comparing 988c87ce046f0ee346497af8fb5c755d3ae75b7b and main on veryroundbird.house/smallbird-social

+17

.env.example

···

       1
       1
       +
       SERVER_URL=

     

       2
       2
       +
       CLIENT_ID=

     

       3
       3
       +
       DEFAULT_PDS=

     

       4
       4
       +
       CONSTELLATION_INSTANCE=

     

       5
       5
       +
       SLINGSHOT_INSTANCE=

     

       6
       6
       +
       PLC_DIRECTORY=

     

       7
       7
       +
       

     

       8
       8
       +
       AUTH_ACCOUNT=

     

       9
       9
       +
       AUTH_KEYTYPE=

     

       10
       10
       +
       AUTH_PUBKEY=

     

       11
       11
       +
       AUTH_PRIVKEY_HEX=

     

       12
       12
       +
       AUTH_PRIVKEY_MULTI=

     

       13
       13
       +
       

     

       14
       14
       +
       PRETTY_URLS=

     

       15
       15
       +
       DEFAULT_THEME=

     

       16
       16
       +
       DEFAULT_FONT=

     

       17
       17
       +
       SSL_CERT_PATH=

+2 -1

composer.json

···

       12
       12
        
               "jerome/fetch-php": "^3.2",

     

       13
       13
        
               "react/http": "^1.11",

     

       14
       14
        
               "react/promise": "^3.3",

     

       15
       15
       -
               "react/dns": "^1.13"

     

       15
       15
       +
               "react/dns": "^1.13",

     

       16
       16
       +
               "lcobucci/jwt": "^5.6"

     

       16
       17
        
           },

     

       17
       18
        
           "require-dev": {

     

       18
       19
        
               "flightphp/tracy-extensions": "^0.2.7"

+122 -1

composer.lock

···

       4
       4
        
               "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",

     

       5
       5
        
               "This file is @generated automatically"

     

       6
       6
        
           ],

     

       7
       7
       -
           "content-hash": "c6002ed16d9e230ae38c8eebfa96ea6f",

     

       7
       7
       +
           "content-hash": "b58d32e8c5e8307c1994ae27ab44347d",

     

       8
       8
        
           "packages": [

     

       9
       9
        
               {

     

       10
       10
        
                   "name": "chillerlan/php-http-message-utils",

     
···

       1316
       1316
        
                   "time": "2025-10-31T00:53:04+00:00"

     

       1317
       1317
        
               },

     

       1318
       1318
        
               {

     

       1319
       1319
       +
                   "name": "lcobucci/jwt",

     

       1320
       1320
       +
                   "version": "5.6.0",

     

       1321
       1321
       +
                   "source": {

     

       1322
       1322
       +
                       "type": "git",

     

       1323
       1323
       +
                       "url": "https://github.com/lcobucci/jwt.git",

     

       1324
       1324
       +
                       "reference": "bb3e9f21e4196e8afc41def81ef649c164bca25e"

     

       1325
       1325
       +
                   },

     

       1326
       1326
       +
                   "dist": {

     

       1327
       1327
       +
                       "type": "zip",

     

       1328
       1328
       +
                       "url": "https://api.github.com/repos/lcobucci/jwt/zipball/bb3e9f21e4196e8afc41def81ef649c164bca25e",

     

       1329
       1329
       +
                       "reference": "bb3e9f21e4196e8afc41def81ef649c164bca25e",

     

       1330
       1330
       +
                       "shasum": ""

     

       1331
       1331
       +
                   },

     

       1332
       1332
       +
                   "require": {

     

       1333
       1333
       +
                       "ext-openssl": "*",

     

       1334
       1334
       +
                       "ext-sodium": "*",

     

       1335
       1335
       +
                       "php": "~8.2.0 || ~8.3.0 || ~8.4.0 || ~8.5.0",

     

       1336
       1336
       +
                       "psr/clock": "^1.0"

     

       1337
       1337
       +
                   },

     

       1338
       1338
       +
                   "require-dev": {

     

       1339
       1339
       +
                       "infection/infection": "^0.29",

     

       1340
       1340
       +
                       "lcobucci/clock": "^3.2",

     

       1341
       1341
       +
                       "lcobucci/coding-standard": "^11.0",

     

       1342
       1342
       +
                       "phpbench/phpbench": "^1.2",

     

       1343
       1343
       +
                       "phpstan/extension-installer": "^1.2",

     

       1344
       1344
       +
                       "phpstan/phpstan": "^1.10.7",

     

       1345
       1345
       +
                       "phpstan/phpstan-deprecation-rules": "^1.1.3",

     

       1346
       1346
       +
                       "phpstan/phpstan-phpunit": "^1.3.10",

     

       1347
       1347
       +
                       "phpstan/phpstan-strict-rules": "^1.5.0",

     

       1348
       1348
       +
                       "phpunit/phpunit": "^11.1"

     

       1349
       1349
       +
                   },

     

       1350
       1350
       +
                   "suggest": {

     

       1351
       1351
       +
                       "lcobucci/clock": ">= 3.2"

     

       1352
       1352
       +
                   },

     

       1353
       1353
       +
                   "type": "library",

     

       1354
       1354
       +
                   "autoload": {

     

       1355
       1355
       +
                       "psr-4": {

     

       1356
       1356
       +
                           "Lcobucci\\JWT\\": "src"

     

       1357
       1357
       +
                       }

     

       1358
       1358
       +
                   },

     

       1359
       1359
       +
                   "notification-url": "https://packagist.org/downloads/",

     

       1360
       1360
       +
                   "license": [

     

       1361
       1361
       +
                       "BSD-3-Clause"

     

       1362
       1362
       +
                   ],

     

       1363
       1363
       +
                   "authors": [

     

       1364
       1364
       +
                       {

     

       1365
       1365
       +
                           "name": "Luís Cobucci",

     

       1366
       1366
       +
                           "email": "lcobucci@gmail.com",

     

       1367
       1367
       +
                           "role": "Developer"

     

       1368
       1368
       +
                       }

     

       1369
       1369
       +
                   ],

     

       1370
       1370
       +
                   "description": "A simple library to work with JSON Web Token and JSON Web Signature",

     

       1371
       1371
       +
                   "keywords": [

     

       1372
       1372
       +
                       "JWS",

     

       1373
       1373
       +
                       "jwt"

     

       1374
       1374
       +
                   ],

     

       1375
       1375
       +
                   "support": {

     

       1376
       1376
       +
                       "issues": "https://github.com/lcobucci/jwt/issues",

     

       1377
       1377
       +
                       "source": "https://github.com/lcobucci/jwt/tree/5.6.0"

     

       1378
       1378
       +
                   },

     

       1379
       1379
       +
                   "funding": [

     

       1380
       1380
       +
                       {

     

       1381
       1381
       +
                           "url": "https://github.com/lcobucci",

     

       1382
       1382
       +
                           "type": "github"

     

       1383
       1383
       +
                       },

     

       1384
       1384
       +
                       {

     

       1385
       1385
       +
                           "url": "https://www.patreon.com/lcobucci",

     

       1386
       1386
       +
                           "type": "patreon"

     

       1387
       1387
       +
                       }

     

       1388
       1388
       +
                   ],

     

       1389
       1389
       +
                   "time": "2025-10-17T11:30:53+00:00"

     

       1390
       1390
       +
               },

     

       1391
       1391
       +
               {

     

       1319
       1392
        
                   "name": "league/commonmark",

     

       1320
       1393
        
                   "version": "2.7.1",

     

       1321
       1394
        
                   "source": {

     
···

       1724
       1797
        
                       "source": "https://github.com/nette/utils/tree/v4.0.8"

     

       1725
       1798
        
                   },

     

       1726
       1799
        
                   "time": "2025-08-06T21:43:34+00:00"

     

       1800
       1800
       +
               },

     

       1801
       1801
       +
               {

     

       1802
       1802
       +
                   "name": "psr/clock",

     

       1803
       1803
       +
                   "version": "1.0.0",

     

       1804
       1804
       +
                   "source": {

     

       1805
       1805
       +
                       "type": "git",

     

       1806
       1806
       +
                       "url": "https://github.com/php-fig/clock.git",

     

       1807
       1807
       +
                       "reference": "e41a24703d4560fd0acb709162f73b8adfc3aa0d"

     

       1808
       1808
       +
                   },

     

       1809
       1809
       +
                   "dist": {

     

       1810
       1810
       +
                       "type": "zip",

     

       1811
       1811
       +
                       "url": "https://api.github.com/repos/php-fig/clock/zipball/e41a24703d4560fd0acb709162f73b8adfc3aa0d",

     

       1812
       1812
       +
                       "reference": "e41a24703d4560fd0acb709162f73b8adfc3aa0d",

     

       1813
       1813
       +
                       "shasum": ""

     

       1814
       1814
       +
                   },

     

       1815
       1815
       +
                   "require": {

     

       1816
       1816
       +
                       "php": "^7.0 || ^8.0"

     

       1817
       1817
       +
                   },

     

       1818
       1818
       +
                   "type": "library",

     

       1819
       1819
       +
                   "autoload": {

     

       1820
       1820
       +
                       "psr-4": {

     

       1821
       1821
       +
                           "Psr\\Clock\\": "src/"

     

       1822
       1822
       +
                       }

     

       1823
       1823
       +
                   },

     

       1824
       1824
       +
                   "notification-url": "https://packagist.org/downloads/",

     

       1825
       1825
       +
                   "license": [

     

       1826
       1826
       +
                       "MIT"

     

       1827
       1827
       +
                   ],

     

       1828
       1828
       +
                   "authors": [

     

       1829
       1829
       +
                       {

     

       1830
       1830
       +
                           "name": "PHP-FIG",

     

       1831
       1831
       +
                           "homepage": "https://www.php-fig.org/"

     

       1832
       1832
       +
                       }

     

       1833
       1833
       +
                   ],

     

       1834
       1834
       +
                   "description": "Common interface for reading the clock.",

     

       1835
       1835
       +
                   "homepage": "https://github.com/php-fig/clock",

     

       1836
       1836
       +
                   "keywords": [

     

       1837
       1837
       +
                       "clock",

     

       1838
       1838
       +
                       "now",

     

       1839
       1839
       +
                       "psr",

     

       1840
       1840
       +
                       "psr-20",

     

       1841
       1841
       +
                       "time"

     

       1842
       1842
       +
                   ],

     

       1843
       1843
       +
                   "support": {

     

       1844
       1844
       +
                       "issues": "https://github.com/php-fig/clock/issues",

     

       1845
       1845
       +
                       "source": "https://github.com/php-fig/clock/tree/1.0.0"

     

       1846
       1846
       +
                   },

     

       1847
       1847
       +
                   "time": "2022-11-25T14:36:26+00:00"

     

       1727
       1848
        
               },

     

       1728
       1849
        
               {

     

       1729
       1850
        
                   "name": "psr/event-dispatcher",

+69

config.php.example

···

       1
       1
       +
       <?php

     

       2
       2
       +
       define('SITE_TITLE', 'smallbird social');

     

       3
       3
       +
       define('SITE_PATH', ''); # or wherever you keep it

     

       4
       4
       +
       define('DB_LOCATION', __DIR__.'/data/sbs.db'); # or something like that. not in the same folder! it is ass in source control!!!

     

       5
       5
       +
       define('PUBLIC_API', "https://public.api.bsky.app");

     

       6
       6
       +
       # options:

     

       7
       7
       +
       # - https://public.api.bsky.app (bluesky)

     

       8
       8
       +
       # - that's it until the cool people at blacksky do theirs

     

       9
       9
       +
       define('FRONTPAGE_FEED', "at://did:plc:ffkgesg3jsv2j7aagkzrtcvt/app.bsky.feed.generator/aaagllxbcbsje");

     

       10
       10
       +
       define('SLINGSHOT_INSTANCE', "https://slingshot.microcosm.blue");

     

       11
       11
       +
       define('CONSTELLATION_INSTANCE', "https://constellation.smallbird.social");

     

       12
       12
       +
       # alternates:

     

       13
       13
       +
       # - constellation.microcosm.blue

     

       14
       14
       +
       # - constellation.snek.cc (run by natalie.sh)

     

       15
       15
       +
       # - constellation.smallbird.social (run by veryroundbird.house)

     

       16
       16
       +
       define('DEFAULT_PDS', "https://bsky.social");

     

       17
       17
       +
       # ideally pick a DEFAULT_PDS that has open registration, since this will be used to allow people to

     

       18
       18
       +
       # register new accounts.

     

       19
       19
       +
       # some options are

     

       20
       20
       +
       # - myatproto.social (run by blacksky)

     

       21
       21
       +
       # - cryptoanarchy.net (run by blacksky)

     

       22
       22
       +
       # - sprk.so

     

       23
       23
       +
       define('DEFAULT_RELAY', "https://relay.fire.hose.cam");

     

       24
       24
       +
       # some relay options:

     

       25
       25
       +
       # - bsky.network (you know who runs this)

     

       26
       26
       +
       # - relay1.us-east.bsky.network (bsky US east)

     

       27
       27
       +
       # - relay1.us-west.bsky.network (bsky US west)

     

       28
       28
       +
       # - relay3.fr.hose.cam (france)

     

       29
       29
       +
       # - relay.fire.hose.cam (montreal)

     

       30
       30
       +
       # - relay-ovh.demo.bsky.dev

     

       31
       31
       +
       # - atproto.africa (blacksky)

     

       32
       32
       +
       # - relay.upcloud.world (upcloud)

     

       33
       33
       +
       # - relay.hayescmd.net (edavis.dev)

     

       34
       34
       +
       # - relay.xero.systems (dane.is.extraordinarily.cool)

     

       35
       35
       +
       # - relay.feeds.blue (mackuba.eu; self-hosted only)

     

       36
       36
       +
       define('PLC_DIRECTORY', "https://plc.directory");

     

       37
       37
       +
       # other plc directory options:

     

       38
       38
       +
       # - https://plc.parakeet.at/

     

       39
       39
       +
       define('FAVORITE_FEEDS', [ // list of feeds you want to display in the sidebar to users not logged in

     

       40
       40
       +
         "at://did:plc:ffkgesg3jsv2j7aagkzrtcvt/app.bsky.feed.generator/aaagllxbcbsje",

     

       41
       41
       +
         "at://did:plc:xdtvlh4k3tntzp2vinmgehsz/app.bsky.feed.generator/aaaeb7hxb53jg",

     

       42
       42
       +
         "at://did:plc:abv47bjgzjgoh3yrygwoi36x/app.bsky.feed.generator/aaai4f7awwzkc",

     

       43
       43
       +
         "at://did:plc:dltmiiweocm22l656iffwn5a/app.bsky.feed.generator/aaagnt6bwkkb2",

     

       44
       44
       +
         "at://did:plc:mlq4aycufcuolr7ax6sezpc4/app.bsky.feed.generator/aaad2auzj4ana"

     

       45
       45
       +
       ]);

     

       46
       46
       +
       define('THEMES', [

     

       47
       47
       +
         'blank', 'catppuccin', 'rosepine', 'dracula', 'solarized', 'tempus'

     

       48
       48
       +
       ]);

     

       49
       49
       +
       define('PAGES', [

     

       50
       50
       +
         'about' => 'About',

     

       51
       51
       +
         'terms' => 'Terms',

     

       52
       52
       +
         'privacy' => 'Privacy'

     

       53
       53
       +
       ]);

     

       54
       54
       +
       define('LINKS', [

     

       55
       55
       +
         'code' => 'https://tangled.org/@veryroundbird.house/smallbird-social',

     

       56
       56
       +
         'bsky' => 'https://bsky.app/profile/smallbirdsocial.on.computer',

     

       57
       57
       +
         'ko-fi' => 'https://ko-fi.com/veryroundbird'

     

       58
       58
       +
       ]);

     

       59
       59
       +
       define('FONTS', [

     

       60
       60
       +
          'alegreya' => 'alegreya',

     

       61
       61
       +
          'geometria' => 'geometria',

     

       62
       62
       +
          'recursive' => 'recursive mono casual', 

     

       63
       63
       +
          'comicsans' => 'comic sans ms'

     

       64
       64
       +
       ]);

     

       65
       65
       +
       define('PRETTY_URLS', false);

     

       66
       66
       +
       define('DEFAULT_THEME', "catppuccin");

     

       67
       67
       +
       define('DEFAULT_FONT', "recursive");

     

       68
       68
       +
       define('THREAD_POST_COUNT', 5);

     

       69
       69
       +
       ?>

+86 -67

index.php

···

       19
       19
        
       use Matrix\Async;

     

       20
       20
        
       use GuzzleHttp\Psr7\HttpFactory;

     

       21
       21
        
       use chillerlan\OAuth\OAuthOptions;

     

       22
       22
       +
       use chillerlan\OAuth\Storage\SessionStorage;

     

       23
       23
       +
       use DateTimeImmutable;

     

       24
       24
       +
       use Lcobucci\JWT\Token\Builder;

     

       25
       25
       +
       use Lcobucci\JWT\Encoding\ChainedFormatter;

     

       26
       26
       +
       use Lcobucci\JWT\Encoding\JoseEncoder;

     

       27
       27
       +
       use Lcobucci\JWT\Signer\Key\InMemory;

     

       28
       28
       +
       use Lcobucci\JWT\Signer\Ecdsa\Sha256;

     

       22
       29
        
       use Smallnest\Bsky\BskyProvider;

     

       23
       30
        
       

     

       31
       31
       +
       session_start();

     

       24
       32
        
       $bskyToucher = new BskyToucher();

     

       25
       33
        
       

     

       26
       34
        
       $favoriteFeeds = array_map(function ($feed) use ($bskyToucher) {

     
···

       59
       67
        
       Flight::set('publicApi', PUBLIC_API);

     

       60
       68
        
       Flight::set('frontpageFeed', FRONTPAGE_FEED);

     

       61
       69
        
       Flight::set('defaultRelay', DEFAULT_RELAY);

     

       62
       62
       -
       Flight::set('userAuth', null);

     

       70
       70
       +
       Flight::set('userAuth', array_key_exists('sbs_'.SITE_DOMAIN, $_SESSION) ? $_SESSION['sbs_'.SITE_DOMAIN] : null);

     

       71
       71
       +
       Flight::set('userPds', array_key_exists('sbs_'.SITE_DOMAIN.'_pds', $_SESSION) ? $_SESSION['sbs_'.SITE_DOMAIN.'_pds'] : null);

     

       72
       72
       +
       Flight::set('userInfo', array_key_exists('sbs_'.SITE_DOMAIN.'_userinfo', $_SESSION) ? $_SESSION['sbs_'.SITE_DOMAIN.'_userinfo'] : null);

     

       63
       73
        
       Flight::set('flight.log_errors', false);

     

       64
       74
        
       Flight::set('flight.handle_errors', false);

     

       65
       75
        
       Flight::set('flight.content_length', false);

     
···

       71
       81
        
         'setTheme' => array_key_exists('sbs_theme', $_COOKIE) ? $_COOKIE['sbs_theme'] : DEFAULT_THEME,

     

       72
       82
        
         'setFont' => array_key_exists('sbs_font', $_COOKIE) ? $_COOKIE['sbs_font'] : DEFAULT_FONT,

     

       73
       83
        
         'userAuth' => Flight::get('userAuth'),

     

       84
       84
       +
         'userPds' => Flight::get('userPds'),

     

       85
       85
       +
         'userInfo' => Flight::Get('userInfo'),

     

       74
       86
        
         'favFeeds' => $favoriteFeeds,

     

       75
       87
        
         'pages' => PAGES,

     

       76
       88
        
         'links' => LINKS,

     
···

       170
       182
        
       });

     

       171
       183
        
       

     

       172
       184
        
       Flight::route('/login', function(): void {

     

       173
       173
       -
         $options = new OAuthOptions([

     

       174
       174
       -
         	'key'          => 'https://'.SITE_DOMAIN.CLIENT_ID,

     

       175
       175
       -
         	'secret'       => CLIENT_SECRET,

     

       176
       176
       -
         	'callbackURL'  => 'http://127.0.0.1/login',

     

       177
       177
       -
         	'sessionStart' => true,

     

       178
       178
       -
         ]);

     

       179
       179
       -
         $connector = new React\Socket\Connector([

     

       180
       180
       -
           'dns' => '1.1.1.1'

     

       181
       181
       -
         ]);

     

       182
       182
       -
         $http = new React\Http\Browser($connector);

     

       183
       183
       -
         $httpFactory = new HttpFactory();

     

       184
       184
       -
         $client = new GuzzleHttp\Client([

     

       185
       185
       -
           'verify' => true,

     

       186
       186
       -
           'headers' => [

     

       187
       187
       -
             'User-Agent' => USER_AGENT_STR

     

       188
       188
       -
           ]

     

       189
       189
       -
         ]);

     

       190
       190
       -
         $provider = new BskyProvider($options, $client, $httpFactory, $httpFactory, $httpFactory);

     

       191
       191
       -
         $name = $provider->getName();

     

       185
       185
       +
         if (isset($_GET['username'])) {

     

       192
       186
        
         $username = $_GET['username'];

     

       193
       193
       -
         $bskyToucher = new BskyToucher();

     

       194
       194
       -
         $userInfo = $bskyToucher->getUserInfo($username);

     

       195
       195
       -
         if (!$userInfo) die(1);

     

       196
       196
       -
         $pds = $userInfo->pds;

     

       197
       197
       -
         $provider->setPds($pds);

     

       198
       198
       -
         $jwt_header = base64_encode(json_encode([

     

       199
       199
       -
           'alg' => 'ES256',

     

       200
       200
       -
           'typ' => 'JWT'

     

       201
       201
       -
         ]));

     

       202
       202
       -
         $jwt_body = base64_encode(json_encode([

     

       203
       203
       -
           'iss' => $userInfo->did,

     

       204
       204
       -
           'sub' => 'https://'.SITE_DOMAIN.CLIENT_ID,

     

       205
       205
       -
           'aud' => 'did:web:'.str_replace("/", str_replace("https://", $pds)),

     

       206
       206
       -
           'jti' => hash('sha512', bin2hex(random_bytes(256 / 2))),

     

       207
       207
       -
           'iat' => strtotime('now')

     

       208
       208
       -
         ]));

     

       209
       209
       -
         $jwt = $jwt_header.$jwt_body.base64_encode(CERT);

     

       210
       210
       -
         $client->setDefaultOption('headers', [

     

       211
       211
       -
           'User-Agent' => USER_AGENT_STR,

     

       212
       212
       -
           'Authorization' => 'Bearer: '.$jwt

     

       213
       213
       -
         ]);

     

       214
       214
       -
         if (isset($_GET['login']) && $_GET['login'] === $name) {

     

       215
       215
       -
           $auth_url = $provider->getAuthorizationUrl();

     

       216
       216
       -
           header('Location: '.$auth_url);

     

       217
       217
       -
           die(1);

     

       218
       218
       -
         } else if (isset($_GET['code'], $_GET['state'])) {

     

       219
       219
       -
           $token = $provider->getAccessToken($_GET['code'], $_GET['state']);

     

       220
       220
       -
       

     

       221
       221
       -
         	// save the token in a permanent storage

     

       222
       222
       -
         	// [...]

     

       223
       223
       -
       

     

       224
       224
       -
         	// access granted, redirect

     

       225
       225
       -
         	header('Location: ?granted='.$name);

     

       226
       226
       -
           die(1);

     

       227
       227
       -
         } else if (isset($_GET['granted']) && $_GET['granted'] === $name) {

     

       228
       228
       -
           die(1);

     

       229
       229
       -
         } else if (isset($_GET['error'])) {

     

       230
       230
       -
           die(1);

     

       187
       187
       +
           $bskyToucher = new BskyToucher();

     

       188
       188
       +
           $userInfo = $bskyToucher->getUserInfo($username);

     

       189
       189
       +
           if (!$userInfo) die(1);

     

       190
       190
       +
           $pds = $userInfo->pds;

     

       191
       191
       +
           $options = new OAuthOptions([

     

       192
       192
       +
             'key'          => 'https://'.SITE_DOMAIN.CLIENT_ID,

     

       193
       193
       +
             'secret'       => CLIENT_SECRET,

     

       194
       194
       +
             'callbackURL'  => 'https://'.SITE_DOMAIN.'/login',

     

       195
       195
       +
             'sessionStart' => true,

     

       196
       196
       +
             'sessionStorageVar' => 'sbs_'.SITE_DOMAIN

     

       197
       197
       +
           ]);

     

       198
       198
       +
           $storage = new SessionStorage($options);

     

       199
       199
       +
           $connector = new React\Socket\Connector([

     

       200
       200
       +
             'dns' => '1.1.1.1'

     

       201
       201
       +
           ]);

     

       202
       202
       +
           $http = new React\Http\Browser($connector);

     

       203
       203
       +
           $httpFactory = new HttpFactory();

     

       204
       204
       +
           $token_builder = Builder::new(new JoseEncoder(), ChainedFormatter::default());

     

       205
       205
       +
           $algorithm    = new Sha256();

     

       206
       206
       +
           $signing_key   = InMemory::file(CERT_PATH);

     

       207
       207
       +
           $now   = new DateTimeImmutable();

     

       208
       208
       +
           $token = $token_builder

     

       209
       209
       +
             ->withHeader('alg', 'ES256')

     

       210
       210
       +
             ->withHeader('typ', 'JWT')

     

       211
       211
       +
             ->withHeader('kid', 'ocwgKj_O7H9at1sL6yWf9ZZ82NOM7D0xlN8HGIyWH6M')

     

       212
       212
       +
             ->issuedBy('https://'.SITE_DOMAIN.CLIENT_ID)

     

       213
       213
       +
             ->identifiedBy(uniqid())

     

       214
       214
       +
             ->relatedTo('https://'.SITE_DOMAIN.CLIENT_ID)

     

       215
       215
       +
             ->permittedFor($pds)

     

       216
       216
       +
             ->issuedAt($now->modify('-5 seconds'))

     

       217
       217
       +
             ->getToken($algorithm, $signing_key);

     

       218
       218
       +
           $client = new GuzzleHttp\Client([

     

       219
       219
       +
             'verify' => true,

     

       220
       220
       +
             'headers' => [

     

       221
       221
       +
               'User-Agent' => USER_AGENT_STR,

     

       222
       222
       +
               'Authorization' => 'Bearer: '.$token->toString()

     

       223
       223
       +
             ]

     

       224
       224
       +
           ]);

     

       225
       225
       +
           $provider = new BskyProvider($options, $client, $httpFactory, $httpFactory, $httpFactory);

     

       226
       226
       +
           $provider->setPds($pds);

     

       227
       227
       +
           $name = $provider->getName();

     

       228
       228
       +
           if (isset($_GET['login']) && $_GET['login'] === $name) {

     

       229
       229
       +
             $auth_url = $provider->getAuthorizationUrl([

     

       230
       230
       +
               'client_assertion_type' => 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',

     

       231
       231
       +
               'client_assertion' => $token->toString()

     

       232
       232
       +
             ]);

     

       233
       233
       +
             Flight::redirect($auth_url);

     

       234
       234
       +
             die(1);

     

       235
       235
       +
           } else if (isset($_GET['code'], $_GET['iss'])) {

     

       236
       236
       +
             $storage->storeAccessToken($_GET['code'], $name);

     

       237
       237
       +
             $_SESSION['sbs_'.SITE_DOMAIN.'_pds'] = $_GET['iss'];

     

       238
       238
       +
             $_SESSION['sbs_'.SITE_DOMAIN.'_userinfo'] = $bskyToucher->getUserInfo();

     

       239
       239
       +
             Flight::redirect('/');

     

       240
       240
       +
             die(1);

     

       241
       241
       +
           } else if (isset($_GET['error'])) {

     

       242
       242
       +
             die(1);

     

       243
       243
       +
           }

     

       244
       244
       +
         } else {

     

       245
       245
       +
           $latte = new Latte\Engine;

     

       246
       246
       +
           $latte->render('./templates/login.latte', array_merge(Flight::get('standardParams'), [

     

       247
       247
       +
             'mainClass' => 'form',

     

       248
       248
       +
             'ogtitle' => SITE_TITLE." | login",

     

       249
       249
       +
             'ogdesc' => SITE_DESC,

     

       250
       250
       +
             'ogimage' => '',

     

       251
       251
       +
             'ogurl' => 'https://'.SITE_DOMAIN.'/login'

     

       252
       252
       +
           ]));

     

       231
       253
        
         }

     

       232
       232
       -
         $latte = new Latte\Engine;

     

       233
       233
       -
         $latte->render('./templates/login.latte', array_merge(Flight::get('standardParams'), [

     

       234
       234
       -
           'mainClass' => 'form',

     

       235
       235
       -
           'ogtitle' => SITE_TITLE." | login",

     

       236
       236
       -
           'ogdesc' => SITE_DESC,

     

       237
       237
       -
           'ogimage' => '',

     

       238
       238
       -
           'ogurl' => 'https://'.SITE_DOMAIN.'/login'

     

       239
       239
       -
         ]));

     

       240
       254
        
       });

     

       241
       255
        
       

     

       242
       242
       -
       // https://shimaenaga.veryroundbird.house/oauth/authorize?client_id=https%3A%2F%2Ftangled.org%2Foauth%2Fclient-metadata.json&request_uri=urn%3Aietf%3Aparams%3Aoauth%3Arequest_uri%3Areq-2399ff42af66498132ebf8de809254b7

