minor #1214 Fix ci 3x (chalasr, Spomky)

This PR was merged into the 3.x branch.

Discussion
----------

Fix ci 3x

Base on #1201
/cc `@chalasr`

Commits
-------

cfd183d Fix CI 3.x and include Web Token package simplification
5372c93 Fix CI on 3.x

.github/workflows/web-token-ci.yml

@@ -48,12 +48,8 @@ jobs:
 
             - name: "Require web-token/*"
               run: |
-                composer require --dev --no-update web-token/jwt-bundle:"^3.0.6"
-                composer require --dev --no-update web-token/jwt-checker:"^3.0.6"
-                composer require --dev --no-update web-token/jwt-key-mgmt:"^3.0.6"
-                composer require --dev --no-update web-token/jwt-signature-algorithm-hmac:"^3.0.6"
-                composer require --dev --no-update web-token/jwt-encryption-algorithm-aesgcm:"^3.0.6"
-                composer require --dev --no-update web-token/jwt-encryption-algorithm-aesgcmkw:"^3.0.6"
+                  composer require --dev --no-update web-token/jwt-bundle:"^3.3.3"
+                  composer require --dev --no-update spomky-labs/aes-key-wrap:"^7.0"
 
             - name: "Install dependencies"
               run: "composer update ${{ matrix.composer-flags }} --prefer-dist --prefer-stable"

Command/MigrateConfigCommand.php

@@ -307,7 +307,6 @@ private function getKeySize(string $algorithm): int
             case 'HS512':
                 return 512;
             default:
-                dump($algorithm);
                 throw new \LogicException('Unsupported algorithm');
         }
     }

Resources/config/web_token_issuance.xml

@@ -11,9 +11,9 @@
             <argument type="service" id="Jose\Bundle\JoseFramework\Services\JWEBuilderFactory" on-invalid="null" />
             <argument /> <!-- Signature algorithm -->
             <argument /> <!-- Signature key -->
-            <argument on-invalid="null" /> <!-- Key encryption algorithm -->
-            <argument on-invalid="null" /> <!-- Content encryption algorithm -->
-            <argument on-invalid="null" /> <!-- Encryption key -->
+            <argument /> <!-- Key encryption algorithm -->
+            <argument /> <!-- Content encryption algorithm -->
+            <argument /> <!-- Encryption key -->
         </service>
     </services>
 </container>

Resources/config/web_token_verification.xml

@@ -15,9 +15,9 @@
             <argument type="collection" /> <!-- Allowed signature algorithms -->
             <argument /> <!-- Signature keyset -->
             <argument on-invalid="null" /> <!-- Continue on decryption failure -->
-            <argument type="collection" on-invalid="null" /> <!-- JWE header checkers -->
-            <argument type="collection" on-invalid="null" /> <!-- Allowed key encryption algorithms -->
-            <argument type="collection" on-invalid="null" /> <!-- Allowed content encryption algorithms -->
+            <argument type="collection" /> <!-- JWE header checkers -->
+            <argument type="collection" /> <!-- Allowed key encryption algorithms -->
+            <argument type="collection" /> <!-- Allowed content encryption algorithms -->
             <argument on-invalid="null" /> <!-- Encryption keyset -->
         </service>
         <service id="lexik_jwt_authentication.web_token.iat_validator" class="Jose\Component\Checker\IssuedAtChecker" public="false">

Resources/doc/10-web-token.rst

@@ -15,30 +15,7 @@ To enable this feature, you must install the following dependencies:
 
 .. code-block:: sh
 
-    composer require --no-update web-token/jwt-bundle web-token/jwt-checker web-token/jwt-key-mgmt
-
-    # Please choose one of the following packages. They add algorithms depending on your needs
-    # More details in the next section
-    composer require --no-update web-token/jwt-signature-algorithm-ecdsa:"^3.1.2"
-    composer require --no-update web-token/jwt-signature-algorithm-hmac:"^3.1.2"
-    composer require --no-update web-token/jwt-signature-algorithm-rsa:"^3.1.2"
-    composer require --no-update web-token/jwt-signature-algorithm-eddsa:"^3.1.2"
-
-
-    # If you want to encrypt the tokens, please pick at least
-    # * one key encryption algorithm package
-    # * one content encryption algorithm package
-    #
-    # // KEY ENCRYPTION ALGORITHM \\
-    composer require --no-update web-token/jwt-encryption-algorithm-rsa:"^3.1.2"
-    composer require --no-update web-token/jwt-encryption-algorithm-pbes2:"^3.1.2"
-    composer require --no-update web-token/jwt-encryption-algorithm-ecdh-es:"^3.1.2"
-    composer require --no-update web-token/jwt-encryption-algorithm-dir:"^3.1.2"
-    composer require --no-update web-token/jwt-encryption-algorithm-aeskw:"^3.1.2"
-    composer require --no-update web-token/jwt-encryption-algorithm-aesgcmkw:"^3.1.2"
-    # // CONTENT ENCRYPTION ALGORITHM \\
-    composer require --no-update web-token/jwt-encryption-algorithm-aesgcm:"^3.1.2"
-    composer require --no-update web-token/jwt-encryption-algorithm-aescbc:"^3.1.2"
+    composer require web-token/jwt-bundle
 
