From 9f5b66fd2da9120f3a7e71716d80c5d2a57d655d Mon Sep 17 00:00:00 2001 From: Ninos Ego Date: Sat, 25 May 2024 08:44:33 +0200 Subject: [PATCH] style(types): Strict types + phpdoc --- composer.json | 3 ++- src/JWT.php | 44 ++++++++++++++++++++------------------------ 2 files changed, 22 insertions(+), 25 deletions(-) diff --git a/composer.json b/composer.json index 816cfd0b..f390a019 100644 --- a/composer.json +++ b/composer.json @@ -20,7 +20,8 @@ ], "license": "BSD-3-Clause", "require": { - "php": "^8.0" + "php": "^8.0", + "ext-openssl": "*" }, "suggest": { "paragonie/sodium_compat": "Support EdDSA (Ed25519) signatures when libsodium is not present", diff --git a/src/JWT.php b/src/JWT.php index 1b8f68d6..86964abb 100644 --- a/src/JWT.php +++ b/src/JWT.php @@ -38,7 +38,7 @@ class JWT * * @var int */ - public static $leeway = 0; + public static int $leeway = 0; /** * Allow the current timestamp to be specified. @@ -47,12 +47,12 @@ class JWT * * @var ?int */ - public static $timestamp = null; + public static ?int $timestamp = null; /** * @var array */ - public static $supported_algs = [ + public static array $supported_algs = [ 'ES256' => ['openssl', 'SHA256'], 'ES256K' => ['openssl', 'SHA256'], 'ES384' => ['openssl', 'SHA384'], @@ -70,7 +70,7 @@ class JWT * Decodes a JWT string into a PHP object. * * @param string $jwt The JWT - * @param Key|ArrayAccess|array $keyOrKeyArray The Key or associative array of key IDs + * @param ArrayAccess|Key|array $keyOrKeyArray The Key or associative array of key IDs * (kid) to Key objects. * If the algorithm used is asymmetric, this is * the public key. @@ -79,7 +79,7 @@ class JWT * Supported algorithms are 'ES256', 'ES256K', 'ES384', 'ES512', * 'HS256', 'HS384', 'HS512', 'RS256', 'RS384' * and 'RS512'. - * @param stdClass $headers Optional. Populates stdClass with headers. + * @param stdClass|null $headers Optional. Populates stdClass with headers. * * @return stdClass The JWT's payload as a PHP object * @@ -95,9 +95,9 @@ class JWT * @uses urlsafeB64Decode */ public static function decode( - string $jwt, - $keyOrKeyArray, - stdClass &$headers = null + string $jwt, + array|Key|ArrayAccess $keyOrKeyArray, + stdClass &$headers = null ): stdClass { // Validate JWT $timestamp = \is_null(static::$timestamp) ? \time() : static::$timestamp; @@ -185,11 +185,11 @@ public static function decode( /** * Converts and signs a PHP array into a JWT string. * - * @param array $payload PHP array - * @param string|resource|OpenSSLAsymmetricKey|OpenSSLCertificate $key The secret key. + * @param array $payload PHP array + * @param string|array|OpenSSLAsymmetricKey|OpenSSLCertificate $key The secret key. * @param string $alg Supported algorithms are 'ES256', 'ES256K', 'ES384', 'ES512', * 'HS256', 'HS384', 'HS512', 'RS256', 'RS384', and 'RS512' - * @param string $keyId + * @param string|null $keyId * @param array $head An array with header elements to attach * * @return string A signed JWT @@ -199,7 +199,7 @@ public static function decode( */ public static function encode( array $payload, - $key, + string|array|OpenSSLAsymmetricKey|OpenSSLCertificate $key, string $alg, string $keyId = null, array $head = null @@ -227,7 +227,7 @@ public static function encode( * Sign a string with a given key and algorithm. * * @param string $msg The message to sign - * @param string|resource|OpenSSLAsymmetricKey|OpenSSLCertificate $key The secret key. + * @param string|array|OpenSSLAsymmetricKey|OpenSSLCertificate $key The secret key. * @param string $alg Supported algorithms are 'EdDSA', 'ES256', 'ES256K', 'ES384', 'ES512', * 'HS256', 'HS384', 'HS512', 'RS256', 'RS384', and 'RS512' * @@ -237,7 +237,7 @@ public static function encode( */ public static function sign( string $msg, - $key, + string|array|OpenSSLAsymmetricKey|OpenSSLCertificate $key, string $alg ): string { if (empty(static::$supported_algs[$alg])) { @@ -296,7 +296,7 @@ public static function sign( * * @param string $msg The original message (header and body) * @param string $signature The original signature - * @param string|resource|OpenSSLAsymmetricKey|OpenSSLCertificate $keyMaterial For Ed*, ES*, HS*, a string key works. for RS*, must be an instance of OpenSSLAsymmetricKey + * @param string|array|OpenSSLAsymmetricKey|OpenSSLCertificate $keyMaterial For Ed*, ES*, HS*, a string key works. for RS*, must be an instance of OpenSSLAsymmetricKey * @param string $alg The algorithm * * @return bool @@ -306,7 +306,7 @@ public static function sign( private static function verify( string $msg, string $signature, - $keyMaterial, + string|array|OpenSSLAsymmetricKey|OpenSSLCertificate $keyMaterial, string $alg ): bool { if (empty(static::$supported_algs[$alg])) { @@ -367,7 +367,7 @@ private static function verify( * * @throws DomainException Provided string was invalid JSON */ - public static function jsonDecode(string $input) + public static function jsonDecode(string $input): mixed { $obj = \json_decode($input, false, 512, JSON_BIGINT_AS_STRING); @@ -382,7 +382,7 @@ public static function jsonDecode(string $input) /** * Encode a PHP array into a JSON string. * - * @param array $input A PHP array + * @param array $input A PHP array * * @return string JSON representation of the PHP array * @@ -465,7 +465,7 @@ public static function urlsafeB64Encode(string $input): string * @return Key */ private static function getKey( - $keyOrKeyArray, + array|Key|ArrayAccess $keyOrKeyArray, ?string $kid ): Key { if ($keyOrKeyArray instanceof Key) { @@ -527,11 +527,7 @@ private static function handleJsonError(int $errno): void JSON_ERROR_SYNTAX => 'Syntax error, malformed JSON', JSON_ERROR_UTF8 => 'Malformed UTF-8 characters' //PHP >= 5.3.3 ]; - throw new DomainException( - isset($messages[$errno]) - ? $messages[$errno] - : 'Unknown JSON error: ' . $errno - ); + throw new DomainException($messages[$errno] ?? 'Unknown JSON error: ' . $errno); } /**