Skip to content

Commit

Permalink
bump min NC to 24, upgrade php-jwt, adjust implementation
Browse files Browse the repository at this point in the history 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
  • Loading branch information
@julien-nc
julien-nc committed Aug 30, 2023
1 parent 024ef1a commit f7b68dd
Show file tree
Hide file tree
Showing 9 changed files with 26 additions and 45 deletions.
9 changes: 0 additions & 9 deletions .github/workflows/integration.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,15 +22,6 @@ jobs:
databases: ['sqlite', 'mysql', 'pgsql']
server-versions: ['master']
include:
- php-versions: 7.4
databases: mysql
server-versions: stable21
- php-versions: 8.0
databases: mysql
server-versions: stable22
- php-versions: 8.0
databases: mysql
server-versions: stable23
- php-versions: 8.1
databases: mysql
server-versions: stable24
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/lint.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:

strategy:
matrix:
php-versions: ['7.3', '7.4', '8.0', "8.1"]
php-versions: ['7.4', '8.0', "8.1"]

name: php${{ matrix.php-versions }}
steps:
Expand Down
20 changes: 2 additions & 18 deletions .github/workflows/phpunit.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,32 +19,16 @@ jobs:
strategy:
fail-fast: false
matrix:
php-versions: ['7.3', '7.4', '8.0', '8.1']
php-versions: ['7.4', '8.0', '8.1']
databases: ['mysql']
server-versions: ['stable21', 'stable22', 'stable23', 'stable24', 'stable25', 'stable26', 'stable27', 'master']
server-versions: ['stable24', 'stable25', 'stable26', 'stable27', 'master']
exclude:
- php-versions: 7.3
server-versions: master
- php-versions: 7.4
server-versions: master
- php-versions: 7.3
server-versions: stable27
- php-versions: 7.4
server-versions: stable27
- php-versions: 7.3
server-versions: stable26
- php-versions: 7.4
server-versions: stable26
- php-versions: 7.3
server-versions: stable25
- php-versions: 7.3
server-versions: stable24
- php-versions: 8.1
server-versions: stable21
- php-versions: 8.1
server-versions: stable22
- php-versions: 8.1
server-versions: stable23
include:
- php-versions: 8.2
databases: mysql
Expand Down
2 changes: 1 addition & 1 deletion appinfo/info.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
<bugs>https://github.com/nextcloud/user_oidc/issues</bugs>
<repository>https://github.com/nextcloud/user_oidc</repository>
<dependencies>
<nextcloud min-version="21" max-version="28"/>
<nextcloud min-version="24" max-version="28"/>
</dependencies>
<settings>
<admin>OCA\UserOIDC\Settings\AdminSettings</admin>
Expand Down
4 changes: 2 additions & 2 deletions composer.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
"bamarni/composer-bin-plugin": true
},
"platform": {
"php": "7.3"
"php": "7.4"
}
},
"scripts": {
Expand All @@ -30,7 +30,7 @@
},
"require": {
"id4me/id4me-rp": "^1.2",
"firebase/php-jwt": "^5.2",
"firebase/php-jwt": "^6.8.1",
"bamarni/composer-bin-plugin": "^1.4"
},
"require-dev": {
Expand Down
26 changes: 16 additions & 10 deletions composer.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions lib/Controller/LoginController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -416,7 +416,7 @@ public function code(string $state = '', string $code = '', string $scope = '',
$idTokenRaw = $data['id_token'];
$jwks = $this->discoveryService->obtainJWK($provider);
JWT::$leeway = 60;
$idTokenPayload = JWT::decode($idTokenRaw, $jwks, array_keys(JWT::$supported_algs));
$idTokenPayload = JWT::decode($idTokenRaw, $jwks);

$this->logger->debug('Parsed the JWT payload: ' . json_encode($idTokenPayload, JSON_THROW_ON_ERROR));

Expand Down Expand Up @@ -617,7 +617,7 @@ public function backChannelLogout(string $providerIdentifier, string $logout_tok
// decrypt the logout token
$jwks = $this->discoveryService->obtainJWK($provider);
JWT::$leeway = 60;
$logoutTokenPayload = JWT::decode($logout_token, $jwks, array_keys(JWT::$supported_algs));
$logoutTokenPayload = JWT::decode($logout_token, $jwks);

$this->logger->debug('Parsed the logout JWT payload: ' . json_encode($logoutTokenPayload, JSON_THROW_ON_ERROR));

Expand Down
2 changes: 1 addition & 1 deletion lib/User/Provisioning/SelfEncodedTokenProvisioning.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ public function __construct(ProvisioningService $provisioningService, DiscoveryS
public function provisionUser(Provider $provider, string $tokenUserId, string $bearerToken): ?IUser {
JWT::$leeway = 60;
try {
$payload = JWT::decode($bearerToken, $this->discoveryService->obtainJWK($provider), array_keys(JWT::$supported_algs));
$payload = JWT::decode($bearerToken, $this->discoveryService->obtainJWK($provider));
} catch (Throwable $e) {
$this->logger->error('Impossible to decode OIDC token:' . $e->getMessage());
return null;
Expand Down
2 changes: 1 addition & 1 deletion lib/User/Validator/SelfEncodedValidator.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ public function isValidBearerToken(Provider $provider, string $bearerToken): ?st
// try to decode the bearer token
JWT::$leeway = 60;
try {
$payload = JWT::decode($bearerToken, $this->discoveryService->obtainJWK($provider), array_keys(JWT::$supported_algs));
$payload = JWT::decode($bearerToken, $this->discoveryService->obtainJWK($provider));
} catch (Throwable $e) {
$this->logger->error('Impossible to decode OIDC token:' . $e->getMessage());
return null;
Expand Down

0 comments on commit f7b68dd

Please sign in to comment.