Ensure compatibility with new token namespace

roave-bc-check.yaml

@@ -1,3 +1,5 @@
 parameters:
   ignoreErrors:
+    - '#\[BC\] CHANGED: The parameter \$headers of Lcobucci\\JWT\\Token\#__construct\(\) changed from array to no type#' # BC checker doesn't check doc blocks
+    - '#\[BC\] CHANGED: The parameter \$claims of Lcobucci\\JWT\\Token\#__construct\(\) changed from array to no type#' # BC checker doesn't check doc blocks
     - '#\[BC\] CHANGED: Default parameter value for for parameter \$passphrase#'

src/Builder.php

@@ -11,6 +11,7 @@
 use Lcobucci\JWT\Claim\Factory as ClaimFactory;
 use Lcobucci\JWT\Parsing\Encoder;
 use Lcobucci\JWT\Signer\Key;
+use Lcobucci\JWT\Token\DataSet;
 use Lcobucci\JWT\Token\RegisteredClaimGiven;
 use Lcobucci\JWT\Token\RegisteredClaims;
 
@@ -486,12 +487,15 @@ public function getToken(Signer $signer = null, Key $key = null)
         ];
 
         $signature = $this->createSignature($payload, $signer, $key);
-
-        if ($signature !== null) {
-            $payload[] = $this->encoder->base64UrlEncode($signature);
-        }
-
-        return new Token($this->headers, $this->claims, $signature, $payload, $this->claimFactory);
+        $payload[] = $signature->toString();
+
+        return new Token(
+            new DataSet($this->headers, $payload[0]),
+            new DataSet($this->claims, $payload[1]),
+            $signature,
+            $payload,
+            $this->claimFactory
+        );
     }
 
     /**
@@ -515,14 +519,16 @@ private function convertDatesToInt(array $items)
     /**
      * @param string[] $payload
      *
-     * @return Signature|null
+     * @return Signature
      */
     private function createSignature(array $payload, Signer $signer = null, Key $key = null)
     {
         if ($signer === null || $key === null) {
-            return null;
+            return Signature::fromEmptyData();
         }
 
-        return $signer->sign(implode('.', $payload), $key);
+        $hash = $signer->sign(implode('.', $payload), $key)->hash();
+
+        return new Signature($hash, $this->encoder->base64UrlEncode($hash));
     }
 }

src/Parser.php

@@ -11,6 +11,7 @@
 use InvalidArgumentException;
 use Lcobucci\JWT\Claim\Factory as ClaimFactory;
 use Lcobucci\JWT\Parsing\Decoder;
+use Lcobucci\JWT\Token\DataSet;
 use Lcobucci\JWT\Token\InvalidTokenStructure;
 use Lcobucci\JWT\Token\RegisteredClaims;
 use Lcobucci\JWT\Token\UnsupportedHeaderFound;
@@ -69,7 +70,12 @@ public function parse($jwt)
             unset($data[2]);
         }
 
-        return new Token($header, $claims, $signature, $data);
+        return new Token(
+            new DataSet($header, $data[0]),
+            new DataSet($claims, $data[1]),
+            $signature,
+            $data
+        );
     }
 
     /**
@@ -159,11 +165,11 @@ private function convertToDateObjects(array $items)
     protected function parseSignature(array $header, $data)
     {
         if ($data == '' || !isset($header['alg']) || $header['alg'] == 'none') {
-            return null;
+            return Signature::fromEmptyData();
         }
 
         $hash = $this->decoder->base64UrlDecode($data);
 
-        return new Signature($hash);
+        return new Signature($hash, $data);
     }
 }

src/Signature.php

@@ -24,14 +24,25 @@ class Signature
      */
     protected $hash;
 
+    /** @var string */
+    private $encoded;
+
     /**
      * Initializes the object
      *
      * @param string $hash
+     * @param string $encoded
      */
-    public function __construct($hash)
+    public function __construct($hash, $encoded = '')
+    {
+        $this->hash    = $hash;
+        $this->encoded = $encoded;
+    }
+
+    /** @return self */
+    public static function fromEmptyData()
     {
-        $this->hash = $hash;
+        return new self('', '');
     }
 
