Skip to content

Commit

Permalink
supports both firebase jwt versions
Browse files Browse the repository at this point in the history
  • Loading branch information
bshaffer committed Nov 3, 2015
1 parent 5548ca0 commit efb1ae0
Show file tree
Hide file tree
Showing 4 changed files with 54 additions and 10 deletions.
5 changes: 5 additions & 0 deletions .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,13 @@ php:
- 5.6
- hhvm

env:
- FIREBASE_JWT_VERSION=2.0.0
- FIREBASE_JWT_VERSION=3.0.0

before_script:
- composer install
- composer require firebase/php-jwt:$FIREBASE_JWT_VERSION

script:
- vendor/bin/phpunit
Expand Down
2 changes: 1 addition & 1 deletion composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
"homepage": "http://github.com/google/google-auth-library-php",
"license": "Apache-2.0",
"require": {
"firebase/php-jwt": "3.0.0",
"firebase/php-jwt": "~2.0|~3.0",
"guzzlehttp/guzzle": "5.2.*",
"php": ">=5.4"
},
Expand Down
24 changes: 21 additions & 3 deletions src/OAuth2.php
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,6 @@
use GuzzleHttp\Query;
use GuzzleHttp\Message\ResponseInterface;
use GuzzleHttp\Url;
use Firebase\JWT\JWT;

/**
* OAuth2 supports authentication by OAuth2 2-legged flows.
Expand Down Expand Up @@ -306,7 +305,7 @@ public function verifyIdToken($publicKey = null, $allowed_algs = array())
return null;
}

$resp = JWT::decode($idToken, $publicKey, $allowed_algs);
$resp = $this->jwtDecode($idToken, $publicKey, $allowed_algs);
if (!property_exists($resp, 'aud')) {
throw new \DomainException('No audience found the id token');
}
Expand Down Expand Up @@ -356,7 +355,7 @@ public function toJwt(array $config = null)
if (!(is_null($this->getSub()))) {
$assertion['sub'] = $this->getSub();
}
return JWT::encode($assertion, $this->getSigningKey(),
return $this->jwtEncode($assertion, $this->getSigningKey(),
$this->getSigningAlgorithm());
}

Expand Down Expand Up @@ -1072,6 +1071,25 @@ private function coerceUri($uri)
}
}

private function jwtDecode($idToken, $publicKey, $allowedAlgs)
{
if (class_exists('Firebase\JWT\JWT')) {
return \Firebase\JWT\JWT::decode($idToken, $publicKey, $allowedAlgs);
}

return \JWT::decode($idToken, $publicKey, $allowedAlgs);
}

private function jwtEncode($assertion, $signingKey, $signingAlgorithm)
{
if (class_exists('Firebase\JWT\JWT')) {
return \Firebase\JWT\JWT::encode($assertion, $signingKey,
$signingAlgorithm);
}

return \JWT::encode($assertion, $signingKey, $signingAlgorithm);
}

/**
* Determines if the URI is absolute based on its scheme and host or path
* (RFC 3986)
Expand Down
33 changes: 27 additions & 6 deletions tests/OAuth2Test.php
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,6 @@
use GuzzleHttp\Stream\Stream;
use GuzzleHttp\Subscriber\Mock;
use GuzzleHttp\Url;
use Firebase\JWT\JWT;

class OAuth2AuthorizationUriTest extends \PHPUnit_Framework_TestCase
{
Expand Down Expand Up @@ -425,7 +424,7 @@ public function testCanHS256EncodeAValidPayload()
$testConfig = $this->signingMinimal;
$o = new OAuth2($testConfig);
$payload = $o->toJwt();
$roundTrip = JWT::decode($payload, $testConfig['signingKey'], array('HS256')) ;
$roundTrip = $this->jwtDecode($payload, $testConfig['signingKey'], array('HS256')) ;
$this->assertEquals($roundTrip->iss, $testConfig['issuer']);
$this->assertEquals($roundTrip->aud, $testConfig['audience']);
$this->assertEquals($roundTrip->scope, $testConfig['scope']);
Expand All @@ -440,11 +439,22 @@ public function testCanRS256EncodeAValidPayload()
$o->setSigningAlgorithm('RS256');
$o->setSigningKey($privateKey);
$payload = $o->toJwt();
$roundTrip = JWT::decode($payload, $publicKey, array('RS256')) ;
$roundTrip = $this->jwtDecode($payload, $publicKey, array('RS256')) ;
$this->assertEquals($roundTrip->iss, $testConfig['issuer']);
$this->assertEquals($roundTrip->aud, $testConfig['audience']);
$this->assertEquals($roundTrip->scope, $testConfig['scope']);
}

private function jwtDecode()
{
$args = func_get_args();
$class = 'JWT';
if (class_exists('Firebase\JWT\JWT')) {
$class = 'Firebase\JWT\JWT';
}

return call_user_func_array("$class::decode", $args);
}
}

class OAuth2GenerateAccessTokenRequestTest extends \PHPUnit_Framework_TestCase
Expand Down Expand Up @@ -757,7 +767,7 @@ public function testFailsIfAudienceIsMissing()
'iat' => $now,
];
$o = new OAuth2($testConfig);
$jwtIdToken = JWT::encode($origIdToken, $this->privateKey, 'RS256');
$jwtIdToken = $this->jwtEncode($origIdToken, $this->privateKey, 'RS256');
$o->setIdToken($jwtIdToken);
$o->verifyIdToken($this->publicKey);
}
Expand All @@ -776,7 +786,7 @@ public function testFailsIfAudienceIsWrong()
'iat' => $now,
];
$o = new OAuth2($testConfig);
$jwtIdToken = JWT::encode($origIdToken, $this->privateKey, 'RS256');
$jwtIdToken = $this->jwtEncode($origIdToken, $this->privateKey, 'RS256');
$o->setIdToken($jwtIdToken);
$o->verifyIdToken($this->publicKey);
}
Expand All @@ -793,9 +803,20 @@ public function testShouldReturnAValidIdToken()
];
$o = new OAuth2($testConfig);
$alg = 'RS256';
$jwtIdToken = JWT::encode($origIdToken, $this->privateKey, $alg);
$jwtIdToken = $this->jwtEncode($origIdToken, $this->privateKey, $alg);
$o->setIdToken($jwtIdToken);
$roundTrip = $o->verifyIdToken($this->publicKey, array($alg));
$this->assertEquals($origIdToken['aud'], $roundTrip->aud);
}

private function jwtEncode()
{
$args = func_get_args();
$class = 'JWT';
if (class_exists('Firebase\JWT\JWT')) {
$class = 'Firebase\JWT\JWT';
}

return call_user_func_array("$class::encode", $args);
}
}

0 comments on commit efb1ae0

Please sign in to comment.