Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Dec 01 06:11

    github-actions[bot] on 4.2.x

    Bump actions/checkout from 2.3.… Bump actions/checkout from 2.3.… (compare)

  • Dec 01 06:11

    github-actions[bot] on github_actions

    (compare)

  • Dec 01 06:11
    github-actions[bot] closed #805
  • Dec 01 06:08
    dependabot[bot] edited #805
  • Dec 01 06:08
    dependabot[bot] edited #805
  • Dec 01 06:08
    dependabot[bot] synchronize #805
  • Dec 01 06:08

    dependabot[bot] on github_actions

    Bump actions/checkout from 2.3.… (compare)

  • Dec 01 06:08
    dependabot[bot] edited #805
  • Dec 01 06:07
    dependabot[bot] edited #805
  • Dec 01 06:07

    github-actions[bot] on github_actions

    (compare)

  • Dec 01 06:07

    github-actions[bot] on 4.2.x

    Bump shivammathur/setup-php fro… Bump shivammathur/setup-php fro… (compare)

  • Dec 01 06:07
    github-actions[bot] closed #806
  • Dec 01 06:06
    dependabot[bot] synchronize #805
  • Dec 01 06:06

    dependabot[bot] on github_actions

    Bump actions/checkout from 2.3.… (compare)

  • Dec 01 06:06
    dependabot[bot] edited #805
  • Dec 01 06:06
    dependabot[bot] synchronize #806
  • Dec 01 06:06

    dependabot[bot] on github_actions

    Bump shivammathur/setup-php fro… (compare)

  • Dec 01 06:06
    dependabot[bot] edited #806
  • Dec 01 06:05
    dependabot[bot] edited #805
  • Dec 01 06:05
    dependabot[bot] edited #806
Luís Cobucci
@lcobucci
The examples here fetch the configuration object from a hypothetical dependency injection container. You can create it in the same script or require it from a different file. It basically depends on how your system is bootstrapped.
That's the note on the docs
If you don't have a container then you don't have a container.
Then you need to create the configuration object: https://lcobucci-jwt.readthedocs.io/en/stable/configuration/
randompixels
@randompixels
thanks mate. this is too much "draw the rest of the owl" for my knowledge of php. thanks and keep up the good work!
Luís Cobucci
@lcobucci
@randompixels I hope you managed to create the config object and achieve what you wanted. If you have any idea on how to make things more explicit or easier to understand on the docs, please send a PR!
I suffer from assuming that people are aware of concepts - as you can tell by the way I wrote stuff
I'd love to remove the feeling you described as "draw the rest of the owl" from the docs, so your help is much appreciated
Bertrand Kintanar
@bkintanar

Hi, I stumbled upon this issue in github: laravel/passport#779

... and the solution was using the lcobucci/jwt package, but it's not working anymore for the latest version. anyone can help me with it?

Luís Cobucci
@lcobucci
@bkintanar have you seen the upgrade guide on our docs? By applying them to the snippet you should have something working
Bertrand Kintanar
@bkintanar
@lcobucci no I haven't. Thanks! I'll check it out.
Bertrand Kintanar
@bkintanar
@lcobucci thank you! I figured it out. :D thanks for this awesome package.
Luís Cobucci
@lcobucci
@bkintanar brilliant! Thanks ❤️
Christian Freear
@cfreear
Is there a recommended way to handle the kid claim in v4?
It used to be we could parse a token to retrieve the kid header to know which key to load but in order to parse a token in v4 it looks like you have to load a key first is this correct?
Christian Freear
@cfreear

Oh actually I've just done this:

$parser = new \Lcobucci\JWT\Token\Parser(new \Lcobucci\JWT\Encoding\JoseEncoder());
$token = $parser->parse($authToken);

and it seems to work, I can extract the kid with:

$kid = $token->headers()->get('kid');

and build a config object "correctly" from there, does this look ok?

Luís Cobucci
@lcobucci
It does, bear in mind that the config object is not a must have. It's a service locator to make things simpler but can be bypassed.
We'll be working on jwk stuff soon then the support for kid and key sets should also be improved
Christian Freear
@cfreear
Ok thanks for that, great work on the library by the way :)
Luís Cobucci
@lcobucci
@cfreear thanks, really appreciate it ❤️
Yassine Rais
@yassinrais
@lcobucci I think the are a problem with the expire time provider, when it exported to a JSON it convert expire time to a string, and when another JWT parser try to parse it, it's giving error that the expire time is invalid format "string"
Yassine Rais
@yassinrais
image.png

example

generated by the method ->toString()

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vMTI3LjAuMC4xOjgwMDAiLCJhdWQiOiJodHRwOi8vMTI3LjAuMC4xOjgwMDAiLCJpYXQiOiIxNjE1NzUwODQzLjk2Mzg4MCIsImp0aSI6ImYyMjYwYjZjNTM5MTk5YjFmZGM1YmFjODFlNWIxNDNhIiwiZXhwIjoiMTYxNzA0MzI0My45NjM4ODAiLCJ1aWQiOiI1MDA5OTFjMS1lMWNhLTQ5ODUtYjBiMy1mNWNiYmRhNmU5MGIifQ._FgRzQFb4wtXk7zDoQofZH30KyhYx2jKOtyWh-cQtjw

