Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: JWT Authenticator #195

Merged
merged 101 commits into from
Apr 21, 2023
Merged

feat: JWT Authenticator #195

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
101 commits
Select commit Hold shift + click to select a range
7716ee0
chore: add firebase/php-jwt
kenjis May 31, 2022
9ec8cc7
feat: add Authenticators\JWT
kenjis Jun 1, 2022
0c8bdc7
feat: add Filters\JWTAuth
kenjis Jun 1, 2022
7a95425
feat: remove `Bearer` in token at the first time
kenjis Jun 1, 2022
3ce9ed9
config: fix typo
kenjis Jun 2, 2022
62404b5
refactor: rename classname
kenjis Jun 2, 2022
adbc5e5
refactor: combine JWT interfaces into one
kenjis Jun 2, 2022
99f71d5
style: remove line breaks
kenjis Jun 2, 2022
62355e6
refactor: rename propery name
kenjis Jun 2, 2022
79b9be3
refactor: rename property names
kenjis Jun 2, 2022
55255cc
feat: add JWTGenerator::generate()
kenjis Jun 2, 2022
39c3cd4
feat: update logout() return type
kenjis Jun 3, 2022
f23f51f
feat: change JWTAdapterInterface::decode() signature
kenjis Jun 3, 2022
d0d52ed
fix: broken test
kenjis Jun 3, 2022
1bd81ca
feat: change Config\Auth::jwtConfig
kenjis Jun 3, 2022
1dd31e4
docs: remove @phpstan-ignore-line
kenjis Aug 31, 2022
dab58b6
fix: add logic to check if $request is IncomingRequest
kenjis Aug 31, 2022
ded0ae7
refactor: composer cs-fix
kenjis Aug 31, 2022
da7f887
fix: $userAgent type
kenjis Aug 31, 2022
965df73
refactor: run rector
kenjis Aug 31, 2022
02a17bf
refactor: create AuthJWT config file
kenjis Oct 21, 2022
7a8278c
refactor: change config array to class properties
kenjis Oct 21, 2022
61228d6
refactor: remove unneeded auth helper loading
kenjis Oct 21, 2022
adf04e3
feat: you can configure whether to record login attempts
kenjis Oct 21, 2022
9c3346c
refactor: move JWT authenticatorHeader setting to Config\AuthJWT
kenjis Oct 21, 2022
a98936e
chore: update php-jwt to ^6.4
kenjis Apr 13, 2023
58f5e79
docs: fix @return type
kenjis Apr 13, 2023
1257532
config: remove "aud" in $claims
kenjis Apr 14, 2023
5e3eb43
docs: add docs
kenjis Apr 14, 2023
2230319
docs: fix @param
kenjis Apr 14, 2023
0575a53
fix: when generating JWT, the real current time is not used for "iat"
kenjis Apr 14, 2023
a85374d
feat: change $claims to $defaultClaims, and all generated JWTs have t…
kenjis Apr 16, 2023
5b828d7
feat: change $secretKey to $keys and set $algorithm in them
kenjis Apr 16, 2023
3849c6f
refactor: use ::class in config()
kenjis Apr 16, 2023
ac23566
feat: change JWTGenerator::generate() signature
kenjis Apr 16, 2023
dde79d8
docs: add PHPDoc
kenjis Apr 16, 2023
a66123c
refactor: remove unused `use`
kenjis Apr 16, 2023
91b14ff
fix: JWTAdapterInterface APIs
kenjis Apr 16, 2023
a6e3ac7
feat: use multiple keys for docoding JWT
kenjis Apr 16, 2023
3d1b334
docs: remove out of dated comment
kenjis Apr 16, 2023
fce67b7
test: add test for specifiying key to decodeJWT()
kenjis Apr 16, 2023
c58ac36
test: fix incorrect tests
kenjis Apr 16, 2023
a37ef77
refactor: change JWTAdapterInterface method name
kenjis Apr 16, 2023
af50ece
docs: add @return
kenjis Apr 16, 2023
73a1d4d
feat: add parameters to JWTGenerator::generateAccessToken()
kenjis Apr 16, 2023
a93f254
docs: small fixes
kenjis Apr 16, 2023
c041d85
feat: support Asymmetric Key
kenjis Apr 16, 2023
f043dad
chore: add ext-openssl to suggest
kenjis Apr 16, 2023
6a8efe6
refactor: change folder structure
kenjis Apr 16, 2023
f71eaa0
refactor: rename $key to $keyset
kenjis Apr 17, 2023
340b144
refactor: rename JWT to JWS in classnames
kenjis Apr 17, 2023
cb1b227
refactor: move JWSGenerator up
kenjis Apr 17, 2023
0c9fc38
refactor: update peremeter/property name
kenjis Apr 17, 2023
79dbac2
refactor: rename JWSGenerator to JWTManager
kenjis Apr 17, 2023
b9fdc66
refactor: extract JWSEncoder class
kenjis Apr 17, 2023
d3cf816
feat: add JWSDecoder
kenjis Apr 17, 2023
7ab3021
feat: add JWTManager::decode()
kenjis Apr 17, 2023
07c346b
refactor: JWT uses JWTManager
kenjis Apr 17, 2023
fd080bf
test: extract method
kenjis Apr 17, 2023
15f11df
fix: add missing keyset argument
kenjis Apr 17, 2023
08dadcc
refactor: change JWTManager method names
kenjis Apr 17, 2023
9e85269
docs: fix doc comment
kenjis Apr 17, 2023
d2cfe31
docs: add "Signed"
kenjis Apr 17, 2023
3ba4dfd
docs: format the comments in the Config file
kenjis Apr 17, 2023
695b0e4
feat: add jwtmanager service and use it
kenjis Apr 17, 2023
f293a49
docs: add setup instruction
kenjis Apr 17, 2023
cb6f92b
fix: add missing argument for lang message
kenjis Apr 17, 2023
7b727af
docs: use service('jwtmanager')
kenjis Apr 17, 2023
cb35a17
fix: change private to protected for properties
kenjis Apr 17, 2023
e8c0e45
docs: change variable names
kenjis Apr 17, 2023
61f06fa
refactor: add comment for each exception
kenjis Apr 18, 2023
2dc1252
feat: improve Exception handling for FirebaseAdapter
kenjis Apr 18, 2023
399ab22
refactor: extract method
kenjis Apr 18, 2023
c9fd280
refactor: early return
kenjis Apr 18, 2023
58eb3dd
refactor: rename generateAccessToken() to generateToken()
kenjis Apr 18, 2023
e824303
refactor: change parameter order
kenjis Apr 18, 2023
2b4d959
docs: add explanation for JWT and terms
kenjis Apr 18, 2023
aa0147d
docs: fix coding style
kenjis Apr 18, 2023
ff1d04a
fix: missing try
kenjis Apr 18, 2023
cfb6263
fix: add missing try/catch
kenjis Apr 18, 2023
9004082
refactor: extract method
kenjis Apr 18, 2023
48f3a51
test: add test for encode
kenjis Apr 18, 2023
9179d8c
refactor: update variable name
kenjis Apr 18, 2023
1acb449
refactor: by rector
kenjis Apr 18, 2023
168aaef
docs: add sample login controller and filter settings
kenjis Apr 18, 2023
ce3e0d0
docs: add sample commands by curl
kenjis Apr 18, 2023
565e81c
refactor: remove `static` from JWSAdapterInterface.php
kenjis Apr 18, 2023
04d6645
refactor: use class constants for exception code
kenjis Apr 19, 2023
47546bb
test: update test method names
kenjis Apr 19, 2023
64b6f00
docs: improve explanation
kenjis Apr 19, 2023
2845356
docs: fix ambiguous descriptions
kenjis Apr 19, 2023
a3efa82
docs: split code block
kenjis Apr 20, 2023
4aa454c
docs: remove spaces at the end of lines
kenjis Apr 20, 2023
63a6fdf
docs: add declare(strict_types=1) to controller
kenjis Apr 20, 2023
37d8c71
docs: fix sample controller code
kenjis Apr 21, 2023
54ee18b
docs: add @TODO in sample code
kenjis Apr 21, 2023
6bf2eef
lang: add translations
kenjis Apr 21, 2023
3117c17
feat: do not login banned users
kenjis Apr 21, 2023
72047b7
docs: use JSON request
kenjis Apr 21, 2023
dcbdb28
config: comment out jwt authenticator
kenjis Apr 21, 2023
1b9fdf9
docs: add JWT in README
kenjis Apr 21, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 12 additions & 3 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,20 +15,29 @@ The primary goals for Shield are:

