From 608bd7e49a006f24f2a440d94056d980675db570 Mon Sep 17 00:00:00 2001
From: Michiel de Jong <michiel@unhosted.org>
Date: Fri, 1 Sep 2023 10:34:35 +0000
Subject: [PATCH] use from #64

---
 src/Controller/AuthorizeController.php | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/src/Controller/AuthorizeController.php b/src/Controller/AuthorizeController.php
index ebcd49e..09a4731 100644
--- a/src/Controller/AuthorizeController.php
+++ b/src/Controller/AuthorizeController.php
@@ -5,6 +5,10 @@
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 
+use Lcobucci\JWT\Configuration;
+use Lcobucci\JWT\Signer\Key\InMemory;
+use Lcobucci\JWT\Signer\Rsa\Sha256;
+
 class AuthorizeController extends ServerController
 {
     final public function __invoke(ServerRequestInterface $request, array $args): ResponseInterface
@@ -21,11 +25,11 @@ final public function __invoke(ServerRequestInterface $request, array $args): Re
 
         $queryParams = $request->getQueryParams();
 
-		$parser = new \Lcobucci\JWT\Parser();
+		$jwtConfig = Configuration::forSymmetricSigner(new Sha256(), InMemory::plainText($this->config->getPrivateKey()));
 
 		try {
-			$token = $parser->parse($request->getQueryParams()['request']);
-			$_SESSION["nonce"] = $token->getClaim('nonce');
+			$token = $jwtConfig->parser()->parse($request->getQueryParams()['request']);
+			$_SESSION["nonce"] = $token->claims()->get('nonce');
 		} catch(\Exception $e) {
 			$_SESSION["nonce"] = $request->getQueryParams()['nonce'];
 		}
@@ -42,7 +46,7 @@ final public function __invoke(ServerRequestInterface $request, array $args): Re
 
 		if (!isset($getVars['redirect_uri'])) {
 			try {
-				$getVars['redirect_uri'] = $token->getClaim("redirect_uri");
+				$getVars['redirect_uri'] = $token->claims()->get("redirect_uri");
 			} catch(\Exception $e) {
 				return $this->getResponse()
                     ->withStatus(400, "Bad request, missing redirect uri")