Merge pull request #1 from ronvanderheijden/master

fixes for jwt upgrade

README.md

@@ -37,7 +37,14 @@ $privateKeyPath = 'file://' . __DIR__ . '/../private.key';
 $publicKeyPath = 'file://' . __DIR__ . '/../public.key';
 
 // OpenID Connect Response Type
-$responseType = new IdTokenResponse(new IdentityRepository(), new ClaimExtractor());
+$responseType = new IdTokenResponse(
+    new IdentityRepository(),
+    new ClaimExtractor(),
+    \Lcobucci\JWT\Configuration::forSymmetricSigner(
+        new \Lcobucci\JWT\Signer\Hmac\Sha256(),
+        \Lcobucci\JWT\Signer\Key\InMemory::plainText('testing'),
+    ),
+);
 
 // Setup the authorization server
 $server = new \League\OAuth2\Server\AuthorizationServer(

composer.json

@@ -10,7 +10,7 @@
     ],
     "require": {
         "league/oauth2-server": "^5.1|^6.0|^7.0|^8.0",
-        "lcobucci/jwt": "^3.3"
+        "lcobucci/jwt": "^3.4 || ^4.0"
     },
     "require-dev": {
         "phpunit/phpunit": "^5.0",

src/IdTokenResponse.php

@@ -5,15 +5,14 @@
  */
 namespace OpenIDConnectServer;
 
+use \DateTimeImmutable;
 use OpenIDConnectServer\Repositories\IdentityProviderInterface;
 use OpenIDConnectServer\Entities\ClaimSetInterface;
 use League\OAuth2\Server\Entities\UserEntityInterface;
 use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
 use League\OAuth2\Server\Entities\ScopeEntityInterface;
 use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
-use Lcobucci\JWT\Signer\Key;
-use Lcobucci\JWT\Signer\Rsa\Sha256;
-use Lcobucci\JWT\Builder;
+use Lcobucci\JWT\Configuration;
 
 class IdTokenResponse extends BearerTokenResponse
 {
@@ -27,22 +26,34 @@ class IdTokenResponse extends BearerTokenResponse
      */
     protected $claimExtractor;
 
+    /**
+     * @var Configuration
+     */
+    private $config;
+
     public function __construct(
         IdentityProviderInterface $identityProvider,
-        ClaimExtractor $claimExtractor
+        ClaimExtractor $claimExtractor,
+        Configuration $config
     ) {
         $this->identityProvider = $identityProvider;
         $this->claimExtractor   = $claimExtractor;
+        $this->config           = $config;
     }
 
     protected function getBuilder(AccessTokenEntityInterface $accessToken, UserEntityInterface $userEntity)
     {
+        $dateTimeImmutableObject = new DateTimeImmutable();
+
         // Add required id_token claims
-        $builder = (new Builder())
+        $builder = $this->config
+            ->builder()
             ->permittedFor($accessToken->getClient()->getIdentifier())
             ->issuedBy('https://' . $_SERVER['HTTP_HOST'])
-            ->issuedAt(time())
-            ->expiresAt($accessToken->getExpiryDateTime()->getTimestamp())
+            ->issuedAt($dateTimeImmutableObject)
+            ->expiresAt($dateTimeImmutableObject->setTimestamp(
+                $accessToken->getExpiryDateTime()->getTimestamp(),
+            ))
             ->relatedTo($userEntity->getIdentifier());
 
         return $builder;
@@ -77,11 +88,10 @@ protected function getExtraParams(AccessTokenEntityInterface $accessToken)
             $builder = $builder->withClaim($claimName, $claimValue);
         }
 
-        $token = $builder
-            ->getToken(new Sha256(), new Key($this->privateKey->getKeyPath(), $this->privateKey->getPassPhrase()));
+        $token = $builder->getToken($this->config->signer(), $this->config->signingKey());
 
         return [
-            'id_token' => (string) $token
+            'id_token' => $token->toString()
         ];
     }