diff --git a/README.md b/README.md index 2ca29ad3..e35b1722 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ [![Code Coverage](https://img.shields.io/scrutinizer/coverage/g/lcobucci/jwt/master.svg?style=flat-square)](https://scrutinizer-ci.com/g/lcobucci/jwt/?branch=master) A simple library to work with JSON Web Token and JSON Web Signature (requires PHP 5.5+). -The implementation is based on the [current draft](http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32). +The implementation is based on the [RFC 7519](https://tools.ietf.org/html/rfc7519). ## Installation @@ -32,13 +32,13 @@ Just use the builder to create a new JWT/JWS tokens: ```php use Lcobucci\JWT\Builder; -$token = (new Builder())->setIssuer('http://example.com') // Configures the issuer (iss claim) - ->setAudience('http://example.org') // Configures the audience (aud claim) - ->setId('4f1g23a12aa', true) // Configures the id (jti claim), replicating as a header item - ->setIssuedAt(time()) // Configures the time that the token was issue (iat claim) - ->setNotBefore(time() + 60) // Configures the time that the token can be used (nbf claim) - ->setExpiration(time() + 3600) // Configures the expiration time of the token (exp claim) - ->set('uid', 1) // Configures a new claim, called "uid" +$token = (new Builder())->issuedBy('http://example.com') // Configures the issuer (iss claim) + ->canOnlyBeUsedBy('http://example.org') // Configures the audience (aud claim) + ->identifiedBy('4f1g23a12aa', true) // Configures the id (jti claim), replicating as a header item + ->issuedAt(time()) // Configures the time that the token was issue (iat claim) + ->canOnlyBeUsedAfter(time() + 60) // Configures the time that the token can be used (nbf claim) + ->expiresAt(time() + 3600) // Configures the expiration time of the token (exp claim) + ->with('uid', 1) // Configures a new claim, called "uid" ->getToken(); // Retrieves the generated token @@ -79,21 +79,37 @@ $data->setIssuer('http://example.com'); $data->setAudience('http://example.org'); $data->setId('4f1g23a12aa'); -var_dump($token->validate($data)); // false, because we created a token that cannot be used before of `time() + 60` +var_dump($token->validate($data)); // false, because token cannot be used before of now() + 60 -$data->setCurrentTime(time() + 60); // changing the validation time to future +$data->setCurrentTime(time() + 61); // changing the validation time to future -var_dump($token->validate($data)); // true, because validation information is equals to data contained on the token +var_dump($token->validate($data)); // true, because current time is between "nbf" and "exp" claims $data->setCurrentTime(time() + 4000); // changing the validation time to future var_dump($token->validate($data)); // false, because token is expired since current time is greater than exp ``` +#### Important + +- You have to configure ```ValidationData``` informing all claims you want to validate the token. +- If ```ValidationData``` contains claims that are not being used in token or token has claims that are not +configured in ```ValidationData``` they will be ignored by ```Token::validate()```. +- ```exp```, ```nbf``` and ```iat``` claims are configured by default in ```ValidationData::__construct()``` +with the current UNIX time (```time()```). + ## Token signature We can use signatures to be able to verify if the token was not modified after its generation. This library implements Hmac, RSA and ECDSA signatures (using 256, 384 and 512). +### Important + +Do not allow the string sent to the Parser to dictate which signature algorithm +to use, or else your application will be vulnerable to a [critical JWT security vulnerability](https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries). + +The examples below are safe because the choice in `Signer` is hard-coded and +cannot be influenced by malicious users. + ### Hmac Hmac signatures are really simple to be used: @@ -104,13 +120,13 @@ use Lcobucci\JWT\Signer\Hmac\Sha256; $signer = new Sha256(); -$token = (new Builder())->setIssuer('http://example.com') // Configures the issuer (iss claim) - ->setAudience('http://example.org') // Configures the audience (aud claim) - ->setId('4f1g23a12aa', true) // Configures the id (jti claim), replicating as a header item - ->setIssuedAt(time()) // Configures the time that the token was issue (iat claim) - ->setNotBefore(time() + 60) // Configures