 ## About Algorithms
 

Services/WebToken/AccessTokenBuilder.php

@@ -67,7 +67,7 @@ public function __construct(
     ) {
         $this->jwsBuilder = $jwsBuilderFactory->create([$signatureAlgorithm]);
         if ($jweBuilderFactory !== null && $keyEncryptionAlgorithm !== null && $contentEncryptionAlgorithm !== null) {
-            $this->jweBuilder = $jweBuilderFactory->create([$keyEncryptionAlgorithm], [$contentEncryptionAlgorithm], []);
+            $this->jweBuilder = $jweBuilderFactory->create([$keyEncryptionAlgorithm, $contentEncryptionAlgorithm]);
         }
         $this->signatureKey = JWK::createFromJson($signatureKey);
         $this->encryptionKey = $encryptionKey ? JWK::createFromJson($encryptionKey) : null;

Services/WebToken/AccessTokenLoader.php

@@ -52,7 +52,7 @@ public function __construct(
     ) {
         $this->jwsLoader = $jwsLoaderFactory->create(['jws_compact'], $signatureAlgorithms, $jwsHeaderChecker);
         if ($jweLoaderFactory !== null && $keyEncryptionAlgorithms !== null && $contentEncryptionAlgorithms !== null && $jweHeaderChecker !== null) {
-            $this->jweLoader = $jweLoaderFactory->create(['jwe_compact'], $keyEncryptionAlgorithms, $contentEncryptionAlgorithms, [], $jweHeaderChecker);
+            $this->jweLoader = $jweLoaderFactory->create(['jwe_compact'], array_merge($keyEncryptionAlgorithms, $contentEncryptionAlgorithms), null, null, $jweHeaderChecker);
             $this->continueOnDecryptionFailure = $continueOnDecryptionFailure;
         }
         $this->signatureKeyset = JWKSet::createFromJson($signatureKeyset);

Tests/Functional/App/AppKernel.php → Tests/Functional/AppKernel.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace Lexik\Bundle\JWTAuthenticationBundle\Tests\Functional\App;
+namespace Lexik\Bundle\JWTAuthenticationBundle\Tests\Functional;
 
 use ApiPlatform\Symfony\Bundle\ApiPlatformBundle;
 use Jose\Bundle\JoseFramework\JoseFrameworkBundle;
@@ -19,11 +19,13 @@ class AppKernel extends Kernel
     private string $encoder;
     private string $userProvider;
     private $signatureAlgorithm;
+    private null|string $testCase;
 
-    public function __construct($environment, $debug)
+    public function __construct(string $environment, bool $debug, null|string $testCase = null)
     {
         parent::__construct($environment, $debug);
 
+        $this->testCase = $testCase;
         $this->encoder = getenv('ENCODER') ?: 'default';
         $this->userProvider = getenv('PROVIDER') ?: 'in_memory';
         $this->signatureAlgorithm = getenv('ALGORITHM');
@@ -93,7 +95,7 @@ public function registerContainerConfiguration(LoaderInterface $loader): void
         }
 
         $router = [
-            'resource' => '%kernel.root_dir%/config/routing.yml',
+            'resource' => '%kernel.project_dir%/Tests/Functional/config/routing.yml',
             'utf8' => true,
         ];
         if (class_exists(ApiPlatformBundle::class)) {
@@ -110,7 +112,7 @@ public function registerContainerConfiguration(LoaderInterface $loader): void
                         'password_path' => 'security.credentials.password',
                     ],
                 ]);
-                $router['resource'] = '%kernel.root_dir%/config/routing_api_platform.yml';
+                $router['resource'] = '%kernel.project_dir%/Tests/Functional/config/routing_api_platform.yml';
             });
         }
 
@@ -121,6 +123,10 @@ public function registerContainerConfiguration(LoaderInterface $loader): void
             ]);
         });
 
