclaimer in the documentation

     

       
12
       
12
       
+
       
  and/or other materials provided with the distribution.

     

       
13
       
13
       
+
       


     

       
14
       
14
       
+
       
* Neither the name of the {organization} nor the names of its

     

       
15
       
15
       
+
       
  contributors may be used to endorse or promote products derived from

     

       
16
       
16
       
+
       
  this software without specific prior written permission.

     

       
17
       
17
       
+
       


     

       
18
       
18
       
+
       
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"

     

       
19
       
19
       
+
       
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

     

       
20
       
20
       
+
       
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE

     

       
21
       
21
       
+
       
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE

     

       
22
       
22
       
+
       
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

     

       
23
       
23
       
+
       
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR

     

       
24
       
24
       
+
       
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER

     

       
25
       
25
       
+
       
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,

     

       
26
       
26
       
+
       
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE

     

       
27
       
27
       
+
       
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

     

···

       
1
       
1
       
+
       
{

     

       
2
       
2
       
+
       
    "name": "lcobucci/jwt",

     

       
3
       
3
       
+
       
    "description": "A simple library to work with JSON Web Token and JSON Web Signature",

     

       
4
       
4
       
+
       
    "license": [

     

       
5
       
5
       
+
       
        "BSD-3-Clause"

     

       
6
       
6
       
+
       
    ],

     

       
7
       
7
       
+
       
    "type": "library",

     

       
8
       
8
       
+
       
    "keywords": [

     

       
9
       
9
       
+
       
        "JWT",

     

       
10
       
10
       
+
       
        "JWS"

     

       
11
       
11
       
+
       
    ],

     

       
12
       
12
       
+
       
    "authors": [

     

       
13
       
13
       
+
       
        {

     

       
14
       
14
       
+
       
            "name": "Luís Cobucci",

     

       
15
       
15
       
+
       
            "email": "lcobucci@gmail.com",

     

       
16
       
16
       
+
       
            "role": "Developer"

     

       
17
       
17
       
+
       
        }

     

       
18
       
18
       
+
       
    ],

     

       
19
       
19
       
+
       
    "require": {

     

       
20
       
20
       
+
       
        "php": "~8.2.0 || ~8.3.0 || ~8.4.0 || ~8.5.0",

     

       
21
       
21
       
+
       
        "ext-openssl": "*",

     

       
22
       
22
       
+
       
        "ext-sodium": "*",

     

       
23
       
23
       
+
       
        "psr/clock": "^1.0"

     

       
24
       
24
       
+
       
    },

     

       
25
       
25
       
+
       
    "require-dev": {

     

       
26
       
26
       
+
       
        "infection/infection": "^0.29",

     

       
27
       
27
       
+
       
        "lcobucci/clock": "^3.2",

     

       
28
       
28
       
+
       
        "lcobucci/coding-standard": "^11.0",

     

       
29
       
29
       
+
       
        "phpbench/phpbench": "^1.2",

     

       
30
       
30
       
+
       
        "phpstan/extension-installer": "^1.2",

     

       
31
       
31
       
+
       
        "phpstan/phpstan": "^1.10.7",

     

       
32
       
32
       
+
       
        "phpstan/phpstan-deprecation-rules": "^1.1.3",

     

       
33
       
33
       
+
       
        "phpstan/phpstan-phpunit": "^1.3.10",

     

       
34
       
34
       
+
       
        "phpstan/phpstan-strict-rules": "^1.5.0",

     

       
35
       
35
       
+
       
        "phpunit/phpunit": "^11.1"

     

       
36
       
36
       
+
       
    },

     

       
37
       
37
       
+
       
    "suggest": {

     

       
38
       
38
       
+
       
        "lcobucci/clock": ">= 3.2"

     

       
39
       
39
       
+
       
    },

     

       
40
       
40
       
+
       
    "autoload": {

     

       
41
       
41
       
+
       
        "psr-4": {

     

       
42
       
42
       
+
       
            "Lcobucci\\JWT\\": "src"

     

       
43
       
43
       
+
       
        }

     

       
44
       
44
       
+
       
    },

     

       
45
       
45
       
+
       
    "autoload-dev": {

     

       
46
       
46
       
+
       
        "psr-4": {

     