the time that the token can be used (nbf claim) - ->setExpiration(time() + 3600) // Configures the expiration time of the token (exp claim) - ->set('uid', 1) // Configures a new claim, called "uid" +$token = (new Builder())->issuedBy('http://example.com') // Configures the issuer (iss claim) + ->canOnlyBeUsedBy('http://example.org') // Configures the audience (aud claim) + ->identifiedBy('4f1g23a12aa', true) // Configures the id (jti claim), replicating as a header item + ->issuedAt(time()) // Configures the time that the token was issue (iat claim) + ->canOnlyBeUsedAfter(time() + 60) // Configures the time that the token can be used (nbf claim) + ->expiresAt(time() + 3600) // Configures the expiration time of the token (exp claim) + ->with('uid', 1) // Configures a new claim, called "uid" ->sign($signer, 'testing') // creates a signature using "testing" as key ->getToken(); // Retrieves the generated token @@ -125,25 +141,25 @@ RSA and ECDSA signatures are based on public and private keys so you have to gen ```php use Lcobucci\JWT\Builder; -use Lcobucci\JWT\Signer\Keychain; // just to make our life simpler +use Lcobucci\JWT\Signer\Key; use Lcobucci\JWT\Signer\Rsa\Sha256; // you can use Lcobucci\JWT\Signer\Ecdsa\Sha256 if you're using ECDSA keys $signer = new Sha256(); - -$keychain = new Keychain(); - -$token = (new Builder())->setIssuer('http://example.com') // Configures the issuer (iss claim) - ->setAudience('http://example.org') // Configures the audience (aud claim) - ->setId('4f1g23a12aa', true) // Configures the id (jti claim), replicating as a header item - ->setIssuedAt(time()) // Configures the time that the token was issue (iat claim) - ->setNotBefore(time() + 60) // Configures the time that the token can be used (nbf claim) - ->setExpiration(time() + 3600) // Configures the expiration time of the token (nbf claim) - ->set('uid', 1) // Configures a new claim, called "uid" - ->sign($signer, $keychain->getPrivateKey('file://{path to your private key}')) // creates a signature using your private key +$privateKey = new Key('file://{path to your private key}'); + +$token = (new Builder())->issuedBy('http://example.com') // Configures the issuer (iss claim) + ->canOnlyBeUsedBy('http://example.org') // Configures the audience (aud claim) + ->identifiedBy('4f1g23a12aa', true) // Configures the id (jti claim), replicating as a header item + ->issuedAt(time()) // Configures the time that the token was issue (iat claim) + ->canOnlyBeUsedAfter(time() + 60) // Configures the time that the token can be used (nbf claim) + ->expiresAt(time() + 3600) // Configures the expiration time of the token (exp claim) + ->with('uid', 1) // Configures a new claim, called "uid" + ->sign($signer, $privateKey) // creates a signature using your private key ->getToken(); // Retrieves the generated token +$publicKey = new Key('file://{path to your public key}'); -var_dump($token->verify($signer, $keychain->getPublicKey('file://{path to your public key}'))); // true when the public key was generated by the private one =) +var_dump($token->verify($signer, $publicKey)); // true when the public key was generated by the private one =) ``` **It's important to say that if you're using RSA keys you shouldn't invoke ECDSA signers (and vice-versa), otherwise ```sign()``` and ```verify()``` will raise an exception!** diff --git a/src/Builder.php b/src/Builder.php index af1f643a..069813d3 100644 --- a/src/Builder.php +++ b/src/Builder.php @@ -25,14 +25,14 @@ class Builder * * @var array */ - private $headers; + private $headers = ['typ'=> 'JWT', 'alg' => 'none']; /** * The token claim set * * @var array */ - private $claims; + private $claims = []; /** * The token signature @@ -67,14 +67,29 @@ public function __construct( ) { $this->encoder = $encoder ?: new Encoder(); $this->claimFactory = $claimFactory ?: new ClaimFactory(); - $this->headers = ['typ'=> 'JWT', 'alg' => 'none']; - $this->claims = []; + $this->headers; + $this->claims; } /** * Configures the audience * * @param string $audience + * @param bool $replicateAsHeader + * + * @return Builder + */ + public function canOnlyBeUsedBy($audience, $replicateAsHeader = false) + { + return $this->setRegisteredClaim('aud', (string) $audience, $replicateAsHeader); + } + + /** + * Configures the audience + * + * @deprecated This method will be removed on v4, use canOnlyBeUsedBy() instead + * + * @param string $audience * @param