Upgrading firebase/php-jwt to v6 #225
Conversation
JimTools
changed the title
JimTools
changed the title
JimTools
force-pushed
the
feature/php-jwt-v6
branch
from
a05967c
to
931275a
Compare
|
Is this PR dead? I really should upgrade to 6.x. The 6.8.1 resolve my problem. firebase/php-jwt#488 |
|
Not dead, just focus elsewhere at the moment.. Ie the usual "paid work comes first situation". |
|
@tuupola, is there something we can do to help forward this along? |
Removing the key id from when only one secret/algorithm is supplied
When only one algorithm is passed into the configuration but multiple secrets are provided the algorithm
array then needs to be manipulated into a key value store, using the key from the secrets list and the
algorithm being used for the value.
for example:
```
[
'secret' => [
'foo' => 'keepItSecret',
'bar' => 'tooManySecrets',
],
'algorithm' => [
'HS256',
],
]
```
will become
```
[
'secret' => [
'foo' => 'keepItSecret',
'bar' => 'tooManySecrets',
],
'algorithm' => [
'foo' => 'HS256',
'bar' => 'HS256',
],
]
```
JimTools
force-pushed
the
feature/php-jwt-v6
branch
from
931275a
to
6346d2f
Compare
Updatig the readme to explain whe the KID is now needed when passing when decodig the token also why the token need the KID to be set in the header
JimTools
force-pushed
the
feature/php-jwt-v6
branch
from
f613325
to
f6fe49f
Compare
JimTools
force-pushed
the
feature/php-jwt-v6
branch
from
f6fe49f
to
3e9924b
Compare
|
I’ve updated the PR with the latest changes from upstream. Just want to reiterate merging this a BC with the way multiple algorithms/secrets are handed but that is unavoidable. |
|
This PR is crucial to unlock the ability to update other dependencies, like google/auth. |
|
@pwoszczyk As this issue has been open for a while now I've decided to fork and release the package myself with this patch applied however it is not just a drop-in replacement. |
|
@JimTools I don't think I will have time to work on this in any near future. Especially since it is impossible to do without a BC break. I also don't do much PHP at the moment. So I am happy to deprecate this package and point to your fork. Since it is a BC brake anyway you could start with 1.0 and a good idea to remove slim from the name too. |
|
@JimTools Is it ok for you to mark |
|
@tuupola yes it's not an issue! I can raise a PR if you'd like. |
|
I guess the other alternative is you give me write access to this repo and I handle the next release. |
Upgrading firebase/php-jwt to v6 this has a significant change in usage, the secret and algorithm need to be known a head of time to build the key.
changes now manipulate the algorithm option when only one secret is provided.
[ 'secret' => [ 'foo' => 'keepItSecret', 'bar' => 'tooManySecrets', ], 'algorithm' => [ 'HS256', ], ]will become
[ 'secret' => [ 'foo' => 'keepItSecret', 'bar' => 'tooManySecrets', ], 'algorithm' => [ 'foo' => 'HS256', 'bar' => 'HS256', ], ]closes (#217)