       
47
       
47
       
+
       
            "Lcobucci\\JWT\\Tests\\": "tests"

     

       
48
       
48
       
+
       
        }

     

       
49
       
49
       
+
       
    },

     

       
50
       
50
       
+
       
    "config": {

     

       
51
       
51
       
+
       
        "allow-plugins": {

     

       
52
       
52
       
+
       
            "dealerdirect/phpcodesniffer-composer-installer": true,

     

       
53
       
53
       
+
       
            "infection/extension-installer": true,

     

       
54
       
54
       
+
       
            "ocramius/package-versions": true,

     

       
55
       
55
       
+
       
            "phpstan/extension-installer": true

     

       
56
       
56
       
+
       
        },

     

       
57
       
57
       
+
       
        "platform": {

     

       
58
       
58
       
+
       
            "php": "8.2.99"

     

       
59
       
59
       
+
       
        },

     

       
60
       
60
       
+
       
        "preferred-install": "dist",

     

       
61
       
61
       
+
       
        "sort-packages": true

     

       
62
       
62
       
+
       
    }

     

       
63
       
63
       
+
       
}

     

···

       
1
       
1
       
+
       
<?php

     

       
2
       
2
       
+
       
declare(strict_types=1);

     

       
3
       
3
       
+
       


     

       
4
       
4
       
+
       
namespace Lcobucci\JWT;

     

       
5
       
5
       
+
       


     

       
6
       
6
       
+
       
use DateTimeImmutable;

     

       
7
       
7
       
+
       
use Lcobucci\JWT\Encoding\CannotEncodeContent;

     

       
8
       
8
       
+
       
use Lcobucci\JWT\Signer\CannotSignPayload;

     

       
9
       
9
       
+
       
use Lcobucci\JWT\Signer\Ecdsa\ConversionFailed;

     

       
10
       
10
       
+
       
use Lcobucci\JWT\Signer\InvalidKeyProvided;

     

       
11
       
11
       
+
       
use Lcobucci\JWT\Signer\Key;

     

       
12
       
12
       
+
       
use Lcobucci\JWT\Token\RegisteredClaimGiven;

     

       
13
       
13
       
+
       


     

       
14
       
14
       
+
       
/** @immutable */

     

       
15
       
15
       
+
       
interface Builder

     

       
16
       
16
       
+
       
{

     

       
17
       
17
       
+
       
    /**

     

       
18
       
18
       
+
       
     * Appends new items to audience

     

       
19
       
19
       
+
       
     *

     

       
20
       
20
       
+
       
     * @param non-empty-string ...$audiences

     

       
21
       
21
       
+
       
     */

     

       
22
       
22
       
+
       
    public function permittedFor(string ...$audiences): Builder;

     

       
23
       
23
       
+
       


     

       
24
       
24
       
+
       
    /**

     

       
25
       
25
       
+
       
     * Configures the expiration time

     

       
26
       
26
       
+
       
     */

     

       
27
       
27
       
+
       
    public function expiresAt(DateTimeImmutable $expiration): Builder;

     

       
28
       
28
       
+
       


     

       
29
       
29
       
+
       
    /**

     

       
30
       
30
       
+
       
     * Configures the token id

     

       
31
       
31
       
+
       
     *

     

       
32
       
32
       
+
       
     * @param non-empty-string $id

     

       
33
       
33
       
+
       
     */

     

       
34
       
34
       
+
       
    public function identifiedBy(string $id): Builder;

     

       
35
       
35
       
+
       


     

       
36
       
36
       
+
       
    /**

     

       
37
       
37
       
+
       
     * Configures the time that the token was issued

     

       
38
       
38
       
+
       
     */

     

       
39
       
39
       
+
       
    public function issuedAt(DateTimeImmutable $issuedAt): Builder;

     

       
40
       
40
       
+
       


     

       
41
       
41
       
+
       
    /**

     

       
42
       
42
       
+
       
     * Configures the issuer

     

       
43
       
43
       
+
       
     *

     

       
44
       
44
       
+
       
     * @param non-empty-string $issuer

     

       
45
       
45
       
+
       
     */

     

       
46
       
46
       
+
       
    public function issuedBy(string $issuer): Builder;

     

       
47
       
47
       
+
       


     

       
48
       
48
       
+
       
    /**

     