## Authentication Methods

Shield provides two primary methods of authentication out of the box:
Shield provides two primary methods **Session-based** and **Personal Access Codes**
of authentication out of the box.

**Session-based**
It also provides **JSON Web Tokens** authentication.

### Session-based

This is your typical email/username/password system you see everywhere. It includes a secure "remember me" functionality.
This can be used for standard web applications, as well as for single page applications. Includes full controllers and
basic views for all standard functionality, like registration, login, forgot password, etc.

**Personal Access Codes**
### Personal Access Codes

These are much like the access codes that GitHub uses, where they are unique to a single user, and a single user
can have more than one. This can be used for API authentication of third-party users, and even for allowing
access for a mobile application that you build.

### JSON Web Tokens

JWT or JSON Web Token is a compact and self-contained way of securely transmitting
information between parties as a JSON object. It is commonly used for authentication
and authorization purposes in web applications.

## Some Important Features

* Session-based authentication (traditional email/password with remember me)
Expand Down
6 changes: 4 additions & 2 deletions composer.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,13 +25,15 @@
"codeigniter4/devkit": "^1.0",
"codeigniter4/framework": "^4.2.7",
"mikey179/vfsstream": "^1.6.7",
"mockery/mockery": "^1.0"
"mockery/mockery": "^1.0",
"firebase/php-jwt": "^6.4"
},
"provide": {
"codeigniter4/authentication-implementation": "1.0"
},
"suggest": {
"ext-curl": "Required to use the password validation rule via PwnedValidator class."
"ext-curl": "Required to use the password validation rule via PwnedValidator class.",
"ext-openssl": "Required to use the JWT Authenticator."
},
"minimum-stability": "dev",
"prefer-stable": true,
Expand Down
Loading