boolean $replicateAsHeader * * @return Builder @@ -92,6 +107,21 @@ public function setAudience($audience, $replicateAsHeader = false) * * @return Builder */ + public function expiresAt($expiration, $replicateAsHeader = false) + { + return $this->setRegisteredClaim('exp', (int) $expiration, $replicateAsHeader); + } + + /** + * Configures the expiration time + * + * @deprecated This method will be removed on v4, use expiresAt() instead + * + * @param int $expiration + * @param boolean $replicateAsHeader + * + * @return Builder + */ public function setExpiration($expiration, $replicateAsHeader = false) { return $this->setRegisteredClaim('exp', (int) $expiration, $replicateAsHeader); @@ -105,11 +135,26 @@ public function setExpiration($expiration, $replicateAsHeader = false) * * @return Builder */ - public function setId($id, $replicateAsHeader = false) + public function identifiedBy($id, $replicateAsHeader = false) { return $this->setRegisteredClaim('jti', (string) $id, $replicateAsHeader); } + /** + * Configures the token id + * + * @deprecated This method will be removed on v4, use identifiedBy() instead + * + * @param string $id + * @param boolean $replicateAsHeader + * + * @return Builder + */ + public function setId($id, $replicateAsHeader = false) + { + return $this->identifiedBy($id, $replicateAsHeader); + } + /** * Configures the time that the token was issued * @@ -118,11 +163,26 @@ public function setId($id, $replicateAsHeader = false) * * @return Builder */ - public function setIssuedAt($issuedAt, $replicateAsHeader = false) + public function issuedAt($issuedAt, $replicateAsHeader = false) { return $this->setRegisteredClaim('iat', (int) $issuedAt, $replicateAsHeader); } + /** + * Configures the time that the token was issued + * + * @deprecated This method will be removed on v4, use issuedAt() instead + * + * @param int $issuedAt + * @param boolean $replicateAsHeader + * + * @return Builder + */ + public function setIssuedAt($issuedAt, $replicateAsHeader = false) + { + return $this->issuedAt($issuedAt, $replicateAsHeader); + } + /** * Configures the issuer * @@ -131,11 +191,26 @@ public function setIssuedAt($issuedAt, $replicateAsHeader = false) * * @return Builder */ - public function setIssuer($issuer, $replicateAsHeader = false) + public function issuedBy($issuer, $replicateAsHeader = false) { return $this->setRegisteredClaim('iss', (string) $issuer, $replicateAsHeader); } + /** + * Configures the issuer + * + * @deprecated This method will be removed on v4, use issuedBy() instead + * + * @param string $issuer + * @param boolean $replicateAsHeader + * + * @return Builder + */ + public function setIssuer($issuer, $replicateAsHeader = false) + { + return $this->issuedBy($issuer, $replicateAsHeader); + } + /** * Configures the time before which the token cannot be accepted * @@ -144,11 +219,26 @@ public function setIssuer($issuer, $replicateAsHeader = false) * * @return Builder */ - public function setNotBefore($notBefore, $replicateAsHeader = false) + public function canOnlyBeUsedAfter($notBefore, $replicateAsHeader = false) { return $this->setRegisteredClaim('nbf', (int) $notBefore, $replicateAsHeader); } + /** + * Configures the time before which the token cannot be accepted + * + * @deprecated This method will be removed on v4, use canOnlyBeUsedAfter() instead + * + * @param int $notBefore + * @param boolean $replicateAsHeader + * + * @return Builder + */ + public function setNotBefore($notBefore, $replicateAsHeader = false) + { + return $this->canOnlyBeUsedAfter($notBefore, $replicateAsHeader); + } + /** * Configures the subject * @@ -157,11 +247,26 @@ public function setNotBefore($notBefore, $replicateAsHeader = false) * * @return Builder */ - public function setSubject($subject, $replicateAsHeader = false) + public function relatedTo($subject, $replicateAsHeader = false) { return $this->setRegisteredClaim('sub', (string) $subject, $replicateAsHeader); } + /** + * Configures the subject + * + * @deprecated This method will be removed on v4, use relatedTo() instead + * + * @param string $subject + * @param boolean $replicateAsHeader + * + * @return Builder + */ + public function setSubject($subject, $replicateAsHeader = false) + { + return $this->relatedTo($subject, $replicateAsHeader); + } + /** * Configures a registed claim * @@ -173,7 +278,7 @@ public function setSubject($subject, $replicateAsHeader = false) */ protected