     

       256
       256
       +
       Flight::route('/logout', function(): void {

     

       257
       257
       +
         unset($_SESSION['sbs_'.SITE_DOMAIN]);

     

       258
       258
       +
         unset($_SESSION['sbs_'.SITE_DOMAIN.'_pds']);

     

       259
       259
       +
         unset($_SESSION['sbs_'.SITE_DOMAIN.'_userinfo']);

     

       260
       260
       +
         Flight::redirect('/');

     

       261
       261
       +
       });

     

       243
       262
        
       

     

       244
       263
        
       Flight::route('/createaccount', function(): void {

     

       245
       264
        
         $latte = new Latte\Engine;

+40 -2

lib/bskyProvider.php

···

       6
       6
        
       

     

       7
       7
        
       use chillerlan\OAuth\Core\OAuth2Interface;

     

       8
       8
        
       use chillerlan\OAuth\Core\OAuth2Provider;

     

       9
       9
       -
       use chillerlan\OAuth\Core\PARTrait;

     

       10
       9
        
       use chillerlan\OAuth\Core\PKCETrait;

     

       11
       10
        
       use chillerlan\OAuth\OAuthOptions;

     

       12
       11
        
       use chillerlan\OAuth\Storage\SessionStorage;

     

       12
       12
       +
       use chillerlan\HTTP\Utils\MessageUtil;

     

       13
       13
       +
       use chillerlan\HTTP\Utils\QueryUtil;

     

       14
       14
       +
       use chillerlan\OAuth\Providers\ProviderException;

     

       13
       15
        
       use GuzzleHttp\Client;

     

       14
       16
        
       use GuzzleHttp\Psr7\HttpFactory;

     

       17
       17
       +
       use Psr\Http\Message\UriInterface;

     

       18
       18
       +
       use function sprintf;

     

       15
       19
        
       

     

       16
       20
        
       class BskyProvider extends OAuth2Provider implements \chillerlan\OAuth\Core\PAR, \chillerlan\OAuth\Core\PKCE {

     

       17
       17
       -
         use \chillerlan\OAuth\Core\PARTrait;

     

       18
       21
        
         use \chillerlan\OAuth\Core\PKCETrait;

     

       19
       22
        
         

     

       20
       23
        
       	public const IDENTIFIER               = 'BSKYPROVIDER';

     
···

       52
       55
        
           $this->parAuthorizationURL = (string)$pds->withPath('/oauth/par');

     

       53
       56
        
           

     

       54
       57
        
       		return $this;

     

       58
       58
       +
       	}

     

       59
       59
       +
         

     

       60
       60
       +
       	public function getParRequestUri(array $body):UriInterface{

     

       61
       61
       +
       		// send the request with the same method and parameters as the token requests

     

       62
       62
       +
       		// @link https://datatracker.ietf.org/doc/html/rfc9126#name-request

     

       63
       63
       +
       		$response = $this->sendAccessTokenRequest($this->parAuthorizationURL, $body);

     

       64
       64
       +
       		$status   = $response->getStatusCode();

     

       65
       65
       +
       		$json     = MessageUtil::decodeJSON($response, true);

     

       66
       66
       +
       

     

       67
       67
       +
       		// something went horribly wrong

     

       68
       68
       +
       		if($status !== 201){

     

       69
       69
       +
       

     

       70
       70
       +
       			// @link https://datatracker.ietf.org/doc/html/rfc9126#section-2.3

     

       71
       71
       +
       			if(isset($json['error'], $json['error_description'])){

     

       72
       72
       +
       				throw new ProviderException(sprintf('PAR error: "%s" (%s)', $json['error'], $json['error_description']));

     

       73
       73
       +
       			}

     

       74
       74
       +
       

     

       75
       75
       +
       			throw new ProviderException(sprintf('PAR request error: (HTTP/%s)', $status)); // @codeCoverageIgnore

     

       76
       76
       +
       		}

     

       77
       77
       +
       

     

       78
       78
       +
       		$url = QueryUtil::merge($this->authorizationURL, $this->getParAuthorizationURLRequestParams($json));

     

       79
       79
       +
       

     

       80
       80
       +
       		return $this->uriFactory->createUri($url);

     

       81
       81
       +
       	}

     

       82
       82
       +
         

     

       83
       83
       +
       	protected function getParAuthorizationURLRequestParams(array $response):array{

     

       84
       84
       +
       

     

       85
       85
       +
       		if(!isset($response['request_uri'])){

     

       86
       86
       +
       			throw new ProviderException('PAR response error: "request_uri" missing');

     

       87
       87
       +
       		}

     

       88
       88
       +
       

     

       89
       89
       +
       		return [

     

       90
       90
       +
       			'client_id'   => $this->options->key,

     

       91
       91
       +
       			'request_uri' => $response['request_uri'],

     

       92
       92
       +
       		];

     

       55
       93
        
       	}

     

       56
       94
        
       }

     

       57
       95
        
       ?>

lib/bskyToucher.php

···

       25
       25
        
       use Psr\Http\Message\RequestInterface;

     

       26
       26
        
       use Psr\Http\Message\ResponseInterface;

     

       27
       27
        
       use Fusonic\OpenGraph\Consumer;

     

       28
       28
       +
       use chillerlan\OAuth\Storage\SessionStorage;

     

       28
       29
        
       

     

       29
       30
        
       class BskyToucher {

     

       30
       31
        
         private $bskyApiBase = 'https://public.api.bsky.app/xrpc/';

pages/privacy.md

···

       2
       2
        
       

     

       3
       3
        
       smallbird social is meant to run as lightweight as possible and stores no data on its own server. if you are using a veryroundbird.house pds, your data and activity is on *that* server, but it only stores what's necessary to, you know, interact with the atproto ecosystem. so, user ID information, your posts, follows, likes, etc.

     

       4
       4
        
       

     

       5
       5
       +
       the server also caches publicly-available post and user data to speed up requests. none of this data is kept longer than, like, a few days unless it's requested again.

     

       6
       6
       +
       

     

       5
       7
        
       there is some minimal tracking via goatcounter, but your data will never touch advertisers and it doesn't track individual users; i mostly just want to know what the site usage numbers are and where people found it from.

     

       6
       8
        
         

     

       7
       9
        
       i have never been asked to or required to turn over data to any law enforcement agency.

pages/terms.md

···

       1
       1
       +
       ## terms of use

     

       2
       2
       +
       

     

       3
       3
       +
       i reserve the right to block any IPs that are hitting the site too hard. i also reserve the right to end service at any time if for some reason it gets too hard to maintain or something like that. some features may be jank, broken, or missing due to the limitations of my approach and time.

     

       4
       4
       +
       

     

       5
       5
       +
       just be normal, ok. use the site like a normal person. that's what it's for.

-17

public/.env.example

···

       1
       1
       -
       SERVER_URL=

     

       2
       2
       -
       CLIENT_ID=

     

       3
       3
       -
       DEFAULT_PDS=

     

       4
       4
       -
       CONSTELLATION_INSTANCE=

     

       5
       5
       -
       SLINGSHOT_INSTANCE=

     

       6
       6
       -
       PLC_DIRECTORY=

     

       7
       7
       -
       

     

       8
       8
       -
       AUTH_ACCOUNT=

     

       9
       9
       -
       AUTH_KEYTYPE=

     

       10
       10
       -
       AUTH_PUBKEY=

     

       11
       11
       -
       AUTH_PRIVKEY_HEX=

     

       12
       12
       -
       AUTH_PRIVKEY_MULTI=

     

       13
       13
       -
       

     

       14
       14
       -
       PRETTY_URLS=

     

       15
       15
       -
       DEFAULT_THEME=

     

       16
       16
       -
       DEFAULT_FONT=

     

       17
       17
       -
       SSL_CERT_PATH=

-15

public/client-metadata.json

···

       1
       1
       -
       {

     

       2
       2
       -
         "client_id": "http://localhost:5173/client-metadata.json",

     

       3
       3
       -
         "application_type": "web",

     

       4
       4
       -
         "client_name": "smallbird-social",

     

       5
       5
       -
         "client_uri": "https://localhost:5173",

     

       6
       6
       -
         "dpop_bound_access_tokens": true,

     

       7
       7
       -
         "grant_types": ["authorization_code", "refresh_token"],

     

       8
       8
       -
         "redirect_uris": ["http://localhost:5173/login"],

     

       9
       9
       -
         "response_types": ["code"],

     

       10
       10
       -
         "scope": "atproto transition:generic",

     

       11
       11
       -
         "dpop_bound_access_tokens": true,

     

       12
       12
       -
         "jwks_uri": "http://localhost:5173/jwks.json",

     

       13
       13
       -
         "token_endpoint_auth_method": "private_key_jwt",

     

       14
       14
       -
         "token_endpoint_auth_signing_alg": "ES256"

     

       15
       15
       -
       }

-69

public/config.php.example

···

       1
       1
       -
       <?php

     

       2
       2
       -
       define('SITE_TITLE', 'smallbird social');

     

       3
       3
       -
       define('SITE_PATH', ''); # or wherever you keep it

     

       4
       4
       -
       define('DB_LOCATION', __DIR__.'/data/sbs.db'); # or something like that. not in the same folder! it is ass in source control!!!

     

       5
       5
       -
       define('PUBLIC_API', "https://public.api.bsky.app");

     

       6
       6
       -
       # options:

     

       7
       7
       -
       # - https://public.api.bsky.app (bluesky)

     

       8
       8
       -
       # - that's it until the cool people at blacksky do theirs

     

       9
       9
       -
       define('FRONTPAGE_FEED', "at://did:plc:ffkgesg3jsv2j7aagkzrtcvt/app.bsky.feed.generator/aaagllxbcbsje");

     

       10
       10
       -
       define('SLINGSHOT_INSTANCE', "https://slingshot.microcosm.blue");

     

       11
       11
       -
       define('CONSTELLATION_INSTANCE', "https://constellation.smallbird.social");

     

       12
       12
       -
       # alternates:

     

       13
       13
       -
       # - constellation.microcosm.blue

     

       14
       14
       -
       # - constellation.snek.cc (run by natalie.sh)

     

       15
       15
       -
       # - constellation.smallbird.social (run by veryroundbird.house)

     

       16
       16
       -
       define('DEFAULT_PDS', "https://bsky.social");

     

       17
       17
       -
       # ideally pick a DEFAULT_PDS that has open registration, since this will be used to allow people to

     

       18
       18
       -
       # register new accounts.

     

       19
       19
       -
       # some options are

     

       20
       20
       -
       # - myatproto.social (run by blacksky)

     

       21
       21
       -
       # - cryptoanarchy.net (run by blacksky)

     

       22
       22
       -
       # - sprk.so

     

       23
       23
       -
       define('DEFAULT_RELAY', "https://relay.fire.hose.cam");

     

       24
       24
       -
       # some relay options:

     

       25
       25
       -
       # - bsky.network (you know who runs this)

     

       26
       26
       -
       # - relay1.us-east.bsky.network (bsky US east)

     

       27
       27
       -
       # - relay1.us-west.bsky.network (bsky US west)

     

       28
       28
       -
       # - relay3.fr.hose.cam (france)

     

       29
       29
       -
       # - relay.fire.hose.cam (montreal)

     

       30
       30
       -
       # - relay-ovh.demo.bsky.dev

     

       31
       31
       -
       # - atproto.africa (blacksky)

     

       32
       32
       -
       # - relay.upcloud.world (upcloud)

     

       33
       33
       -
       # - relay.hayescmd.net (edavis.dev)

     

       34
       34
       -
       # - relay.xero.systems (dane.is.extraordinarily.cool)

     

       35
       35
       -
       # - relay.feeds.blue (mackuba.eu; self-hosted only)

     

       36
       36
       -
       define('PLC_DIRECTORY', "https://plc.directory");

     

       37
       37
       -
       # other plc directory options:

     

       38
       38
       -
       # - https://plc.parakeet.at/

     

       39
       39
       -
       define('FAVORITE_FEEDS', [ // list of feeds you want to display in the sidebar to users not logged in

     

       40
       40
       -
         "at://did:plc:ffkgesg3jsv2j7aagkzrtcvt/app.bsky.feed.generator/aaagllxbcbsje",

     

       41
       41
       -
         "at://did:plc:xdtvlh4k3tntzp2vinmgehsz/app.bsky.feed.generator/aaaeb7hxb53jg",

     

       42
       42
       -
         "at://did:plc:abv47bjgzjgoh3yrygwoi36x/app.bsky.feed.generator/aaai4f7awwzkc",

     

       43
       43
       -
         "at://did:plc:dltmiiweocm22l656iffwn5a/app.bsky.feed.generator/aaagnt6bwkkb2",

     

       44
       44
       -
         "at://did:plc:mlq4aycufcuolr7ax6sezpc4/app.bsky.feed.generator/aaad2auzj4ana"

     

       45
       45
       -
       ]);

     

       46
       46
       -
       define('THEMES', [

     

       47
       47
       -
         'blank', 'catppuccin', 'rosepine', 'dracula', 'solarized', 'tempus'

     

       48
       48
       -
       ]);

     

       49
       49
       -
       define('PAGES', [

     

       50
       50
       -
         'about' => 'About',

     

       51
       51
       -
         'terms' => 'Terms',

     

       52
       52
       -
         'privacy' => 'Privacy'

     

       53
       53
       -
       ]);

     

       54
       54
       -
       define('LINKS', [

     

       55
       55
       -
         'code' => 'https://tangled.org/@veryroundbird.house/smallbird-social',

     

       56
       56
       -
         'bsky' => 'https://bsky.app/profile/smallbirdsocial.on.computer',

     

       57
       57
       -
         'ko-fi' => 'https://ko-fi.com/veryroundbird'

     

       58
       58
       -
       ]);

     

       59
       59
       -
       define('FONTS', [

     

       60
       60
       -
          'alegreya' => 'alegreya',

     

       61
       61
       -
          'geometria' => 'geometria',

     

       62
       62
       -
          'recursive' => 'recursive mono casual', 

     

       63
       63
       -
          'comicsans' => 'comic sans ms'

     

       64
       64
       -
       ]);

     

       65
       65
       -
       define('PRETTY_URLS', false);

     

       66
       66
       -
       define('DEFAULT_THEME', "catppuccin");

     

       67
       67
       -
       define('DEFAULT_FONT', "recursive");

     

       68
       68
       -
       define('THREAD_POST_COUNT', 5);

     

       69
       69
       -
       ?>

+2 -1

templates/_partials/nav.latte

···

       1
       1
        
       <nav>

     

       2
       2
        
         <ul>

     

       3
       3
        
           {if $userAuth}

     

       4
       4
       +
             <li><a href="/u/{$userInfo->handle}">profile</a></li>

     

       4
       5
        
             <li><a href="/settings">settings</a></li>

     

       5
       5
       -
             <li><a href="#">log out</a></li>

     

       6
       6
       +
             <li><a href="/logout">log out</a></li>

     

       6
       7
        
           {else}

     

       7
       8
        
             <li><a href="/createaccount">create</a></li>

     

       8
       9
        
             <li><a href="/login">log in</a></li>

templates/layout.latte

···

       24
       24
        
           data-theme="{$setTheme}"

     

       25
       25
        
           data-font="{$setFont}"

     

       26
       26
        
         >

     

       27
       27
       +
           <!--

     

       28
       28
       +
             {print_r($_SESSION)}

     

       29
       29
       +
             {print_r(PHP_SESSION_DISABLED)}

     

       30
       30
       +
           -->

     

       27
       31
        
           <div id="page">

     

       28
       32
        
             <header>

     

       29
       33
        
               <h1><a href="/">{include '_partials/logo.latte'}{$siteTitle}</a></h1>

+1 -3

vendor/chillerlan/php-oauth/src/Core/PARTrait.php

···

       35
       35
        
       	public function getParRequestUri(array $body):UriInterface{

     

       36
       36
        
       		// send the request with the same method and parameters as the token requests

     

       37
       37
        
       		// @link https://datatracker.ietf.org/doc/html/rfc9126#name-request

     

       38
       38
       -
           print_r($this->parAuthorizationURL);

     

       39
       38
        
       		$response = $this->sendAccessTokenRequest($this->parAuthorizationURL, $body);

     

       40
       39
        
       		$status   = $response->getStatusCode();

     

       41
       40
        
       		$json     = MessageUtil::decodeJSON($response, true);

     

       42
       42
       -
           print_r($body);

     

       43
       43
       -
           print_r($json);

     

       44
       41
        
       

     

       45
       42
        
       		// something went horribly wrong

     

       46
       43
        
       		if($status !== 200){

     

       44
       44
       +
             print_r($json);

     

       47
       45
        
       

     

       48
       46
        
       			// @link https://datatracker.ietf.org/doc/html/rfc9126#section-2.3

     

       49
       47
        
       			if(isset($json['error'], $json['error_description'])){

vendor/composer/autoload_psr4.php

···

       26
       26
        
           'Psr\\Http\\Message\\' => array($vendorDir . '/psr/http-factory/src', $vendorDir . '/psr/http-message/src'),

     

       27
       27
        
           'Psr\\Http\\Client\\' => array($vendorDir . '/psr/http-client/src'),

     

       28
       28
        
           'Psr\\EventDispatcher\\' => array($vendorDir . '/psr/event-dispatcher/src'),

     

       29
       29
       +
           'Psr\\Clock\\' => array($vendorDir . '/psr/clock/src'),

     

       29
       30
        
           'Nette\\' => array($vendorDir . '/nette/schema/src', $vendorDir . '/nette/utils/src'),

     

       30
       31
        
           'Matrix\\' => array($vendorDir . '/jerome/matrix/src/Matrix'),

     

       31
       32
        
           'Masterminds\\' => array($vendorDir . '/masterminds/html5/src'),

     

       32
       33
        
           'League\\Config\\' => array($vendorDir . '/league/config/src'),

     

       33
       34
        
           'League\\CommonMark\\' => array($vendorDir . '/league/commonmark/src'),

     

       35
       35
       +
           'Lcobucci\\JWT\\' => array($vendorDir . '/lcobucci/jwt/src'),

     

       34
       36
        
           'Latte\\' => array($vendorDir . '/latte/latte/src/Latte'),

     

       35
       37
        
           'GuzzleHttp\\Psr7\\' => array($vendorDir . '/guzzlehttp/psr7/src'),

     

       36
       38
        
           'GuzzleHttp\\Promise\\' => array($vendorDir . '/guzzlehttp/promises/src'),

+10

vendor/composer/autoload_static.php

···

       52
       52
        
                   'Psr\\Http\\Message\\' => 17,

     

       53
       53
        
                   'Psr\\Http\\Client\\' => 16,

     

       54
       54
        
                   'Psr\\EventDispatcher\\' => 20,

     

       55
       55
       +
                   'Psr\\Clock\\' => 10,

     

       55
       56
        
               ),

     

       56
       57
        
               'N' => 

     

       57
       58
        
               array (

     
···

       66
       67
        
               array (

     

       67
       68
        
                   'League\\Config\\' => 14,

     

       68
       69
        
                   'League\\CommonMark\\' => 18,

     

       70
       70
       +
                   'Lcobucci\\JWT\\' => 13,

     

       69
       71
        
                   'Latte\\' => 6,

     

       70
       72
        
               ),

     

       71
       73
        
               'G' => 

     
···

       176
       178
        
               array (

     

       177
       179
        
                   0 => __DIR__ . '/..' . '/psr/event-dispatcher/src',

     

       178
       180
        
               ),

     

       181
       181
       +
               'Psr\\Clock\\' => 

     

       182
       182
       +
               array (

     

       183
       183
       +
                   0 => __DIR__ . '/..' . '/psr/clock/src',

     

       184
       184
       +
               ),

     

       179
       185
        
               'Nette\\' => 

     

       180
       186
        
               array (

     

       181
       187
        
                   0 => __DIR__ . '/..' . '/nette/schema/src',

     
···

       196
       202
        
               'League\\CommonMark\\' => 

     

       197
       203
        
               array (

     

       198
       204
        
                   0 => __DIR__ . '/..' . '/league/commonmark/src',

     

       205
       205
       +
               ),

     

       206
       206
       +
               'Lcobucci\\JWT\\' => 

     

       207
       207
       +
               array (

     

       208
       208
       +
                   0 => __DIR__ . '/..' . '/lcobucci/jwt/src',

     

       199
       209
        
               ),

     

       200
       210
        
               'Latte\\' => 

     

       201
       211
        
               array (

+127

vendor/composer/installed.json

···

       1409
       1409
        
                   "install-path": "../latte/latte"

     

       1410
       1410
        
               },

     

       1411
       1411
        
               {

     

       1412
       1412
       +
                   "name": "lcobucci/jwt",

     

       1413
       1413
       +
                   "version": "5.6.0",

     

       1414
       1414
       +
                   "version_normalized": "5.6.0.0",

     

       1415
       1415
       +
                   "source": {

     

       1416
       1416
       +
                       "type": "git",

     

       1417
       1417
       +
                       "url": "https://github.com/lcobucci/jwt.git",

     

       1418
       1418
       +
                       "reference": "bb3e9f21e4196e8afc41def81ef649c164bca25e"

     

       1419
       1419
       +
                   },

     

       1420
       1420
       +
                   "dist": {

     

       1421
       1421
       +
                       "type": "zip",

     

       1422
       1422
       +
                       "url": "https://api.github.com/repos/lcobucci/jwt/zipball/bb3e9f21e4196e8afc41def81ef649c164bca25e",

     

       1423
       1423
       +
                       "reference": "bb3e9f21e4196e8afc41def81ef649c164bca25e",

     

       1424
       1424
       +
                       "shasum": ""

     

       1425
       1425
       +
                   },

     

       1426
       1426
       +
                   "require": {

     

       1427
       1427
       +
                       "ext-openssl": "*",

     

       1428
       1428
       +
                       "ext-sodium": "*",

     

       1429
       1429
       +
                       "php": "~8.2.0 || ~8.3.0 || ~8.4.0 || ~8.5.0",

     

       1430
       1430
       +
                       "psr/clock": "^1.0"

     

       1431
       1431
       +
                   },

     

       1432
       1432
       +
                   "require-dev": {

     

       1433
       1433
       +
                       "infection/infection": "^0.29",

     

       1434
       1434
       +
                       "lcobucci/clock": "^3.2",

     

       1435
       1435
       +
                       "lcobucci/coding-standard": "^11.0",

     

       1436
       1436
       +
                       "phpbench/phpbench": "^1.2",

     

       1437
       1437
       +
                       "phpstan/extension-installer": "^1.2",

     

       1438
       1438
       +
                       "phpstan/phpstan": "^1.10.7",

     

       1439
       1439
       +
                       "phpstan/phpstan-deprecation-rules": "^1.1.3",

     

       1440
       1440
       +
                       "phpstan/phpstan-phpunit": "^1.3.10",

     

       1441
       1441
       +
                       "phpstan/phpstan-strict-rules": "^1.5.0",

     

       1442
       1442
       +
                       "phpunit/phpunit": "^11.1"

     

       1443
       1443
       +
                   },

     

       1444
       1444
       +
                   "suggest": {

     

       1445
       1445
       +
                       "lcobucci/clock": ">= 3.2"

     

       1446
       1446
       +
                   },

     

       1447
       1447
       +
                   "time": "2025-10-17T11:30:53+00:00",

     

       1448
       1448
       +
                   "type": "library",

     

       1449
       1449
       +
                   "installation-source": "dist",

     

       1450
       1450
       +
                   "autoload": {

     

       1451
       1451
       +
                       "psr-4": {

     

       1452
       1452
       +
                           "Lcobucci\\JWT\\": "src"

     

       1453
       1453
       +
                       }

     

       1454
       1454
       +
                   },

     

       1455
       1455
       +
                   "notification-url": "https://packagist.org/downloads/",

     

       1456
       1456
       +
                   "license": [

     

       1457
       1457
       +
                       "BSD-3-Clause"

     

       1458
       1458
       +
                   ],

     

       1459
       1459
       +
                   "authors": [

     

       1460
       1460
       +
                       {

     

       1461
       1461
       +
                           "name": "Luís Cobucci",

     

       1462
       1462
       +
                           "email": "lcobucci@gmail.com",

     

       1463
       1463
       +
                           "role": "Developer"

     

       1464
       1464
       +
                       }

     

       1465
       1465
       +
                   ],

     

       1466
       1466
       +
                   "description": "A simple library to work with JSON Web Token and JSON Web Signature",

     

       1467
       1467
       +
                   "keywords": [

     

       1468
       1468
       +
                       "JWS",

     

       1469
       1469
       +
                       "jwt"

     

       1470
       1470
       +
                   ],

     

       1471
       1471
       +
                   "support": {

     

       1472
       1472
       +
                       "issues": "https://github.com/lcobucci/jwt/issues",

     

       1473
       1473
       +
                       "source": "https://github.com/lcobucci/jwt/tree/5.6.0"

     

       1474
       1474
       +
                   },

     

       1475
       1475
       +
                   "funding": [

     

       1476
       1476
       +
                       {

     

       1477
       1477
       +
                           "url": "https://github.com/lcobucci",

     

       1478
       1478
       +
                           "type": "github"

     

       1479
       1479
       +
                       },

     

       1480
       1480
       +
                       {

     

       1481
       1481
       +
                           "url": "https://www.patreon.com/lcobucci",

     

       1482
       1482
       +
                           "type": "patreon"

     

       1483
       1483
       +
                       }

     

       1484
       1484
       +
                   ],

     

       1485
       1485
       +
                   "install-path": "../lcobucci/jwt"

     

       1486
       1486
       +
               },

     

       1487
       1487
       +
               {

     

       1412
       1488
        
                   "name": "league/commonmark",

     

       1413
       1489
        
                   "version": "2.7.1",

     

       1414
       1490
        
                   "version_normalized": "2.7.1.0",

     
···

       1832
       1908
        
                       "source": "https://github.com/nette/utils/tree/v4.0.8"

     

       1833
       1909
        
                   },

     

       1834
       1910
        
                   "install-path": "../nette/utils"

     

       1911
       1911
       +
               },

     

       1912
       1912
       +
               {

     

       1913
       1913
       +
                   "name": "psr/clock",

     

       1914
       1914
       +
                   "version": "1.0.0",

     

       1915
       1915
       +
                   "version_normalized": "1.0.0.0",

     

       1916
       1916
       +
                   "source": {

     

       1917
       1917
       +
                       "type": "git",

     

       1918
       1918
       +
                       "url": "https://github.com/php-fig/clock.git",

     

       1919
       1919
       +
                       "reference": "e41a24703d4560fd0acb709162f73b8adfc3aa0d"

     

       1920
       1920
       +
                   },

     

       1921
       1921
       +
                   "dist": {

     

       1922
       1922
       +
                       "type": "zip",

     

       1923
       1923
       +
                       "url": "https://api.github.com/repos/php-fig/clock/zipball/e41a24703d4560fd0acb709162f73b8adfc3aa0d",

     

       1924
       1924
       +
                       "reference": "e41a24703d4560fd0acb709162f73b8adfc3aa0d",

     

       1925
       1925
       +
                       "shasum": ""

     

       1926
       1926
       +
                   },

     

       1927
       1927
       +
                   "require": {

     

       1928
       1928
       +
                       "php": "^7.0 || ^8.0"

     

       1929
       1929
       +
                   },

     

       1930
       1930
       +
                   "time": "2022-11-25T14:36:26+00:00",

     

       1931
       1931
       +
                   "type": "library",

     

       1932
       1932
       +
                   "installation-source": "dist",

     

       1933
       1933
       +
                   "autoload": {

     

       1934
       1934
       +
                       "psr-4": {

     

       1935
       1935
       +
                           "Psr\\Clock\\": "src/"

     

       1936
       1936
       +
                       }

     

       1937
       1937
       +
                   },

     

       1938
       1938
       +
                   "notification-url": "https://packagist.org/downloads/",

     

       1939
       1939
       +
                   "license": [

     

       1940
       1940
       +
                       "MIT"

     

       1941
       1941
       +
                   ],

     

       1942
       1942
       +
                   "authors": [

     

       1943
       1943
       +
                       {

     

       1944
       1944
       +
                           "name": "PHP-FIG",

     

       1945
       1945
       +
                           "homepage": "https://www.php-fig.org/"

     

       1946
       1946
       +
                       }

     

       1947
       1947
       +
                   ],

     

       1948
       1948
       +
                   "description": "Common interface for reading the clock.",

     

       1949
       1949
       +
                   "homepage": "https://github.com/php-fig/clock",

     

       1950
       1950
       +
                   "keywords": [

     

       1951
       1951
       +
                       "clock",

     

       1952
       1952
       +
                       "now",

     

       1953
       1953
       +
                       "psr",

     

       1954
       1954
       +
                       "psr-20",

     

       1955
       1955
       +
                       "time"

     

       1956
       1956
       +
                   ],

     

       1957
       1957
       +
                   "support": {

     

       1958
       1958
       +
                       "issues": "https://github.com/php-fig/clock/issues",

     

       1959
       1959
       +
                       "source": "https://github.com/php-fig/clock/tree/1.0.0"

     

       1960
       1960
       +
                   },

     

       1961
       1961
       +
                   "install-path": "../psr/clock"

     

       1835
       1962
        
               },

     

       1836
       1963
        
               {

     

       1837
       1964
        
                   "name": "psr/event-dispatcher",

+20 -2

vendor/composer/installed.php

···

       3
       3
        
               'name' => '__root__',

     

       4
       4
        
               'pretty_version' => 'dev-main',

     

       5
       5
        
               'version' => 'dev-main',

     

       6
       6
       -
               'reference' => '257124f543ff1eb7215a3a52a494881277141421',

     

       6
       6
       +
               'reference' => '1ea5f55bde378131812f28e47f7d5b6558b04018',

     

       7
       7
        
               'type' => 'library',

     

       8
       8
        
               'install_path' => __DIR__ . '/../../',

     

       9
       9
        
               'aliases' => array(),

     
···

       13
       13
        
               '__root__' => array(

     

       14
       14
        
                   'pretty_version' => 'dev-main',

     

       15
       15
        
                   'version' => 'dev-main',

     

       16
       16
       -
                   'reference' => '257124f543ff1eb7215a3a52a494881277141421',

     

       16
       16
       +
                   'reference' => '1ea5f55bde378131812f28e47f7d5b6558b04018',

     

       17
       17
        
                   'type' => 'library',

     

       18
       18
        
                   'install_path' => __DIR__ . '/../../',

     

       19
       19
        
                   'aliases' => array(),

     
···

       181
       181
        
                   'aliases' => array(),

     

       182
       182
        
                   'dev_requirement' => false,

     

       183
       183
        
               ),

     

       184
       184
       +
               'lcobucci/jwt' => array(

     

       185
       185
       +
                   'pretty_version' => '5.6.0',

     

       186
       186
       +
                   'version' => '5.6.0.0',

     

       187
       187
       +
                   'reference' => 'bb3e9f21e4196e8afc41def81ef649c164bca25e',

     

       188
       188
       +
                   'type' => 'library',

     

       189
       189
       +
                   'install_path' => __DIR__ . '/../lcobucci/jwt',

     

       190
       190
       +
                   'aliases' => array(),

     

       191
       191
       +
                   'dev_requirement' => false,

     

       192
       192
       +
               ),

     

       184
       193
        
               'league/commonmark' => array(

     

       185
       194
        
                   'pretty_version' => '2.7.1',

     

       186
       195
        
                   'version' => '2.7.1.0',

     
···

       229
       238
        
                   'reference' => 'c930ca4e3cf4f17dcfb03037703679d2396d2ede',

     

       230
       239
        
                   'type' => 'library',

     

       231
       240
        
                   'install_path' => __DIR__ . '/../nette/utils',

     

       241
       241
       +
                   'aliases' => array(),

     

       242
       242
       +
                   'dev_requirement' => false,

     

       243
       243
       +
               ),

     

       244
       244
       +
               'psr/clock' => array(

     

       245
       245
       +
                   'pretty_version' => '1.0.0',

     

       246
       246
       +
                   'version' => '1.0.0.0',

     

       247
       247
       +
                   'reference' => 'e41a24703d4560fd0acb709162f73b8adfc3aa0d',

     

       248
       248
       +
                   'type' => 'library',

     

       249
       249
       +
                   'install_path' => __DIR__ . '/../psr/clock',

     

       232
       250
        
                   'aliases' => array(),

     

       233
       251
        
                   'dev_requirement' => false,

     

       234
       252
        
               ),

+27

vendor/lcobucci/jwt/LICENSE

···

       1
       1
       +
       Copyright (c) 2014, Luís Cobucci

     

       2
       2
       +
       All rights reserved.

