From 59213cedc73b15f0868430335c09a73e0c0037b0 Mon Sep 17 00:00:00 2001 From: Yvo Brevoort Date: Thu, 16 Nov 2023 14:20:09 +0100 Subject: [PATCH 1/3] typofix --- src/Utils/Bearer.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Utils/Bearer.php b/src/Utils/Bearer.php index ab9bcfc..2be222d 100644 --- a/src/Utils/Bearer.php +++ b/src/Utils/Bearer.php @@ -95,7 +95,7 @@ public function validateJwt($jwt, $request) { */ public function validateIdToken($token, $request) { $jwtConfig = Configuration::forUnsecuredSigner(); - $jwtConfig->parser()->parse($jwt); + $jwtConfig->parser()->parse($token); return true; } From cc00fc8b9804695d15f223e36714b3c4072a4807 Mon Sep 17 00:00:00 2001 From: Ben Peachey Date: Fri, 24 Nov 2023 16:31:55 +0100 Subject: [PATCH 2/3] Change `__toString()` call to string cast in TokenGenerator. --- src/TokenGenerator.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/TokenGenerator.php b/src/TokenGenerator.php index e34112c..e6fc26f 100644 --- a/src/TokenGenerator.php +++ b/src/TokenGenerator.php @@ -210,6 +210,6 @@ private function makeJwkThumbprint($dpop): string private function getJwks() { $key = $this->config->getKeys()->getPublicKey(); $jwks = new Jwks($key); - return json_decode($jwks->__toString(), true); + return json_decode((string) $jwks, true); } } From 5323632d00fc9a00bc29af0878ca61912e5243db Mon Sep 17 00:00:00 2001 From: Yvo Brevoort Date: Fri, 24 Nov 2023 16:49:23 +0100 Subject: [PATCH 3/3] Update Bearer.php --- src/Utils/Bearer.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/Utils/Bearer.php b/src/Utils/Bearer.php index 2be222d..09cded0 100644 --- a/src/Utils/Bearer.php +++ b/src/Utils/Bearer.php @@ -22,6 +22,9 @@ /** * This class contains code to fetch the WebId from a request * that is make in legacy mode (bearer token with pop) + * + * @ TODO: Make sure this code complies with the spec and validate the tokens properly; + * https://datatracker.ietf.org/doc/html/rfc7800 */ class Bearer {