Skip to content

Commit d23c5f4

Browse files
bshafferbshaffer
authored
chore!: make the alg argument required (#377)
1 parent 070b74d commit d23c5f4

File tree

2 files changed

+22
-22
lines changed

2 files changed

+22
-22
lines changed

src/JWT.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -167,7 +167,7 @@ public static function decode($jwt, $keyOrKeyArray)
167167
* @uses jsonEncode
168168
* @uses urlsafeB64Encode
169169
*/
170-
public static function encode($payload, $key, $alg = 'HS256', $keyId = null, $head = null)
170+
public static function encode($payload, $key, $alg, $keyId = null, $head = null)
171171
{
172172
$header = array('typ' => 'JWT', 'alg' => $alg);
173173
if ($keyId !== null) {
@@ -200,7 +200,7 @@ public static function encode($payload, $key, $alg = 'HS256', $keyId = null, $he
200200
*
201201
* @throws DomainException Unsupported algorithm or bad key was specified
202202
*/
203-
public static function sign($msg, $key, $alg = 'HS256')
203+
public static function sign($msg, $key, $alg)
204204
{
205205
if (empty(static::$supported_algs[$alg])) {
206206
throw new DomainException('Algorithm not supported');

tests/JWTTest.php

Lines changed: 20 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -30,14 +30,14 @@ public function testDecodeFromPython()
3030

3131
public function testUrlSafeCharacters()
3232
{
33-
$encoded = JWT::encode('f?', 'a');
33+
$encoded = JWT::encode('f?', 'a', 'HS256');
3434
$this->assertEquals('f?', JWT::decode($encoded, new Key('a', 'HS256')));
3535
}
3636

3737
public function testMalformedUtf8StringsFail()
3838
{
3939
$this->setExpectedException('DomainException');
40-
JWT::encode(pack('c', 128), 'a');
40+
JWT::encode(pack('c', 128), 'a', 'HS256');
4141
}
4242

4343
public function testMalformedJsonThrowsException()
@@ -52,7 +52,7 @@ public function testExpiredToken()
5252
$payload = array(
5353
"message" => "abc",
5454
"exp" => time() - 20); // time in the past
55-
$encoded = JWT::encode($payload, 'my_key');
55+
$encoded = JWT::encode($payload, 'my_key', 'HS256');
5656
JWT::decode($encoded, new Key('my_key', 'HS256'));
5757
}
5858

@@ -62,7 +62,7 @@ public function testBeforeValidTokenWithNbf()
6262
$payload = array(
6363
"message" => "abc",
6464
"nbf" => time() + 20); // time in the future
65-
$encoded = JWT::encode($payload, 'my_key');
65+
$encoded = JWT::encode($payload, 'my_key', 'HS256');
6666
JWT::decode($encoded, new Key('my_key', 'HS256'));
6767
}
6868

@@ -72,7 +72,7 @@ public function testBeforeValidTokenWithIat()
7272
$payload = array(
7373
"message" => "abc",
7474
"iat" => time() + 20); // time in the future
75-
$encoded = JWT::encode($payload, 'my_key');
75+
$encoded = JWT::encode($payload, 'my_key', 'HS256');
7676
JWT::decode($encoded, new Key('my_key', 'HS256'));
7777
}
7878