     

       3
       3
       +
       

     

       4
       4
       +
       Redistribution and use in source and binary forms, with or without

     

       5
       5
       +
       modification, are permitted provided that the following conditions are met:

     

       6
       6
       +
       

     

       7
       7
       +
       * Redistributions of source code must retain the above copyright notice, this

     

       8
       8
       +
         list of conditions and the following disclaimer.

     

       9
       9
       +
       

     

       10
       10
       +
       * Redistributions in binary form must reproduce the above copyright notice,

     

       11
       11
       +
         this list of conditions and the following disclaimer in the documentation

     

       12
       12
       +
         and/or other materials provided with the distribution.

     

       13
       13
       +
       

     

       14
       14
       +
       * Neither the name of the {organization} nor the names of its

     

       15
       15
       +
         contributors may be used to endorse or promote products derived from

     

       16
       16
       +
         this software without specific prior written permission.

     

       17
       17
       +
       

     

       18
       18
       +
       THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"

     

       19
       19
       +
       AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

     

       20
       20
       +
       IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE

     

       21
       21
       +
       DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE

     

       22
       22
       +
       FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

     

       23
       23
       +
       DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR

     

       24
       24
       +
       SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER

     

       25
       25
       +
       CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,

     

       26
       26
       +
       OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE

     

       27
       27
       +
       OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

+63

vendor/lcobucci/jwt/composer.json

···

       1
       1
       +
       {

     

       2
       2
       +
           "name": "lcobucci/jwt",

     

       3
       3
       +
           "description": "A simple library to work with JSON Web Token and JSON Web Signature",

     

       4
       4
       +
           "license": [

     

       5
       5
       +
               "BSD-3-Clause"

     

       6
       6
       +
           ],

     

       7
       7
       +
           "type": "library",

     

       8
       8
       +
           "keywords": [

     

       9
       9
       +
               "JWT",

     

       10
       10
       +
               "JWS"

     

       11
       11
       +
           ],

     

       12
       12
       +
           "authors": [

     

       13
       13
       +
               {

     

       14
       14
       +
                   "name": "Luís Cobucci",

     

       15
       15
       +
                   "email": "lcobucci@gmail.com",

     

       16
       16
       +
                   "role": "Developer"

     

       17
       17
       +
               }

     

       18
       18
       +
           ],

     

       19
       19
       +
           "require": {

     

       20
       20
       +
               "php": "~8.2.0 || ~8.3.0 || ~8.4.0 || ~8.5.0",

     

       21
       21
       +
               "ext-openssl": "*",

     

       22
       22
       +
               "ext-sodium": "*",

     

       23
       23
       +
               "psr/clock": "^1.0"

     

       24
       24
       +
           },

     

       25
       25
       +
           "require-dev": {

     

       26
       26
       +
               "infection/infection": "^0.29",

     

       27
       27
       +
               "lcobucci/clock": "^3.2",

     

       28
       28
       +
               "lcobucci/coding-standard": "^11.0",

     

       29
       29
       +
               "phpbench/phpbench": "^1.2",

     

       30
       30
       +
               "phpstan/extension-installer": "^1.2",

     

       31
       31
       +
               "phpstan/phpstan": "^1.10.7",

     

       32
       32
       +
               "phpstan/phpstan-deprecation-rules": "^1.1.3",

     

       33
       33
       +
               "phpstan/phpstan-phpunit": "^1.3.10",

     

       34
       34
       +
               "phpstan/phpstan-strict-rules": "^1.5.0",

     

       35
       35
       +
               "phpunit/phpunit": "^11.1"

     

       36
       36
       +
           },

     

       37
       37
       +
           "suggest": {

     

       38
       38
       +
               "lcobucci/clock": ">= 3.2"

     

       39
       39
       +
           },

     

       40
       40
       +
           "autoload": {

     

       41
       41
       +
               "psr-4": {

     

       42
       42
       +
                   "Lcobucci\\JWT\\": "src"

     

       43
       43
       +
               }

     

       44
       44
       +
           },

     

       45
       45
       +
           "autoload-dev": {

     

       46
       46
       +
               "psr-4": {

     

       47
       47
       +
                   "Lcobucci\\JWT\\Tests\\": "tests"

     

       48
       48
       +
               }

     

       49
       49
       +
           },

     

       50
       50
       +
           "config": {

     

       51
       51
       +
               "allow-plugins": {

     

       52
       52
       +
                   "dealerdirect/phpcodesniffer-composer-installer": true,

     

       53
       53
       +
                   "infection/extension-installer": true,

     

       54
       54
       +
                   "ocramius/package-versions": true,

     

       55
       55
       +
                   "phpstan/extension-installer": true

     

       56
       56
       +
               },

     

       57
       57
       +
               "platform": {

     

       58
       58
       +
                   "php": "8.2.99"

     

       59
       59
       +
               },

     

       60
       60
       +
               "preferred-install": "dist",

     

       61
       61
       +
               "sort-packages": true

     

       62
       62
       +
           }

     

       63
       63
       +
       }

+85

vendor/lcobucci/jwt/src/Builder.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT;

     

       5
       5
       +
       

     

       6
       6
       +
       use DateTimeImmutable;

     

       7
       7
       +
       use Lcobucci\JWT\Encoding\CannotEncodeContent;

     

       8
       8
       +
       use Lcobucci\JWT\Signer\CannotSignPayload;

     

       9
       9
       +
       use Lcobucci\JWT\Signer\Ecdsa\ConversionFailed;

     

       10
       10
       +
       use Lcobucci\JWT\Signer\InvalidKeyProvided;

     

       11
       11
       +
       use Lcobucci\JWT\Signer\Key;

     

       12
       12
       +
       use Lcobucci\JWT\Token\RegisteredClaimGiven;

     

       13
       13
       +
       

     

       14
       14
       +
       /** @immutable */

     

       15
       15
       +
       interface Builder

     

       16
       16
       +
       {

     

       17
       17
       +
           /**

     

       18
       18
       +
            * Appends new items to audience

     

       19
       19
       +
            *

     

       20
       20
       +
            * @param non-empty-string ...$audiences

     

       21
       21
       +
            */

     

       22
       22
       +
           public function permittedFor(string ...$audiences): Builder;

     

       23
       23
       +
       

     

       24
       24
       +
           /**

     

       25
       25
       +
            * Configures the expiration time

     

       26
       26
       +
            */

     

       27
       27
       +
           public function expiresAt(DateTimeImmutable $expiration): Builder;

     

       28
       28
       +
       

     

       29
       29
       +
           /**

     

       30
       30
       +
            * Configures the token id

     

       31
       31
       +
            *

     

       32
       32
       +
            * @param non-empty-string $id

     

       33
       33
       +
            */

     

       34
       34
       +
           public function identifiedBy(string $id): Builder;

     

       35
       35
       +
       

     

       36
       36
       +
           /**

     

       37
       37
       +
            * Configures the time that the token was issued

     

       38
       38
       +
            */

     

       39
       39
       +
           public function issuedAt(DateTimeImmutable $issuedAt): Builder;

     

       40
       40
       +
       

     

       41
       41
       +
           /**

     

       42
       42
       +
            * Configures the issuer

     

       43
       43
       +
            *

     

       44
       44
       +
            * @param non-empty-string $issuer

     

       45
       45
       +
            */

     

       46
       46
       +
           public function issuedBy(string $issuer): Builder;

     

       47
       47
       +
       

     

       48
       48
       +
           /**

     

       49
       49
       +
            * Configures the time before which the token cannot be accepted

     

       50
       50
       +
            */

     

       51
       51
       +
           public function canOnlyBeUsedAfter(DateTimeImmutable $notBefore): Builder;

     

       52
       52
       +
       

     

       53
       53
       +
           /**

     

       54
       54
       +
            * Configures the subject

     

       55
       55
       +
            *

     

       56
       56
       +
            * @param non-empty-string $subject

     

       57
       57
       +
            */

     

       58
       58
       +
           public function relatedTo(string $subject): Builder;

     

       59
       59
       +
       

     

       60
       60
       +
           /**

     

       61
       61
       +
            * Configures a header item

     

       62
       62
       +
            *

     

       63
       63
       +
            * @param non-empty-string $name

     

       64
       64
       +
            */

     

       65
       65
       +
           public function withHeader(string $name, mixed $value): Builder;

     

       66
       66
       +
       

     

       67
       67
       +
           /**

     

       68
       68
       +
            * Configures a claim item

     

       69
       69
       +
            *

     

       70
       70
       +
            * @param non-empty-string $name

     

       71
       71
       +
            *

     

       72
       72
       +
            * @throws RegisteredClaimGiven When trying to set a registered claim.

     

       73
       73
       +
            */

     

       74
       74
       +
           public function withClaim(string $name, mixed $value): Builder;

     

       75
       75
       +
       

     

       76
       76
       +
           /**

     

       77
       77
       +
            * Returns a signed token to be used

     

       78
       78
       +
            *

     

       79
       79
       +
            * @throws CannotEncodeContent When data cannot be converted to JSON.

     

       80
       80
       +
            * @throws CannotSignPayload   When payload signing fails.

     

       81
       81
       +
            * @throws InvalidKeyProvided  When issue key is invalid/incompatible.

     

       82
       82
       +
            * @throws ConversionFailed    When signature could not be converted.

     

       83
       83
       +
            */

     

       84
       84
       +
           public function getToken(Signer $signer, Key $key): UnencryptedToken;

     

       85
       85
       +
       }

+14

vendor/lcobucci/jwt/src/ClaimsFormatter.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT;

     

       5
       5
       +
       

     

       6
       6
       +
       interface ClaimsFormatter

     

       7
       7
       +
       {

     

       8
       8
       +
           /**

     

       9
       9
       +
            * @param array<non-empty-string, mixed> $claims

     

       10
       10
       +
            *

     

       11
       11
       +
            * @return array<non-empty-string, mixed>

     

       12
       12
       +
            */

     

       13
       13
       +
           public function formatClaims(array $claims): array;

     

       14
       14
       +
       }

+213

vendor/lcobucci/jwt/src/Configuration.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT;

     

       5
       5
       +
       

     

       6
       6
       +
       use Closure;

     

       7
       7
       +
       use Lcobucci\JWT\Encoding\ChainedFormatter;

     

       8
       8
       +
       use Lcobucci\JWT\Encoding\JoseEncoder;

     

       9
       9
       +
       use Lcobucci\JWT\Signer\Key;

     

       10
       10
       +
       use Lcobucci\JWT\Validation\Constraint;

     

       11
       11
       +
       

     

       12
       12
       +
       /**

     

       13
       13
       +
        * Configuration container for the JWT Builder and Parser

     

       14
       14
       +
        *

     

       15
       15
       +
        * Serves like a small DI container to simplify the creation and usage

     

       16
       16
       +
        * of the objects.

     

       17
       17
       +
        */

     

       18
       18
       +
       final class Configuration

     

       19
       19
       +
       {

     

       20
       20
       +
           private Parser $parser;

     

       21
       21
       +
           private Validator $validator;

     

       22
       22
       +
       

     

       23
       23
       +
           /** @var Closure(ClaimsFormatter $claimFormatter): Builder */

     

       24
       24
       +
           private Closure $builderFactory;

     

       25
       25
       +
       

     

       26
       26
       +
           /** @var Constraint[] */

     

       27
       27
       +
           private array $validationConstraints;

     

       28
       28
       +
       

     

       29
       29
       +
           /** @param Closure(ClaimsFormatter $claimFormatter): Builder|null $builderFactory */

     

       30
       30
       +
           private function __construct(

     

       31
       31
       +
               private readonly Signer $signer,

     

       32
       32
       +
               private readonly Key $signingKey,

     

       33
       33
       +
               private readonly Key $verificationKey,

     

       34
       34
       +
               private readonly Encoder $encoder,

     

       35
       35
       +
               private readonly Decoder $decoder,

     

       36
       36
       +
               ?Parser $parser,

     

       37
       37
       +
               ?Validator $validator,

     

       38
       38
       +
               ?Closure $builderFactory,

     

       39
       39
       +
               Constraint ...$validationConstraints,

     

       40
       40
       +
           ) {

     

       41
       41
       +
               $this->parser    = $parser ?? new Token\Parser($decoder);

     

       42
       42
       +
               $this->validator = $validator ?? new Validation\Validator();

     

       43
       43
       +
       

     

       44
       44
       +
               $this->builderFactory = $builderFactory

     

       45
       45
       +
                   ?? static function (ClaimsFormatter $claimFormatter) use ($encoder): Builder {

     

       46
       46
       +
                       return Token\Builder::new($encoder, $claimFormatter);

     

       47
       47
       +
                   };

     

       48
       48
       +
       

     

       49
       49
       +
               $this->validationConstraints = $validationConstraints;

     

       50
       50
       +
           }

     

       51
       51
       +
       

     

       52
       52
       +
           public static function forAsymmetricSigner(

     

       53
       53
       +
               Signer $signer,

     

       54
       54
       +
               Key $signingKey,

     

       55
       55
       +
               Key $verificationKey,

     

       56
       56
       +
               Encoder $encoder = new JoseEncoder(),

     

       57
       57
       +
               Decoder $decoder = new JoseEncoder(),

     

       58
       58
       +
           ): self {

     

       59
       59
       +
               return new self(

     

       60
       60
       +
                   $signer,

     

       61
       61
       +
                   $signingKey,

     

       62
       62
       +
                   $verificationKey,

     

       63
       63
       +
                   $encoder,

     

       64
       64
       +
                   $decoder,

     

       65
       65
       +
                   null,

     

       66
       66
       +
                   null,

     

       67
       67
       +
                   null,

     

       68
       68
       +
               );

     

       69
       69
       +
           }

     

       70
       70
       +
       

     

       71
       71
       +
           public static function forSymmetricSigner(

     

       72
       72
       +
               Signer $signer,

     

       73
       73
       +
               Key $key,

     

       74
       74
       +
               Encoder $encoder = new JoseEncoder(),

     

       75
       75
       +
               Decoder $decoder = new JoseEncoder(),

     

       76
       76
       +
           ): self {

     

       77
       77
       +
               return new self(

     

       78
       78
       +
                   $signer,

     

       79
       79
       +
                   $key,

     

       80
       80
       +
                   $key,

     

       81
       81
       +
                   $encoder,

     

       82
       82
       +
                   $decoder,

     

       83
       83
       +
                   null,

     

       84
       84
       +
                   null,

     

       85
       85
       +
                   null,

     

       86
       86
       +
               );

     

       87
       87
       +
           }

     

       88
       88
       +
       

     

       89
       89
       +
           /**

     

       90
       90
       +
            * @deprecated Deprecated since v5.5, please use {@see self::withBuilderFactory()} instead

     

       91
       91
       +
            *

     

       92
       92
       +
            * @param callable(ClaimsFormatter): Builder $builderFactory

     

       93
       93
       +
            */

     

       94
       94
       +
           public function setBuilderFactory(callable $builderFactory): void

     

       95
       95
       +
           {

     

       96
       96
       +
               $this->builderFactory = $builderFactory(...);

     

       97
       97
       +
           }

     

       98
       98
       +
       

     

       99
       99
       +
           /** @param callable(ClaimsFormatter): Builder $builderFactory */

     

       100
       100
       +
           public function withBuilderFactory(callable $builderFactory): self

     

       101
       101
       +
           {

     

       102
       102
       +
               return new self(

     

       103
       103
       +
                   $this->signer,

     

       104
       104
       +
                   $this->signingKey,

     

       105
       105
       +
                   $this->verificationKey,

     

       106
       106
       +
                   $this->encoder,

     

       107
       107
       +
                   $this->decoder,

     

       108
       108
       +
                   $this->parser,

     

       109
       109
       +
                   $this->validator,

     

       110
       110
       +
                   $builderFactory(...),

     

       111
       111
       +
                   ...$this->validationConstraints,

     

       112
       112
       +
               );

     

       113
       113
       +
           }

     

       114
       114
       +
       

     

       115
       115
       +
           public function builder(?ClaimsFormatter $claimFormatter = null): Builder

     

       116
       116
       +
           {

     

       117
       117
       +
               return ($this->builderFactory)($claimFormatter ?? ChainedFormatter::default());

     

       118
       118
       +
           }

     

       119
       119
       +
       

     

       120
       120
       +
           public function parser(): Parser

     

       121
       121
       +
           {

     

       122
       122
       +
               return $this->parser;

     

       123
       123
       +
           }

     

       124
       124
       +
       

     

       125
       125
       +
           /** @deprecated Deprecated since v5.5, please use {@see self::withParser()} instead */

     

       126
       126
       +
           public function setParser(Parser $parser): void

     

       127
       127
       +
           {

     

       128
       128
       +
               $this->parser = $parser;

     

       129
       129
       +
           }

     

       130
       130
       +
       

     

       131
       131
       +
           public function withParser(Parser $parser): self

     

       132
       132
       +
           {

     

       133
       133
       +
               return new self(

     

       134
       134
       +
                   $this->signer,

     

       135
       135
       +
                   $this->signingKey,

     

       136
       136
       +
                   $this->verificationKey,

     

       137
       137
       +
                   $this->encoder,

     

       138
       138
       +
                   $this->decoder,

     

       139
       139
       +
                   $parser,

     

       140
       140
       +
                   $this->validator,

     

       141
       141
       +
                   $this->builderFactory,

     

       142
       142
       +
                   ...$this->validationConstraints,

     

       143
       143
       +
               );

     

       144
       144
       +
           }

     

       145
       145
       +
       

     

       146
       146
       +
           public function signer(): Signer

     

       147
       147
       +
           {

     

       148
       148
       +
               return $this->signer;

     

       149
       149
       +
           }

     

       150
       150
       +
       

     

       151
       151
       +
           public function signingKey(): Key

     

       152
       152
       +
           {

     

       153
       153
       +
               return $this->signingKey;

     

       154
       154
       +
           }

     

       155
       155
       +
       

     

       156
       156
       +
           public function verificationKey(): Key

     

       157
       157
       +
           {

     

       158
       158
       +
               return $this->verificationKey;

     

       159
       159
       +
           }

     

       160
       160
       +
       

     

       161
       161
       +
           public function validator(): Validator

     

       162
       162
       +
           {

     

       163
       163
       +
               return $this->validator;

     

       164
       164
       +
           }

     

       165
       165
       +
       

     

       166
       166
       +
           /** @deprecated Deprecated since v5.5, please use {@see self::withValidator()} instead */

     

       167
       167
       +
           public function setValidator(Validator $validator): void

     

       168
       168
       +
           {

     

       169
       169
       +
               $this->validator = $validator;

     

       170
       170
       +
           }

     

       171
       171
       +
       

     

       172
       172
       +
           public function withValidator(Validator $validator): self

     

       173
       173
       +
           {

     

       174
       174
       +
               return new self(

     

       175
       175
       +
                   $this->signer,

     

       176
       176
       +
                   $this->signingKey,

     

       177
       177
       +
                   $this->verificationKey,

     

       178
       178
       +
                   $this->encoder,

     

       179
       179
       +
                   $this->decoder,

     

       180
       180
       +
                   $this->parser,

     

       181
       181
       +
                   $validator,

     

       182
       182
       +
                   $this->builderFactory,

     

       183
       183
       +
                   ...$this->validationConstraints,

     

       184
       184
       +
               );

     

       185
       185
       +
           }

     

       186
       186
       +
       

     

       187
       187
       +
           /** @return Constraint[] */

     

       188
       188
       +
           public function validationConstraints(): array

     

       189
       189
       +
           {

     

       190
       190
       +
               return $this->validationConstraints;

     

       191
       191
       +
           }

     

       192
       192
       +
       

     

       193
       193
       +
           /** @deprecated Deprecated since v5.5, please use {@see self::withValidationConstraints()} instead */

     

       194
       194
       +
           public function setValidationConstraints(Constraint ...$validationConstraints): void

     

       195
       195
       +
           {

     

       196
       196
       +
               $this->validationConstraints = $validationConstraints;

     

       197
       197
       +
           }

     

       198
       198
       +
       

     

       199
       199
       +
           public function withValidationConstraints(Constraint ...$validationConstraints): self

     

       200
       200
       +
           {

     

       201
       201
       +
               return new self(

     

       202
       202
       +
                   $this->signer,

     

       203
       203
       +
                   $this->signingKey,

     

       204
       204
       +
                   $this->verificationKey,

     

       205
       205
       +
                   $this->encoder,

     

       206
       206
       +
                   $this->decoder,

     

       207
       207
       +
                   $this->parser,

     

       208
       208
       +
                   $this->validator,

     

       209
       209
       +
                   $this->builderFactory,

     

       210
       210
       +
                   ...$validationConstraints,

     

       211
       211
       +
               );

     

       212
       212
       +
           }

     

       213
       213
       +
       }

+29

vendor/lcobucci/jwt/src/Decoder.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Encoding\CannotDecodeContent;

     

       7
       7
       +
       

     

       8
       8
       +
       interface Decoder

     

       9
       9
       +
       {

     

       10
       10
       +
           /**

     

       11
       11
       +
            * Decodes from JSON, validating the errors

     

       12
       12
       +
            *

     

       13
       13
       +
            * @param non-empty-string $json

     

       14
       14
       +
            *

     

       15
       15
       +
            * @throws CannotDecodeContent When something goes wrong while decoding.

     

       16
       16
       +
            */

     

       17
       17
       +
           public function jsonDecode(string $json): mixed;

     

       18
       18
       +
       

     

       19
       19
       +
           /**

     

       20
       20
       +
            * Decodes from Base64URL

     

       21
       21
       +
            *

     

       22
       22
       +
            * @link http://tools.ietf.org/html/rfc4648#section-5

     

       23
       23
       +
            *

     

       24
       24
       +
            * @return ($data is non-empty-string ? non-empty-string : string)

     

       25
       25
       +
            *

     

       26
       26
       +
            * @throws CannotDecodeContent When something goes wrong while decoding.

     

       27
       27
       +
            */

     

       28
       28
       +
           public function base64UrlDecode(string $data): string;

     

       29
       29
       +
       }

+27

vendor/lcobucci/jwt/src/Encoder.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Encoding\CannotEncodeContent;

     

       7
       7
       +
       

     

       8
       8
       +
       interface Encoder

     

       9
       9
       +
       {

     

       10
       10
       +
           /**

     

       11
       11
       +
            * Encodes to JSON, validating the errors

     

       12
       12
       +
            *

     

       13
       13
       +
            * @return non-empty-string

     

       14
       14
       +
            *

     

       15
       15
       +
            * @throws CannotEncodeContent When something goes wrong while encoding.