       
49
       
49
       
+
       
     * Configures the time before which the token cannot be accepted

     

       
50
       
50
       
+
       
     */

     

       
51
       
51
       
+
       
    public function canOnlyBeUsedAfter(DateTimeImmutable $notBefore): Builder;

     

       
52
       
52
       
+
       


     

       
53
       
53
       
+
       
    /**

     

       
54
       
54
       
+
       
     * Configures the subject

     

       
55
       
55
       
+
       
     *

     

       
56
       
56
       
+
       
     * @param non-empty-string $subject

     

       
57
       
57
       
+
       
     */

     

       
58
       
58
       
+
       
    public function relatedTo(string $subject): Builder;

     

       
59
       
59
       
+
       


     

       
60
       
60
       
+
       
    /**

     

       
61
       
61
       
+
       
     * Configures a header item

     

       
62
       
62
       
+
       
     *

     

       
63
       
63
       
+
       
     * @param non-empty-string $name

     

       
64
       
64
       
+
       
     */

     

       
65
       
65
       
+
       
    public function withHeader(string $name, mixed $value): Builder;

     

       
66
       
66
       
+
       


     

       
67
       
67
       
+
       
    /**

     

       
68
       
68
       
+
       
     * Configures a claim item

     

       
69
       
69
       
+
       
     *

     

       
70
       
70
       
+
       
     * @param non-empty-string $name

     

       
71
       
71
       
+
       
     *

     

       
72
       
72
       
+
       
     * @throws RegisteredClaimGiven When trying to set a registered claim.

     

       
73
       
73
       
+
       
     */

     

       
74
       
74
       
+
       
    public function withClaim(string $name, mixed $value): Builder;

     

       
75
       
75
       
+
       


     

       
76
       
76
       
+
       
    /**

     

       
77
       
77
       
+
       
     * Returns a signed token to be used

     

       
78
       
78
       
+
       
     *

     

       
79
       
79
       
+
       
     * @throws CannotEncodeContent When data cannot be converted to JSON.

     

       
80
       
80
       
+
       
     * @throws CannotSignPayload   When payload signing fails.

     

       
81
       
81
       
+
       
     * @throws InvalidKeyProvided  When issue key is invalid/incompatible.

     

       
82
       
82
       
+
       
     * @throws ConversionFailed    When signature could not be converted.

     

       
83
       
83
       
+
       
     */

     

       
84
       
84
       
+
       
    public function getToken(Signer $signer, Key $key): UnencryptedToken;

     

       
85
       
85
       
+
       
}

     

···

       
1
       
1
       
+
       
<?php

     

       
2
       
2
       
+
       
declare(strict_types=1);

     

       
3
       
3
       
+
       


     

       
4
       
4
       
+
       
namespace Lcobucci\JWT;

     

       
5
       
5
       
+
       


     

       
6
       
6
       
+
       
interface ClaimsFormatter

     

       
7
       
7
       
+
       
{

     

       
8
       
8
       
+
       
    /**

     

       
9
       
9
       
+
       
     * @param array<non-empty-string, mixed> $claims

     

       
10
       
10
       
+
       
     *

     

       
11
       
11
       
+
       
     * @return array<non-empty-string, mixed>

     

       
12
       
12
       
+
       
     */

     

       
13
       
13
       
+
       
    public function formatClaims(array $claims): array;

     

       
14
       
14
       
+
       
}

     

···

       
1
       
1
       
+
       
<?php

     

       
2
       
2
       
+
       
declare(strict_types=1);

     

       
3
       
3
       
+
       


     

       
4
       
4
       
+
       
namespace Lcobucci\JWT;

     

       
5
       
5
       
+
       


     

       
6
       
6
       
+
       
use Closure;

     

       
7
       
7
       
+
       
use Lcobucci\JWT\Encoding\ChainedFormatter;

     

       
8
       
8
       
+
       
use Lcobucci\JWT\Encoding\JoseEncoder;

     

       
9
       
9
       
+
       
use Lcobucci\JWT\Signer\Key;

     

       
10
       
10
       
+
       
use Lcobucci\JWT\Validation\Constraint;

     

       
11
       
11
       
+
       


     

       
12
       
12
       
+
       
/**

     

       
13
       
13
       
+
       
 * Configuration container for the JWT Builder and Parser

     

       
14
       
14
       
+
       
 *

     

       
15
       
15
       
+
       
 * Serves like a small DI container to simplify the creation and usage

     

       
16
       
16
       
+
       
 * of the objects.

