Handle claims conversion #171
Conversation
src/Token/Builder.php
Outdated
|
|
||
| private function formatClaims(array $claims): array | ||
| { | ||
| if (isset($claims[RegisteredClaims::AUDIENCE]) && count($claims[RegisteredClaims::AUDIENCE]) === 1) { |
There was a problem hiding this comment.
Please don't sneak in this optimisation here :-P
There was a problem hiding this comment.
Also, if you assume that it always is a packed array, simply use an isset() on index 0 and another one on index 1
There was a problem hiding this comment.
Yeah it's definitely better then count() in that case
src/Token/Builder.php
Outdated
| return $claims; | ||
| } | ||
|
|
||
| private function convertDate(DateTimeImmutable $date) |
There was a problem hiding this comment.
Return type declaration needed
There was a problem hiding this comment.
I see it's int|string. Can't it be float?
There was a problem hiding this comment.
Note that json_encode() does some trickery around floats, making them integers when no part is after the comma
There was a problem hiding this comment.
There was a problem hiding this comment.
I was with the old behaviour in my mind: https://3v4l.org/1Q7hh
Then when we convert it back to a DateTime we would have DateTimeImmutable::createFromFormat('U.u', '1487372450.0231') instead of DateTimeImmutable::createFromFormat('U.u', '1487372450.023126'), what could cause some weird errors.
There was a problem hiding this comment.
Ah, I see what you mean. If you can, you should cover the edge case you just mentioned in the test suite
There was a problem hiding this comment.
There was a problem hiding this comment.
But can be more explicit, ofc
src/Token/Builder.php
Outdated
| $seconds = $date->format('U'); | ||
| $microseconds = $date->format('u'); | ||
|
|
||
| return $microseconds === '000000' ? (int) $seconds : $seconds . '.' . $microseconds; |
There was a problem hiding this comment.
Big assumption on the number of decimal digits. Instead, use 0 === (int) $microseconds
There was a problem hiding this comment.
DateTimeInterface#format('u') always returns a 6 chars string. It can be compared to 0 though, there's no much difference
There was a problem hiding this comment.
Yeah, but nothing prevents the engine from making this 7 chars, or similar, in future versions. This code is very fragile
| return (array) $this->decoder->jsonDecode($this->decoder->base64UrlDecode($data)); | ||
| $claims = (array) $this->decoder->jsonDecode($this->decoder->base64UrlDecode($data)); | ||
|
|
||
| if (isset($claims[RegisteredClaims::AUDIENCE])) { |
There was a problem hiding this comment.
Note that casting null to (array) yields an empty array. I don't know if that's valid for $claims, but worth considering
There was a problem hiding this comment.
I don't want to set if it doesn't exist in the original token
src/Token/Parser.php
Outdated
| } | ||
|
|
||
| foreach (RegisteredClaims::DATE_CLAIMS as $claim) { | ||
| if (!isset($claims[$claim])) { |
There was a problem hiding this comment.
In order to use it I would also have to do an array_flip(RegisteredClaims::DATE_CLAIMS) (or an array_keys($claims) and use array_intersect() instead) not sure if will help us...
There was a problem hiding this comment.
Or define the constants in the keys ;-)
src/Token/Parser.php
Outdated
| $value .= '.0'; | ||
| } | ||
|
|
||
| return DateTimeImmutable::createFromFormat('U.u', $value); |
There was a problem hiding this comment.
I'd use two different expressions for when a microtime is set or not: this way you avoid overwriting $value
src/Token/RegisteredClaims.php
Outdated
| @@ -27,6 +27,8 @@ | |||
| self::SUBJECT | |||
| ]; | |||
|
|
|||
| const DATE_CLAIMS = [self::ISSUED_AT, self::NOT_BEFORE, self::EXPIRATION_TIME]; | |||
lcobucci
force-pushed
the
handle-claims-conversion
branch
from
31a7d7f to
f7f7c64
Compare
lcobucci
force-pushed
the
handle-claims-conversion
branch
from
f7f7c64 to
c74ef19
Compare
|
@Ocramius could you please review it again? |
lcobucci
force-pushed
the
handle-claims-conversion
branch
from
c74ef19 to
ee3669e
Compare
There're some weird stuff to improve @Ocramius (and I couldn't resist adding the last commit 😂).
Fixes #144
Fixes #43