@@ -81,7 +81,7 @@ public function testValidToken()
8181
$payload = array(
8282
"message" => "abc",
8383
"exp" => time() + JWT::$leeway + 20); // time in the future
84-
$encoded = JWT::encode($payload, 'my_key');
84+
$encoded = JWT::encode($payload, 'my_key', 'HS256');
8585
$decoded = JWT::decode($encoded, new Key('my_key', 'HS256'));
8686
$this->assertEquals($decoded->message, 'abc');
8787
}
@@ -92,7 +92,7 @@ public function testValidTokenWithLeeway()
9292
$payload = array(
9393
"message" => "abc",
9494
"exp" => time() - 20); // time in the past
95-
$encoded = JWT::encode($payload, 'my_key');
95+
$encoded = JWT::encode($payload, 'my_key', 'HS256');
9696
$decoded = JWT::decode($encoded, new Key('my_key', 'HS256'));
9797
$this->assertEquals($decoded->message, 'abc');
9898
JWT::$leeway = 0;
@@ -105,7 +105,7 @@ public function testExpiredTokenWithLeeway()
105105
"message" => "abc",
106106
"exp" => time() - 70); // time far in the past
107107
$this->setExpectedException('Firebase\JWT\ExpiredException');
108-
$encoded = JWT::encode($payload, 'my_key');
108+
$encoded = JWT::encode($payload, 'my_key', 'HS256');
109109
$decoded = JWT::decode($encoded, new Key('my_key', 'HS256'));
110110
$this->assertEquals($decoded->message, 'abc');
111111
JWT::$leeway = 0;
@@ -118,7 +118,7 @@ public function testValidTokenWithNbf()
118118
"iat" => time(),
119119
"exp" => time() + 20, // time in the future
120120
"nbf" => time() - 20);
121-
$encoded = JWT::encode($payload, 'my_key');
121+
$encoded = JWT::encode($payload, 'my_key', 'HS256');
122122
$decoded = JWT::decode($encoded, new Key('my_key', 'HS256'));
123123
$this->assertEquals($decoded->message, 'abc');
124124
}
@@ -129,7 +129,7 @@ public function testValidTokenWithNbfLeeway()
129129
$payload = array(
130130
"message" => "abc",
131131
"nbf" => time() + 20); // not before in near (leeway) future
132-
$encoded = JWT::encode($payload, 'my_key');
132+
$encoded = JWT::encode($payload, 'my_key', 'HS256');
133133
$decoded = JWT::decode($encoded, new Key('my_key', 'HS256'));
134134
$this->assertEquals($decoded->message, 'abc');
135135
JWT::$leeway = 0;
@@ -141,7 +141,7 @@ public function testInvalidTokenWithNbfLeeway()
141141
$payload = array(
142142
"message" => "abc",
143143
"nbf" => time() + 65); // not before too far in future
144-
$encoded = JWT::encode($payload, 'my_key');
144+
$encoded = JWT::encode($payload, 'my_key', 'HS256');
145145
$this->setExpectedException('Firebase\JWT\BeforeValidException');
146146
JWT::decode($encoded, new Key('my_key', 'HS256'));
147147
JWT::$leeway = 0;
@@ -153,7 +153,7 @@ public function testValidTokenWithIatLeeway()
153153
$payload = array(
154154
"message" => "abc",
155155
"iat" => time() + 20); // issued in near (leeway) future
156-
$encoded = JWT::encode($payload, 'my_key');
156+
$encoded = JWT::encode($payload, 'my_key', 'HS256');
157157
$decoded = JWT::decode($encoded, new Key('my_key', 'HS256'));
158158
$this->assertEquals($decoded->message, 'abc');
159159
JWT::$leeway = 0;
@@ -165,7 +165,7 @@ public function testInvalidTokenWithIatLeeway()
165165
$payload = array(
166166
"message" => "abc",
167167
"iat" => time() + 65); // issued too far in future
168-
$encoded = JWT::encode($payload, 'my_key');
168+
$encoded = JWT::encode($payload, 'my_key', 'HS256');
169169
$this->setExpectedException('Firebase\JWT\BeforeValidException');
170170
JWT::decode($encoded, new Key('my_key', 'HS256'));
171171
JWT::$leeway = 0;
@@ -176,7 +176,7 @@ public function testInvalidToken()
176176
$payload = array(
177177
"message" => "abc",
178178
"exp" => time() + 20); // time in the future
179-
$encoded = JWT::encode($payload, 'my_key');
179+
$encoded = JWT::encode($payload, 'my_key', 'HS256');
180180
$this->setExpectedException('Firebase\JWT\SignatureInvalidException');
181181
JWT::decode($encoded, new Key('my_key2', 'HS256'));
182182
}
@@ -186,7 +186,7 @@ public function testNullKeyFails()
186186
$payload = array(
187187
"message" => "abc",
188188
"exp" => time() + JWT::$leeway + 20); // time in the future
189-
$encoded = JWT::encode($payload, 'my_key');
189+
$encoded = JWT::encode($payload, 'my_key', 'HS256');
190190
$this->setExpectedException('InvalidArgumentException');
191191
JWT::decode($encoded, new Key(null, 'HS256'));
192192
}
@@ -196,7 +196,7 @@ public function testEmptyKeyFails()
196196
$payload = array(
197197
"message" => "abc",
198198
"exp" => time() + JWT::$leeway + 20); // time in the future
199-
$encoded = JWT::encode($payload, 'my_key');
199+
$encoded = JWT::encode($payload, 'my_key', 'HS256');
200200
$this->setExpectedException('InvalidArgumentException');
201201
JWT::decode($encoded, new Key('', 'HS256'));
202202
}
@@ -225,21 +225,21 @@ public function testArrayAccessKIDChooser()
225225

226226
public function testNoneAlgorithm()
227227
{
228-
$msg = JWT::encode('abc', 'my_key');
228+
$msg = JWT::encode('abc', 'my_key', 'HS256');
229229
$this->setExpectedException('UnexpectedValueException');
230230
JWT::decode($msg, new Key('my_key', 'none'));
231231
}
232232

233233
public function testIncorrectAlgorithm()
234234
{
235-
$msg = JWT::encode('abc', 'my_key');
235+
$msg = JWT::encode('abc', 'my_key', 'HS256');
236236
$this->setExpectedException('UnexpectedValueException');
237237
JWT::decode($msg, new Key('my_key', 'RS256'));
238238
}
239239

240240
public function testEmptyAlgorithm()
241241
{
242-
$msg = JWT::encode('abc', 'my_key');
242+
$msg = JWT::encode('abc', 'my_key', 'HS256');
243243
$this->setExpectedException('UnexpectedValueException');
244244
JWT::decode($msg, new Key('my_key', ''));
245245
}
@@ -265,7 +265,7 @@ public function testInvalidSignatureEncoding()
265265

266266
public function testHSEncodeDecode()
267267
{
268-
$msg = JWT::encode('abc', 'my_key');
268+
$msg = JWT::encode('abc', 'my_key', 'HS256');
269269
$this->assertEquals(JWT::decode($msg, new Key('my_key', 'HS256')), 'abc');
270270
}
271271

0 commit comments

Comments
 (0)