function setRegisteredClaim($name, $value, $replicate) { - $this->set($name, $value); + $this->with($name, $value); if ($replicate) { $this->headers[$name] = $this->claims[$name]; @@ -192,7 +297,7 @@ protected function setRegisteredClaim($name, $value, $replicate) * * @throws BadMethodCallException When data has been already signed */ - public function setHeader($name, $value) + public function withHeader($name, $value) { if ($this->signature) { throw new BadMethodCallException('You must unsign before make changes'); @@ -203,6 +308,23 @@ public function setHeader($name, $value) return $this; } + /** + * Configures a header item + * + * @deprecated This method will be removed on v4, use withHeader() instead + * + * @param string $name + * @param mixed $value + * + * @return Builder + * + * @throws BadMethodCallException When data has been already signed + */ + public function setHeader($name, $value) + { + return $this->withHeader($name, $value); + } + /** * Configures a claim item * @@ -213,7 +335,7 @@ public function setHeader($name, $value) * * @throws BadMethodCallException When data has been already signed */ - public function set($name, $value) + public function with($name, $value) { if ($this->signature) { throw new BadMethodCallException('You must unsign before making changes'); @@ -224,9 +346,28 @@ public function set($name, $value) return $this; } + /** + * Configures a claim item + * + * @deprecated This method will be removed on v4, use with() instead + * + * @param string $name + * @param mixed $value + * + * @return Builder + * + * @throws BadMethodCallException When data has been already signed + */ + public function set($name, $value) + { + return $this->with($name, $value); + } + /** * Signs the data * + * @deprecated This method will be removed on v4, signature will be created on the getToken() method + * * @param Signer $signer * @param Key|string $key * @@ -247,6 +388,8 @@ public function sign(Signer $signer, $key) /** * Removes the signature from the builder * + * @deprecated This method will be removed on v4, signature will be created on the getToken() method + * * @return Builder */ public function unsign() diff --git a/src/Claim/Basic.php b/src/Claim/Basic.php index 96a8cd34..3626d1b7 100644 --- a/src/Claim/Basic.php +++ b/src/Claim/Basic.php @@ -12,6 +12,8 @@ /** * The default claim * + * @deprecated This class will be removed on v4 + * * @author Luís Otávio Cobucci Oblonczyk * @since 2.0.0 */ diff --git a/src/Claim/EqualsTo.php b/src/Claim/EqualsTo.php index 071b74ae..b6cc49b9 100644 --- a/src/Claim/EqualsTo.php +++ b/src/Claim/EqualsTo.php @@ -13,6 +13,8 @@ /** * Validatable claim that checks if value is strictly equals to the given data * + * @deprecated This class will be removed on v4 + * * @author Luís Otávio Cobucci Oblonczyk * @since 2.0.0 */ diff --git a/src/Claim/Factory.php b/src/Claim/Factory.php index 9c1c2b06..6a941057 100644 --- a/src/Claim/Factory.php +++ b/src/Claim/Factory.php @@ -12,6 +12,8 @@ /** * Class that create claims * + * @deprecated This class will be removed on v4 + * * @author Luís Otávio Cobucci Oblonczyk * @since 2.0.0 */ diff --git a/src/Claim/GreaterOrEqualsTo.php b/src/Claim/GreaterOrEqualsTo.php index 0a4c2466..550e21e0 100644 --- a/src/Claim/GreaterOrEqualsTo.php +++ b/src/Claim/GreaterOrEqualsTo.php @@ -13,6 +13,8 @@ /** * Validatable claim that checks if value is greater or equals the given data * + * @deprecated This class will be removed on v4 + * * @author Luís Otávio Cobucci Oblonczyk * @since 2.0.0 */ diff --git a/src/Claim/LesserOrEqualsTo.php b/src/Claim/LesserOrEqualsTo.php index 3d89ccf7..962edc89 100644 --- a/src/Claim/LesserOrEqualsTo.php +++ b/src/Claim/LesserOrEqualsTo.php @@ -13,6 +13,8 @@ /** * Validatable claim that checks if value is lesser or equals to the given data * + * @deprecated This class will be removed on v4 + * * @author Luís Otávio Cobucci Oblonczyk * @since 2.0.0 */ diff --git a/src/Claim/Validatable.php b/src/Claim/Validatable.php index 0e49cf22..63a27744 100644 --- a/src/Claim/Validatable.php +++ b/src/Claim/Validatable.php @@ -12,6 +12,8 @@ /** * Basic interface for validatable token claims * + * @deprecated This interface will be removed on v4 + * * @author Luís Otávio Cobucci Oblonczyk * @since 2.0.0 */ diff --git a/src/Signer/BaseSigner.php b/src/Signer/BaseSigner.php index b5243ff9..4d41eeaf 100644 --- a/src/Signer/BaseSigner.php +++ b/src/Signer/BaseSigner.php @@ -13,6 +13,8 @@ /** * Base class for signers * + * @deprecated This class will be removed on v4 + * * @author Luís Otávio Cobucci Oblonczyk * @since 0.1.0 */ diff --git a/src/Token.php b/src/Token.php index 2f6299b1..62d7f87d 100644 --- a/src/Token.php +++ b/src/Token.php @@ -73,6 +73,8 @@ public function __construct( /** * Returns the token headers * + * @deprecated This method will be renamed on v4, the returned value will also change + * * @return array */ public function getHeaders() @@ -83,6 +85,8 @@ public function getHeaders() /** * Returns if the header is configured * + * @deprecated This method will be removed on v4 + * * @param string $name * * @return boolean @@ -95,6 +99,8 @@ public function hasHeader($name) /** * Returns the value of a token header * + * @deprecated This method will be removed on v4 + * * @param string $name * @param mixed $default * @@ -136,6 +142,8 @@ private function getHeaderValue($name) /** * Returns the token claim set * + * @deprecated This method will be renamed on v4, the returned value will also change + * * @return array */ public function getClaims() @@ -146,6 +154,8 @@ public function getClaims() /** * Returns if the claim is configured * + * @deprecated This method will be removed on v4 + * * @param string $name * * @return boolean @@ -158,6 +168,8 @@ public function hasClaim($name) /** * Returns the value of a token claim * + * @deprecated This method will be removed on v4 + * * @param string $name * @param mixed $default * @@ -181,6 +193,8 @@ public function getClaim($name, $default = null) /** * Verify if the key matches with the one that created the signature * + * @deprecated This method will be removed on v4, new validation API should be used + * * @param Signer $signer * @param string $key * @@ -204,6 +218,8 @@ public function verify(Signer $signer, $key) /** * Validates if the token is valid * + * @deprecated This method will be removed on v4, new validation API should be used + * * @param ValidationData $data * * @return boolean @@ -259,6 +275,8 @@ private function getValidatableClaims() /** * Returns the token payload * + * @deprecated This method will be renamed on v4 + * * @return string */ public function getPayload() diff --git a/src/ValidationData.php b/src/ValidationData.php index 6302d0be..3aca00b6 100644 --- a/src/ValidationData.php +++ b/src/ValidationData.php @@ -10,6 +10,8 @@ /** * Class that wraps validation values * + * @deprecated This class will be removed on v4, new validation API should be used + * * @author Luís Otávio Cobucci Oblonczyk * @since 2.0.0 */ diff --git a/test/unit/BuilderTest.php b/test/unit/BuilderTest.php index de6b61f9..4b03ac2e 100644 --- a/test/unit/BuilderTest.php +++ b/test/unit/BuilderTest.php @@ -73,15 +73,15 @@ public function constructMustInitializeTheAttributes() * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setAudience + * @covers Lcobucci\JWT\Builder::canOnlyBeUsedBy * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setAudienceMustChangeTheAudClaim() + public function canOnlyBeUsedByMustChangeTheAudClaim() { $builder = $this->createBuilder(); - $builder->setAudience('test'); + $builder->canOnlyBeUsedBy('test'); $this->assertAttributeEquals(['alg' => 'none', 'typ' => 'JWT'], 'headers', $builder); $this->assertAttributeEquals(['aud' => $this->defaultClaim], 'claims', $builder); @@ -91,15 +91,15 @@ public function setAudienceMustChangeTheAudClaim() * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setAudience + * @covers Lcobucci\JWT\Builder::canOnlyBeUsedBy * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setAudienceCanReplicateItemOnHeader() + public function canOnlyBeUsedByCanReplicateItemOnHeader() { $builder = $this->createBuilder(); - $builder->setAudience('test', true); + $builder->canOnlyBeUsedBy('test', true); $this->assertAttributeEquals(['aud' => $this->defaultClaim], 'claims', $builder); @@ -114,31 +114,31 @@ public function setAudienceCanReplicateItemOnHeader() * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setAudience + * @covers Lcobucci\JWT\Builder::canOnlyBeUsedBy * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setAudienceMustKeepAFluentInterface() + public function canOnlyBeUsedByMustKeepAFluentInterface() { $builder = $this->createBuilder(); - $this->assertSame($builder, $builder->setAudience('test')); + $this->assertSame($builder, $builder->canOnlyBeUsedBy('test')); } /** * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setExpiration + * @covers Lcobucci\JWT\Builder::expiresAt * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setExpirationMustChangeTheExpClaim() + public function expiresAtMustChangeTheExpClaim() { $builder = $this->createBuilder(); - $builder->setExpiration('2'); + $builder->expiresAt('2'); $this->assertAttributeEquals(['alg' => 'none', 'typ' => 'JWT'], 'headers', $builder); $this->assertAttributeEquals(['exp' => $this->defaultClaim], 'claims', $builder); @@ -148,15 +148,15 @@ public function setExpirationMustChangeTheExpClaim() * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setExpiration + * @covers Lcobucci\JWT\Builder::expiresAt * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setExpirationCanReplicateItemOnHeader() + public function expiresAtCanReplicateItemOnHeader() { $builder = $this->createBuilder(); - $builder->setExpiration('2', true); + $builder->expiresAt('2', true); $this->assertAttributeEquals(['exp' => $this->defaultClaim], 'claims', $builder); @@ -171,31 +171,31 @@ public function setExpirationCanReplicateItemOnHeader() * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setExpiration + * @covers Lcobucci\JWT\Builder::expiresAt * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setExpirationMustKeepAFluentInterface() + public function expiresAtMustKeepAFluentInterface() { $builder = $this->createBuilder(); - $this->assertSame($builder, $builder->setExpiration('2')); + $this->assertSame($builder, $builder->expiresAt('2')); } /** * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setId + * @covers Lcobucci\JWT\Builder::identifiedBy * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setIdMustChangeTheJtiClaim() + public function identifiedByMustChangeTheJtiClaim() { $builder = $this->createBuilder(); - $builder->setId('2'); + $builder->identifiedBy('2'); $this->assertAttributeEquals(['alg' => 'none', 'typ' => 'JWT'], 'headers', $builder); $this->assertAttributeEquals(['jti' => $this->defaultClaim], 'claims', $builder); @@ -205,15 +205,15 @@ public function setIdMustChangeTheJtiClaim() * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setId + * @covers Lcobucci\JWT\Builder::identifiedBy * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setIdCanReplicateItemOnHeader() + public function identifiedByCanReplicateItemOnHeader() { $builder = $this->createBuilder(); - $builder->setId('2', true); + $builder->identifiedBy('2', true); $this->assertAttributeEquals(['jti' => $this->defaultClaim], 'claims', $builder); @@ -228,31 +228,31 @@ public function setIdCanReplicateItemOnHeader() * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setId + * @covers Lcobucci\JWT\Builder::identifiedBy * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setIdMustKeepAFluentInterface() + public function identifiedByMustKeepAFluentInterface() { $builder = $this->createBuilder(); - $this->assertSame($builder, $builder->setId('2')); + $this->assertSame($builder, $builder->identifiedBy('2')); } /** * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setIssuedAt + * @covers Lcobucci\JWT\Builder::issuedAt * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setIssuedAtMustChangeTheIatClaim() + public function issuedAtMustChangeTheIatClaim() { $builder = $this->createBuilder(); - $builder->setIssuedAt('2'); + $builder->issuedAt('2'); $this->assertAttributeEquals(['alg' => 'none', 'typ' => 'JWT'], 'headers', $builder); $this->assertAttributeEquals(['iat' => $this->defaultClaim], 'claims', $builder); @@ -262,15 +262,15 @@ public function setIssuedAtMustChangeTheIatClaim() * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setIssuedAt + * @covers Lcobucci\JWT\Builder::issuedAt * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setIssuedAtCanReplicateItemOnHeader() + public function issuedAtCanReplicateItemOnHeader() { $builder = $this->createBuilder(); - $builder->setIssuedAt('2', true); + $builder->issuedAt('2', true); $this->assertAttributeEquals(['iat' => $this->defaultClaim], 'claims', $builder); @@ -285,31 +285,31 @@ public function setIssuedAtCanReplicateItemOnHeader() * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setIssuedAt + * @covers Lcobucci\JWT\Builder::issuedAt * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setIssuedAtMustKeepAFluentInterface() + public function issuedAtMustKeepAFluentInterface() { $builder = $this->createBuilder(); - $this->assertSame($builder, $builder->setIssuedAt('2')); + $this->assertSame($builder, $builder->issuedAt('2')); } /** * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setIssuer + * @covers Lcobucci\JWT\Builder::issuedBy * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setIssuerMustChangeTheIssClaim() + public function issuedByMustChangeTheIssClaim() { $builder = $this->createBuilder(); - $builder->setIssuer('2'); + $builder->issuedBy('2'); $this->assertAttributeEquals(['alg' => 'none', 'typ' => 'JWT'], 'headers', $builder); $this->assertAttributeEquals(['iss' => $this->defaultClaim], 'claims', $builder); @@ -319,15 +319,15 @@ public function setIssuerMustChangeTheIssClaim() * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setIssuer + * @covers Lcobucci\JWT\Builder::issuedBy * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setIssuerCanReplicateItemOnHeader() + public function issuedByCanReplicateItemOnHeader() { $builder = $this->createBuilder(); - $builder->setIssuer('2', true); + $builder->issuedBy('2', true); $this->assertAttributeEquals(['iss' => $this->defaultClaim], 'claims', $builder); @@ -342,31 +342,31 @@ public function setIssuerCanReplicateItemOnHeader() * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setIssuer + * @covers Lcobucci\JWT\Builder::issuedBy * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setIssuerMustKeepAFluentInterface() + public function issuedByMustKeepAFluentInterface() { $builder = $this->createBuilder(); - $this->assertSame($builder, $builder->setIssuer('2')); + $this->assertSame($builder, $builder->issuedBy('2')); } /** * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setNotBefore + * @covers Lcobucci\JWT\Builder::canOnlyBeUsedAfter * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setNotBeforeMustChangeTheNbfClaim() + public function canOnlyBeUsedAfterMustChangeTheNbfClaim() { $builder = $this->createBuilder(); - $builder->setNotBefore('2'); + $builder->canOnlyBeUsedAfter('2'); $this->assertAttributeEquals(['alg' => 'none', 'typ' => 'JWT'], 'headers', $builder); $this->assertAttributeEquals(['nbf' => $this->defaultClaim], 'claims', $builder); @@ -376,15 +376,15 @@ public function setNotBeforeMustChangeTheNbfClaim() * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setNotBefore + * @covers Lcobucci\JWT\Builder::canOnlyBeUsedAfter * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setNotBeforeCanReplicateItemOnHeader() + public function canOnlyBeUsedAfterCanReplicateItemOnHeader() { $builder = $this->createBuilder(); - $builder->setNotBefore('2', true); + $builder->canOnlyBeUsedAfter('2', true); $this->assertAttributeEquals(['nbf' => $this->defaultClaim], 'claims', $builder); @@ -399,31 +399,31 @@ public function setNotBeforeCanReplicateItemOnHeader() * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setNotBefore + * @covers Lcobucci\JWT\Builder::canOnlyBeUsedAfter * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setNotBeforeMustKeepAFluentInterface() + public function canOnlyBeUsedAfterMustKeepAFluentInterface() { $builder = $this->createBuilder(); - $this->assertSame($builder, $builder->setNotBefore('2')); + $this->assertSame($builder, $builder->canOnlyBeUsedAfter('2')); } /** * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setSubject + * @covers Lcobucci\JWT\Builder::relatedTo * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setSubjectMustChangeTheSubClaim() + public function relatedToMustChangeTheSubClaim() { $builder = $this->createBuilder(); - $builder->setSubject('2'); + $builder->relatedTo('2'); $this->assertAttributeEquals(['alg' => 'none', 'typ' => 'JWT'], 'headers', $builder); $this->assertAttributeEquals(['sub' => $this->defaultClaim], 'claims', $builder); @@ -433,15 +433,15 @@ public function setSubjectMustChangeTheSubClaim() * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setSubject + * @covers Lcobucci\JWT\Builder::relatedTo * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setSubjectCanReplicateItemOnHeader() + public function relatedToCanReplicateItemOnHeader() { $builder = $this->createBuilder(); - $builder->setSubject('2', true); + $builder->relatedTo('2', true); $this->assertAttributeEquals(['sub' => $this->defaultClaim], 'claims', $builder); @@ -456,16 +456,16 @@ public function setSubjectCanReplicateItemOnHeader() * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * - * @covers Lcobucci\JWT\Builder::setSubject + * @covers