From 83b609028194aa042ea33b5af2d41a7427de80e6 Mon Sep 17 00:00:00 2001
From: Brent Shaffer <betterbrent@google.com>
Date: Mon, 8 Nov 2021 14:18:51 -0600
Subject: [PATCH] fix: phpdoc and exception (#371)

---
 src/JWT.php       | 17 ++++++++++++-----
 tests/JWTTest.php | 15 +++++++++++++++
 2 files changed, 27 insertions(+), 5 deletions(-)

diff --git a/src/JWT.php b/src/JWT.php
index f46e8372..ec1641bc 100644
--- a/src/JWT.php
+++ b/src/JWT.php
@@ -6,6 +6,7 @@
 use DomainException;
 use Exception;
 use InvalidArgumentException;
+use OpenSSLAsymmetricKey;
 use UnexpectedValueException;
 use DateTime;
 
@@ -59,7 +60,7 @@ class JWT
      * Decodes a JWT string into a PHP object.
      *
      * @param string                    $jwt            The JWT
-     * @param Key|array<Key>            $keyOrKeyArray  The Key or array of Key objects.
+     * @param Key|array<Key>|mixed      $keyOrKeyArray  The Key or array of Key objects.
      *                                                  If the algorithm used is asymmetric, this is the public key
      *                                                  Each Key object contains an algorithm and matching key.
      *                                                  Supported algorithms are 'ES384','ES256', 'HS256', 'HS384',
@@ -385,14 +386,20 @@ public static function urlsafeB64Encode($input)
     /**
      * Determine if an algorithm has been provided for each Key
      *
-     * @param string|array $keyOrKeyArray
+     * @param Key|array<Key>|mixed $keyOrKeyArray
      * @param string|null $kid
      *
-     * @return an array containing the keyMaterial and algorithm
+     * @throws UnexpectedValueException
+     *
+     * @return array containing the keyMaterial and algorithm
      */
     private static function getKeyMaterialAndAlgorithm($keyOrKeyArray, $kid = null)
     {
-        if (is_string($keyOrKeyArray)) {
+        if (
+            is_string($keyOrKeyArray)
+            || is_resource($keyOrKeyArray)
+            || $keyOrKeyArray instanceof OpenSSLAsymmetricKey
+        ) {
             return array($keyOrKeyArray, null);
         }
 
@@ -418,7 +425,7 @@ private static function getKeyMaterialAndAlgorithm($keyOrKeyArray, $kid = null)
         }
 
         throw new UnexpectedValueException(
-            '$keyOrKeyArray must be a string key, an array of string keys, '
+            '$keyOrKeyArray must be a string|resource key, an array of string|resource keys, '
             . 'an instance of Firebase\JWT\Key key or an array of Firebase\JWT\Key keys'
         );
     }
diff --git a/tests/JWTTest.php b/tests/JWTTest.php
index 63386d88..1c81c1ed 100644
--- a/tests/JWTTest.php
+++ b/tests/JWTTest.php
@@ -381,4 +381,19 @@ public function provideEncodeDecode()
             array(__DIR__ . '/ed25519-1.sec', __DIR__ . '/ed25519-1.pub', 'EdDSA'),
         );
     }
+
+    public function testEncodeDecodeWithResource()
+    {
+        $pem = file_get_contents(__DIR__ . '/rsa1-public.pub');
+        $resource = openssl_pkey_get_public($pem);
+        $privateKey = file_get_contents(__DIR__ . '/rsa1-private.pem');
+
+        $payload = array('foo' => 'bar');
+        $encoded = JWT::encode($payload, $privateKey, 'RS512');
+
+        // Verify decoding succeeds
+        $decoded = JWT::decode($encoded, $resource, array('RS512'));
+
+        $this->assertEquals('bar', $decoded->foo);
+    }
 }