[IMAGE] decoded by official JWT website

{
  "iss": "http://127.0.0.1:8000",
  "aud": "http://127.0.0.1:8000",
  "iat": "1615750843.963880",
  "jti": "f2260b6c539199b1fdc5bac81e5b143a",
  "exp": "1617043243.963880",
  "uid": "500991c1-e1ca-4985-b0b3-f5cbbda6e90b"
}

we should expect

{
  "iss": "http://127.0.0.1:8000",
  "aud": "http://127.0.0.1:8000",
  "iat": 1615750843.963880,
  "jti": "f2260b6c539199b1fdc5bac81e5b143a",
  "exp": 1617043243.963880,
  "uid": "500991c1-e1ca-4985-b0b3-f5cbbda6e90b"
}

instead of the previus one

Yassine Rais
@yassinrais
I will open an issue about this problem
Yassine Rais
@yassinrais
i just saw that php <8 is converting float to 4 digits after . and that to sad :(
Yassine Rais
@yassinrais
🤔 @lcobucci check this please https://3v4l.org/H0EN3
Yassine Rais
@yassinrais
im sur that just printer methods who make it 4 digits max , the float still the same so using float will not be an issue anymore :)
Luís Cobucci
@lcobucci
I see... we need to be absolutely sure that no rounding issues will happen
If we can get into tests and running on CI then I'm good acknowledging my mistake here and accepting the fix
Would like to give it a go?
You can use v4.0.x as reference, @yassinrais
Yassine Rais
@yassinrais

let me do more tests & research about this one ,

I agree about this quote : "never trust floats" ,
but in our case we have only 6 digits after the .
so it not going to round the number,

but at the moment we have more then 6 digits! here the problem of rounding is beginning
to see an example check this link https://3v4l.org/XKHV4

i m waiting for your reply 😁

Luís Cobucci
@lcobucci
We're dealing with microseconds precision, so it should not go beyond 6 digits. We must make sure that creating the DateTimeImmutable object will always have the value we had before the encoding
That's the main thing we need to test
Yassine Rais
@yassinrais
Im not sur how to make good tests about Datetimeimmutable, so i will let someone do it 😅
Luís Cobucci
@lcobucci
@yassinrais this is the kind of tests I'm referring to:
Unless I'm doing something wrong there, my belief regarding rounding behaviour is confirmed
Yassine Rais
@yassinrais
Very interesting test !
but instead of using (string) try to use json_encode()
https://3v4l.org/EpaDX
(+ https://3v4l.org/enKbj)
More info : https://www.php.net/manual/en/ini.core.php#ini.serialize-precision
😁👌
Yassine Rais
@yassinrais

advanced example with json encoding array and decoding
https://3v4l.org/cAFijB

i will try to use the branch 4.0.x to create more clear tests

Yassine Rais
@yassinrais
I opened a pull request with my solution, can you check it please and try to tell me if this is a possible future solution or not :) lcobucci/jwt#706 depending on what are you believing at as a author of this library 😁👌
Luís Cobucci
@lcobucci
Will check it ASAP, thanks for taking the time!
Yassine Rais
@yassinrais

Will check it ASAP, thanks for taking the time!

No worries 🤗

Filimoni Naisua
@BillKG
Lcobucci\JWT\Token\InvalidTokenStructure: Value is not in the allowed date format: 1616215524.98320102691650390625 in file /vendor/lcobucci/jwt/src/Token/InvalidTokenStructure.php on line 23
been stuck on this issue for a while now anyone came across this before and can help
Filimoni Naisua
@BillKG
nvm solved by updating Lcobucci\JWT version to 4.0
Yassine Rais
@yassinrais
@lcobucci i dont think it will be from the (float) $date->format('U.u'); 🤔
Yassine Rais
@yassinrais
@BillKG can you tell us , how did you generate those tokens ? if you dont mind 😁
theLine
@theLine

Hi, I wan't to use asymetric signing and created a new RSA key pair for that, but I'm getting the following error:

Lcobucci\JWT\Signer\InvalidKeyProvided: It was not possible to parse your key, reason: error:0909006C:PEM routines:get_name:no start line in lcobucci/jwt/src/Signer/InvalidKeyProvided.php on line 13

Here's my configuration:

$config = Configuration::forAsymmetricSigner(
    new \Lcobucci\JWT\Signer\Rsa\Sha512(),
    LocalFileReference::file('/path/to/key.id_rsa'),
    LocalFileReference::file('/path/to/key.id_rsa.pem'),
);

I've created the SSH key and PEM file with the following commands:

ssh-keygen -t RSA -b 4096 # no passphrase
ssh-keygen -f key.id_rsa -e -m pem > key.id_rsa.pem

Sorry if that's a dumb question, but I'm not that familiar with cryptography :see_no_evil:
Thanks in advance!