     

       16
       16
       +
            */

     

       17
       17
       +
           public function jsonEncode(mixed $data): string;

     

       18
       18
       +
       

     

       19
       19
       +
           /**

     

       20
       20
       +
            * Encodes to base64url

     

       21
       21
       +
            *

     

       22
       22
       +
            * @link http://tools.ietf.org/html/rfc4648#section-5

     

       23
       23
       +
            *

     

       24
       24
       +
            * @return ($data is non-empty-string ? non-empty-string : string)

     

       25
       25
       +
            */

     

       26
       26
       +
           public function base64UrlEncode(string $data): string;

     

       27
       27
       +
       }

+21

vendor/lcobucci/jwt/src/Encoding/CannotDecodeContent.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Encoding;

     

       5
       5
       +
       

     

       6
       6
       +
       use JsonException;

     

       7
       7
       +
       use Lcobucci\JWT\Exception;

     

       8
       8
       +
       use RuntimeException;

     

       9
       9
       +
       

     

       10
       10
       +
       final class CannotDecodeContent extends RuntimeException implements Exception

     

       11
       11
       +
       {

     

       12
       12
       +
           public static function jsonIssues(JsonException $previous): self

     

       13
       13
       +
           {

     

       14
       14
       +
               return new self(message: 'Error while decoding from JSON', previous: $previous);

     

       15
       15
       +
           }

     

       16
       16
       +
       

     

       17
       17
       +
           public static function invalidBase64String(): self

     

       18
       18
       +
           {

     

       19
       19
       +
               return new self('Error while decoding from Base64Url, invalid base64 characters detected');

     

       20
       20
       +
           }

     

       21
       21
       +
       }

+16

vendor/lcobucci/jwt/src/Encoding/CannotEncodeContent.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Encoding;

     

       5
       5
       +
       

     

       6
       6
       +
       use JsonException;

     

       7
       7
       +
       use Lcobucci\JWT\Exception;

     

       8
       8
       +
       use RuntimeException;

     

       9
       9
       +
       

     

       10
       10
       +
       final class CannotEncodeContent extends RuntimeException implements Exception

     

       11
       11
       +
       {

     

       12
       12
       +
           public static function jsonIssues(JsonException $previous): self

     

       13
       13
       +
           {

     

       14
       14
       +
               return new self(message: 'Error while encoding to JSON', previous: $previous);

     

       15
       15
       +
           }

     

       16
       16
       +
       }

+37

vendor/lcobucci/jwt/src/Encoding/ChainedFormatter.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Encoding;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\ClaimsFormatter;

     

       7
       7
       +
       

     

       8
       8
       +
       final class ChainedFormatter implements ClaimsFormatter

     

       9
       9
       +
       {

     

       10
       10
       +
           /** @var array<ClaimsFormatter> */

     

       11
       11
       +
           private array $formatters;

     

       12
       12
       +
       

     

       13
       13
       +
           public function __construct(ClaimsFormatter ...$formatters)

     

       14
       14
       +
           {

     

       15
       15
       +
               $this->formatters = $formatters;

     

       16
       16
       +
           }

     

       17
       17
       +
       

     

       18
       18
       +
           public static function default(): self

     

       19
       19
       +
           {

     

       20
       20
       +
               return new self(new UnifyAudience(), new MicrosecondBasedDateConversion());

     

       21
       21
       +
           }

     

       22
       22
       +
       

     

       23
       23
       +
           public static function withUnixTimestampDates(): self

     

       24
       24
       +
           {

     

       25
       25
       +
               return new self(new UnifyAudience(), new UnixTimestampDates());

     

       26
       26
       +
           }

     

       27
       27
       +
       

     

       28
       28
       +
           /** @inheritdoc */

     

       29
       29
       +
           public function formatClaims(array $claims): array

     

       30
       30
       +
           {

     

       31
       31
       +
               foreach ($this->formatters as $formatter) {

     

       32
       32
       +
                   $claims = $formatter->formatClaims($claims);

     

       33
       33
       +
               }

     

       34
       34
       +
       

     

       35
       35
       +
               return $claims;

     

       36
       36
       +
           }

     

       37
       37
       +
       }

+56

vendor/lcobucci/jwt/src/Encoding/JoseEncoder.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Encoding;

     

       5
       5
       +
       

     

       6
       6
       +
       use JsonException;

     

       7
       7
       +
       use Lcobucci\JWT\Decoder;

     

       8
       8
       +
       use Lcobucci\JWT\Encoder;

     

       9
       9
       +
       use Lcobucci\JWT\SodiumBase64Polyfill;

     

       10
       10
       +
       

     

       11
       11
       +
       use function json_decode;

     

       12
       12
       +
       use function json_encode;

     

       13
       13
       +
       

     

       14
       14
       +
       use const JSON_THROW_ON_ERROR;

     

       15
       15
       +
       use const JSON_UNESCAPED_SLASHES;

     

       16
       16
       +
       use const JSON_UNESCAPED_UNICODE;

     

       17
       17
       +
       

     

       18
       18
       +
       /**

     

       19
       19
       +
        * A utilitarian class that encodes and decodes data according to JOSE specifications

     

       20
       20
       +
        */

     

       21
       21
       +
       final class JoseEncoder implements Encoder, Decoder

     

       22
       22
       +
       {

     

       23
       23
       +
           public function jsonEncode(mixed $data): string

     

       24
       24
       +
           {

     

       25
       25
       +
               try {

     

       26
       26
       +
                   return json_encode($data, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE | JSON_THROW_ON_ERROR);

     

       27
       27
       +
               } catch (JsonException $exception) {

     

       28
       28
       +
                   throw CannotEncodeContent::jsonIssues($exception);

     

       29
       29
       +
               }

     

       30
       30
       +
           }

     

       31
       31
       +
       

     

       32
       32
       +
           public function jsonDecode(string $json): mixed

     

       33
       33
       +
           {

     

       34
       34
       +
               try {

     

       35
       35
       +
                   return json_decode(json: $json, associative: true, flags: JSON_THROW_ON_ERROR);

     

       36
       36
       +
               } catch (JsonException $exception) {

     

       37
       37
       +
                   throw CannotDecodeContent::jsonIssues($exception);

     

       38
       38
       +
               }

     

       39
       39
       +
           }

     

       40
       40
       +
       

     

       41
       41
       +
           public function base64UrlEncode(string $data): string

     

       42
       42
       +
           {

     

       43
       43
       +
               return SodiumBase64Polyfill::bin2base64(

     

       44
       44
       +
                   $data,

     

       45
       45
       +
                   SodiumBase64Polyfill::SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING,

     

       46
       46
       +
               );

     

       47
       47
       +
           }

     

       48
       48
       +
       

     

       49
       49
       +
           public function base64UrlDecode(string $data): string

     

       50
       50
       +
           {

     

       51
       51
       +
               return SodiumBase64Polyfill::base642bin(

     

       52
       52
       +
                   $data,

     

       53
       53
       +
                   SodiumBase64Polyfill::SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING,

     

       54
       54
       +
               );

     

       55
       55
       +
           }

     

       56
       56
       +
       }

+36

vendor/lcobucci/jwt/src/Encoding/MicrosecondBasedDateConversion.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Encoding;

     

       5
       5
       +
       

     

       6
       6
       +
       use DateTimeImmutable;

     

       7
       7
       +
       use Lcobucci\JWT\ClaimsFormatter;

     

       8
       8
       +
       use Lcobucci\JWT\Token\RegisteredClaims;

     

       9
       9
       +
       

     

       10
       10
       +
       use function array_key_exists;

     

       11
       11
       +
       

     

       12
       12
       +
       final class MicrosecondBasedDateConversion implements ClaimsFormatter

     

       13
       13
       +
       {

     

       14
       14
       +
           /** @inheritdoc */

     

       15
       15
       +
           public function formatClaims(array $claims): array

     

       16
       16
       +
           {

     

       17
       17
       +
               foreach (RegisteredClaims::DATE_CLAIMS as $claim) {

     

       18
       18
       +
                   if (! array_key_exists($claim, $claims)) {

     

       19
       19
       +
                       continue;

     

       20
       20
       +
                   }

     

       21
       21
       +
       

     

       22
       22
       +
                   $claims[$claim] = $this->convertDate($claims[$claim]);

     

       23
       23
       +
               }

     

       24
       24
       +
       

     

       25
       25
       +
               return $claims;

     

       26
       26
       +
           }

     

       27
       27
       +
       

     

       28
       28
       +
           private function convertDate(DateTimeImmutable $date): int|float

     

       29
       29
       +
           {

     

       30
       30
       +
               if ($date->format('u') === '000000') {

     

       31
       31
       +
                   return (int) $date->format('U');

     

       32
       32
       +
               }

     

       33
       33
       +
       

     

       34
       34
       +
               return (float) $date->format('U.u');

     

       35
       35
       +
           }

     

       36
       36
       +
       }

+29

vendor/lcobucci/jwt/src/Encoding/UnifyAudience.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Encoding;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\ClaimsFormatter;

     

       7
       7
       +
       use Lcobucci\JWT\Token\RegisteredClaims;

     

       8
       8
       +
       

     

       9
       9
       +
       use function array_key_exists;

     

       10
       10
       +
       use function count;

     

       11
       11
       +
       use function current;

     

       12
       12
       +
       

     

       13
       13
       +
       final class UnifyAudience implements ClaimsFormatter

     

       14
       14
       +
       {

     

       15
       15
       +
           /** @inheritdoc */

     

       16
       16
       +
           public function formatClaims(array $claims): array

     

       17
       17
       +
           {

     

       18
       18
       +
               if (

     

       19
       19
       +
                   ! array_key_exists(RegisteredClaims::AUDIENCE, $claims)

     

       20
       20
       +
                   || count($claims[RegisteredClaims::AUDIENCE]) !== 1

     

       21
       21
       +
               ) {

     

       22
       22
       +
                   return $claims;

     

       23
       23
       +
               }

     

       24
       24
       +
       

     

       25
       25
       +
               $claims[RegisteredClaims::AUDIENCE] = current($claims[RegisteredClaims::AUDIENCE]);

     

       26
       26
       +
       

     

       27
       27
       +
               return $claims;

     

       28
       28
       +
           }

     

       29
       29
       +
       }

+32

vendor/lcobucci/jwt/src/Encoding/UnixTimestampDates.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Encoding;

     

       5
       5
       +
       

     

       6
       6
       +
       use DateTimeImmutable;

     

       7
       7
       +
       use Lcobucci\JWT\ClaimsFormatter;

     

       8
       8
       +
       use Lcobucci\JWT\Token\RegisteredClaims;

     

       9
       9
       +
       

     

       10
       10
       +
       use function array_key_exists;

     

       11
       11
       +
       

     

       12
       12
       +
       final class UnixTimestampDates implements ClaimsFormatter

     

       13
       13
       +
       {

     

       14
       14
       +
           /** @inheritdoc */

     

       15
       15
       +
           public function formatClaims(array $claims): array

     

       16
       16
       +
           {

     

       17
       17
       +
               foreach (RegisteredClaims::DATE_CLAIMS as $claim) {

     

       18
       18
       +
                   if (! array_key_exists($claim, $claims)) {

     

       19
       19
       +
                       continue;

     

       20
       20
       +
                   }

     

       21
       21
       +
       

     

       22
       22
       +
                   $claims[$claim] = $this->convertDate($claims[$claim]);

     

       23
       23
       +
               }

     

       24
       24
       +
       

     

       25
       25
       +
               return $claims;

     

       26
       26
       +
           }

     

       27
       27
       +
       

     

       28
       28
       +
           private function convertDate(DateTimeImmutable $date): int

     

       29
       29
       +
           {

     

       30
       30
       +
               return $date->getTimestamp();

     

       31
       31
       +
           }

     

       32
       32
       +
       }

+10

vendor/lcobucci/jwt/src/Exception.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT;

     

       5
       5
       +
       

     

       6
       6
       +
       use Throwable;

     

       7
       7
       +
       

     

       8
       8
       +
       interface Exception extends Throwable

     

       9
       9
       +
       {

     

       10
       10
       +
       }

+71

vendor/lcobucci/jwt/src/JwtFacade.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT;

     

       5
       5
       +
       

     

       6
       6
       +
       use Closure;

     

       7
       7
       +
       use DateTimeImmutable;

     

       8
       8
       +
       use Lcobucci\JWT\Encoding\ChainedFormatter;

     

       9
       9
       +
       use Lcobucci\JWT\Encoding\JoseEncoder;

     

       10
       10
       +
       use Lcobucci\JWT\Signer\Key;

     

       11
       11
       +
       use Lcobucci\JWT\Validation\Constraint;

     

       12
       12
       +
       use Lcobucci\JWT\Validation\SignedWith;

     

       13
       13
       +
       use Lcobucci\JWT\Validation\ValidAt;

     

       14
       14
       +
       use Lcobucci\JWT\Validation\Validator;

     

       15
       15
       +
       use Psr\Clock\ClockInterface as Clock;

     

       16
       16
       +
       

     

       17
       17
       +
       use function assert;

     

       18
       18
       +
       

     

       19
       19
       +
       final class JwtFacade

     

       20
       20
       +
       {

     

       21
       21
       +
           private readonly Clock $clock;

     

       22
       22
       +
       

     

       23
       23
       +
           public function __construct(

     

       24
       24
       +
               private readonly Parser $parser = new Token\Parser(new JoseEncoder()),

     

       25
       25
       +
               ?Clock $clock = null,

     

       26
       26
       +
           ) {

     

       27
       27
       +
               $this->clock = $clock ?? new class implements Clock {

     

       28
       28
       +
                   public function now(): DateTimeImmutable

     

       29
       29
       +
                   {

     

       30
       30
       +
                       return new DateTimeImmutable();

     

       31
       31
       +
                   }

     

       32
       32
       +
               };

     

       33
       33
       +
           }

     

       34
       34
       +
       

     

       35
       35
       +
           /** @param Closure(Builder, DateTimeImmutable):Builder $customiseBuilder */

     

       36
       36
       +
           public function issue(

     

       37
       37
       +
               Signer $signer,

     

       38
       38
       +
               Key $signingKey,

     

       39
       39
       +
               Closure $customiseBuilder,

     

       40
       40
       +
           ): UnencryptedToken {

     

       41
       41
       +
               $builder = Token\Builder::new(new JoseEncoder(), ChainedFormatter::withUnixTimestampDates());

     

       42
       42
       +
       

     

       43
       43
       +
               $now     = $this->clock->now();

     

       44
       44
       +
               $builder = $builder

     

       45
       45
       +
                   ->issuedAt($now)

     

       46
       46
       +
                   ->canOnlyBeUsedAfter($now)

     

       47
       47
       +
                   ->expiresAt($now->modify('+5 minutes'));

     

       48
       48
       +
       

     

       49
       49
       +
               return $customiseBuilder($builder, $now)->getToken($signer, $signingKey);

     

       50
       50
       +
           }

     

       51
       51
       +
       

     

       52
       52
       +
           /** @param non-empty-string $jwt */

     

       53
       53
       +
           public function parse(

     

       54
       54
       +
               string $jwt,

     

       55
       55
       +
               SignedWith $signedWith,

     

       56
       56
       +
               ValidAt $validAt,

     

       57
       57
       +
               Constraint ...$constraints,

     

       58
       58
       +
           ): UnencryptedToken {

     

       59
       59
       +
               $token = $this->parser->parse($jwt);

     

       60
       60
       +
               assert($token instanceof UnencryptedToken);

     

       61
       61
       +
       

     

       62
       62
       +
               (new Validator())->assert(

     

       63
       63
       +
                   $token,

     

       64
       64
       +
                   $signedWith,

     

       65
       65
       +
                   $validAt,

     

       66
       66
       +
                   ...$constraints,

     

       67
       67
       +
               );

     

       68
       68
       +
       

     

       69
       69
       +
               return $token;

     

       70
       70
       +
           }

     

       71
       71
       +
       }

+22

vendor/lcobucci/jwt/src/Parser.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Encoding\CannotDecodeContent;

     

       7
       7
       +
       use Lcobucci\JWT\Token\InvalidTokenStructure;

     

       8
       8
       +
       use Lcobucci\JWT\Token\UnsupportedHeaderFound;

     

       9
       9
       +
       

     

       10
       10
       +
       interface Parser

     

       11
       11
       +
       {

     

       12
       12
       +
           /**

     

       13
       13
       +
            * Parses the JWT and returns a token

     

       14
       14
       +
            *

     

       15
       15
       +
            * @param non-empty-string $jwt

     

       16
       16
       +
            *

     

       17
       17
       +
            * @throws CannotDecodeContent      When something goes wrong while decoding.

     

       18
       18
       +
            * @throws InvalidTokenStructure    When token string structure is invalid.

     

       19
       19
       +
            * @throws UnsupportedHeaderFound   When parsed token has an unsupported header.

     

       20
       20
       +
            */

     

       21
       21
       +
           public function parse(string $jwt): Token;

     

       22
       22
       +
       }

+36

vendor/lcobucci/jwt/src/Signer/Blake2b.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Signer;

     

       7
       7
       +
       

     

       8
       8
       +
       use function hash_equals;

     

       9
       9
       +
       use function sodium_crypto_generichash;

     

       10
       10
       +
       use function strlen;

     

       11
       11
       +
       

     

       12
       12
       +
       final class Blake2b implements Signer

     

       13
       13
       +
       {

     

       14
       14
       +
           private const MINIMUM_KEY_LENGTH_IN_BITS = 256;

     

       15
       15
       +
       

     

       16
       16
       +
           public function algorithmId(): string

     

       17
       17
       +
           {

     

       18
       18
       +
               return 'BLAKE2B';

     

       19
       19
       +
           }

     

       20
       20
       +
       

     

       21
       21
       +
           public function sign(string $payload, Key $key): string

     

       22
       22
       +
           {

     

       23
       23
       +
               $actualKeyLength = 8 * strlen($key->contents());

     

       24
       24
       +
       

     

       25
       25
       +
               if ($actualKeyLength < self::MINIMUM_KEY_LENGTH_IN_BITS) {

     

       26
       26
       +
                   throw InvalidKeyProvided::tooShort(self::MINIMUM_KEY_LENGTH_IN_BITS, $actualKeyLength);

     

       27
       27
       +
               }

     

       28
       28
       +
       

     

       29
       29
       +
               return sodium_crypto_generichash($payload, $key->contents());

     

       30
       30
       +
           }

     

       31
       31
       +
       

     

       32
       32
       +
           public function verify(string $expected, string $payload, Key $key): bool

     

       33
       33
       +
           {

     

       34
       34
       +
               return hash_equals($expected, $this->sign($payload, $key));

     

       35
       35
       +
           }

     

       36
       36
       +
       }

+15

vendor/lcobucci/jwt/src/Signer/CannotSignPayload.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer;

     

       5
       5
       +
       

     

       6
       6
       +
       use InvalidArgumentException;

     

       7
       7
       +
       use Lcobucci\JWT\Exception;

     

       8
       8
       +
       

     

       9
       9
       +
       final class CannotSignPayload extends InvalidArgumentException implements Exception

     

       10
       10
       +
       {

     

       11
       11
       +
           public static function errorHappened(string $error): self

     

       12
       12
       +
           {

     

       13
       13
       +
               return new self('There was an error while creating the signature:' . $error);

     

       14
       14
       +
           }

     

       15
       15
       +
       }

+25

vendor/lcobucci/jwt/src/Signer/Ecdsa/ConversionFailed.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer\Ecdsa;

     

       5
       5
       +
       

     

       6
       6
       +
       use InvalidArgumentException;

     

       7
       7
       +
       use Lcobucci\JWT\Exception;

     

       8
       8
       +
       

     

       9
       9
       +
       final class ConversionFailed extends InvalidArgumentException implements Exception

     

       10
       10
       +
       {

     

       11
       11
       +
           public static function invalidLength(): self

     

       12
       12
       +
           {

     

       13
       13
       +
               return new self('Invalid signature length.');

     

       14
       14
       +
           }

     

       15
       15
       +
       

     

       16
       16
       +
           public static function incorrectStartSequence(): self

     

       17
       17
       +
           {

     

       18
       18
       +
               return new self('Invalid data. Should start with a sequence.');

     

       19
       19
       +
           }

     

       20
       20
       +
       

     

       21
       21
       +
           public static function integerExpected(): self

     

       22
       22
       +
           {

     

       23
       23
       +
               return new self('Invalid data. Should contain an integer.');

     

       24
       24
       +
           }

     

       25
       25
       +
       }

+148

vendor/lcobucci/jwt/src/Signer/Ecdsa/MultibyteStringConverter.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       /*

     

       5
       5
       +
        * The MIT License (MIT)

     

       6
       6
       +
        *

     

       7
       7
       +
        * Copyright (c) 2014-2018 Spomky-Labs

     

       8
       8
       +
        *

     

       9
       9
       +
        * This software may be modified and distributed under the terms

     

       10
       10
       +
        * of the MIT license.  See the LICENSE file for details.

     

       11
       11
       +
        *

     

       12
       12
       +
        * @link https://github.com/web-token/jwt-framework/blob/v1.2/src/Component/Core/Util/ECSignature.php

     

       13
       13
       +
        */

     

       14
       14
       +
       

     

       15
       15
       +
       namespace Lcobucci\JWT\Signer\Ecdsa;

     

       16
       16
       +
       

     

       17
       17
       +
       use function assert;

     

       18
       18
       +
       use function bin2hex;

     

       19
       19
       +
       use function dechex;

     

       20
       20
       +
       use function hex2bin;

     

       21
       21
       +
       use function hexdec;

     

       22
       22
       +
       use function is_string;

     

       23
       23
       +
       use function str_pad;

     

       24
       24
       +
       use function strlen;

     

       25
       25
       +
       use function substr;

     

       26
       26
       +
       

     

       27
       27
       +
       use const STR_PAD_LEFT;

     

       28
       28
       +
       

     

       29
       29
       +
       /**

     

       30
       30
       +
        * ECDSA signature converter using ext-mbstring

     

       31
       31
       +
        *

     

       32
       32
       +
        * @internal

     

       33
       33
       +
        */

     

       34
       34
       +
       final class MultibyteStringConverter implements SignatureConverter

     

       35
       35
       +
       {

     

       36
       36
       +
           private const ASN1_SEQUENCE          = '30';

     

       37
       37
       +
           private const ASN1_INTEGER           = '02';

     

       38
       38
       +
           private const ASN1_MAX_SINGLE_BYTE   = 128;

     

       39
       39
       +
           private const ASN1_LENGTH_2BYTES     = '81';

     

       40
       40
       +
           private const ASN1_BIG_INTEGER_LIMIT = '7f';

     

       41
       41
       +
           private const ASN1_NEGATIVE_INTEGER  = '00';

     

       42
       42
       +
           private const BYTE_SIZE              = 2;

     

       43
       43
       +
       

     

       44
       44
       +
           public function toAsn1(string $points, int $length): string

     

       45
       45
       +
           {

     

       46
       46
       +
               $points = bin2hex($points);

     

       47
       47
       +
       

     

       48
       48
       +
               if (self::octetLength($points) !== $length) {

     

       49
       49
       +
                   throw ConversionFailed::invalidLength();

     

       50
       50
       +
               }

     

       51
       51
       +
       

     

       52
       52
       +
               $pointR = self::preparePositiveInteger(substr($points, 0, $length));

     

       53
       53
       +
               $pointS = self::preparePositiveInteger(substr($points, $length, null));

     

       54
       54
       +
       

     

       55
       55
       +
               $lengthR = self::octetLength($pointR);

     

       56
       56
       +
               $lengthS = self::octetLength($pointS);

     

       57
       57
       +
       

     

       58
       58
       +
               $totalLength  = $lengthR + $lengthS + self::BYTE_SIZE + self::BYTE_SIZE;

     

       59
       59
       +
               $lengthPrefix = $totalLength > self::ASN1_MAX_SINGLE_BYTE ? self::ASN1_LENGTH_2BYTES : '';

     

       60
       60
       +
       

     

       61
       61
       +
               $asn1 = hex2bin(

     

       62
       62
       +
                   self::ASN1_SEQUENCE

     

       63
       63
       +
                   . $lengthPrefix . dechex($totalLength)

     

       64
       64
       +
                   . self::ASN1_INTEGER . dechex($lengthR) . $pointR

     

       65
       65
       +
                   . self::ASN1_INTEGER . dechex($lengthS) . $pointS,

     

       66
       66
       +
               );

     

       67
       67
       +
               assert(is_string($asn1));

     

       68
       68
       +
               assert($asn1 !== '');

     

       69
       69
       +
       

     

       70
       70
       +
               return $asn1;

     

       71
       71
       +
           }

     

       72
       72
       +
       

     

       73
       73
       +
           private static function octetLength(string $data): int

     

       74
       74
       +
           {

     

       75
       75
       +
               return (int) (strlen($data) / self::BYTE_SIZE);

     

       76
       76
       +
           }

     

       77
       77
       +
       

     

       78
       78
       +
           private static function preparePositiveInteger(string $data): string

     

       79
       79
       +
           {

     

       80
       80
       +
               if (substr($data, 0, self::BYTE_SIZE) > self::ASN1_BIG_INTEGER_LIMIT) {

     

       81
       81
       +
                   return self::ASN1_NEGATIVE_INTEGER . $data;

     

       82
       82
       +
               }

     

       83
       83
       +
       

     

       84
       84
       +
               while (

     

       85
       85
       +
                   substr($data, 0, self::BYTE_SIZE) === self::ASN1_NEGATIVE_INTEGER

     

       86
       86
       +
                   && substr($data, 2, self::BYTE_SIZE) <= self::ASN1_BIG_INTEGER_LIMIT

     

       87
       87
       +
               ) {

     

       88
       88
       +
                   $data = substr($data, 2, null);

     

       89
       89
       +
               }

     

       90
       90
       +
       

     

       91
       91
       +
               return $data;

     

       92
       92
       +
           }

     

       93
       93
       +
       

     

       94
       94
       +
           public function fromAsn1(string $signature, int $length): string

     

       95
       95
       +
           {

     

       96
       96
       +
               $message  = bin2hex($signature);

     

       97
       97
       +
               $position = 0;

     

       98
       98
       +
       

     

       99
       99
       +
               if (self::readAsn1Content($message, $position, self::BYTE_SIZE) !== self::ASN1_SEQUENCE) {

     

       100
       100
       +
                   throw ConversionFailed::incorrectStartSequence();

     

       101
       101
       +
               }

     

       102
       102
       +
       

     

       103
       103
       +
               // @phpstan-ignore-next-line

     

       104
       104
       +
               if (self::readAsn1Content($message, $position, self::BYTE_SIZE) === self::ASN1_LENGTH_2BYTES) {

     

       105
       105
       +
                   $position += self::BYTE_SIZE;

     

       106
       106
       +
               }

     

       107
       107
       +
       

     

       108
       108
       +
               $pointR = self::retrievePositiveInteger(self::readAsn1Integer($message, $position));

     

       109
       109
       +
               $pointS = self::retrievePositiveInteger(self::readAsn1Integer($message, $position));

     

       110
       110
       +
       

     

       111
       111
       +
               $points = hex2bin(str_pad($pointR, $length, '0', STR_PAD_LEFT) . str_pad($pointS, $length, '0', STR_PAD_LEFT));

     

       112
       112
       +
               assert(is_string($points));

     

       113
       113
       +
               assert($points !== '');

     

       114
       114
       +
       

     

       115
       115
       +
               return $points;

     

       116
       116
       +
           }

     

       117
       117
       +
       

     

       118
       118
       +
           private static function readAsn1Content(string $message, int &$position, int $length): string

     

       119
       119
       +
           {

     

       120
       120
       +
               $content   = substr($message, $position, $length);

     

       121
       121
       +
               $position += $length;

     

       122
       122
       +
       

     

       123
       123
       +
               return $content;

     

       124
       124
       +
           }

     

       125
       125
       +
       

     

       126
       126
       +
           private static function readAsn1Integer(string $message, int &$position): string

     

       127
       127
       +
           {

     

       128
       128
       +
               if (self::readAsn1Content($message, $position, self::BYTE_SIZE) !== self::ASN1_INTEGER) {

     

       129
       129
       +
                   throw ConversionFailed::integerExpected();

     

       130
       130
       +
               }

     

       131
       131
       +
       

     

       132
       132
       +
               $length = (int) hexdec(self::readAsn1Content($message, $position, self::BYTE_SIZE));

     

       133
       133
       +
       

     

       134
       134
       +
               return self::readAsn1Content($message, $position, $length * self::BYTE_SIZE);

     

       135
       135
       +
           }

     

       136
       136
       +
       

     

       137
       137
       +
           private static function retrievePositiveInteger(string $data): string

     

       138
       138
       +
           {

     

       139
       139
       +
               while (

     

       140
       140
       +
                   substr($data, 0, self::BYTE_SIZE) === self::ASN1_NEGATIVE_INTEGER

     

       141
       141
       +
                   && substr($data, 2, self::BYTE_SIZE) > self::ASN1_BIG_INTEGER_LIMIT

     

       142
       142
       +
               ) {

     

       143
       143
       +
                   $data = substr($data, 2, null);

     

       144
       144
       +
               }

     

       145
       145
       +
       

     

       146
       146
       +
               return $data;

     

       147
       147
       +
           }

     

       148
       148
       +
       }

+31

vendor/lcobucci/jwt/src/Signer/Ecdsa/Sha256.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer\Ecdsa;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Signer\Ecdsa;

     

       7
       7
       +
       

     

       8
       8
       +
       use const OPENSSL_ALGO_SHA256;

     

       9
       9
       +
       

     

       10
       10
       +
       final class Sha256 extends Ecdsa

     

       11
       11
       +
       {

     

       12
       12
       +
           public function algorithmId(): string

     

       13
       13
       +
           {

     

       14
       14
       +
               return 'ES256';

     

       15
       15
       +
           }

     

       16
       16
       +
       

     

       17
       17
       +
           public function algorithm(): int

     

       18
       18
       +
           {

     

       19
       19
       +
               return OPENSSL_ALGO_SHA256;

     

       20
       20
       +
           }

     

       21
       21
       +
       

     

       22
       22
       +
           public function pointLength(): int

     

       23
       23
       +
           {

     

       24
       24
       +
               return 64;

     

       25
       25
       +
           }

     

       26
       26
       +
       

     

       27
       27
       +
           public function expectedKeyLength(): int

     

       28
       28
       +
           {

     

       29
       29
       +
               return 256;

     

       30
       30
       +
           }

     

       31
       31
       +
       }

+31

vendor/lcobucci/jwt/src/Signer/Ecdsa/Sha384.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer\Ecdsa;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Signer\Ecdsa;

     

       7
       7
       +
       

     

       8
       8
       +
       use const OPENSSL_ALGO_SHA384;

     

       9
       9
       +
       

     

       10
       10
       +
       final class Sha384 extends Ecdsa

     

       11
       11
       +
       {

     

       12
       12
       +
           public function algorithmId(): string

     

       13
       13
       +
           {

     

       14
       14
       +
               return 'ES384';

     

       15
       15
       +
           }

     

       16
       16
       +
       

     

       17
       17
       +
           public function algorithm(): int

     

       18
       18
       +
           {

     

       19
       19
       +
               return OPENSSL_ALGO_SHA384;

     

       20
       20
       +
           }

     

       21
       21
       +
       

     

       22
       22
       +
           public function pointLength(): int

     

       23
       23
       +
           {

     

       24
       24
       +
               return 96;

     

       25
       25
       +
           }

     

       26
       26
       +
       

     

       27
       27
       +
           public function expectedKeyLength(): int

     

       28
       28
       +
           {

     

       29
       29
       +
               return 384;

     

       30
       30
       +
           }

     

       31
       31
       +
       }

+33

vendor/lcobucci/jwt/src/Signer/Ecdsa/Sha512.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer\Ecdsa;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Signer\Ecdsa;

     

       7
       7
       +
       

     

       8
       8
       +
       use const OPENSSL_ALGO_SHA512;

     

       9
       9
       +
       

     

       10
       10
       +
       final class Sha512 extends Ecdsa

     

       11
       11
       +
       {

     

       12
       12
       +
           public function algorithmId(): string

     

       13
       13
       +
           {

     

       14
       14
       +
               return 'ES512';

     

       15
       15
       +
           }

     

       16
       16
       +
       

     

       17
       17
       +
           public function algorithm(): int

     

       18
       18
       +
           {

     

       19
       19
       +
               return OPENSSL_ALGO_SHA512;

     

       20
       20
       +
           }

     

       21
       21
       +
       

     

       22
       22
       +
           public function pointLength(): int

     

       23
       23
       +
           {

     

       24
       24
       +
               return 132;

     

       25
       25
       +
           }

     

       26
       26
       +
       

     

       27
       27
       +
           public function expectedKeyLength(): int

     

       28
       28
       +
           {

     

       29
       29
       +
               // ES512 means ECDSA using P-521 and SHA-512.