     

       
17
       
17
       
+
       
 */

     

       
18
       
18
       
+
       
final class Configuration

     

       
19
       
19
       
+
       
{

     

       
20
       
20
       
+
       
    private Parser $parser;

     

       
21
       
21
       
+
       
    private Validator $validator;

     

       
22
       
22
       
+
       


     

       
23
       
23
       
+
       
    /** @var Closure(ClaimsFormatter $claimFormatter): Builder */

     

       
24
       
24
       
+
       
    private Closure $builderFactory;

     

       
25
       
25
       
+
       


     

       
26
       
26
       
+
       
    /** @var Constraint[] */

     

       
27
       
27
       
+
       
    private array $validationConstraints;

     

       
28
       
28
       
+
       


     

       
29
       
29
       
+
       
    /** @param Closure(ClaimsFormatter $claimFormatter): Builder|null $builderFactory */

     

       
30
       
30
       
+
       
    private function __construct(

     

       
31
       
31
       
+
       
        private readonly Signer $signer,

     

       
32
       
32
       
+
       
        private readonly Key $signingKey,

     

       
33
       
33
       
+
       
        private readonly Key $verificationKey,

     

       
34
       
34
       
+
       
        private readonly Encoder $encoder,

     

       
35
       
35
       
+
       
        private readonly Decoder $decoder,

     

       
36
       
36
       
+
       
        ?Parser $parser,

     

       
37
       
37
       
+
       
        ?Validator $validator,

     

       
38
       
38
       
+
       
        ?Closure $builderFactory,

     

       
39
       
39
       
+
       
        Constraint ...$validationConstraints,

     

       
40
       
40
       
+
       
    ) {

     

       
41
       
41
       
+
       
        $this->parser    = $parser ?? new Token\Parser($decoder);

     

       
42
       
42
       
+
       
        $this->validator = $validator ?? new Validation\Validator();

     

       
43
       
43
       
+
       


     

       
44
       
44
       
+
       
        $this->builderFactory = $builderFactory

     

       
45
       
45
       
+
       
            ?? static function (ClaimsFormatter $claimFormatter) use ($encoder): Builder {

     

       
46
       
46
       
+
       
                return Token\Builder::new($encoder, $claimFormatter);

     

       
47
       
47
       
+
       
            };

     

       
48
       
48
       
+
       


     

       
49
       
49
       
+
       
        $this->validationConstraints = $validationConstraints;

     

       
50
       
50
       
+
       
    }

     

       
51
       
51
       
+
       


     

       
52
       
52
       
+
       
    public static function forAsymmetricSigner(

     

       
53
       
53
       
+
       
        Signer $signer,

     

       
54
       
54
       
+
       
        Key $signingKey,

     

       
55
       
55
       
+
       
        Key $verificationKey,

     

       
56
       
56
       
+
       
        Encoder $encoder = new JoseEncoder(),

     

       
57
       
57
       
+
       
        Decoder $decoder = new JoseEncoder(),

     

       
58
       
58
       
+
       
    ): self {

     

       
59
       
59
       
+
       
        return new self(

     

       
60
       
60
       
+
       
            $signer,

     

       
61
       
61
       
+
       
            $signingKey,

     

       
62
       
62
       
+
       
            $verificationKey,

     

       
63
       
63
       
+
       
            $encoder,

     

       
64
       
64
       
+
       
            $decoder,

     

       
65
       
65
       
+
       
            null,

     

       
66
       
66
       
+
       
            null,

     

       
67
       
67
       
+
       
            null,

     

       
68
       
68
       
+
       
        );

     

       
69
       
69
       
+
       
    }

     

       
70
       
70
       
+
       


     

       
71
       
71
       
+
       
    public static function forSymmetricSigner(

     

       
72
       
72
       
+
       
        Signer $signer,

     

       
73
       
73
       
+
       
        Key $key,

     

       
74
       
74
       
+
       
        Encoder $encoder = new JoseEncoder(),

     

       
75
       
75
       
+
       
        Decoder $decoder = new JoseEncoder(),

     