Lcobucci\JWT\Builder::relatedTo * @covers Lcobucci\JWT\Builder::setRegisteredClaim */ - public function setSubjectMustKeepAFluentInterface() + public function relatedToMustKeepAFluentInterface() { $builder = $this->createBuilder(); - $this->assertSame($builder, $builder->setSubject('2')); + $this->assertSame($builder, $builder->relatedTo('2')); } /** @@ -473,12 +473,12 @@ public function setSubjectMustKeepAFluentInterface() * * @uses Lcobucci\JWT\Builder::__construct * - * @covers Lcobucci\JWT\Builder::set + * @covers Lcobucci\JWT\Builder::with */ - public function setMustConfigureTheGivenClaim() + public function withMustConfigureTheGivenClaim() { $builder = $this->createBuilder(); - $builder->set('userId', 2); + $builder->with('userId', 2); $this->assertAttributeEquals(['userId' => $this->defaultClaim], 'claims', $builder); } @@ -488,13 +488,13 @@ public function setMustConfigureTheGivenClaim() * * @uses Lcobucci\JWT\Builder::__construct * - * @covers Lcobucci\JWT\Builder::set + * @covers Lcobucci\JWT\Builder::with */ - public function setMustKeepAFluentInterface() + public function withMustKeepAFluentInterface() { $builder = $this->createBuilder(); - $this->assertSame($builder, $builder->set('userId', 2)); + $this->assertSame($builder, $builder->with('userId', 2)); } /** @@ -502,12 +502,12 @@ public function setMustKeepAFluentInterface() * * @uses Lcobucci\JWT\Builder::__construct * - * @covers Lcobucci\JWT\Builder::setHeader + * @covers Lcobucci\JWT\Builder::withHeader */ - public function setHeaderMustConfigureTheGivenClaim() + public function withHeaderMustConfigureTheGivenClaim() { $builder = $this->createBuilder(); - $builder->setHeader('userId', 2); + $builder->withHeader('userId', 2); $this->assertAttributeEquals( ['alg' => 'none', 'typ' => 'JWT', 'userId' => $this->defaultClaim], @@ -521,13 +521,13 @@ public function setHeaderMustConfigureTheGivenClaim() * * @uses Lcobucci\JWT\Builder::__construct * - * @covers Lcobucci\JWT\Builder::setHeader + * @covers Lcobucci\JWT\Builder::withHeader */ - public function setHeaderMustKeepAFluentInterface() + public function withHeaderMustKeepAFluentInterface() { $builder = $this->createBuilder(); - $this->assertSame($builder, $builder->setHeader('userId', 2)); + $this->assertSame($builder, $builder->withHeader('userId', 2)); } /** @@ -613,11 +613,11 @@ public function unsignMustKeepAFluentInterface(Builder $builder) * @uses Lcobucci\JWT\Builder::getToken * @uses Lcobucci\JWT\Token * - * @covers Lcobucci\JWT\Builder::set + * @covers Lcobucci\JWT\Builder::with * * @expectedException BadMethodCallException */ - public function setMustRaiseExceptionWhenTokenHasBeenSigned() + public function withMustRaiseExceptionWhenTokenHasBeenSigned() { $signer = $this->getMock(Signer::class); $signature = $this->getMock(Signature::class, [], [], '', false); @@ -628,7 +628,7 @@ public function setMustRaiseExceptionWhenTokenHasBeenSigned() $builder = $this->createBuilder(); $builder->sign($signer, 'test'); - $builder->set('test', 123); + $builder->with('test', 123); } /** @@ -639,11 +639,11 @@ public function setMustRaiseExceptionWhenTokenHasBeenSigned() * @uses Lcobucci\JWT\Builder::getToken * @uses Lcobucci\JWT\Token * - * @covers Lcobucci\JWT\Builder::setHeader + * @covers Lcobucci\JWT\Builder::withHeader * * @expectedException BadMethodCallException */ - public function setHeaderMustRaiseExceptionWhenTokenHasBeenSigned() + public function withHeaderMustRaiseExceptionWhenTokenHasBeenSigned() { $signer = $this->getMock(Signer::class); $signature = $this->getMock(Signature::class, [], [], '', false); @@ -654,14 +654,14 @@ public function setHeaderMustRaiseExceptionWhenTokenHasBeenSigned() $builder = $this->createBuilder(); $builder->sign($signer, 'test'); - $builder->setHeader('test', 123); + $builder->withHeader('test', 123); } /** * @test * * @uses Lcobucci\JWT\Builder::__construct - * @uses Lcobucci\JWT\Builder::set + * @uses Lcobucci\JWT\Builder::with * @uses Lcobucci\JWT\Token * * @covers Lcobucci\JWT\Builder::getToken @@ -680,7 +680,7 @@ public function getTokenMustReturnANewTokenWithCurrentConfiguration() ->withConsecutive(['1'], ['2'], [$signature]) ->willReturnOnConsecutiveCalls('1', '2', '3'); - $builder = $this->createBuilder()->set('test', 123); + $builder = $this->createBuilder()->with('test', 123); $builderSign = new \ReflectionProperty($builder, 'signature'); $builderSign->setAccessible(true);