     

       30
       30
       +
               // The key size is indeed 521 bits.

     

       31
       31
       +
               return 521;

     

       32
       32
       +
           }

     

       33
       33
       +
       }

+40

vendor/lcobucci/jwt/src/Signer/Ecdsa/SignatureConverter.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer\Ecdsa;

     

       5
       5
       +
       

     

       6
       6
       +
       /**

     

       7
       7
       +
        * Manipulates the result of a ECDSA signature (points R and S) according to the

     

       8
       8
       +
        * JWA specs.

     

       9
       9
       +
        *

     

       10
       10
       +
        * OpenSSL creates a signature using the ASN.1 format and, according the JWA specs,

     

       11
       11
       +
        * the signature for JWTs must be the concatenated values of points R and S (in

     

       12
       12
       +
        * big-endian octet order).

     

       13
       13
       +
        *

     

       14
       14
       +
        * @internal

     

       15
       15
       +
        *

     

       16
       16
       +
        * @see https://tools.ietf.org/html/rfc7518#page-9

     

       17
       17
       +
        * @see https://en.wikipedia.org/wiki/Abstract_Syntax_Notation_One

     

       18
       18
       +
        */

     

       19
       19
       +
       interface SignatureConverter

     

       20
       20
       +
       {

     

       21
       21
       +
           /**

     

       22
       22
       +
            * Converts the signature generated by OpenSSL into what JWA defines

     

       23
       23
       +
            *

     

       24
       24
       +
            * @return non-empty-string

     

       25
       25
       +
            *

     

       26
       26
       +
            * @throws ConversionFailed When there was an issue during the format conversion.

     

       27
       27
       +
            */

     

       28
       28
       +
           public function fromAsn1(string $signature, int $length): string;

     

       29
       29
       +
       

     

       30
       30
       +
           /**

     

       31
       31
       +
            * Converts the JWA signature into something OpenSSL understands

     

       32
       32
       +
            *

     

       33
       33
       +
            * @param non-empty-string $points

     

       34
       34
       +
            *

     

       35
       35
       +
            * @return non-empty-string

     

       36
       36
       +
            *

     

       37
       37
       +
            * @throws ConversionFailed When there was an issue during the format conversion.

     

       38
       38
       +
            */

     

       39
       39
       +
           public function toAsn1(string $points, int $length): string;

     

       40
       40
       +
       }

+67

vendor/lcobucci/jwt/src/Signer/Ecdsa.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Signer\Ecdsa\MultibyteStringConverter;

     

       7
       7
       +
       use Lcobucci\JWT\Signer\Ecdsa\SignatureConverter;

     

       8
       8
       +
       

     

       9
       9
       +
       use const OPENSSL_KEYTYPE_EC;

     

       10
       10
       +
       

     

       11
       11
       +
       abstract class Ecdsa extends OpenSSL

     

       12
       12
       +
       {

     

       13
       13
       +
           public function __construct(

     

       14
       14
       +
               private readonly SignatureConverter $converter = new MultibyteStringConverter(),

     

       15
       15
       +
           ) {

     

       16
       16
       +
           }

     

       17
       17
       +
       

     

       18
       18
       +
           final public function sign(string $payload, Key $key): string

     

       19
       19
       +
           {

     

       20
       20
       +
               return $this->converter->fromAsn1(

     

       21
       21
       +
                   $this->createSignature($key->contents(), $key->passphrase(), $payload),

     

       22
       22
       +
                   $this->pointLength(),

     

       23
       23
       +
               );

     

       24
       24
       +
           }

     

       25
       25
       +
       

     

       26
       26
       +
           final public function verify(string $expected, string $payload, Key $key): bool

     

       27
       27
       +
           {

     

       28
       28
       +
               return $this->verifySignature(

     

       29
       29
       +
                   $this->converter->toAsn1($expected, $this->pointLength()),

     

       30
       30
       +
                   $payload,

     

       31
       31
       +
                   $key->contents(),

     

       32
       32
       +
               );

     

       33
       33
       +
           }

     

       34
       34
       +
       

     

       35
       35
       +
           /** {@inheritDoc} */

     

       36
       36
       +
           final protected function guardAgainstIncompatibleKey(int $type, int $lengthInBits): void

     

       37
       37
       +
           {

     

       38
       38
       +
               if ($type !== OPENSSL_KEYTYPE_EC) {

     

       39
       39
       +
                   throw InvalidKeyProvided::incompatibleKeyType(

     

       40
       40
       +
                       self::KEY_TYPE_MAP[OPENSSL_KEYTYPE_EC],

     

       41
       41
       +
                       self::KEY_TYPE_MAP[$type],

     

       42
       42
       +
                   );

     

       43
       43
       +
               }

     

       44
       44
       +
       

     

       45
       45
       +
               $expectedKeyLength = $this->expectedKeyLength();

     

       46
       46
       +
       

     

       47
       47
       +
               if ($lengthInBits !== $expectedKeyLength) {

     

       48
       48
       +
                   throw InvalidKeyProvided::incompatibleKeyLength($expectedKeyLength, $lengthInBits);

     

       49
       49
       +
               }

     

       50
       50
       +
           }

     

       51
       51
       +
       

     

       52
       52
       +
           /**

     

       53
       53
       +
            * @internal

     

       54
       54
       +
            *

     

       55
       55
       +
            * @return positive-int

     

       56
       56
       +
            */

     

       57
       57
       +
           abstract public function expectedKeyLength(): int;

     

       58
       58
       +
       

     

       59
       59
       +
           /**

     

       60
       60
       +
            * Returns the length of each point in the signature, so that we can calculate and verify R and S points properly

     

       61
       61
       +
            *

     

       62
       62
       +
            * @internal

     

       63
       63
       +
            *

     

       64
       64
       +
            * @return positive-int

     

       65
       65
       +
            */

     

       66
       66
       +
           abstract public function pointLength(): int;

     

       67
       67
       +
       }

+36

vendor/lcobucci/jwt/src/Signer/Eddsa.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Signer;

     

       7
       7
       +
       use SodiumException;

     

       8
       8
       +
       

     

       9
       9
       +
       use function sodium_crypto_sign_detached;

     

       10
       10
       +
       use function sodium_crypto_sign_verify_detached;

     

       11
       11
       +
       

     

       12
       12
       +
       final class Eddsa implements Signer

     

       13
       13
       +
       {

     

       14
       14
       +
           public function algorithmId(): string

     

       15
       15
       +
           {

     

       16
       16
       +
               return 'EdDSA';

     

       17
       17
       +
           }

     

       18
       18
       +
       

     

       19
       19
       +
           public function sign(string $payload, Key $key): string

     

       20
       20
       +
           {

     

       21
       21
       +
               try {

     

       22
       22
       +
                   return sodium_crypto_sign_detached($payload, $key->contents());

     

       23
       23
       +
               } catch (SodiumException $sodiumException) {

     

       24
       24
       +
                   throw new InvalidKeyProvided($sodiumException->getMessage(), 0, $sodiumException);

     

       25
       25
       +
               }

     

       26
       26
       +
           }

     

       27
       27
       +
       

     

       28
       28
       +
           public function verify(string $expected, string $payload, Key $key): bool

     

       29
       29
       +
           {

     

       30
       30
       +
               try {

     

       31
       31
       +
                   return sodium_crypto_sign_verify_detached($expected, $payload, $key->contents());

     

       32
       32
       +
               } catch (SodiumException $sodiumException) {

     

       33
       33
       +
                   throw new InvalidKeyProvided($sodiumException->getMessage(), 0, $sodiumException);

     

       34
       34
       +
               }

     

       35
       35
       +
           }

     

       36
       36
       +
       }

+24

vendor/lcobucci/jwt/src/Signer/Hmac/Sha256.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer\Hmac;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Signer\Hmac;

     

       7
       7
       +
       

     

       8
       8
       +
       final class Sha256 extends Hmac

     

       9
       9
       +
       {

     

       10
       10
       +
           public function algorithmId(): string

     

       11
       11
       +
           {

     

       12
       12
       +
               return 'HS256';

     

       13
       13
       +
           }

     

       14
       14
       +
       

     

       15
       15
       +
           public function algorithm(): string

     

       16
       16
       +
           {

     

       17
       17
       +
               return 'sha256';

     

       18
       18
       +
           }

     

       19
       19
       +
       

     

       20
       20
       +
           public function minimumBitsLengthForKey(): int

     

       21
       21
       +
           {

     

       22
       22
       +
               return 256;

     

       23
       23
       +
           }

     

       24
       24
       +
       }

+24

vendor/lcobucci/jwt/src/Signer/Hmac/Sha384.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer\Hmac;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Signer\Hmac;

     

       7
       7
       +
       

     

       8
       8
       +
       final class Sha384 extends Hmac

     

       9
       9
       +
       {

     

       10
       10
       +
           public function algorithmId(): string

     

       11
       11
       +
           {

     

       12
       12
       +
               return 'HS384';

     

       13
       13
       +
           }

     

       14
       14
       +
       

     

       15
       15
       +
           public function algorithm(): string

     

       16
       16
       +
           {

     

       17
       17
       +
               return 'sha384';

     

       18
       18
       +
           }

     

       19
       19
       +
       

     

       20
       20
       +
           public function minimumBitsLengthForKey(): int

     

       21
       21
       +
           {

     

       22
       22
       +
               return 384;

     

       23
       23
       +
           }

     

       24
       24
       +
       }

+24

vendor/lcobucci/jwt/src/Signer/Hmac/Sha512.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer\Hmac;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Signer\Hmac;

     

       7
       7
       +
       

     

       8
       8
       +
       final class Sha512 extends Hmac

     

       9
       9
       +
       {

     

       10
       10
       +
           public function algorithmId(): string

     

       11
       11
       +
           {

     

       12
       12
       +
               return 'HS512';

     

       13
       13
       +
           }

     

       14
       14
       +
       

     

       15
       15
       +
           public function algorithm(): string

     

       16
       16
       +
           {

     

       17
       17
       +
               return 'sha512';

     

       18
       18
       +
           }

     

       19
       19
       +
       

     

       20
       20
       +
           public function minimumBitsLengthForKey(): int

     

       21
       21
       +
           {

     

       22
       22
       +
               return 512;

     

       23
       23
       +
           }

     

       24
       24
       +
       }

+44

vendor/lcobucci/jwt/src/Signer/Hmac.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Signer;

     

       7
       7
       +
       

     

       8
       8
       +
       use function hash_equals;

     

       9
       9
       +
       use function hash_hmac;

     

       10
       10
       +
       use function strlen;

     

       11
       11
       +
       

     

       12
       12
       +
       abstract class Hmac implements Signer

     

       13
       13
       +
       {

     

       14
       14
       +
           final public function sign(string $payload, Key $key): string

     

       15
       15
       +
           {

     

       16
       16
       +
               $actualKeyLength   = 8 * strlen($key->contents());

     

       17
       17
       +
               $expectedKeyLength = $this->minimumBitsLengthForKey();

     

       18
       18
       +
       

     

       19
       19
       +
               if ($actualKeyLength < $expectedKeyLength) {

     

       20
       20
       +
                   throw InvalidKeyProvided::tooShort($expectedKeyLength, $actualKeyLength);

     

       21
       21
       +
               }

     

       22
       22
       +
       

     

       23
       23
       +
               return hash_hmac($this->algorithm(), $payload, $key->contents(), true);

     

       24
       24
       +
           }

     

       25
       25
       +
       

     

       26
       26
       +
           final public function verify(string $expected, string $payload, Key $key): bool

     

       27
       27
       +
           {

     

       28
       28
       +
               return hash_equals($expected, $this->sign($payload, $key));

     

       29
       29
       +
           }

     

       30
       30
       +
       

     

       31
       31
       +
           /**

     

       32
       32
       +
            * @internal

     

       33
       33
       +
            *

     

       34
       34
       +
            * @return non-empty-string

     

       35
       35
       +
            */

     

       36
       36
       +
           abstract public function algorithm(): string;

     

       37
       37
       +
       

     

       38
       38
       +
           /**

     

       39
       39
       +
            * @internal

     

       40
       40
       +
            *

     

       41
       41
       +
            * @return positive-int

     

       42
       42
       +
            */

     

       43
       43
       +
           abstract public function minimumBitsLengthForKey(): int;

     

       44
       44
       +
       }

+47

vendor/lcobucci/jwt/src/Signer/InvalidKeyProvided.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer;

     

       5
       5
       +
       

     

       6
       6
       +
       use InvalidArgumentException;

     

       7
       7
       +
       use Lcobucci\JWT\Exception;

     

       8
       8
       +
       

     

       9
       9
       +
       final class InvalidKeyProvided extends InvalidArgumentException implements Exception

     

       10
       10
       +
       {

     

       11
       11
       +
           public static function cannotBeParsed(string $details): self

     

       12
       12
       +
           {

     

       13
       13
       +
               return new self('It was not possible to parse your key, reason:' . $details);

     

       14
       14
       +
           }

     

       15
       15
       +
       

     

       16
       16
       +
           /**

     

       17
       17
       +
            * @param non-empty-string $expectedType

     

       18
       18
       +
            * @param non-empty-string $actualType

     

       19
       19
       +
            */

     

       20
       20
       +
           public static function incompatibleKeyType(string $expectedType, string $actualType): self

     

       21
       21
       +
           {

     

       22
       22
       +
               return new self(

     

       23
       23
       +
                   'The type of the provided key is not "' . $expectedType

     

       24
       24
       +
                   . '", "' . $actualType . '" provided',

     

       25
       25
       +
               );

     

       26
       26
       +
           }

     

       27
       27
       +
       

     

       28
       28
       +
           /** @param positive-int $expectedLength */

     

       29
       29
       +
           public static function incompatibleKeyLength(int $expectedLength, int $actualLength): self

     

       30
       30
       +
           {

     

       31
       31
       +
               return new self(

     

       32
       32
       +
                   'The length of the provided key is different than ' . $expectedLength . ' bits, '

     

       33
       33
       +
                   . $actualLength . ' bits provided',

     

       34
       34
       +
               );

     

       35
       35
       +
           }

     

       36
       36
       +
       

     

       37
       37
       +
           public static function cannotBeEmpty(): self

     

       38
       38
       +
           {

     

       39
       39
       +
               return new self('Key cannot be empty');

     

       40
       40
       +
           }

     

       41
       41
       +
       

     

       42
       42
       +
           public static function tooShort(int $expectedLength, int $actualLength): self

     

       43
       43
       +
           {

     

       44
       44
       +
               return new self('Key provided is shorter than ' . $expectedLength . ' bits,'

     

       45
       45
       +
                   . ' only ' . $actualLength . ' bits provided');

     

       46
       46
       +
           }

     

       47
       47
       +
       }

+20

vendor/lcobucci/jwt/src/Signer/Key/FileCouldNotBeRead.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer\Key;

     

       5
       5
       +
       

     

       6
       6
       +
       use InvalidArgumentException;

     

       7
       7
       +
       use Lcobucci\JWT\Exception;

     

       8
       8
       +
       use Throwable;

     

       9
       9
       +
       

     

       10
       10
       +
       final class FileCouldNotBeRead extends InvalidArgumentException implements Exception

     

       11
       11
       +
       {

     

       12
       12
       +
           /** @param non-empty-string $path */

     

       13
       13
       +
           public static function onPath(string $path, ?Throwable $cause = null): self

     

       14
       14
       +
           {

     

       15
       15
       +
               return new self(

     

       16
       16
       +
                   message: 'The path "' . $path . '" does not contain a valid key file',

     

       17
       17
       +
                   previous: $cause,

     

       18
       18
       +
               );

     

       19
       19
       +
           }

     

       20
       20
       +
       }

+98

vendor/lcobucci/jwt/src/Signer/Key/InMemory.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer\Key;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Signer\InvalidKeyProvided;

     

       7
       7
       +
       use Lcobucci\JWT\Signer\Key;

     

       8
       8
       +
       use Lcobucci\JWT\SodiumBase64Polyfill;

     

       9
       9
       +
       use SensitiveParameter;

     

       10
       10
       +
       use SplFileObject;

     

       11
       11
       +
       use Throwable;

     

       12
       12
       +
       

     

       13
       13
       +
       use function assert;

     

       14
       14
       +
       use function is_string;

     

       15
       15
       +
       

     

       16
       16
       +
       final class InMemory implements Key

     

       17
       17
       +
       {

     

       18
       18
       +
           /** @param non-empty-string $contents */

     

       19
       19
       +
           private function __construct(

     

       20
       20
       +
               #[SensitiveParameter]

     

       21
       21
       +
               public readonly string $contents,

     

       22
       22
       +
               #[SensitiveParameter]

     

       23
       23
       +
               public readonly string $passphrase,

     

       24
       24
       +
           ) {

     

       25
       25
       +
           }

     

       26
       26
       +
       

     

       27
       27
       +
           /** @param non-empty-string $contents */

     

       28
       28
       +
           public static function plainText(

     

       29
       29
       +
               #[SensitiveParameter]

     

       30
       30
       +
               string $contents,

     

       31
       31
       +
               #[SensitiveParameter]

     

       32
       32
       +
               string $passphrase = '',

     

       33
       33
       +
           ): self {

     

       34
       34
       +
               self::guardAgainstEmptyKey($contents);

     

       35
       35
       +
       

     

       36
       36
       +
               return new self($contents, $passphrase);

     

       37
       37
       +
           }

     

       38
       38
       +
       

     

       39
       39
       +
           /** @param non-empty-string $contents */

     

       40
       40
       +
           public static function base64Encoded(

     

       41
       41
       +
               #[SensitiveParameter]

     

       42
       42
       +
               string $contents,

     

       43
       43
       +
               #[SensitiveParameter]

     

       44
       44
       +
               string $passphrase = '',

     

       45
       45
       +
           ): self {

     

       46
       46
       +
               $decoded = SodiumBase64Polyfill::base642bin(

     

       47
       47
       +
                   $contents,

     

       48
       48
       +
                   SodiumBase64Polyfill::SODIUM_BASE64_VARIANT_ORIGINAL,

     

       49
       49
       +
               );

     

       50
       50
       +
       

     

       51
       51
       +
               self::guardAgainstEmptyKey($decoded);

     

       52
       52
       +
       

     

       53
       53
       +
               return new self($decoded, $passphrase);

     

       54
       54
       +
           }

     

       55
       55
       +
       

     

       56
       56
       +
           /**

     

       57
       57
       +
            * @param non-empty-string $path

     

       58
       58
       +
            *

     

       59
       59
       +
            * @throws FileCouldNotBeRead

     

       60
       60
       +
            */

     

       61
       61
       +
           public static function file(

     

       62
       62
       +
               string $path,

     

       63
       63
       +
               #[SensitiveParameter]

     

       64
       64
       +
               string $passphrase = '',

     

       65
       65
       +
           ): self {

     

       66
       66
       +
               try {

     

       67
       67
       +
                   $file = new SplFileObject($path);

     

       68
       68
       +
               } catch (Throwable $exception) {

     

       69
       69
       +
                   throw FileCouldNotBeRead::onPath($path, $exception);

     

       70
       70
       +
               }

     

       71
       71
       +
       

     

       72
       72
       +
               $fileSize = $file->getSize();

     

       73
       73
       +
               $contents = $fileSize > 0 ? $file->fread($file->getSize()) : '';

     

       74
       74
       +
               assert(is_string($contents));

     

       75
       75
       +
       

     

       76
       76
       +
               self::guardAgainstEmptyKey($contents);

     

       77
       77
       +
       

     

       78
       78
       +
               return new self($contents, $passphrase);

     

       79
       79
       +
           }

     

       80
       80
       +
       

     

       81
       81
       +
           /** @phpstan-assert non-empty-string $contents */

     

       82
       82
       +
           private static function guardAgainstEmptyKey(string $contents): void

     

       83
       83
       +
           {

     

       84
       84
       +
               if ($contents === '') {

     

       85
       85
       +
                   throw InvalidKeyProvided::cannotBeEmpty();

     

       86
       86
       +
               }

     

       87
       87
       +
           }

     

       88
       88
       +
       

     

       89
       89
       +
           public function contents(): string

     

       90
       90
       +
           {

     

       91
       91
       +
               return $this->contents;

     

       92
       92
       +
           }

     

       93
       93
       +
       

     

       94
       94
       +
           public function passphrase(): string

     

       95
       95
       +
           {

     

       96
       96
       +
               return $this->passphrase;

     

       97
       97
       +
           }

     

       98
       98
       +
       }

+12

vendor/lcobucci/jwt/src/Signer/Key.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer;

     

       5
       5
       +
       

     

       6
       6
       +
       interface Key

     

       7
       7
       +
       {

     

       8
       8
       +
           /** @return non-empty-string */

     

       9
       9
       +
           public function contents(): string;

     

       10
       10
       +
       

     

       11
       11
       +
           public function passphrase(): string;

     

       12
       12
       +
       }

+133

vendor/lcobucci/jwt/src/Signer/OpenSSL.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Signer;

     

       7
       7
       +
       use OpenSSLAsymmetricKey;

     

       8
       8
       +
       use SensitiveParameter;

     

       9
       9
       +
       

     

       10
       10
       +
       use function array_key_exists;

     

       11
       11
       +
       use function assert;

     

       12
       12
       +
       use function is_array;

     

       13
       13
       +
       use function is_bool;

     

       14
       14
       +
       use function is_int;

     

       15
       15
       +
       use function openssl_error_string;

     

       16
       16
       +
       use function openssl_pkey_get_details;

     

       17
       17
       +
       use function openssl_pkey_get_private;

     

       18
       18
       +
       use function openssl_pkey_get_public;

     

       19
       19
       +
       use function openssl_sign;

     

       20
       20
       +
       use function openssl_verify;

     

       21
       21
       +
       

     

       22
       22
       +
       use const OPENSSL_KEYTYPE_DH;

     

       23
       23
       +
       use const OPENSSL_KEYTYPE_DSA;

     

       24
       24
       +
       use const OPENSSL_KEYTYPE_EC;

     

       25
       25
       +
       use const OPENSSL_KEYTYPE_RSA;

     

       26
       26
       +
       use const PHP_EOL;

     

       27
       27
       +
       

     

       28
       28
       +
       abstract class OpenSSL implements Signer

     

       29
       29
       +
       {

     

       30
       30
       +
           protected const KEY_TYPE_MAP = [

     

       31
       31
       +
               OPENSSL_KEYTYPE_RSA => 'RSA',

     

       32
       32
       +
               OPENSSL_KEYTYPE_DSA => 'DSA',

     

       33
       33
       +
               OPENSSL_KEYTYPE_DH => 'DH',

     

       34
       34
       +
               OPENSSL_KEYTYPE_EC => 'EC',

     

       35
       35
       +
           ];

     

       36
       36
       +
       

     

       37
       37
       +
           /**

     

       38
       38
       +
            * @return non-empty-string

     

       39
       39
       +
            *

     

       40
       40
       +
            * @throws CannotSignPayload

     

       41
       41
       +
            * @throws InvalidKeyProvided

     

       42
       42
       +
            */

     

       43
       43
       +
           final protected function createSignature(

     

       44
       44
       +
               #[SensitiveParameter]

     

       45
       45
       +
               string $pem,

     

       46
       46
       +
               #[SensitiveParameter]

     

       47
       47
       +
               string $passphrase,

     

       48
       48
       +
               string $payload,

     

       49
       49
       +
           ): string {

     

       50
       50
       +
               $key = $this->getPrivateKey($pem, $passphrase);

     

       51
       51
       +
       

     

       52
       52
       +
               $signature = '';

     

       53
       53
       +
       

     

       54
       54
       +
               if (! openssl_sign($payload, $signature, $key, $this->algorithm())) {

     

       55
       55
       +
                   throw CannotSignPayload::errorHappened($this->fullOpenSSLErrorString());

     

       56
       56
       +
               }

     

       57
       57
       +
       

     

       58
       58
       +
               return $signature;

     

       59
       59
       +
           }

     

       60
       60
       +
       

     

       61
       61
       +
           /** @throws CannotSignPayload */

     

       62
       62
       +
           private function getPrivateKey(

     

       63
       63
       +
               #[SensitiveParameter]

     

       64
       64
       +
               string $pem,

     

       65
       65
       +
               #[SensitiveParameter]

     

       66
       66
       +
               string $passphrase,

     

       67
       67
       +
           ): OpenSSLAsymmetricKey {

     

       68
       68
       +
               return $this->validateKey(openssl_pkey_get_private($pem, $passphrase));

     

       69
       69
       +
           }

     

       70
       70
       +
       

     

       71
       71
       +
           /** @throws InvalidKeyProvided */

     

       72
       72
       +
           final protected function verifySignature(

     

       73
       73
       +
               string $expected,

     

       74
       74
       +
               string $payload,

     

       75
       75
       +
               string $pem,

     

       76
       76
       +
           ): bool {

     

       77
       77
       +
               $key    = $this->getPublicKey($pem);

     

       78
       78
       +
               $result = openssl_verify($payload, $expected, $key, $this->algorithm());

     

       79
       79
       +
       

     

       80
       80
       +
               return $result === 1;

     

       81
       81
       +
           }

     

       82
       82
       +
       

     

       83
       83
       +
           /** @throws InvalidKeyProvided */

     

       84
       84
       +
           private function getPublicKey(string $pem): OpenSSLAsymmetricKey

     

       85
       85
       +
           {

     

       86
       86
       +
               return $this->validateKey(openssl_pkey_get_public($pem));

     

       87
       87
       +
           }

     

       88
       88
       +
       

     

       89
       89
       +
           /**

     

       90
       90
       +
            * Raises an exception when the key type is not the expected type

     

       91
       91
       +
            *

     

       92
       92
       +
            * @throws InvalidKeyProvided

     

       93
       93
       +
            */

     

       94
       94
       +
           private function validateKey(OpenSSLAsymmetricKey|bool $key): OpenSSLAsymmetricKey

     

       95
       95
       +
           {

     

       96
       96
       +
               if (is_bool($key)) {

     

       97
       97
       +
                   throw InvalidKeyProvided::cannotBeParsed($this->fullOpenSSLErrorString());

     

       98
       98
       +
               }

     

       99
       99
       +
       

     

       100
       100
       +
               $details = openssl_pkey_get_details($key);

     

       101
       101
       +
               assert(is_array($details));

     

       102
       102
       +
       

     

       103
       103
       +
               assert(array_key_exists('bits', $details));

     

       104
       104
       +
               assert(is_int($details['bits']));

     

       105
       105
       +
               assert(array_key_exists('type', $details));

     

       106
       106
       +
               assert(is_int($details['type']));

     

       107
       107
       +
       

     

       108
       108
       +
               $this->guardAgainstIncompatibleKey($details['type'], $details['bits']);

     

       109
       109
       +
       

     

       110
       110
       +
               return $key;

     

       111
       111
       +
           }

     

       112
       112
       +
       

     

       113
       113
       +
           private function fullOpenSSLErrorString(): string

     

       114
       114
       +
           {

     

       115
       115
       +
               $error = '';

     

       116
       116
       +
       

     

       117
       117
       +
               while ($msg = openssl_error_string()) {

     

       118
       118
       +
                   $error .= PHP_EOL . '* ' . $msg;

     

       119
       119
       +
               }

     

       120
       120
       +
       

     

       121
       121
       +
               return $error;

     

       122
       122
       +
           }

     

       123
       123
       +
       

     

       124
       124
       +
           /** @throws InvalidKeyProvided */

     

       125
       125
       +
           abstract protected function guardAgainstIncompatibleKey(int $type, int $lengthInBits): void;

     

       126
       126
       +
       

     

       127
       127
       +
           /**

     

       128
       128
       +
            * Returns which algorithm to be used to create/verify the signature (using OpenSSL constants)

     

       129
       129
       +
            *

     

       130
       130
       +
            * @internal

     

       131
       131
       +
            */

     

       132
       132
       +
           abstract public function algorithm(): int;

     

       133
       133
       +
       }

+21

vendor/lcobucci/jwt/src/Signer/Rsa/Sha256.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer\Rsa;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Signer\Rsa;

     

       7
       7
       +
       

     

       8
       8
       +
       use const OPENSSL_ALGO_SHA256;

     

       9
       9
       +
       

     

       10
       10
       +
       final class Sha256 extends Rsa

     

       11
       11
       +
       {

     

       12
       12
       +
           public function algorithmId(): string

     

       13
       13
       +
           {

     

       14
       14
       +
               return 'RS256';

     

       15
       15
       +
           }

     

       16
       16
       +
       

     

       17
       17
       +
           public function algorithm(): int

     

       18
       18
       +
           {

     

       19
       19
       +
               return OPENSSL_ALGO_SHA256;

     

       20
       20
       +
           }

     

       21
       21
       +
       }

+21

vendor/lcobucci/jwt/src/Signer/Rsa/Sha384.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer\Rsa;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Signer\Rsa;

     

       7
       7
       +
       

     

       8
       8
       +
       use const OPENSSL_ALGO_SHA384;

     

       9
       9
       +
       

     

       10
       10
       +
       final class Sha384 extends Rsa

     

       11
       11
       +
       {

     

       12
       12
       +
           public function algorithmId(): string

     

       13
       13
       +
           {

     

       14
       14
       +
               return 'RS384';

     

       15
       15
       +
           }

     

       16
       16
       +
       

     

       17
       17
       +
           public function algorithm(): int

     

       18
       18
       +
           {

     

       19
       19
       +
               return OPENSSL_ALGO_SHA384;

     

       20
       20
       +
           }

     

       21
       21
       +
       }

+21

vendor/lcobucci/jwt/src/Signer/Rsa/Sha512.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer\Rsa;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Signer\Rsa;

     

       7
       7
       +
       

     

       8
       8
       +
       use const OPENSSL_ALGO_SHA512;

     

       9
       9
       +
       

     

       10
       10
       +
       final class Sha512 extends Rsa

     

       11
       11
       +
       {

     

       12
       12
       +
           public function algorithmId(): string

     

       13
       13
       +
           {

     

       14
       14
       +
               return 'RS512';

     

       15
       15
       +
           }

     

       16
       16
       +
       

     

       17
       17
       +
           public function algorithm(): int

     

       18
       18
       +
           {

     

       19
       19
       +
               return OPENSSL_ALGO_SHA512;

     

       20
       20
       +
           }

     

       21
       21
       +
       }

+35

vendor/lcobucci/jwt/src/Signer/Rsa.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Signer;

     

       5
       5
       +
       

     

       6
       6
       +
       use const OPENSSL_KEYTYPE_RSA;

     

       7
       7
       +
       

     

       8
       8
       +
       abstract class Rsa extends OpenSSL

     

       9
       9
       +
       {

     

       10
       10
       +
           private const MINIMUM_KEY_LENGTH = 2048;

     

       11
       11
       +
       

     

       12
       12
       +
           final public function sign(string $payload, Key $key): string

     

       13
       13
       +
           {

     

       14
       14
       +
               return $this->createSignature($key->contents(), $key->passphrase(), $payload);

     

       15
       15
       +
           }

     

       16
       16
       +
       

     

       17
       17
       +
           final public function verify(string $expected, string $payload, Key $key): bool

     

       18
       18
       +
           {

     

       19
       19
       +
               return $this->verifySignature($expected, $payload, $key->contents());

     

       20
       20
       +
           }

     

       21
       21
       +
       

     

       22
       22
       +
           final protected function guardAgainstIncompatibleKey(int $type, int $lengthInBits): void

     

       23
       23
       +
           {

     

       24
       24
       +
               if ($type !== OPENSSL_KEYTYPE_RSA) {

     

       25
       25
       +
                   throw InvalidKeyProvided::incompatibleKeyType(

     

       26
       26
       +
                       self::KEY_TYPE_MAP[OPENSSL_KEYTYPE_RSA],

     

       27
       27
       +
                       self::KEY_TYPE_MAP[$type],

     

       28
       28
       +
                   );

     

       29
       29
       +
               }

     

       30
       30
       +
       

     

       31
       31
       +
               if ($lengthInBits < self::MINIMUM_KEY_LENGTH) {

     

       32
       32
       +
                   throw InvalidKeyProvided::tooShort(self::MINIMUM_KEY_LENGTH, $lengthInBits);

     

       33
       33
       +
               }

     

       34
       34
       +
           }

     

       35
       35
       +
       }

+43

vendor/lcobucci/jwt/src/Signer.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Signer\CannotSignPayload;

     

       7
       7
       +
       use Lcobucci\JWT\Signer\Ecdsa\ConversionFailed;

     

       8
       8
       +
       use Lcobucci\JWT\Signer\InvalidKeyProvided;

     

       9
       9
       +
       use Lcobucci\JWT\Signer\Key;

     

       10
       10
       +
       

     

       11
       11
       +
       interface Signer

     

       12
       12
       +
       {

     

       13
       13
       +
           /**

     

       14
       14
       +
            * Returns the algorithm id

     

       15
       15
       +
            *

     

       16
       16
       +
            * @return non-empty-string

     

       17
       17
       +
            */

     

       18
       18
       +
           public function algorithmId(): string;

     

       19
       19
       +
       

     

       20
       20
       +
           /**

     

       21
       21
       +
            * Creates a hash for the given payload

     

       22
       22
       +
            *

     

       23
       23
       +
            * @param non-empty-string $payload

     

       24
       24
       +
            *

     

       25
       25
       +
            * @return non-empty-string

     

       26
       26
       +
            *

     

       27
       27
       +
            * @throws CannotSignPayload  When payload signing fails.