       
76
       
76
       
+
       
    ): self {

     

       
77
       
77
       
+
       
        return new self(

     

       
78
       
78
       
+
       
            $signer,

     

       
79
       
79
       
+
       
            $key,

     

       
80
       
80
       
+
       
            $key,

     

       
81
       
81
       
+
       
            $encoder,

     

       
82
       
82
       
+
       
            $decoder,

     

       
83
       
83
       
+
       
            null,

     

       
84
       
84
       
+
       
            null,

     

       
85
       
85
       
+
       
            null,

     

       
86
       
86
       
+
       
        );

     

       
87
       
87
       
+
       
    }

     

       
88
       
88
       
+
       


     

       
89
       
89
       
+
       
    /**

     

       
90
       
90
       
+
       
     * @deprecated Deprecated since v5.5, please use {@see self::withBuilderFactory()} instead

     

       
91
       
91
       
+
       
     *

     

       
92
       
92
       
+
       
     * @param callable(ClaimsFormatter): Builder $builderFactory

     

       
93
       
93
       
+
       
     */

     

       
94
       
94
       
+
       
    public function setBuilderFactory(callable $builderFactory): void

     

       
95
       
95
       
+
       
    {

     

       
96
       
96
       
+
       
        $this->builderFactory = $builderFactory(...);

     

       
97
       
97
       
+
       
    }

     

       
98
       
98
       
+
       


     

       
99
       
99
       
+
       
    /** @param callable(ClaimsFormatter): Builder $builderFactory */

     

       
100
       
100
       
+
       
    public function withBuilderFactory(callable $builderFactory): self

     

       
101
       
101
       
+
       
    {

     

       
102
       
102
       
+
       
        return new self(

     

       
103
       
103
       
+
       
            $this->signer,

     

       
104
       
104
       
+
       
            $this->signingKey,

     

       
105
       
105
       
+
       
            $this->verificationKey,

     

       
106
       
106
       
+
       
            $this->encoder,

     

       
107
       
107
       
+
       
            $this->decoder,

     

       
108
       
108
       
+
       
            $this->parser,

     

       
109
       
109
       
+
       
            $this->validator,

     

       
110
       
110
       
+
       
            $builderFactory(...),

     

       
111
       
111
       
+
       
            ...$this->validationConstraints,

     

       
112
       
112
       
+
       
        );

     

       
113
       
113
       
+
       
    }

     

       
114
       
114
       
+
       


     

       
115
       
115
       
+
       
    public function builder(?ClaimsFormatter $claimFormatter = null): Builder

     

       
116
       
116
       
+
       
    {

     

       
117
       
117
       
+
       
        return ($this->builderFactory)($claimFormatter ?? ChainedFormatter::default());

     

       
118
       
118
       
+
       
    }

     

       
119
       
119
       
+
       


     

       
120
       
120
       
+
       
    public function parser(): Parser

     

       
121
       
121
       
+
       
    {

     

       
122
       
122
       
+
       
        return $this->parser;

     

       
123
       
123
       
+
       
    }

     

       
124
       
124
       
+
       


     

       
125
       
125
       
+
       
    /** @deprecated Deprecated since v5.5, please use {@see self::withParser()} instead */

     

       
126
       
126
       
+
       
    public function setParser(Parser $parser): void

     

       
127
       
127
       
+
       
    {

     

       
128
       
128
       
+
       
        $this->parser = $parser;

     

       
129
       
129
       
+
       
    }

     

       
130
       
130
       
+
       


     

       
131
       
131
       
+
       
    public function withParser(Parser $parser): self

     

       
132
       
132
       
+
       
    {

     

       
133
       
133
       
+
       
        return new self(

     

       
134
       
134
       
+
       
            $this->signer,

     

       
135
       
135
       
+
       
            $this->signingKey,

     

       
136
       
136
       
+
       
            $this->verificationKey,

     

       
137
       
137
       
+
       
            $this->encoder,

     

       
138
       
138
       
+
       
            $this->decoder,

     

       
139
       
139
       
+
       
            $parser,

     

       
140
       
140
       
+
       
            $this->validator,

     

       
141
       
141
       
+
       
            $this->builderFactory,

     

       
142
       
142
       
+
       
            ...$this->validationConstraints,

     

       
143
       
143
       
+
       
        );

