Add a default expiration to the JWT (#49)

* Add a default expiration to the JWT

* fix

* changelog

* cs

* fix parameter

* fix default_cookie_lifetime

* fix

CHANGELOG.md

@@ -1,6 +1,11 @@
 CHANGELOG
 =========
 
+0.3.1
+-----
+
+* Add a configuration option to set a defaut expiration for the JWT and the cookie when using the `Authorization` class
+
 0.3.0
 -----
 

src/DependencyInjection/Configuration.php

@@ -65,6 +65,7 @@ public function getConfigTreeBuilder(): TreeBuilder
                                                 ->info('A list of topics to allow subscribing to when using the given factory to generate the JWT.')
                                             ->end()
                                             ->scalarNode('secret')->info('The JWT Secret to use.')->example('!ChangeMe!')->end()
+                                            ->scalarNode('algorithm')->info('The algorithm to use to sign the JWT')->defaultValue('hmac.sha256')->end()
                                         ->end()
                                 ->end()
                                 ->scalarNode('jwt_provider')
@@ -86,6 +87,7 @@ public function getConfigTreeBuilder(): TreeBuilder
                         ->end()
                     ->end()
                     ->scalarNode('default_hub')->end()
+                    ->integerNode('default_cookie_lifetime')->defaultNull()->info('Default lifetime of the cookie containing the JWT, in seconds. Defaults to the value of "framework.session.cookie_lifetime".')->end()
                     ->booleanNode('enable_profiler')->info('Enable Symfony Web Profiler integration.')->defaultFalse()->end()
                 ->end()
             ->end()

src/DependencyInjection/MercureExtension.php

@@ -103,6 +103,7 @@ public function load(array $configs, ContainerBuilder $container)
                         $tokenFactory = sprintf('mercure.hub.%s.jwt.factory', $name);
                         $container->register($tokenFactory, LcobucciFactory::class)
                             ->addArgument($hub['jwt']['secret'])
+                            ->addArgument($hub['jwt']['algorithm'])
                             ->addTag('mercure.jwt.factory')
                         ;
                     }
@@ -251,6 +252,7 @@ public function load(array $configs, ContainerBuilder $container)
 
         $container->register(Authorization::class)
             ->addArgument(new Reference(HubRegistry::class))
+            ->addArgument($config['default_cookie_lifetime'])
         ;
 
         $container->register(Discovery::class, Discovery::class)

src/MercureBundle.php

@@ -13,11 +13,35 @@
 
 namespace Symfony\Bundle\MercureBundle;
 
+use Symfony\Component\DependencyInjection\Compiler\CompilerPassInterface;
+use Symfony\Component\DependencyInjection\Compiler\PassConfig;
+use Symfony\Component\DependencyInjection\ContainerBuilder;
 use Symfony\Component\HttpKernel\Bundle\Bundle;
+use Symfony\Component\Mercure\Authorization;
 
 /**
  * @author Kévin Dunglas <[email protected]>
  */
 final class MercureBundle extends Bundle
 {
+    public function build(ContainerBuilder $container): void
+    {
+        parent::build($container);
+
+        $container->addCompilerPass(new class() implements CompilerPassInterface {
+            public function process(ContainerBuilder $container): void
+            {
+                $definition = $container->getDefinition(Authorization::class);
+                if (
+                    null === $definition->getArgument(1) &&
+                    $container->hasParameter('session.storage.options')
+                ) {
+                    $definition->setArgument(
+                        2,
+                        $container->getParameter('session.storage.options')['cookie_lifetime'] ?? null
+                    );
+                }
+            }
+        }, PassConfig::TYPE_BEFORE_REMOVING);
+    }
 }