     

       28
       28
       +
            * @throws InvalidKeyProvided When issue key is invalid/incompatible.

     

       29
       29
       +
            * @throws ConversionFailed   When signature could not be converted.

     

       30
       30
       +
            */

     

       31
       31
       +
           public function sign(string $payload, Key $key): string;

     

       32
       32
       +
       

     

       33
       33
       +
           /**

     

       34
       34
       +
            * Returns if the expected hash matches with the data and key

     

       35
       35
       +
            *

     

       36
       36
       +
            * @param non-empty-string $expected

     

       37
       37
       +
            * @param non-empty-string $payload

     

       38
       38
       +
            *

     

       39
       39
       +
            * @throws InvalidKeyProvided When issue key is invalid/incompatible.

     

       40
       40
       +
            * @throws ConversionFailed   When signature could not be converted.

     

       41
       41
       +
            */

     

       42
       42
       +
           public function verify(string $expected, string $payload, Key $key): bool;

     

       43
       43
       +
       }

+98

vendor/lcobucci/jwt/src/SodiumBase64Polyfill.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Encoding\CannotDecodeContent;

     

       7
       7
       +
       use SodiumException;

     

       8
       8
       +
       

     

       9
       9
       +
       use function base64_decode;

     

       10
       10
       +
       use function base64_encode;

     

       11
       11
       +
       use function function_exists;

     

       12
       12
       +
       use function is_string;

     

       13
       13
       +
       use function rtrim;

     

       14
       14
       +
       use function sodium_base642bin;

     

       15
       15
       +
       use function sodium_bin2base64;

     

       16
       16
       +
       use function strtr;

     

       17
       17
       +
       

     

       18
       18
       +
       /** @internal */

     

       19
       19
       +
       final class SodiumBase64Polyfill

     

       20
       20
       +
       {

     

       21
       21
       +
           public const SODIUM_BASE64_VARIANT_ORIGINAL            = 1;

     

       22
       22
       +
           public const SODIUM_BASE64_VARIANT_ORIGINAL_NO_PADDING = 3;

     

       23
       23
       +
           public const SODIUM_BASE64_VARIANT_URLSAFE             = 5;

     

       24
       24
       +
           public const SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING  = 7;

     

       25
       25
       +
       

     

       26
       26
       +
           /** @return ($decoded is non-empty-string ? non-empty-string : string) */

     

       27
       27
       +
           public static function bin2base64(string $decoded, int $variant): string

     

       28
       28
       +
           {

     

       29
       29
       +
               if (! function_exists('sodium_bin2base64')) {

     

       30
       30
       +
                   return self::bin2base64Fallback($decoded, $variant); // @codeCoverageIgnore

     

       31
       31
       +
               }

     

       32
       32
       +
       

     

       33
       33
       +
               return sodium_bin2base64($decoded, $variant);

     

       34
       34
       +
           }

     

       35
       35
       +
       

     

       36
       36
       +
           /** @return ($decoded is non-empty-string ? non-empty-string : string) */

     

       37
       37
       +
           public static function bin2base64Fallback(string $decoded, int $variant): string

     

       38
       38
       +
           {

     

       39
       39
       +
               $encoded = base64_encode($decoded);

     

       40
       40
       +
       

     

       41
       41
       +
               if (

     

       42
       42
       +
                   $variant === self::SODIUM_BASE64_VARIANT_URLSAFE

     

       43
       43
       +
                   || $variant === self::SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING

     

       44
       44
       +
               ) {

     

       45
       45
       +
                   $encoded = strtr($encoded, '+/', '-_');

     

       46
       46
       +
               }

     

       47
       47
       +
       

     

       48
       48
       +
               if (

     

       49
       49
       +
                   $variant === self::SODIUM_BASE64_VARIANT_ORIGINAL_NO_PADDING

     

       50
       50
       +
                   || $variant === self::SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING

     

       51
       51
       +
               ) {

     

       52
       52
       +
                   $encoded = rtrim($encoded, '=');

     

       53
       53
       +
               }

     

       54
       54
       +
       

     

       55
       55
       +
               return $encoded;

     

       56
       56
       +
           }

     

       57
       57
       +
       

     

       58
       58
       +
           /**

     

       59
       59
       +
            * @return ($encoded is non-empty-string ? non-empty-string : string)

     

       60
       60
       +
            *

     

       61
       61
       +
            * @throws CannotDecodeContent

     

       62
       62
       +
            */

     

       63
       63
       +
           public static function base642bin(string $encoded, int $variant): string

     

       64
       64
       +
           {

     

       65
       65
       +
               if (! function_exists('sodium_base642bin')) {

     

       66
       66
       +
                   return self::base642binFallback($encoded, $variant); // @codeCoverageIgnore

     

       67
       67
       +
               }

     

       68
       68
       +
       

     

       69
       69
       +
               try {

     

       70
       70
       +
                   return sodium_base642bin($encoded, $variant, '');

     

       71
       71
       +
               } catch (SodiumException) {

     

       72
       72
       +
                   throw CannotDecodeContent::invalidBase64String();

     

       73
       73
       +
               }

     

       74
       74
       +
           }

     

       75
       75
       +
       

     

       76
       76
       +
           /**

     

       77
       77
       +
            * @return ($encoded is non-empty-string ? non-empty-string : string)

     

       78
       78
       +
            *

     

       79
       79
       +
            * @throws CannotDecodeContent

     

       80
       80
       +
            */

     

       81
       81
       +
           public static function base642binFallback(string $encoded, int $variant): string

     

       82
       82
       +
           {

     

       83
       83
       +
               if (

     

       84
       84
       +
                   $variant === self::SODIUM_BASE64_VARIANT_URLSAFE

     

       85
       85
       +
                   || $variant === self::SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING

     

       86
       86
       +
               ) {

     

       87
       87
       +
                   $encoded = strtr($encoded, '-_', '+/');

     

       88
       88
       +
               }

     

       89
       89
       +
       

     

       90
       90
       +
               $decoded = base64_decode($encoded, true);

     

       91
       91
       +
       

     

       92
       92
       +
               if (! is_string($decoded)) {

     

       93
       93
       +
                   throw CannotDecodeContent::invalidBase64String();

     

       94
       94
       +
               }

     

       95
       95
       +
       

     

       96
       96
       +
               return $decoded;

     

       97
       97
       +
           }

     

       98
       98
       +
       }

+167

vendor/lcobucci/jwt/src/Token/Builder.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Token;

     

       5
       5
       +
       

     

       6
       6
       +
       use DateTimeImmutable;

     

       7
       7
       +
       use Lcobucci\JWT\Builder as BuilderInterface;

     

       8
       8
       +
       use Lcobucci\JWT\ClaimsFormatter;

     

       9
       9
       +
       use Lcobucci\JWT\Encoder;

     

       10
       10
       +
       use Lcobucci\JWT\Encoding\CannotEncodeContent;

     

       11
       11
       +
       use Lcobucci\JWT\Signer;

     

       12
       12
       +
       use Lcobucci\JWT\Signer\Key;

     

       13
       13
       +
       use Lcobucci\JWT\UnencryptedToken;

     

       14
       14
       +
       

     

       15
       15
       +
       use function array_diff;

     

       16
       16
       +
       use function array_merge;

     

       17
       17
       +
       use function in_array;

     

       18
       18
       +
       

     

       19
       19
       +
       /** @immutable */

     

       20
       20
       +
       final class Builder implements BuilderInterface

     

       21
       21
       +
       {

     

       22
       22
       +
           /** @var array<non-empty-string, mixed> */

     

       23
       23
       +
           private array $headers = ['typ' => 'JWT', 'alg' => null];

     

       24
       24
       +
       

     

       25
       25
       +
           /** @var array<non-empty-string, mixed> */

     

       26
       26
       +
           private array $claims = [];

     

       27
       27
       +
       

     

       28
       28
       +
           /** @deprecated Deprecated since v5.5, please use {@see self::new()} instead */

     

       29
       29
       +
           public function __construct(private readonly Encoder $encoder, private readonly ClaimsFormatter $claimFormatter)

     

       30
       30
       +
           {

     

       31
       31
       +
           }

     

       32
       32
       +
       

     

       33
       33
       +
           public static function new(Encoder $encoder, ClaimsFormatter $claimFormatter): self

     

       34
       34
       +
           {

     

       35
       35
       +
               return new self($encoder, $claimFormatter);

     

       36
       36
       +
           }

     

       37
       37
       +
       

     

       38
       38
       +
           /**

     

       39
       39
       +
            * @inheritDoc

     

       40
       40
       +
            * @pure

     

       41
       41
       +
            */

     

       42
       42
       +
           public function permittedFor(string ...$audiences): BuilderInterface

     

       43
       43
       +
           {

     

       44
       44
       +
               $configured = $this->claims[RegisteredClaims::AUDIENCE] ?? [];

     

       45
       45
       +
               $toAppend   = array_diff($audiences, $configured);

     

       46
       46
       +
       

     

       47
       47
       +
               return $this->setClaim(RegisteredClaims::AUDIENCE, array_merge($configured, $toAppend));

     

       48
       48
       +
           }

     

       49
       49
       +
       

     

       50
       50
       +
           /**

     

       51
       51
       +
            * @inheritDoc

     

       52
       52
       +
            * @pure

     

       53
       53
       +
            */

     

       54
       54
       +
           public function expiresAt(DateTimeImmutable $expiration): BuilderInterface

     

       55
       55
       +
           {

     

       56
       56
       +
               return $this->setClaim(RegisteredClaims::EXPIRATION_TIME, $expiration);

     

       57
       57
       +
           }

     

       58
       58
       +
       

     

       59
       59
       +
           /**

     

       60
       60
       +
            * @inheritDoc

     

       61
       61
       +
            * @pure

     

       62
       62
       +
            */

     

       63
       63
       +
           public function identifiedBy(string $id): BuilderInterface

     

       64
       64
       +
           {

     

       65
       65
       +
               return $this->setClaim(RegisteredClaims::ID, $id);

     

       66
       66
       +
           }

     

       67
       67
       +
       

     

       68
       68
       +
           /**

     

       69
       69
       +
            * @inheritDoc

     

       70
       70
       +
            * @pure

     

       71
       71
       +
            */

     

       72
       72
       +
           public function issuedAt(DateTimeImmutable $issuedAt): BuilderInterface

     

       73
       73
       +
           {

     

       74
       74
       +
               return $this->setClaim(RegisteredClaims::ISSUED_AT, $issuedAt);

     

       75
       75
       +
           }

     

       76
       76
       +
       

     

       77
       77
       +
           /**

     

       78
       78
       +
            * @inheritDoc

     

       79
       79
       +
            * @pure

     

       80
       80
       +
            */

     

       81
       81
       +
           public function issuedBy(string $issuer): BuilderInterface

     

       82
       82
       +
           {

     

       83
       83
       +
               return $this->setClaim(RegisteredClaims::ISSUER, $issuer);

     

       84
       84
       +
           }

     

       85
       85
       +
       

     

       86
       86
       +
           /**

     

       87
       87
       +
            * @inheritDoc

     

       88
       88
       +
            * @pure

     

       89
       89
       +
            */

     

       90
       90
       +
           public function canOnlyBeUsedAfter(DateTimeImmutable $notBefore): BuilderInterface

     

       91
       91
       +
           {

     

       92
       92
       +
               return $this->setClaim(RegisteredClaims::NOT_BEFORE, $notBefore);

     

       93
       93
       +
           }

     

       94
       94
       +
       

     

       95
       95
       +
           /**

     

       96
       96
       +
            * @inheritDoc

     

       97
       97
       +
            * @pure

     

       98
       98
       +
            */

     

       99
       99
       +
           public function relatedTo(string $subject): BuilderInterface

     

       100
       100
       +
           {

     

       101
       101
       +
               return $this->setClaim(RegisteredClaims::SUBJECT, $subject);

     

       102
       102
       +
           }

     

       103
       103
       +
       

     

       104
       104
       +
           /**

     

       105
       105
       +
            * @inheritDoc

     

       106
       106
       +
            * @pure

     

       107
       107
       +
            */

     

       108
       108
       +
           public function withHeader(string $name, mixed $value): BuilderInterface

     

       109
       109
       +
           {

     

       110
       110
       +
               $new                 = clone $this;

     

       111
       111
       +
               $new->headers[$name] = $value;

     

       112
       112
       +
       

     

       113
       113
       +
               return $new;

     

       114
       114
       +
           }

     

       115
       115
       +
       

     

       116
       116
       +
           /**

     

       117
       117
       +
            * @inheritDoc

     

       118
       118
       +
            * @pure

     

       119
       119
       +
            */

     

       120
       120
       +
           public function withClaim(string $name, mixed $value): BuilderInterface

     

       121
       121
       +
           {

     

       122
       122
       +
               if (in_array($name, RegisteredClaims::ALL, true)) {

     

       123
       123
       +
                   throw RegisteredClaimGiven::forClaim($name);

     

       124
       124
       +
               }

     

       125
       125
       +
       

     

       126
       126
       +
               return $this->setClaim($name, $value);

     

       127
       127
       +
           }

     

       128
       128
       +
       

     

       129
       129
       +
           /** @param non-empty-string $name */

     

       130
       130
       +
           private function setClaim(string $name, mixed $value): BuilderInterface

     

       131
       131
       +
           {

     

       132
       132
       +
               $new                = clone $this;

     

       133
       133
       +
               $new->claims[$name] = $value;

     

       134
       134
       +
       

     

       135
       135
       +
               return $new;

     

       136
       136
       +
           }

     

       137
       137
       +
       

     

       138
       138
       +
           /**

     

       139
       139
       +
            * @param array<non-empty-string, mixed> $items

     

       140
       140
       +
            *

     

       141
       141
       +
            * @throws CannotEncodeContent When data cannot be converted to JSON.

     

       142
       142
       +
            */

     

       143
       143
       +
           private function encode(array $items): string

     

       144
       144
       +
           {

     

       145
       145
       +
               return $this->encoder->base64UrlEncode(

     

       146
       146
       +
                   $this->encoder->jsonEncode($items),

     

       147
       147
       +
               );

     

       148
       148
       +
           }

     

       149
       149
       +
       

     

       150
       150
       +
           public function getToken(Signer $signer, Key $key): UnencryptedToken

     

       151
       151
       +
           {

     

       152
       152
       +
               $headers        = $this->headers;

     

       153
       153
       +
               $headers['alg'] = $signer->algorithmId();

     

       154
       154
       +
       

     

       155
       155
       +
               $encodedHeaders = $this->encode($headers);

     

       156
       156
       +
               $encodedClaims  = $this->encode($this->claimFormatter->formatClaims($this->claims));

     

       157
       157
       +
       

     

       158
       158
       +
               $signature        = $signer->sign($encodedHeaders . '.' . $encodedClaims, $key);

     

       159
       159
       +
               $encodedSignature = $this->encoder->base64UrlEncode($signature);

     

       160
       160
       +
       

     

       161
       161
       +
               return new Plain(

     

       162
       162
       +
                   new DataSet($headers, $encodedHeaders),

     

       163
       163
       +
                   new DataSet($this->claims, $encodedClaims),

     

       164
       164
       +
                   new Signature($signature, $encodedSignature),

     

       165
       165
       +
               );

     

       166
       166
       +
           }

     

       167
       167
       +
       }

+37

vendor/lcobucci/jwt/src/Token/DataSet.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Token;

     

       5
       5
       +
       

     

       6
       6
       +
       use function array_key_exists;

     

       7
       7
       +
       

     

       8
       8
       +
       final class DataSet

     

       9
       9
       +
       {

     

       10
       10
       +
           /** @param array<non-empty-string, mixed> $data */

     

       11
       11
       +
           public function __construct(private readonly array $data, private readonly string $encoded)

     

       12
       12
       +
           {

     

       13
       13
       +
           }

     

       14
       14
       +
       

     

       15
       15
       +
           /** @param non-empty-string $name */

     

       16
       16
       +
           public function get(string $name, mixed $default = null): mixed

     

       17
       17
       +
           {

     

       18
       18
       +
               return $this->data[$name] ?? $default;

     

       19
       19
       +
           }

     

       20
       20
       +
       

     

       21
       21
       +
           /** @param non-empty-string $name */

     

       22
       22
       +
           public function has(string $name): bool

     

       23
       23
       +
           {

     

       24
       24
       +
               return array_key_exists($name, $this->data);

     

       25
       25
       +
           }

     

       26
       26
       +
       

     

       27
       27
       +
           /** @return array<non-empty-string, mixed> */

     

       28
       28
       +
           public function all(): array

     

       29
       29
       +
           {

     

       30
       30
       +
               return $this->data;

     

       31
       31
       +
           }

     

       32
       32
       +
       

     

       33
       33
       +
           public function toString(): string

     

       34
       34
       +
           {

     

       35
       35
       +
               return $this->encoded;

     

       36
       36
       +
           }

     

       37
       37
       +
       }

+41

vendor/lcobucci/jwt/src/Token/InvalidTokenStructure.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Token;

     

       5
       5
       +
       

     

       6
       6
       +
       use InvalidArgumentException;

     

       7
       7
       +
       use Lcobucci\JWT\Exception;

     

       8
       8
       +
       

     

       9
       9
       +
       final class InvalidTokenStructure extends InvalidArgumentException implements Exception

     

       10
       10
       +
       {

     

       11
       11
       +
           public static function missingOrNotEnoughSeparators(): self

     

       12
       12
       +
           {

     

       13
       13
       +
               return new self('The JWT string must have two dots');

     

       14
       14
       +
           }

     

       15
       15
       +
       

     

       16
       16
       +
           public static function missingHeaderPart(): self

     

       17
       17
       +
           {

     

       18
       18
       +
               return new self('The JWT string is missing the Header part');

     

       19
       19
       +
           }

     

       20
       20
       +
       

     

       21
       21
       +
           public static function missingClaimsPart(): self

     

       22
       22
       +
           {

     

       23
       23
       +
               return new self('The JWT string is missing the Claim part');

     

       24
       24
       +
           }

     

       25
       25
       +
       

     

       26
       26
       +
           public static function missingSignaturePart(): self

     

       27
       27
       +
           {

     

       28
       28
       +
               return new self('The JWT string is missing the Signature part');

     

       29
       29
       +
           }

     

       30
       30
       +
       

     

       31
       31
       +
           /** @param non-empty-string $part */

     

       32
       32
       +
           public static function arrayExpected(string $part): self

     

       33
       33
       +
           {

     

       34
       34
       +
               return new self($part . ' must be an array with non-empty-string keys');

     

       35
       35
       +
           }

     

       36
       36
       +
       

     

       37
       37
       +
           public static function dateIsNotParseable(string $value): self

     

       38
       38
       +
           {

     

       39
       39
       +
               return new self('Value is not in the allowed date format: ' . $value);

     

       40
       40
       +
           }

     

       41
       41
       +
       }

+180

vendor/lcobucci/jwt/src/Token/Parser.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Token;

     

       5
       5
       +
       

     

       6
       6
       +
       use DateTimeImmutable;

     

       7
       7
       +
       use Lcobucci\JWT\Decoder;

     

       8
       8
       +
       use Lcobucci\JWT\Parser as ParserInterface;

     

       9
       9
       +
       use Lcobucci\JWT\Token as TokenInterface;

     

       10
       10
       +
       

     

       11
       11
       +
       use function array_key_exists;

     

       12
       12
       +
       use function count;

     

       13
       13
       +
       use function explode;

     

       14
       14
       +
       use function is_array;

     

       15
       15
       +
       use function is_numeric;

     

       16
       16
       +
       use function number_format;

     

       17
       17
       +
       

     

       18
       18
       +
       final class Parser implements ParserInterface

     

       19
       19
       +
       {

     

       20
       20
       +
           private const MICROSECOND_PRECISION = 6;

     

       21
       21
       +
       

     

       22
       22
       +
           public function __construct(private readonly Decoder $decoder)

     

       23
       23
       +
           {

     

       24
       24
       +
           }

     

       25
       25
       +
       

     

       26
       26
       +
           public function parse(string $jwt): TokenInterface

     

       27
       27
       +
           {

     

       28
       28
       +
               [$encodedHeaders, $encodedClaims, $encodedSignature] = $this->splitJwt($jwt);

     

       29
       29
       +
       

     

       30
       30
       +
               if ($encodedHeaders === '') {

     

       31
       31
       +
                   throw InvalidTokenStructure::missingHeaderPart();

     

       32
       32
       +
               }

     

       33
       33
       +
       

     

       34
       34
       +
               if ($encodedClaims === '') {

     

       35
       35
       +
                   throw InvalidTokenStructure::missingClaimsPart();

     

       36
       36
       +
               }

     

       37
       37
       +
       

     

       38
       38
       +
               if ($encodedSignature === '') {

     

       39
       39
       +
                   throw InvalidTokenStructure::missingSignaturePart();

     

       40
       40
       +
               }

     

       41
       41
       +
       

     

       42
       42
       +
               $header = $this->parseHeader($encodedHeaders);

     

       43
       43
       +
       

     

       44
       44
       +
               return new Plain(

     

       45
       45
       +
                   new DataSet($header, $encodedHeaders),

     

       46
       46
       +
                   new DataSet($this->parseClaims($encodedClaims), $encodedClaims),

     

       47
       47
       +
                   $this->parseSignature($encodedSignature),

     

       48
       48
       +
               );

     

       49
       49
       +
           }

     

       50
       50
       +
       

     

       51
       51
       +
           /**

     

       52
       52
       +
            * Splits the JWT string into an array

     

       53
       53
       +
            *

     

       54
       54
       +
            * @param non-empty-string $jwt

     

       55
       55
       +
            *

     

       56
       56
       +
            * @return string[]

     

       57
       57
       +
            *

     

       58
       58
       +
            * @throws InvalidTokenStructure When JWT doesn't have all parts.

     

       59
       59
       +
            */

     

       60
       60
       +
           private function splitJwt(string $jwt): array

     

       61
       61
       +
           {

     

       62
       62
       +
               $data = explode('.', $jwt);

     

       63
       63
       +
       

     

       64
       64
       +
               if (count($data) !== 3) {

     

       65
       65
       +
                   throw InvalidTokenStructure::missingOrNotEnoughSeparators();

     

       66
       66
       +
               }

     

       67
       67
       +
       

     

       68
       68
       +
               return $data;

     

       69
       69
       +
           }

     

       70
       70
       +
       

     

       71
       71
       +
           /**

     

       72
       72
       +
            * Parses the header from a string

     

       73
       73
       +
            *

     

       74
       74
       +
            * @param non-empty-string $data

     

       75
       75
       +
            *

     

       76
       76
       +
            * @return array<non-empty-string, mixed>

     

       77
       77
       +
            *

     

       78
       78
       +
            * @throws UnsupportedHeaderFound When an invalid header is informed.

     

       79
       79
       +
            * @throws InvalidTokenStructure  When parsed content isn't an array.

     

       80
       80
       +
            */

     

       81
       81
       +
           private function parseHeader(string $data): array

     

       82
       82
       +
           {

     

       83
       83
       +
               $header = $this->decoder->jsonDecode($this->decoder->base64UrlDecode($data));

     

       84
       84
       +
       

     

       85
       85
       +
               if (! is_array($header)) {

     

       86
       86
       +
                   throw InvalidTokenStructure::arrayExpected('headers');

     

       87
       87
       +
               }

     

       88
       88
       +
       

     

       89
       89
       +
               $this->guardAgainstEmptyStringKeys($header, 'headers');

     

       90
       90
       +
       

     

       91
       91
       +
               if (array_key_exists('enc', $header)) {

     

       92
       92
       +
                   throw UnsupportedHeaderFound::encryption();

     

       93
       93
       +
               }

     

       94
       94
       +
       

     

       95
       95
       +
               if (! array_key_exists('typ', $header)) {

     

       96
       96
       +
                   $header['typ'] = 'JWT';

     

       97
       97
       +
               }

     

       98
       98
       +
       

     

       99
       99
       +
               return $header;

     

       100
       100
       +
           }

     

       101
       101
       +
       

     

       102
       102
       +
           /**

     

       103
       103
       +
            * Parses the claim set from a string

     

       104
       104
       +
            *

     

       105
       105
       +
            * @param non-empty-string $data

     

       106
       106
       +
            *

     

       107
       107
       +
            * @return array<non-empty-string, mixed>

     

       108
       108
       +
            *

     

       109
       109
       +
            * @throws InvalidTokenStructure When parsed content isn't an array or contains non-parseable dates.