+        if ($this->testCase && file_exists(__DIR__ . '/config/' . $this->testCase . '/config.yml')) {
+            $loader->load(__DIR__ . '/config/' . $this->testCase . '/config.yml');
+        }
+
         $loader->load(__DIR__ . sprintf('/config/security_%s.yml', $this->userProvider));
 
         if ($this->signatureAlgorithm && file_exists($file = __DIR__ . sprintf('/config/config_%s_%s.yml', $this->encoder, strtolower($this->signatureAlgorithm)))) {
@@ -145,9 +151,5 @@ public function getEncoder()
     protected function build(ContainerBuilder $container): void
     {
         $container->register('logger', NullLogger::class);
-
-        if (!$container->hasParameter('kernel.root_dir')) {
-            $container->setParameter('kernel.root_dir', $this->getRootDir());
-        }
     }
 }

Tests/Functional/TestCase.php

@@ -4,6 +4,7 @@
 
 use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
 use Symfony\Component\Filesystem\Filesystem;
+use Symfony\Component\HttpKernel\KernelInterface;
 
 /**
  * TestCase.
@@ -12,6 +13,16 @@ abstract class TestCase extends WebTestCase
 {
     protected static $client;
 
+    /**
+     * {@inheritdoc}
+     */
+    protected static function createKernel(array $options = []): KernelInterface
+    {
+        require_once __DIR__ . '/AppKernel.php';
+
+        return new AppKernel('test', true, $options['test_case'] ?? null);
+    }
+
     protected static function createAuthenticatedClient($token = null)
     {
         $client = static::$client ?: static::createClient();

Tests/Functional/App/config/config_default.yml → Tests/Functional/config/config_default.yml

@@ -2,8 +2,8 @@ imports:
     - { resource: base_config.yml }
 
 lexik_jwt_authentication:
-    secret_key: '%kernel.root_dir%/../config/jwt/private.pem'
-    public_key: '%kernel.root_dir%/../config/jwt/public.pem'
+    secret_key: '%kernel.project_dir%/Tests/Functional/config/jwt/private.pem'
+    public_key: '%kernel.project_dir%/Tests/Functional/config/jwt/public.pem'
     pass_phrase: testing
     set_cookies:
         token:

Tests/Functional/app/config/config_lcobucci.yml → Tests/Functional/config/config_lcobucci.yml

@@ -2,7 +2,7 @@ imports:
     - { resource: base_config.yml }
 
 lexik_jwt_authentication:
-    secret_key: '%kernel.root_dir%/../config/jwt/private.pem'
+    secret_key: '%kernel.project_dir%/Tests/Functional/config/jwt/private.pem'
     pass_phrase: testing
     encoder:
         service: lexik_jwt_authentication.encoder.lcobucci

Tests/Functional/config/config_user_id_claim.yml

@@ -0,0 +1,8 @@
+imports:
+    - { resource: base_config.yml }
+
+lexik_jwt_authentication:
+    secret_key: '%kernel.project_dir%/Tests/Functional/config/jwt/private.pem'
+    public_key: '%kernel.project_dir%/Tests/Functional/config/jwt/public.pem'
+    pass_phrase: testing
+    user_id_claim: 'sub'

ecs.php

@@ -9,17 +9,17 @@
 use Symplify\EasyCodingStandard\ValueObject\Set\SetList;
 
 return static function (ECSConfig $config): void {
-    $config->sets([SetList::PSR_12, ]);
+    $config->sets([SetList::PSR_12]);
     $config->rule(OrderedImportsFixer::class);
     $config->ruleWithConfiguration(ArraySyntaxFixer::class, [
         'syntax' => 'short',
     ]);
-    $config->services()->remove(PhpdocScalarFixer::class);
 
     $config->parallel();
     $config->paths([__DIR__]);
     $config->skip([
         __DIR__ . '/.github',
         __DIR__ . '/vendor',
+        PhpdocScalarFixer::class
     ]);
 };

phpunit.xml.dist

@@ -13,8 +13,8 @@
 
     <php>
         <ini name="error_reporting" value="-1" />
-        <server name="KERNEL_CLASS" value="Lexik\Bundle\JWTAuthenticationBundle\Tests\Functional\App\AppKernel" />
-        <server name="APP_ENV" value="test" force="true" />
+        <server name="KERNEL_CLASS" value="Lexik\Bundle\JWTAuthenticationBundle\Tests\Functional\AppKernel" />
+        <server name="APP_ENV" value="test"  force="true" />
         <server name="APP_DEBUG" value="true" force="true" />
         <server name="SHELL_VERBOSITY" value="-1" />
         <server name="SYMFONY_PHPUNIT_REMOVE" value="" />