     

       
144
       
144
       
+
       
    }

     

       
145
       
145
       
+
       


     

       
146
       
146
       
+
       
    public function signer(): Signer

     

       
147
       
147
       
+
       
    {

     

       
148
       
148
       
+
       
        return $this->signer;

     

       
149
       
149
       
+
       
    }

     

       
150
       
150
       
+
       


     

       
151
       
151
       
+
       
    public function signingKey(): Key

     

       
152
       
152
       
+
       
    {

     

       
153
       
153
       
+
       
        return $this->signingKey;

     

       
154
       
154
       
+
       
    }

     

       
155
       
155
       
+
       


     

       
156
       
156
       
+
       
    public function verificationKey(): Key

     

       
157
       
157
       
+
       
    {

     

       
158
       
158
       
+
       
        return $this->verificationKey;

     

       
159
       
159
       
+
       
    }

     

       
160
       
160
       
+
       


     

       
161
       
161
       
+
       
    public function validator(): Validator

     

       
162
       
162
       
+
       
    {

     

       
163
       
163
       
+
       
        return $this->validator;

     

       
164
       
164
       
+
       
    }

     

       
165
       
165
       
+
       


     

       
166
       
166
       
+
       
    /** @deprecated Deprecated since v5.5, please use {@see self::withValidator()} instead */

     

       
167
       
167
       
+
       
    public function setValidator(Validator $validator): void

     

       
168
       
168
       
+
       
    {

     

       
169
       
169
       
+
       
        $this->validator = $validator;

     

       
170
       
170
       
+
       
    }

     

       
171
       
171
       
+
       


     

       
172
       
172
       
+
       
    public function withValidator(Validator $validator): self

     

       
173
       
173
       
+
       
    {

     

       
174
       
174
       
+
       
        return new self(

     

       
175
       
175
       
+
       
            $this->signer,

     

       
176
       
176
       
+
       
            $this->signingKey,

     

       
177
       
177
       
+
       
            $this->verificationKey,

     

       
178
       
178
       
+
       
            $this->encoder,

     

       
179
       
179
       
+
       
            $this->decoder,

     

       
180
       
180
       
+
       
            $this->parser,

     

       
181
       
181
       
+
       
            $validator,

     

       
182
       
182
       
+
       
            $this->builderFactory,

     

       
183
       
183
       
+
       
            ...$this->validationConstraints,

     

       
184
       
184
       
+
       
        );

     

       
185
       
185
       
+
       
    }

     

       
186
       
186
       
+
       


     

       
187
       
187
       
+
       
    /** @return Constraint[] */

     

       
188
       
188
       
+
       
    public function validationConstraints(): array

     

       
189
       
189
       
+
       
    {

     

       
190
       
190
       
+
       
        return $this->validationConstraints;

     

       
191
       
191
       
+
       
    }

     

       
192
       
192
       
+
       


     

       
193
       
193
       
+
       
    /** @deprecated Deprecated since v5.5, please use {@see self::withValidationConstraints()} instead */

     

       
194
       
194
       
+
       
    public function setValidationConstraints(Constraint ...$validationConstraints): void

     

       
195
       
195
       
+
       
    {

     

       
196
       
196
       
+
       
        $this->validationConstraints = $validationConstraints;

     

       
197
       
197
       
+
       
    }

     

       
198
       
198
       
+
       


     

       
199
       
199
       
+
       
    public function withValidationConstraints(Constraint ...$validationConstraints): self

     

       
200
       
200
       
+
       
    {

     

       
201
       
201
       
+
       
        return new self(

     

       
202
       
202
       
+
       
            $this->signer,

     

       
203
       
203
       
+
       
            $this->signingKey,

     

       
204
       
204
       
+
       
            $this->verificationKey,

     

       
205
       
205
       
+
       
            $this->encoder,

     

       
206
       
206
       
+
       
            $this->decoder,

     

       
207
       
207
       
+
       
            $this->parser,

     

       
208
       
208
       
+
       
            $this->validator,

     

       
209
       
209
       
+
       
            $this->builderFactory,

     

       
210
       
210
       
+
       
            ...$validationConstraints,

     

       
211
       
211
       
+
       
        );

     

       
212
       
212
       
+
       
    }

     

       
213
       
213
       
+
       
}