     

       110
       110
       +
            */

     

       111
       111
       +
           private function parseClaims(string $data): array

     

       112
       112
       +
           {

     

       113
       113
       +
               $claims = $this->decoder->jsonDecode($this->decoder->base64UrlDecode($data));

     

       114
       114
       +
       

     

       115
       115
       +
               if (! is_array($claims)) {

     

       116
       116
       +
                   throw InvalidTokenStructure::arrayExpected('claims');

     

       117
       117
       +
               }

     

       118
       118
       +
       

     

       119
       119
       +
               $this->guardAgainstEmptyStringKeys($claims, 'claims');

     

       120
       120
       +
       

     

       121
       121
       +
               if (array_key_exists(RegisteredClaims::AUDIENCE, $claims)) {

     

       122
       122
       +
                   $claims[RegisteredClaims::AUDIENCE] = (array) $claims[RegisteredClaims::AUDIENCE];

     

       123
       123
       +
               }

     

       124
       124
       +
       

     

       125
       125
       +
               foreach (RegisteredClaims::DATE_CLAIMS as $claim) {

     

       126
       126
       +
                   if (! array_key_exists($claim, $claims)) {

     

       127
       127
       +
                       continue;

     

       128
       128
       +
                   }

     

       129
       129
       +
       

     

       130
       130
       +
                   $claims[$claim] = $this->convertDate($claims[$claim]);

     

       131
       131
       +
               }

     

       132
       132
       +
       

     

       133
       133
       +
               return $claims;

     

       134
       134
       +
           }

     

       135
       135
       +
       

     

       136
       136
       +
           /**

     

       137
       137
       +
            * @param array<string, mixed> $array

     

       138
       138
       +
            * @param non-empty-string     $part

     

       139
       139
       +
            *

     

       140
       140
       +
            * @phpstan-assert array<non-empty-string, mixed> $array

     

       141
       141
       +
            */

     

       142
       142
       +
           private function guardAgainstEmptyStringKeys(array $array, string $part): void

     

       143
       143
       +
           {

     

       144
       144
       +
               foreach ($array as $key => $value) {

     

       145
       145
       +
                   if ($key === '') {

     

       146
       146
       +
                       throw InvalidTokenStructure::arrayExpected($part);

     

       147
       147
       +
                   }

     

       148
       148
       +
               }

     

       149
       149
       +
           }

     

       150
       150
       +
       

     

       151
       151
       +
           /** @throws InvalidTokenStructure */

     

       152
       152
       +
           private function convertDate(int|float|string $timestamp): DateTimeImmutable

     

       153
       153
       +
           {

     

       154
       154
       +
               if (! is_numeric($timestamp)) {

     

       155
       155
       +
                   throw InvalidTokenStructure::dateIsNotParseable($timestamp);

     

       156
       156
       +
               }

     

       157
       157
       +
       

     

       158
       158
       +
               $normalizedTimestamp = number_format((float) $timestamp, self::MICROSECOND_PRECISION, '.', '');

     

       159
       159
       +
       

     

       160
       160
       +
               $date = DateTimeImmutable::createFromFormat('U.u', $normalizedTimestamp);

     

       161
       161
       +
       

     

       162
       162
       +
               if ($date === false) {

     

       163
       163
       +
                   throw InvalidTokenStructure::dateIsNotParseable($normalizedTimestamp);

     

       164
       164
       +
               }

     

       165
       165
       +
       

     

       166
       166
       +
               return $date;

     

       167
       167
       +
           }

     

       168
       168
       +
       

     

       169
       169
       +
           /**

     

       170
       170
       +
            * Returns the signature from given data

     

       171
       171
       +
            *

     

       172
       172
       +
            * @param non-empty-string $data

     

       173
       173
       +
            */

     

       174
       174
       +
           private function parseSignature(string $data): Signature

     

       175
       175
       +
           {

     

       176
       176
       +
               $hash = $this->decoder->base64UrlDecode($data);

     

       177
       177
       +
       

     

       178
       178
       +
               return new Signature($hash, $data);

     

       179
       179
       +
           }

     

       180
       180
       +
       }

+85

vendor/lcobucci/jwt/src/Token/Plain.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Token;

     

       5
       5
       +
       

     

       6
       6
       +
       use DateTimeInterface;

     

       7
       7
       +
       use Lcobucci\JWT\UnencryptedToken;

     

       8
       8
       +
       

     

       9
       9
       +
       use function in_array;

     

       10
       10
       +
       

     

       11
       11
       +
       final class Plain implements UnencryptedToken

     

       12
       12
       +
       {

     

       13
       13
       +
           public function __construct(

     

       14
       14
       +
               private readonly DataSet $headers,

     

       15
       15
       +
               private readonly DataSet $claims,

     

       16
       16
       +
               private readonly Signature $signature,

     

       17
       17
       +
           ) {

     

       18
       18
       +
           }

     

       19
       19
       +
       

     

       20
       20
       +
           public function headers(): DataSet

     

       21
       21
       +
           {

     

       22
       22
       +
               return $this->headers;

     

       23
       23
       +
           }

     

       24
       24
       +
       

     

       25
       25
       +
           public function claims(): DataSet

     

       26
       26
       +
           {

     

       27
       27
       +
               return $this->claims;

     

       28
       28
       +
           }

     

       29
       29
       +
       

     

       30
       30
       +
           public function signature(): Signature

     

       31
       31
       +
           {

     

       32
       32
       +
               return $this->signature;

     

       33
       33
       +
           }

     

       34
       34
       +
       

     

       35
       35
       +
           public function payload(): string

     

       36
       36
       +
           {

     

       37
       37
       +
               return $this->headers->toString() . '.' . $this->claims->toString();

     

       38
       38
       +
           }

     

       39
       39
       +
       

     

       40
       40
       +
           public function isPermittedFor(string $audience): bool

     

       41
       41
       +
           {

     

       42
       42
       +
               return in_array($audience, $this->claims->get(RegisteredClaims::AUDIENCE, []), true);

     

       43
       43
       +
           }

     

       44
       44
       +
       

     

       45
       45
       +
           public function isIdentifiedBy(string $id): bool

     

       46
       46
       +
           {

     

       47
       47
       +
               return $this->claims->get(RegisteredClaims::ID) === $id;

     

       48
       48
       +
           }

     

       49
       49
       +
       

     

       50
       50
       +
           public function isRelatedTo(string $subject): bool

     

       51
       51
       +
           {

     

       52
       52
       +
               return $this->claims->get(RegisteredClaims::SUBJECT) === $subject;

     

       53
       53
       +
           }

     

       54
       54
       +
       

     

       55
       55
       +
           public function hasBeenIssuedBy(string ...$issuers): bool

     

       56
       56
       +
           {

     

       57
       57
       +
               return in_array($this->claims->get(RegisteredClaims::ISSUER), $issuers, true);

     

       58
       58
       +
           }

     

       59
       59
       +
       

     

       60
       60
       +
           public function hasBeenIssuedBefore(DateTimeInterface $now): bool

     

       61
       61
       +
           {

     

       62
       62
       +
               return $now >= $this->claims->get(RegisteredClaims::ISSUED_AT);

     

       63
       63
       +
           }

     

       64
       64
       +
       

     

       65
       65
       +
           public function isMinimumTimeBefore(DateTimeInterface $now): bool

     

       66
       66
       +
           {

     

       67
       67
       +
               return $now >= $this->claims->get(RegisteredClaims::NOT_BEFORE);

     

       68
       68
       +
           }

     

       69
       69
       +
       

     

       70
       70
       +
           public function isExpired(DateTimeInterface $now): bool

     

       71
       71
       +
           {

     

       72
       72
       +
               if (! $this->claims->has(RegisteredClaims::EXPIRATION_TIME)) {

     

       73
       73
       +
                   return false;

     

       74
       74
       +
               }

     

       75
       75
       +
       

     

       76
       76
       +
               return $now >= $this->claims->get(RegisteredClaims::EXPIRATION_TIME);

     

       77
       77
       +
           }

     

       78
       78
       +
       

     

       79
       79
       +
           public function toString(): string

     

       80
       80
       +
           {

     

       81
       81
       +
               return $this->headers->toString() . '.'

     

       82
       82
       +
                    . $this->claims->toString() . '.'

     

       83
       83
       +
                    . $this->signature->toString();

     

       84
       84
       +
           }

     

       85
       85
       +
       }

+21

vendor/lcobucci/jwt/src/Token/RegisteredClaimGiven.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Token;

     

       5
       5
       +
       

     

       6
       6
       +
       use InvalidArgumentException;

     

       7
       7
       +
       use Lcobucci\JWT\Exception;

     

       8
       8
       +
       

     

       9
       9
       +
       use function sprintf;

     

       10
       10
       +
       

     

       11
       11
       +
       final class RegisteredClaimGiven extends InvalidArgumentException implements Exception

     

       12
       12
       +
       {

     

       13
       13
       +
           private const DEFAULT_MESSAGE = 'Builder#withClaim() is meant to be used for non-registered claims, '

     

       14
       14
       +
                                         . 'check the documentation on how to set claim "%s"';

     

       15
       15
       +
       

     

       16
       16
       +
           /** @param non-empty-string $name */

     

       17
       17
       +
           public static function forClaim(string $name): self

     

       18
       18
       +
           {

     

       19
       19
       +
               return new self(sprintf(self::DEFAULT_MESSAGE, $name));

     

       20
       20
       +
           }

     

       21
       21
       +
       }

+77

vendor/lcobucci/jwt/src/Token/RegisteredClaims.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Token;

     

       5
       5
       +
       

     

       6
       6
       +
       /**

     

       7
       7
       +
        * Defines the list of claims that are registered in the IANA "JSON Web Token Claims" registry

     

       8
       8
       +
        *

     

       9
       9
       +
        * @see https://tools.ietf.org/html/rfc7519#section-4.1

     

       10
       10
       +
        */

     

       11
       11
       +
       interface RegisteredClaims

     

       12
       12
       +
       {

     

       13
       13
       +
           public const ALL = [

     

       14
       14
       +
               self::AUDIENCE,

     

       15
       15
       +
               self::EXPIRATION_TIME,

     

       16
       16
       +
               self::ID,

     

       17
       17
       +
               self::ISSUED_AT,

     

       18
       18
       +
               self::ISSUER,

     

       19
       19
       +
               self::NOT_BEFORE,

     

       20
       20
       +
               self::SUBJECT,

     

       21
       21
       +
           ];

     

       22
       22
       +
       

     

       23
       23
       +
           public const DATE_CLAIMS = [

     

       24
       24
       +
               self::ISSUED_AT,

     

       25
       25
       +
               self::NOT_BEFORE,

     

       26
       26
       +
               self::EXPIRATION_TIME,

     

       27
       27
       +
           ];

     

       28
       28
       +
       

     

       29
       29
       +
           /**

     

       30
       30
       +
            * Identifies the recipients that the JWT is intended for

     

       31
       31
       +
            *

     

       32
       32
       +
            * @see https://tools.ietf.org/html/rfc7519#section-4.1.3

     

       33
       33
       +
            */

     

       34
       34
       +
           public const AUDIENCE = 'aud';

     

       35
       35
       +
       

     

       36
       36
       +
           /**

     

       37
       37
       +
            * Identifies the expiration time on or after which the JWT MUST NOT be accepted for processing

     

       38
       38
       +
            *

     

       39
       39
       +
            * @see https://tools.ietf.org/html/rfc7519#section-4.1.4

     

       40
       40
       +
            */

     

       41
       41
       +
           public const EXPIRATION_TIME = 'exp';

     

       42
       42
       +
       

     

       43
       43
       +
           /**

     

       44
       44
       +
            * Provides a unique identifier for the JWT

     

       45
       45
       +
            *

     

       46
       46
       +
            * @see https://tools.ietf.org/html/rfc7519#section-4.1.7

     

       47
       47
       +
            */

     

       48
       48
       +
           public const ID = 'jti';

     

       49
       49
       +
       

     

       50
       50
       +
           /**

     

       51
       51
       +
            * Identifies the time at which the JWT was issued

     

       52
       52
       +
            *

     

       53
       53
       +
            * @see https://tools.ietf.org/html/rfc7519#section-4.1.6

     

       54
       54
       +
            */

     

       55
       55
       +
           public const ISSUED_AT = 'iat';

     

       56
       56
       +
       

     

       57
       57
       +
           /**

     

       58
       58
       +
            * Identifies the principal that issued the JWT

     

       59
       59
       +
            *

     

       60
       60
       +
            * @see https://tools.ietf.org/html/rfc7519#section-4.1.1

     

       61
       61
       +
            */

     

       62
       62
       +
           public const ISSUER = 'iss';

     

       63
       63
       +
       

     

       64
       64
       +
           /**

     

       65
       65
       +
            * Identifies the time before which the JWT MUST NOT be accepted for processing

     

       66
       66
       +
            *

     

       67
       67
       +
            * https://tools.ietf.org/html/rfc7519#section-4.1.5

     

       68
       68
       +
            */

     

       69
       69
       +
           public const NOT_BEFORE = 'nbf';

     

       70
       70
       +
       

     

       71
       71
       +
           /**

     

       72
       72
       +
            * Identifies the principal that is the subject of the JWT.

     

       73
       73
       +
            *

     

       74
       74
       +
            * https://tools.ietf.org/html/rfc7519#section-4.1.2

     

       75
       75
       +
            */

     

       76
       76
       +
           public const SUBJECT = 'sub';

     

       77
       77
       +
       }

+31

vendor/lcobucci/jwt/src/Token/Signature.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Token;

     

       5
       5
       +
       

     

       6
       6
       +
       final class Signature

     

       7
       7
       +
       {

     

       8
       8
       +
           /**

     

       9
       9
       +
            * @param non-empty-string $hash

     

       10
       10
       +
            * @param non-empty-string $encoded

     

       11
       11
       +
            */

     

       12
       12
       +
           public function __construct(private readonly string $hash, private readonly string $encoded)

     

       13
       13
       +
           {

     

       14
       14
       +
           }

     

       15
       15
       +
       

     

       16
       16
       +
           /** @return non-empty-string */

     

       17
       17
       +
           public function hash(): string

     

       18
       18
       +
           {

     

       19
       19
       +
               return $this->hash;

     

       20
       20
       +
           }

     

       21
       21
       +
       

     

       22
       22
       +
           /**

     

       23
       23
       +
            * Returns the encoded version of the signature

     

       24
       24
       +
            *

     

       25
       25
       +
            * @return non-empty-string

     

       26
       26
       +
            */

     

       27
       27
       +
           public function toString(): string

     

       28
       28
       +
           {

     

       29
       29
       +
               return $this->encoded;

     

       30
       30
       +
           }

     

       31
       31
       +
       }

+15

vendor/lcobucci/jwt/src/Token/UnsupportedHeaderFound.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Token;

     

       5
       5
       +
       

     

       6
       6
       +
       use InvalidArgumentException;

     

       7
       7
       +
       use Lcobucci\JWT\Exception;

     

       8
       8
       +
       

     

       9
       9
       +
       final class UnsupportedHeaderFound extends InvalidArgumentException implements Exception

     

       10
       10
       +
       {

     

       11
       11
       +
           public static function encryption(): self

     

       12
       12
       +
           {

     

       13
       13
       +
               return new self('Encryption is not supported yet');

     

       14
       14
       +
           }

     

       15
       15
       +
       }

+65

vendor/lcobucci/jwt/src/Token.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT;

     

       5
       5
       +
       

     

       6
       6
       +
       use DateTimeInterface;

     

       7
       7
       +
       use Lcobucci\JWT\Token\DataSet;

     

       8
       8
       +
       

     

       9
       9
       +
       interface Token

     

       10
       10
       +
       {

     

       11
       11
       +
           /**

     

       12
       12
       +
            * Returns the token headers

     

       13
       13
       +
            */

     

       14
       14
       +
           public function headers(): DataSet;

     

       15
       15
       +
       

     

       16
       16
       +
           /**

     

       17
       17
       +
            * Returns if the token is allowed to be used by the audience

     

       18
       18
       +
            *

     

       19
       19
       +
            * @param non-empty-string $audience

     

       20
       20
       +
            */

     

       21
       21
       +
           public function isPermittedFor(string $audience): bool;

     

       22
       22
       +
       

     

       23
       23
       +
           /**

     

       24
       24
       +
            * Returns if the token has the given id

     

       25
       25
       +
            *

     

       26
       26
       +
            * @param non-empty-string $id

     

       27
       27
       +
            */

     

       28
       28
       +
           public function isIdentifiedBy(string $id): bool;

     

       29
       29
       +
       

     

       30
       30
       +
           /**

     

       31
       31
       +
            * Returns if the token has the given subject

     

       32
       32
       +
            *

     

       33
       33
       +
            * @param non-empty-string $subject

     

       34
       34
       +
            */

     

       35
       35
       +
           public function isRelatedTo(string $subject): bool;

     

       36
       36
       +
       

     

       37
       37
       +
           /**

     

       38
       38
       +
            * Returns if the token was issued by any of given issuers

     

       39
       39
       +
            *

     

       40
       40
       +
            * @param non-empty-string ...$issuers

     

       41
       41
       +
            */

     

       42
       42
       +
           public function hasBeenIssuedBy(string ...$issuers): bool;

     

       43
       43
       +
       

     

       44
       44
       +
           /**

     

       45
       45
       +
            * Returns if the token was issued before of given time

     

       46
       46
       +
            */

     

       47
       47
       +
           public function hasBeenIssuedBefore(DateTimeInterface $now): bool;

     

       48
       48
       +
       

     

       49
       49
       +
           /**

     

       50
       50
       +
            * Returns if the token minimum time is before than given time

     

       51
       51
       +
            */

     

       52
       52
       +
           public function isMinimumTimeBefore(DateTimeInterface $now): bool;

     

       53
       53
       +
       

     

       54
       54
       +
           /**

     

       55
       55
       +
            * Returns if the token is expired

     

       56
       56
       +
            */

     

       57
       57
       +
           public function isExpired(DateTimeInterface $now): bool;

     

       58
       58
       +
       

     

       59
       59
       +
           /**

     

       60
       60
       +
            * Returns an encoded representation of the token

     

       61
       61
       +
            *

     

       62
       62
       +
            * @return non-empty-string

     

       63
       63
       +
            */

     

       64
       64
       +
           public function toString(): string;

     

       65
       65
       +
       }

+27

vendor/lcobucci/jwt/src/UnencryptedToken.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Token\DataSet;

     

       7
       7
       +
       use Lcobucci\JWT\Token\Signature;

     

       8
       8
       +
       

     

       9
       9
       +
       interface UnencryptedToken extends Token

     

       10
       10
       +
       {

     

       11
       11
       +
           /**

     

       12
       12
       +
            * Returns the token claims

     

       13
       13
       +
            */

     

       14
       14
       +
           public function claims(): DataSet;

     

       15
       15
       +
       

     

       16
       16
       +
           /**

     

       17
       17
       +
            * Returns the token signature

     

       18
       18
       +
            */

     

       19
       19
       +
           public function signature(): Signature;

     

       20
       20
       +
       

     

       21
       21
       +
           /**

     

       22
       22
       +
            * Returns the token payload

     

       23
       23
       +
            *

     

       24
       24
       +
            * @return non-empty-string

     

       25
       25
       +
            */

     

       26
       26
       +
           public function payload(): string;

     

       27
       27
       +
       }

+18

vendor/lcobucci/jwt/src/Validation/Constraint/CannotValidateARegisteredClaim.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation\Constraint;

     

       5
       5
       +
       

     

       6
       6
       +
       use InvalidArgumentException;

     

       7
       7
       +
       use Lcobucci\JWT\Exception;

     

       8
       8
       +
       

     

       9
       9
       +
       final class CannotValidateARegisteredClaim extends InvalidArgumentException implements Exception

     

       10
       10
       +
       {

     

       11
       11
       +
           /** @param non-empty-string $claim */

     

       12
       12
       +
           public static function create(string $claim): self

     

       13
       13
       +
           {

     

       14
       14
       +
               return new self(

     

       15
       15
       +
                   'The claim "' . $claim . '" is a registered claim, another constraint must be used to validate its value',

     

       16
       16
       +
               );

     

       17
       17
       +
           }

     

       18
       18
       +
       }

+35

vendor/lcobucci/jwt/src/Validation/Constraint/HasClaim.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation\Constraint;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Token;

     

       7
       7
       +
       use Lcobucci\JWT\UnencryptedToken;

     

       8
       8
       +
       use Lcobucci\JWT\Validation\Constraint;

     

       9
       9
       +
       use Lcobucci\JWT\Validation\ConstraintViolation;

     

       10
       10
       +
       

     

       11
       11
       +
       use function in_array;

     

       12
       12
       +
       

     

       13
       13
       +
       final class HasClaim implements Constraint

     

       14
       14
       +
       {

     

       15
       15
       +
           /** @param non-empty-string $claim */

     

       16
       16
       +
           public function __construct(private readonly string $claim)

     

       17
       17
       +
           {

     

       18
       18
       +
               if (in_array($claim, Token\RegisteredClaims::ALL, true)) {

     

       19
       19
       +
                   throw CannotValidateARegisteredClaim::create($claim);

     

       20
       20
       +
               }

     

       21
       21
       +
           }

     

       22
       22
       +
       

     

       23
       23
       +
           public function assert(Token $token): void

     

       24
       24
       +
           {

     

       25
       25
       +
               if (! $token instanceof UnencryptedToken) {

     

       26
       26
       +
                   throw ConstraintViolation::error('You should pass a plain token', $this);

     

       27
       27
       +
               }

     

       28
       28
       +
       

     

       29
       29
       +
               $claims = $token->claims();

     

       30
       30
       +
       

     

       31
       31
       +
               if (! $claims->has($this->claim)) {

     

       32
       32
       +
                   throw ConstraintViolation::error('The token does not have the claim "' . $this->claim . '"', $this);

     

       33
       33
       +
               }

     

       34
       34
       +
           }

     

       35
       35
       +
       }

+42

vendor/lcobucci/jwt/src/Validation/Constraint/HasClaimWithValue.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation\Constraint;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Token;

     

       7
       7
       +
       use Lcobucci\JWT\UnencryptedToken;

     

       8
       8
       +
       use Lcobucci\JWT\Validation\Constraint;

     

       9
       9
       +
       use Lcobucci\JWT\Validation\ConstraintViolation;

     

       10
       10
       +
       

     

       11
       11
       +
       use function in_array;

     

       12
       12
       +
       

     

       13
       13
       +
       final class HasClaimWithValue implements Constraint

     

       14
       14
       +
       {

     

       15
       15
       +
           /** @param non-empty-string $claim */

     

       16
       16
       +
           public function __construct(private readonly string $claim, private readonly mixed $expectedValue)

     

       17
       17
       +
           {

     

       18
       18
       +
               if (in_array($claim, Token\RegisteredClaims::ALL, true)) {

     

       19
       19
       +
                   throw CannotValidateARegisteredClaim::create($claim);

     

       20
       20
       +
               }

     

       21
       21
       +
           }

     

       22
       22
       +
       

     

       23
       23
       +
           public function assert(Token $token): void

     

       24
       24
       +
           {

     

       25
       25
       +
               if (! $token instanceof UnencryptedToken) {

     

       26
       26
       +
                   throw ConstraintViolation::error('You should pass a plain token', $this);

     

       27
       27
       +
               }

     

       28
       28
       +
       

     

       29
       29
       +
               $claims = $token->claims();

     

       30
       30
       +
       

     

       31
       31
       +
               if (! $claims->has($this->claim)) {

     

       32
       32
       +
                   throw ConstraintViolation::error('The token does not have the claim "' . $this->claim . '"', $this);

     

       33
       33
       +
               }

     

       34
       34
       +
       

     

       35
       35
       +
               if ($claims->get($this->claim) !== $this->expectedValue) {

     

       36
       36
       +
                   throw ConstraintViolation::error(

     

       37
       37
       +
                       'The claim "' . $this->claim . '" does not have the expected value',

     

       38
       38
       +
                       $this,

     

       39
       39
       +
                   );

     

       40
       40
       +
               }

     

       41
       41
       +
           }

     

       42
       42
       +
       }

+26

vendor/lcobucci/jwt/src/Validation/Constraint/IdentifiedBy.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation\Constraint;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Token;

     

       7
       7
       +
       use Lcobucci\JWT\Validation\Constraint;

     

       8
       8
       +
       use Lcobucci\JWT\Validation\ConstraintViolation;

     

       9
       9
       +
       

     

       10
       10
       +
       final class IdentifiedBy implements Constraint

     

       11
       11
       +
       {

     

       12
       12
       +
           /** @param non-empty-string $id */

     

       13
       13
       +
           public function __construct(private readonly string $id)

     

       14
       14
       +
           {

     

       15
       15
       +
           }

     

       16
       16
       +
       

     

       17
       17
       +
           public function assert(Token $token): void

     

       18
       18
       +
           {

     

       19
       19
       +
               if (! $token->isIdentifiedBy($this->id)) {

     

       20
       20
       +
                   throw ConstraintViolation::error(

     

       21
       21
       +
                       'The token is not identified with the expected ID',

     

       22
       22
       +
                       $this,

     

       23
       23
       +
                   );

     

       24
       24
       +
               }

     

       25
       25
       +
           }

     

       26
       26
       +
       }

+30

vendor/lcobucci/jwt/src/Validation/Constraint/IssuedBy.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation\Constraint;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Token;

     

       7
       7
       +
       use Lcobucci\JWT\Validation\Constraint;

     

       8
       8
       +
       use Lcobucci\JWT\Validation\ConstraintViolation;

     

       9
       9
       +
       

     

       10
       10
       +
       final class IssuedBy implements Constraint

     

       11
       11
       +
       {

     

       12
       12
       +
           /** @var non-empty-string[] */

     

       13
       13
       +
           private readonly array $issuers;

     

       14
       14
       +
       

     

       15
       15
       +
           /** @param non-empty-string ...$issuers */

     

       16
       16
       +
           public function __construct(string ...$issuers)

     

       17
       17
       +
           {

     

       18
       18
       +
               $this->issuers = $issuers;

     

       19
       19
       +
           }

     

       20
       20
       +
       

     

       21
       21
       +
           public function assert(Token $token): void

     

       22
       22
       +
           {

     

       23
       23
       +
               if (! $token->hasBeenIssuedBy(...$this->issuers)) {

     

       24
       24
       +
                   throw ConstraintViolation::error(

     

       25
       25
       +
                       'The token was not issued by the given issuers',

     

       26
       26
       +
                       $this,

     

       27
       27
       +
                   );

     

       28
       28
       +
               }

     

       29
       29
       +
           }

     

       30
       30
       +
       }

+15

vendor/lcobucci/jwt/src/Validation/Constraint/LeewayCannotBeNegative.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation\Constraint;

     

       5
       5
       +
       

     

       6
       6
       +
       use InvalidArgumentException;

     

       7
       7
       +
       use Lcobucci\JWT\Exception;

     

       8
       8
       +
       

     

       9
       9
       +
       final class LeewayCannotBeNegative extends InvalidArgumentException implements Exception

     

       10
       10
       +
       {

     

       11
       11
       +
           public static function create(): self

     

       12
       12
       +
           {

     

       13
       13
       +
               return new self('Leeway cannot be negative');

     

       14
       14
       +
           }

     

       15
       15
       +
       }

+67

vendor/lcobucci/jwt/src/Validation/Constraint/LooseValidAt.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation\Constraint;

     

       5
       5
       +
       

     

       6
       6
       +
       use DateInterval;

     

       7
       7
       +
       use DateTimeInterface;

     

       8
       8
       +
       use Lcobucci\JWT\Token;

     

       9
       9
       +
       use Lcobucci\JWT\Validation\ConstraintViolation;

     

       10
       10
       +
       use Lcobucci\JWT\Validation\ValidAt as ValidAtInterface;

     

       11
       11
       +
       use Psr\Clock\ClockInterface as Clock;

     

       12
       12
       +
       

     

       13
       13
       +
       final class LooseValidAt implements ValidAtInterface

     

       14
       14
       +
       {

     

       15
       15
       +
           private readonly DateInterval $leeway;

     

       16
       16
       +
       

     

       17
       17
       +
           public function __construct(private readonly Clock $clock, ?DateInterval $leeway = null)

     

       18
       18
       +
           {

     

       19
       19
       +
               $this->leeway = $this->guardLeeway($leeway);

     

       20
       20
       +
           }

     

       21
       21
       +
       

     

       22
       22
       +
           private function guardLeeway(?DateInterval $leeway): DateInterval

     

       23
       23
       +
           {

     

       24
       24
       +
               if ($leeway === null) {

     

       25
       25
       +
                   return new DateInterval('PT0S');

     

       26
       26
       +
               }

     

       27
       27
       +
       

     

       28
       28
       +
               if ($leeway->invert === 1) {

     

       29
       29
       +
                   throw LeewayCannotBeNegative::create();

     

       30
       30
       +
               }

     

       31
       31
       +
       

     

       32
       32
       +
               return $leeway;

     

       33
       33
       +
           }

     

       34
       34
       +
       

     

       35
       35
       +
           public function assert(Token $token): void

     

       36
       36
       +
           {

     

       37
       37
       +
               $now = $this->clock->now();

     

       38
       38
       +
       

     

       39
       39
       +
               $this->assertIssueTime($token, $now->add($this->leeway));

     

       40
       40
       +
               $this->assertMinimumTime($token, $now->add($this->leeway));

     

       41
       41
       +
               $this->assertExpiration($token, $now->sub($this->leeway));

     

       42
       42
       +
           }

     

       43
       43
       +
       

     

       44
       44
       +
           /** @throws ConstraintViolation */

     

       45
       45
       +
           private function assertExpiration(Token $token, DateTimeInterface $now): void

     

       46
       46
       +
           {

     

       47
       47
       +
               if ($token->isExpired($now)) {

     

       48
       48
       +
                   throw ConstraintViolation::error('The token is expired', $this);

     

       49
       49
       +
               }

     

       50
       50
       +
           }

     

       51
       51
       +
       

     

       52
       52
       +
           /** @throws ConstraintViolation */

     

       53
       53
       +
           private function assertMinimumTime(Token $token, DateTimeInterface $now): void

     