     /**
@@ -52,10 +63,25 @@ public function verify(Signer $signer, $payload, $key)
     /**
      * Returns the current hash as a string representation of the signature
      *
+     * @deprecated This method has been removed from the public API in v4
+     * @see Signature::hash()
+     *
      * @return string
      */
     public function __toString()
     {
         return $this->hash;
     }
+
+    /** @return string */
+    public function hash()
+    {
+        return $this->hash;
+    }
+
+    /** @return string */
+    public function toString()
+    {
+        return $this->encoded;
+    }
 }

src/Token.php

@@ -7,8 +7,6 @@
 
 namespace Lcobucci\JWT;
 
-use BadMethodCallException;
-use DateTime;
 use DateTimeImmutable;
 use DateTimeInterface;
 use Generator;
@@ -19,7 +17,6 @@
 use Lcobucci\JWT\Token\RegisteredClaims;
 use OutOfBoundsException;
 use function func_num_args;
-use function implode;
 use function in_array;
 use function sprintf;
 
@@ -51,17 +48,10 @@ class Token
     /**
      * The token signature
      *
-     * @var Signature|null
+     * @var Signature
      */
     private $signature;
 
-    /**
-     * The encoded data
-     *
-     * @var array
-     */
-    private $payload;
-
     /**
      * @internal This serves just as compatibility layer
      *
@@ -72,26 +62,38 @@ class Token
     /**
      * Initializes the object
      *
-     * @param array $headers
-     * @param array $claims
-     * @param array $payload
+     * @param array|DataSet $headers
+     * @param array|DataSet $claims
      * @param Signature|null $signature
+     * @param array $payload
      * @param Factory|null $claimFactory
      */
     public function __construct(
-        array $headers = ['alg' => 'none'],
-        array $claims = [],
+        $headers = ['alg' => 'none'],
+        $claims = [],
         Signature $signature = null,
         array $payload = ['', ''],
         Factory $claimFactory = null
     ) {
-        $this->headers = new DataSet($headers, $payload[0]);
-        $this->claims = new DataSet($claims, $payload[1]);
-        $this->signature = $signature;
-        $this->payload = $payload;
+        $this->headers = $this->convertToDataSet($headers, $payload[0]);
+        $this->claims = $this->convertToDataSet($claims, $payload[1]);
+        $this->signature = $signature ?: Signature::fromEmptyData();
         $this->claimFactory = $claimFactory ?: new Factory();
     }
 
+    /**
+     * @param array|DataSet $data
+     * @param string $payload
+     */
+    private function convertToDataSet($data, $payload)
+    {
+        if ($data instanceof DataSet) {
+            return $data;
+        }
+
+        return new DataSet($data, $payload);
+    }
+
     /** @return DataSet */
     public function headers()
     {
@@ -251,15 +253,9 @@ public function getClaim($name, $default = null)
      * @param Key|string $key
      *
      * @return boolean
-     *
-     * @throws BadMethodCallException When token is not signed
      */
     public function verify(Signer $signer, $key)
     {
-        if ($this->signature === null) {
-            throw new BadMethodCallException('This token is not signed');
-        }
-
         if ($this->headers->get('alg') !== $signer->getAlgorithmId()) {
             return false;
         }
@@ -387,10 +383,11 @@ private function getValidatableClaims()
      */
     public function getPayload()
     {
-        return $this->payload[0] . '.' . $this->payload[1];
+        return $this->headers->toString() . '.'
+             . $this->claims->toString();
     }
 
-    /** @return Signature|null */
+    /** @return Signature */
     public function signature()
     {
         return $this->signature;
@@ -412,12 +409,8 @@ public function __toString()
     /** @return string */
     public function toString()
     {
-        $data = implode('.', $this->payload);
-
-        if ($this->signature === null) {
-            $data .= '.';
-        }
-
-        return $data;
+        return $this->headers->toString() . '.'
+             . $this->claims->toString() . '.'
+             . $this->signature->toString();
     }
 }

src/Token/Plain.php

@@ -0,0 +1,8 @@
+<?php
+
+namespace Lcobucci\JWT\Token;
+
+use Lcobucci\JWT\Token;
+use function class_alias;
+
+class_alias(Token::class, Plain::class);

src/Token/Signature.php

@@ -0,0 +1,8 @@
+<?php
+
+namespace Lcobucci\JWT\Token;
+
+use Lcobucci\JWT\Signature as SignatureImpl;
+use function class_alias;
+
+class_alias(SignatureImpl::class, Signature::class);