       54
       54
       +
           {

     

       55
       55
       +
               if (! $token->isMinimumTimeBefore($now)) {

     

       56
       56
       +
                   throw ConstraintViolation::error('The token cannot be used yet', $this);

     

       57
       57
       +
               }

     

       58
       58
       +
           }

     

       59
       59
       +
       

     

       60
       60
       +
           /** @throws ConstraintViolation */

     

       61
       61
       +
           private function assertIssueTime(Token $token, DateTimeInterface $now): void

     

       62
       62
       +
           {

     

       63
       63
       +
               if (! $token->hasBeenIssuedBefore($now)) {

     

       64
       64
       +
                   throw ConstraintViolation::error('The token was issued in the future', $this);

     

       65
       65
       +
               }

     

       66
       66
       +
           }

     

       67
       67
       +
       }

+26

vendor/lcobucci/jwt/src/Validation/Constraint/PermittedFor.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation\Constraint;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Token;

     

       7
       7
       +
       use Lcobucci\JWT\Validation\Constraint;

     

       8
       8
       +
       use Lcobucci\JWT\Validation\ConstraintViolation;

     

       9
       9
       +
       

     

       10
       10
       +
       final class PermittedFor implements Constraint

     

       11
       11
       +
       {

     

       12
       12
       +
           /** @param non-empty-string $audience */

     

       13
       13
       +
           public function __construct(private readonly string $audience)

     

       14
       14
       +
           {

     

       15
       15
       +
           }

     

       16
       16
       +
       

     

       17
       17
       +
           public function assert(Token $token): void

     

       18
       18
       +
           {

     

       19
       19
       +
               if (! $token->isPermittedFor($this->audience)) {

     

       20
       20
       +
                   throw ConstraintViolation::error(

     

       21
       21
       +
                       'The token is not allowed to be used by this audience',

     

       22
       22
       +
                       $this,

     

       23
       23
       +
                   );

     

       24
       24
       +
               }

     

       25
       25
       +
           }

     

       26
       26
       +
       }

+26

vendor/lcobucci/jwt/src/Validation/Constraint/RelatedTo.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation\Constraint;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Token;

     

       7
       7
       +
       use Lcobucci\JWT\Validation\Constraint;

     

       8
       8
       +
       use Lcobucci\JWT\Validation\ConstraintViolation;

     

       9
       9
       +
       

     

       10
       10
       +
       final class RelatedTo implements Constraint

     

       11
       11
       +
       {

     

       12
       12
       +
           /** @param non-empty-string $subject */

     

       13
       13
       +
           public function __construct(private readonly string $subject)

     

       14
       14
       +
           {

     

       15
       15
       +
           }

     

       16
       16
       +
       

     

       17
       17
       +
           public function assert(Token $token): void

     

       18
       18
       +
           {

     

       19
       19
       +
               if (! $token->isRelatedTo($this->subject)) {

     

       20
       20
       +
                   throw ConstraintViolation::error(

     

       21
       21
       +
                       'The token is not related to the expected subject',

     

       22
       22
       +
                       $this,

     

       23
       23
       +
                   );

     

       24
       24
       +
               }

     

       25
       25
       +
           }

     

       26
       26
       +
       }

+32

vendor/lcobucci/jwt/src/Validation/Constraint/SignedWith.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation\Constraint;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Signer;

     

       7
       7
       +
       use Lcobucci\JWT\Token;

     

       8
       8
       +
       use Lcobucci\JWT\UnencryptedToken;

     

       9
       9
       +
       use Lcobucci\JWT\Validation\ConstraintViolation;

     

       10
       10
       +
       use Lcobucci\JWT\Validation\SignedWith as SignedWithInterface;

     

       11
       11
       +
       

     

       12
       12
       +
       final class SignedWith implements SignedWithInterface

     

       13
       13
       +
       {

     

       14
       14
       +
           public function __construct(private readonly Signer $signer, private readonly Signer\Key $key)

     

       15
       15
       +
           {

     

       16
       16
       +
           }

     

       17
       17
       +
       

     

       18
       18
       +
           public function assert(Token $token): void

     

       19
       19
       +
           {

     

       20
       20
       +
               if (! $token instanceof UnencryptedToken) {

     

       21
       21
       +
                   throw ConstraintViolation::error('You should pass a plain token', $this);

     

       22
       22
       +
               }

     

       23
       23
       +
       

     

       24
       24
       +
               if ($token->headers()->get('alg') !== $this->signer->algorithmId()) {

     

       25
       25
       +
                   throw ConstraintViolation::error('Token signer mismatch', $this);

     

       26
       26
       +
               }

     

       27
       27
       +
       

     

       28
       28
       +
               if (! $this->signer->verify($token->signature()->hash(), $token->payload(), $this->key)) {

     

       29
       29
       +
                   throw ConstraintViolation::error('Token signature mismatch', $this);

     

       30
       30
       +
               }

     

       31
       31
       +
           }

     

       32
       32
       +
       }

+38

vendor/lcobucci/jwt/src/Validation/Constraint/SignedWithOneInSet.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation\Constraint;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Token;

     

       7
       7
       +
       use Lcobucci\JWT\Validation\ConstraintViolation;

     

       8
       8
       +
       use Lcobucci\JWT\Validation\SignedWith as SignedWithInterface;

     

       9
       9
       +
       

     

       10
       10
       +
       use const PHP_EOL;

     

       11
       11
       +
       

     

       12
       12
       +
       final class SignedWithOneInSet implements SignedWithInterface

     

       13
       13
       +
       {

     

       14
       14
       +
           /** @var array<SignedWithUntilDate> */

     

       15
       15
       +
           private readonly array $constraints;

     

       16
       16
       +
       

     

       17
       17
       +
           public function __construct(SignedWithUntilDate ...$constraints)

     

       18
       18
       +
           {

     

       19
       19
       +
               $this->constraints = $constraints;

     

       20
       20
       +
           }

     

       21
       21
       +
       

     

       22
       22
       +
           public function assert(Token $token): void

     

       23
       23
       +
           {

     

       24
       24
       +
               $errorMessage = 'It was not possible to verify the signature of the token, reasons:';

     

       25
       25
       +
       

     

       26
       26
       +
               foreach ($this->constraints as $constraint) {

     

       27
       27
       +
                   try {

     

       28
       28
       +
                       $constraint->assert($token);

     

       29
       29
       +
       

     

       30
       30
       +
                       return;

     

       31
       31
       +
                   } catch (ConstraintViolation $violation) {

     

       32
       32
       +
                       $errorMessage .= PHP_EOL . '- ' . $violation->getMessage();

     

       33
       33
       +
                   }

     

       34
       34
       +
               }

     

       35
       35
       +
       

     

       36
       36
       +
               throw ConstraintViolation::error($errorMessage, $this);

     

       37
       37
       +
           }

     

       38
       38
       +
       }

+47

vendor/lcobucci/jwt/src/Validation/Constraint/SignedWithUntilDate.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation\Constraint;

     

       5
       5
       +
       

     

       6
       6
       +
       use DateTimeImmutable;

     

       7
       7
       +
       use DateTimeInterface;

     

       8
       8
       +
       use Lcobucci\JWT\Signer;

     

       9
       9
       +
       use Lcobucci\JWT\Token;

     

       10
       10
       +
       use Lcobucci\JWT\Validation\ConstraintViolation;

     

       11
       11
       +
       use Lcobucci\JWT\Validation\SignedWith as SignedWithInterface;

     

       12
       12
       +
       use Psr\Clock\ClockInterface;

     

       13
       13
       +
       

     

       14
       14
       +
       final class SignedWithUntilDate implements SignedWithInterface

     

       15
       15
       +
       {

     

       16
       16
       +
           private readonly SignedWith $verifySignature;

     

       17
       17
       +
           private readonly ClockInterface $clock;

     

       18
       18
       +
       

     

       19
       19
       +
           public function __construct(

     

       20
       20
       +
               Signer $signer,

     

       21
       21
       +
               Signer\Key $key,

     

       22
       22
       +
               private readonly DateTimeImmutable $validUntil,

     

       23
       23
       +
               ?ClockInterface $clock = null,

     

       24
       24
       +
           ) {

     

       25
       25
       +
               $this->verifySignature = new SignedWith($signer, $key);

     

       26
       26
       +
       

     

       27
       27
       +
               $this->clock = $clock ?? new class () implements ClockInterface {

     

       28
       28
       +
                   public function now(): DateTimeImmutable

     

       29
       29
       +
                   {

     

       30
       30
       +
                       return new DateTimeImmutable();

     

       31
       31
       +
                   }

     

       32
       32
       +
               };

     

       33
       33
       +
           }

     

       34
       34
       +
       

     

       35
       35
       +
           public function assert(Token $token): void

     

       36
       36
       +
           {

     

       37
       37
       +
               if ($this->validUntil < $this->clock->now()) {

     

       38
       38
       +
                   throw ConstraintViolation::error(

     

       39
       39
       +
                       'This constraint was only usable until '

     

       40
       40
       +
                       . $this->validUntil->format(DateTimeInterface::RFC3339),

     

       41
       41
       +
                       $this,

     

       42
       42
       +
                   );

     

       43
       43
       +
               }

     

       44
       44
       +
       

     

       45
       45
       +
               $this->verifySignature->assert($token);

     

       46
       46
       +
           }

     

       47
       47
       +
       }

+84

vendor/lcobucci/jwt/src/Validation/Constraint/StrictValidAt.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation\Constraint;

     

       5
       5
       +
       

     

       6
       6
       +
       use DateInterval;

     

       7
       7
       +
       use DateTimeInterface;

     

       8
       8
       +
       use Lcobucci\JWT\Token;

     

       9
       9
       +
       use Lcobucci\JWT\UnencryptedToken;

     

       10
       10
       +
       use Lcobucci\JWT\Validation\ConstraintViolation;

     

       11
       11
       +
       use Lcobucci\JWT\Validation\ValidAt as ValidAtInterface;

     

       12
       12
       +
       use Psr\Clock\ClockInterface as Clock;

     

       13
       13
       +
       

     

       14
       14
       +
       final class StrictValidAt implements ValidAtInterface

     

       15
       15
       +
       {

     

       16
       16
       +
           private readonly DateInterval $leeway;

     

       17
       17
       +
       

     

       18
       18
       +
           public function __construct(private readonly Clock $clock, ?DateInterval $leeway = null)

     

       19
       19
       +
           {

     

       20
       20
       +
               $this->leeway = $this->guardLeeway($leeway);

     

       21
       21
       +
           }

     

       22
       22
       +
       

     

       23
       23
       +
           private function guardLeeway(?DateInterval $leeway): DateInterval

     

       24
       24
       +
           {

     

       25
       25
       +
               if ($leeway === null) {

     

       26
       26
       +
                   return new DateInterval('PT0S');

     

       27
       27
       +
               }

     

       28
       28
       +
       

     

       29
       29
       +
               if ($leeway->invert === 1) {

     

       30
       30
       +
                   throw LeewayCannotBeNegative::create();

     

       31
       31
       +
               }

     

       32
       32
       +
       

     

       33
       33
       +
               return $leeway;

     

       34
       34
       +
           }

     

       35
       35
       +
       

     

       36
       36
       +
           public function assert(Token $token): void

     

       37
       37
       +
           {

     

       38
       38
       +
               if (! $token instanceof UnencryptedToken) {

     

       39
       39
       +
                   throw ConstraintViolation::error('You should pass a plain token', $this);

     

       40
       40
       +
               }

     

       41
       41
       +
       

     

       42
       42
       +
               $now = $this->clock->now();

     

       43
       43
       +
       

     

       44
       44
       +
               $this->assertIssueTime($token, $now->add($this->leeway));

     

       45
       45
       +
               $this->assertMinimumTime($token, $now->add($this->leeway));

     

       46
       46
       +
               $this->assertExpiration($token, $now->sub($this->leeway));

     

       47
       47
       +
           }

     

       48
       48
       +
       

     

       49
       49
       +
           /** @throws ConstraintViolation */

     

       50
       50
       +
           private function assertExpiration(UnencryptedToken $token, DateTimeInterface $now): void

     

       51
       51
       +
           {

     

       52
       52
       +
               if (! $token->claims()->has(Token\RegisteredClaims::EXPIRATION_TIME)) {

     

       53
       53
       +
                   throw ConstraintViolation::error('"Expiration Time" claim missing', $this);

     

       54
       54
       +
               }

     

       55
       55
       +
       

     

       56
       56
       +
               if ($token->isExpired($now)) {

     

       57
       57
       +
                   throw ConstraintViolation::error('The token is expired', $this);

     

       58
       58
       +
               }

     

       59
       59
       +
           }

     

       60
       60
       +
       

     

       61
       61
       +
           /** @throws ConstraintViolation */

     

       62
       62
       +
           private function assertMinimumTime(UnencryptedToken $token, DateTimeInterface $now): void

     

       63
       63
       +
           {

     

       64
       64
       +
               if (! $token->claims()->has(Token\RegisteredClaims::NOT_BEFORE)) {

     

       65
       65
       +
                   throw ConstraintViolation::error('"Not Before" claim missing', $this);

     

       66
       66
       +
               }

     

       67
       67
       +
       

     

       68
       68
       +
               if (! $token->isMinimumTimeBefore($now)) {

     

       69
       69
       +
                   throw ConstraintViolation::error('The token cannot be used yet', $this);

     

       70
       70
       +
               }

     

       71
       71
       +
           }

     

       72
       72
       +
       

     

       73
       73
       +
           /** @throws ConstraintViolation */

     

       74
       74
       +
           private function assertIssueTime(UnencryptedToken $token, DateTimeInterface $now): void

     

       75
       75
       +
           {

     

       76
       76
       +
               if (! $token->claims()->has(Token\RegisteredClaims::ISSUED_AT)) {

     

       77
       77
       +
                   throw ConstraintViolation::error('"Issued At" claim missing', $this);

     

       78
       78
       +
               }

     

       79
       79
       +
       

     

       80
       80
       +
               if (! $token->hasBeenIssuedBefore($now)) {

     

       81
       81
       +
                   throw ConstraintViolation::error('The token was issued in the future', $this);

     

       82
       82
       +
               }

     

       83
       83
       +
           }

     

       84
       84
       +
       }

+12

vendor/lcobucci/jwt/src/Validation/Constraint.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Token;

     

       7
       7
       +
       

     

       8
       8
       +
       interface Constraint

     

       9
       9
       +
       {

     

       10
       10
       +
           /** @throws ConstraintViolation */

     

       11
       11
       +
           public function assert(Token $token): void;

     

       12
       12
       +
       }

+24

vendor/lcobucci/jwt/src/Validation/ConstraintViolation.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Exception;

     

       7
       7
       +
       use RuntimeException;

     

       8
       8
       +
       

     

       9
       9
       +
       final class ConstraintViolation extends RuntimeException implements Exception

     

       10
       10
       +
       {

     

       11
       11
       +
           /** @param class-string<Constraint>|null $constraint */

     

       12
       12
       +
           public function __construct(

     

       13
       13
       +
               string $message = '',

     

       14
       14
       +
               public readonly ?string $constraint = null,

     

       15
       15
       +
           ) {

     

       16
       16
       +
               parent::__construct($message);

     

       17
       17
       +
           }

     

       18
       18
       +
       

     

       19
       19
       +
           /** @param non-empty-string $message */

     

       20
       20
       +
           public static function error(string $message, Constraint $constraint): self

     

       21
       21
       +
           {

     

       22
       22
       +
               return new self(message: $message, constraint: $constraint::class);

     

       23
       23
       +
           }

     

       24
       24
       +
       }

+11

vendor/lcobucci/jwt/src/Validation/NoConstraintsGiven.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Exception;

     

       7
       7
       +
       use RuntimeException;

     

       8
       8
       +
       

     

       9
       9
       +
       final class NoConstraintsGiven extends RuntimeException implements Exception

     

       10
       10
       +
       {

     

       11
       11
       +
       }

+48

vendor/lcobucci/jwt/src/Validation/RequiredConstraintsViolated.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Exception;

     

       7
       7
       +
       use RuntimeException;

     

       8
       8
       +
       

     

       9
       9
       +
       use function array_map;

     

       10
       10
       +
       use function implode;

     

       11
       11
       +
       

     

       12
       12
       +
       final class RequiredConstraintsViolated extends RuntimeException implements Exception

     

       13
       13
       +
       {

     

       14
       14
       +
           /** @param ConstraintViolation[] $violations */

     

       15
       15
       +
           public function __construct(

     

       16
       16
       +
               string $message = '',

     

       17
       17
       +
               public readonly array $violations = [],

     

       18
       18
       +
           ) {

     

       19
       19
       +
               parent::__construct($message);

     

       20
       20
       +
           }

     

       21
       21
       +
       

     

       22
       22
       +
           public static function fromViolations(ConstraintViolation ...$violations): self

     

       23
       23
       +
           {

     

       24
       24
       +
               return new self(message: self::buildMessage($violations), violations: $violations);

     

       25
       25
       +
           }

     

       26
       26
       +
       

     

       27
       27
       +
           /** @param ConstraintViolation[] $violations */

     

       28
       28
       +
           private static function buildMessage(array $violations): string

     

       29
       29
       +
           {

     

       30
       30
       +
               $violations = array_map(

     

       31
       31
       +
                   static function (ConstraintViolation $violation): string {

     

       32
       32
       +
                       return '- ' . $violation->getMessage();

     

       33
       33
       +
                   },

     

       34
       34
       +
                   $violations,

     

       35
       35
       +
               );

     

       36
       36
       +
       

     

       37
       37
       +
               $message  = "The token violates some mandatory constraints, details:\n";

     

       38
       38
       +
               $message .= implode("\n", $violations);

     

       39
       39
       +
       

     

       40
       40
       +
               return $message;

     

       41
       41
       +
           }

     

       42
       42
       +
       

     

       43
       43
       +
           /** @return ConstraintViolation[] */

     

       44
       44
       +
           public function violations(): array

     

       45
       45
       +
           {

     

       46
       46
       +
               return $this->violations;

     

       47
       47
       +
           }

     

       48
       48
       +
       }

vendor/lcobucci/jwt/src/Validation/SignedWith.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation;

     

       5
       5
       +
       

     

       6
       6
       +
       interface SignedWith extends Constraint

     

       7
       7
       +
       {

     

       8
       8
       +
       }

vendor/lcobucci/jwt/src/Validation/ValidAt.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation;

     

       5
       5
       +
       

     

       6
       6
       +
       interface ValidAt extends Constraint

     

       7
       7
       +
       {

     

       8
       8
       +
       }

+56

vendor/lcobucci/jwt/src/Validation/Validator.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT\Validation;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Token;

     

       7
       7
       +
       

     

       8
       8
       +
       final class Validator implements \Lcobucci\JWT\Validator

     

       9
       9
       +
       {

     

       10
       10
       +
           public function assert(Token $token, Constraint ...$constraints): void

     

       11
       11
       +
           {

     

       12
       12
       +
               if ($constraints === []) {

     

       13
       13
       +
                   throw new NoConstraintsGiven('No constraint given.');

     

       14
       14
       +
               }

     

       15
       15
       +
       

     

       16
       16
       +
               $violations = [];

     

       17
       17
       +
       

     

       18
       18
       +
               foreach ($constraints as $constraint) {

     

       19
       19
       +
                   $this->checkConstraint($constraint, $token, $violations);

     

       20
       20
       +
               }

     

       21
       21
       +
       

     

       22
       22
       +
               if ($violations) {

     

       23
       23
       +
                   throw RequiredConstraintsViolated::fromViolations(...$violations);

     

       24
       24
       +
               }

     

       25
       25
       +
           }

     

       26
       26
       +
       

     

       27
       27
       +
           /** @param ConstraintViolation[] $violations */

     

       28
       28
       +
           private function checkConstraint(

     

       29
       29
       +
               Constraint $constraint,

     

       30
       30
       +
               Token $token,

     

       31
       31
       +
               array &$violations,

     

       32
       32
       +
           ): void {

     

       33
       33
       +
               try {

     

       34
       34
       +
                   $constraint->assert($token);

     

       35
       35
       +
               } catch (ConstraintViolation $e) {

     

       36
       36
       +
                   $violations[] = $e;

     

       37
       37
       +
               }

     

       38
       38
       +
           }

     

       39
       39
       +
       

     

       40
       40
       +
           public function validate(Token $token, Constraint ...$constraints): bool

     

       41
       41
       +
           {

     

       42
       42
       +
               if ($constraints === []) {

     

       43
       43
       +
                   throw new NoConstraintsGiven('No constraint given.');

     

       44
       44
       +
               }

     

       45
       45
       +
       

     

       46
       46
       +
               try {

     

       47
       47
       +
                   foreach ($constraints as $constraint) {

     

       48
       48
       +
                       $constraint->assert($token);

     

       49
       49
       +
                   }

     

       50
       50
       +
       

     

       51
       51
       +
                   return true;

     

       52
       52
       +
               } catch (ConstraintViolation) {

     

       53
       53
       +
                   return false;

     

       54
       54
       +
               }

     

       55
       55
       +
           }

     

       56
       56
       +
       }

+20

vendor/lcobucci/jwt/src/Validator.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       declare(strict_types=1);

     

       3
       3
       +
       

     

       4
       4
       +
       namespace Lcobucci\JWT;

     

       5
       5
       +
       

     

       6
       6
       +
       use Lcobucci\JWT\Validation\Constraint;

     

       7
       7
       +
       use Lcobucci\JWT\Validation\NoConstraintsGiven;

     

       8
       8
       +
       use Lcobucci\JWT\Validation\RequiredConstraintsViolated;

     

       9
       9
       +
       

     

       10
       10
       +
       interface Validator

     

       11
       11
       +
       {

     

       12
       12
       +
           /**

     

       13
       13
       +
            * @throws RequiredConstraintsViolated

     

       14
       14
       +
            * @throws NoConstraintsGiven

     

       15
       15
       +
            */

     

       16
       16
       +
           public function assert(Token $token, Constraint ...$constraints): void;

     

       17
       17
       +
       

     

       18
       18
       +
           /** @throws NoConstraintsGiven */

     

       19
       19
       +
           public function validate(Token $token, Constraint ...$constraints): bool;

     

       20
       20
       +
       }

+11

vendor/psr/clock/CHANGELOG.md

···

       1
       1
       +
       # Changelog

     

       2
       2
       +
       

     

       3
       3
       +
       All notable changes to this project will be documented in this file, in reverse chronological order by release.

     

       4
       4
       +
       

     

       5
       5
       +
       ## 1.0.0

     

       6
       6
       +
       

     

       7
       7
       +
       First stable release after PSR-20 acceptance

     

       8
       8
       +
       

     

       9
       9
       +
       ## 0.1.0

     

       10
       10
       +
       

     

       11
       11
       +
       First release

+19

vendor/psr/clock/LICENSE

···

       1
       1
       +
       Copyright (c) 2017 PHP Framework Interoperability Group

     

       2
       2
       +
       

     

       3
       3
       +
       Permission is hereby granted, free of charge, to any person obtaining a copy

     

       4
       4
       +
       of this software and associated documentation files (the "Software"), to deal

     

       5
       5
       +
       in the Software without restriction, including without limitation the rights

     

       6
       6
       +
       to use, copy, modify, merge, publish, distribute, sublicense, and/or sell

     

       7
       7
       +
       copies of the Software, and to permit persons to whom the Software is

     

       8
       8
       +
       furnished to do so, subject to the following conditions:

     

       9
       9
       +
       

     

       10
       10
       +
       The above copyright notice and this permission notice shall be included in

     

       11
       11
       +
       all copies or substantial portions of the Software.

     

       12
       12
       +
       

     

       13
       13
       +
       THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR

     

       14
       14
       +
       IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,

     

       15
       15
       +
       FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE

     

       16
       16
       +
       AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER

     

       17
       17
       +
       LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,

     

       18
       18
       +
       OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN

     

       19
       19
       +
       THE SOFTWARE.

+61

vendor/psr/clock/README.md

···

       1
       1
       +
       # PSR Clock

     

       2
       2
       +
       

     

       3
       3
       +
       This repository holds the interface for [PSR-20][psr-url].

     

       4
       4
       +
       

     

       5
       5
       +
       Note that this is not a clock of its own. It is merely an interface that

     

       6
       6
       +
       describes a clock. See the specification for more details.

     

       7
       7
       +
       

     

       8
       8
       +
       ## Installation

     

       9
       9
       +
       

     

       10
       10
       +
       ```bash

     

       11
       11
       +
       composer require psr/clock

     

       12
       12
       +
       ```

     

       13
       13
       +
       

     

       14
       14
       +
       ## Usage

     

       15
       15
       +
       

     

       16
       16
       +
       If you need a clock, you can use the interface like this:

     

       17
       17
       +
       

     

       18
       18
       +
       ```php

     

       19
       19
       +
       <?php

     

       20
       20
       +
       

     

       21
       21
       +
       use Psr\Clock\ClockInterface;

     

       22
       22
       +
       

     

       23
       23
       +
       class Foo

     

       24
       24
       +
       {

     

       25
       25
       +
           private ClockInterface $clock;

     

       26
       26
       +
       

     

       27
       27
       +
           public function __construct(ClockInterface $clock)

     

       28
       28
       +
           {

     

       29
       29
       +
               $this->clock = $clock;

     

       30
       30
       +
           }

     

       31
       31
       +
       

     

       32
       32
       +
           public function doSomething()

     

       33
       33
       +
           {

     

       34
       34
       +
               /** @var DateTimeImmutable $currentDateAndTime */

     

       35
       35
       +
               $currentDateAndTime = $this->clock->now();

     

       36
       36
       +
               // do something useful with that information

     

       37
       37
       +
           }

     

       38
       38
       +
       }

     

       39
       39
       +
       ```

     

       40
       40
       +
       

     

       41
       41
       +
       You can then pick one of the [implementations][implementation-url] of the interface to get a clock.

     

       42
       42
       +
       

     

       43
       43
       +
       If you want to implement the interface, you can require this package and

     

       44
       44
       +
       implement `Psr\Clock\ClockInterface` in your code. 

     

       45
       45
       +
       

     

       46
       46
       +
       Don't forget to add `psr/clock-implementation` to your `composer.json`s `provides`-section like this:

     

       47
       47
       +
       

     

       48
       48
       +
       ```json

     

       49
       49
       +
       {

     

       50
       50
       +
         "provides": {

     

       51
       51
       +
           "psr/clock-implementation": "1.0"

     

       52
       52
       +
         }

     

       53
       53
       +
       }

     

       54
       54
       +
       ```

     

       55
       55
       +
       

     

       56
       56
       +
       And please read the [specification text][specification-url] for details on the interface.

     

       57
       57
       +
       

     

       58
       58
       +
       [psr-url]: https://www.php-fig.org/psr/psr-20

     

       59
       59
       +
       [package-url]: https://packagist.org/packages/psr/clock

     

       60
       60
       +
       [implementation-url]: https://packagist.org/providers/psr/clock-implementation

     

       61
       61
       +
       [specification-url]: https://github.com/php-fig/fig-standards/blob/master/proposed/clock.md

+21

vendor/psr/clock/composer.json

···

       1
       1
       +
       {

     

       2
       2
       +
         "name": "psr/clock",

     

       3
       3
       +
         "description": "Common interface for reading the clock.",

     

       4
       4
       +
         "keywords": ["psr", "psr-20", "time", "clock", "now"],

     

       5
       5
       +
         "homepage": "https://github.com/php-fig/clock",

     

       6
       6
       +
         "license": "MIT",

     

       7
       7
       +
         "authors": [

     

       8
       8
       +
           {

     

       9
       9
       +
             "name": "PHP-FIG",

     

       10
       10
       +
             "homepage": "https://www.php-fig.org/"

     

       11
       11
       +
           }

     

       12
       12
       +
         ],

     

       13
       13
       +
         "require": {

     

       14
       14
       +
           "php": "^7.0 || ^8.0"

     

       15
       15
       +
         },

     

       16
       16
       +
         "autoload": {

     

       17
       17
       +
           "psr-4": {

     

       18
       18
       +
             "Psr\\Clock\\": "src/"

     

       19
       19
       +
           }

     

       20
       20
       +
         }

     

       21
       21
       +
       }

+13

vendor/psr/clock/src/ClockInterface.php

···

       1
       1
       +
       <?php

     

       2
       2
       +
       

     

       3
       3
       +
       namespace Psr\Clock;

     

       4
       4
       +
       

     

       5
       5
       +
       use DateTimeImmutable;

     

       6
       6
       +
       

     

       7
       7
       +
       interface ClockInterface

     

       8
       8
       +
       {

     

       9
       9
       +
           /**

     

       10
       10
       +
            * Returns the current time as a DateTimeImmutable Object

     

       11
       11
       +
            */

     

       12
       12
       +
           public function now(): DateTimeImmutable;

     

       13
       13
       +
       }

vite.config.js

···

       14
       14
        
           usePHP({

     

       15
       15
        
             entry: [

     

       16
       16
        
               'index.php',

     

       17
       17
       +
               'config.php',

     

       18
       18
       +
               '.env',

     

       19
       19
       +
               'client-metadata.json',

     

       20
       20
       +
               'jwks.json',

     

       17
       21
        
               'oauth/*',

     

       18
       22
        
               'oauth/**/*.json',

     

       19
       23
        
               'templates/**/*.latte',

Compare changes