test/functional/CompatibilityLayerTest.php

@@ -3,19 +3,23 @@
 namespace Lcobucci\JWT\FunctionalTests;
 
 use DateTimeImmutable;
-use Lcobucci\JWT\Builder;
+use Lcobucci\JWT\Configuration;
 use Lcobucci\JWT\Keys;
-use Lcobucci\JWT\Parser;
 use Lcobucci\JWT\Signer\Hmac\Sha256 as HmacSha256;
 use Lcobucci\JWT\Signer\Key;
 use Lcobucci\JWT\Signer\Rsa\Sha256;
+use Lcobucci\JWT\Token\DataSet;
+use Lcobucci\JWT\Token\Plain;
+use Lcobucci\JWT\Token\Signature;
+use Lcobucci\JWT\Validation\Constraint\SignedWith;
 use PHPUnit\Framework\TestCase;
 
 use function base64_encode;
 use function time;
 
 /**
  * @covers \Lcobucci\JWT\Builder
+ * @covers \Lcobucci\JWT\Configuration
  * @covers \Lcobucci\JWT\Claim\Factory
  * @covers \Lcobucci\JWT\Claim\Basic
  * @covers \Lcobucci\JWT\Parser
@@ -33,29 +37,45 @@
  * @covers \Lcobucci\JWT\Signature
  * @covers \Lcobucci\JWT\Token
  * @covers \Lcobucci\JWT\Token\DataSet
+ * @covers \Lcobucci\JWT\Validation\Validator
+ * @covers \Lcobucci\JWT\Validation\Constraint\SignedWith
  */
 final class CompatibilityLayerTest extends TestCase
 {
     use Keys;
 
+    /** @test */
+    public function tokenCanBeInstantiatedInTheNewNamespace()
+    {
+        $token = new Plain(
+            new DataSet(['typ' => 'JWT', 'alg' => 'none'], ''),
+            new DataSet([], ''),
+            Signature::fromEmptyData()
+        );
+
+        self::assertSame('JWT', $token->headers()->get('typ'));
+    }
+
     /** @test */
     public function registeredDateClaimsShouldBeConvertedToDateObjects()
     {
         $now = time();
 
-        $token = (new Builder())
+        $config = Configuration::forSymmetricSigner(new HmacSha256(), Key\InMemory::plainText('testing'));
+
+        $token = $config->builder()
             ->issuedAt($now)
             ->canOnlyBeUsedAfter($now + 5)
             ->expiresAt($now + 3600)
-            ->getToken(new HmacSha256(), Key\InMemory::plainText('testing'));
+            ->getToken($config->signer(), $config->signingKey());
 
         $expectedNow = new DateTimeImmutable('@' . $now);
 
         self::assertEquals($expectedNow, $token->claims()->get('iat'));
         self::assertEquals($expectedNow->modify('+5 seconds'), $token->claims()->get('nbf'));
         self::assertEquals($expectedNow->modify('+1 hour'), $token->claims()->get('exp'));
 
-        $token2 = (new Parser())->parse($token->toString());
+        $token2 = $config->parser()->parse($token->toString());
 
         self::assertEquals($expectedNow, $token2->claims()->get('iat'));
         self::assertEquals($expectedNow->modify('+5 seconds'), $token2->claims()->get('nbf'));
@@ -71,14 +91,15 @@ public function registeredDateClaimsShouldBeConvertedToDateObjects()
      */
     public function tokenCanBeBuiltWithNewKeyObjects(Key $key)
     {
-        $signer = new Sha256();
+        $config = Configuration::forAsymmetricSigner(new Sha256(), $key, self::$rsaKeys['public']);
+        $config->setValidationConstraints(new SignedWith($config->signer(), $config->verificationKey()));
 
-        $token = (new Builder())
+        $token = $config->builder()
             ->issuedBy('me')
             ->relatedTo('user123')
-            ->getToken($signer, $key);
+            ->getToken($config->signer(), $config->signingKey());
 
-        self::assertTrue($token->verify($signer, self::$rsaKeys['public']));
+        self::assertTrue($config->validator()->validate($token, ...$config->validationConstraints()));
     }
 
     public function possibleKeys()