diff --git a/core/Configuration/Settings.class.php b/core/Configuration/Settings.class.php index 1f55dd0..6c189ce 100644 --- a/core/Configuration/Settings.class.php +++ b/core/Configuration/Settings.class.php @@ -27,8 +27,9 @@ class Settings { private string $mailFooter; private array $allowedExtensions; - public function getJwtSecret(): string { - return $this->jwtSecret; + public function getJwtKey(): \Firebase\JWT\Key { + // TODO: allow the use of other JWT algorithms (e.g. RS256) + return new \Firebase\JWT\Key($this->jwtSecret, "HS256"); } public function isInstalled(): bool { diff --git a/core/Documents/Info.class.php b/core/Documents/Info.class.php index 369cec0..901bd15 100644 --- a/core/Documents/Info.class.php +++ b/core/Documents/Info.class.php @@ -18,6 +18,7 @@ class InfoBody extends SimpleBody { $user = $this->getDocument()->getUser(); if ($user->isLoggedIn() && $user->hasGroup(USER_GROUP_ADMIN)) { phpinfo(); + return ""; } else { $message = "You are not logged in or do not have the proper privileges to access this page."; return $this->getDocument()->getRouter()->returnStatusCode(403, [ "message" => $message] ); diff --git a/core/Driver/SQL/Column/EnumColumn.class.php b/core/Driver/SQL/Column/EnumColumn.class.php index 55fd99d..b38de1e 100644 --- a/core/Driver/SQL/Column/EnumColumn.class.php +++ b/core/Driver/SQL/Column/EnumColumn.class.php @@ -11,7 +11,7 @@ class EnumColumn extends Column { $this->values = $values; } - public function addValues(string $value) { + public function addValue(string $value) { $this->values[] = $value; } diff --git a/core/Driver/SQL/Query/AlterTable.class.php b/core/Driver/SQL/Query/AlterTable.class.php index 152a115..a5dcf1d 100644 --- a/core/Driver/SQL/Query/AlterTable.class.php +++ b/core/Driver/SQL/Query/AlterTable.class.php @@ -7,7 +7,6 @@ use Driver\SQL\Column\EnumColumn; use Driver\SQL\Constraint\Constraint; use Driver\SQL\Constraint\ForeignKey; use Driver\SQL\Constraint\PrimaryKey; -use Driver\SQL\MySQL; use Driver\SQL\PostgreSQL; use Driver\SQL\SQL; @@ -121,7 +120,7 @@ class AlterTable extends Query { return null; } } else { - $this->sql->setLastError("ALTER TABLE requires at least a column or a constraint."); + $this->sql->setLastError("'ALTER TABLE' requires at least a column or a constraint."); return null; } diff --git a/core/External/JWT.class.php b/core/External/JWT.class.php deleted file mode 100644 index 5a35081..0000000 --- a/core/External/JWT.class.php +++ /dev/null @@ -1,199 +0,0 @@ - - * @author Anant Narayanan - * @license http://opensource.org/licenses/BSD-3-Clause 3-clause BSD - * @link https://github.com/firebase/php-jwt - */ - -namespace External; - -class JWT -{ - /** - * Decodes a JWT string into a PHP object. - * - * @param string $jwt The JWT - * @param string|null $key The secret key - * @param bool $verify Don't skip verification process - * - * @return object The JWT's payload as a PHP object - * @throws \UnexpectedValueException Provided JWT was invalid - * @throws \DomainException Algorithm was not provided - * - * @uses jsonDecode - * @uses urlsafeB64Decode - */ - public static function decode($jwt, $key = null, $verify = true) - { - $tks = explode('.', $jwt); - if (count($tks) != 3) { - throw new \UnexpectedValueException('Wrong number of segments'); - } - list($headb64, $bodyb64, $cryptob64) = $tks; - if (null === ($header = JWT::jsonDecode(JWT::urlsafeB64Decode($headb64)))) { - throw new \UnexpectedValueException('Invalid segment encoding'); - } - if (null === $payload = JWT::jsonDecode(JWT::urlsafeB64Decode($bodyb64))) { - throw new \UnexpectedValueException('Invalid segment encoding'); - } - $sig = JWT::urlsafeB64Decode($cryptob64); - if ($verify) { - if (empty($header->alg)) { - throw new \DomainException('Empty algorithm'); - } - if ($sig != JWT::sign("$headb64.$bodyb64", $key, $header->alg)) { - throw new \UnexpectedValueException('Signature verification failed'); - } - } - return $payload; - } - - /** - * Converts and signs a PHP object or array into a JWT string. - * - * @param object|array $payload PHP object or array - * @param string $key The secret key - * @param string $algo The signing algorithm. Supported - * algorithms are 'HS256', 'HS384' and 'HS512' - * - * @return string A signed JWT - * @uses jsonEncode - * @uses urlsafeB64Encode - */ - public static function encode($payload, $key, $algo = 'HS256') - { - $header = array('typ' => 'JWT', 'alg' => $algo); - - $segments = array(); - $segments[] = JWT::urlsafeB64Encode(JWT::jsonEncode($header)); - $segments[] = JWT::urlsafeB64Encode(JWT::jsonEncode($payload)); - $signing_input = implode('.', $segments); - - $signature = JWT::sign($signing_input, $key, $algo); - $segments[] = JWT::urlsafeB64Encode($signature); - - return implode('.', $segments); - } - - /** - * Sign a string with a given key and algorithm. - * - * @param string $msg The message to sign - * @param string $key The secret key - * @param string $method The signing algorithm. Supported - * algorithms are 'HS256', 'HS384' and 'HS512' - * - * @return string An encrypted message - * @throws \DomainException Unsupported algorithm was specified - */ - public static function sign($msg, $key, $method = 'HS256') - { - $methods = array( - 'HS256' => 'sha256', - 'HS384' => 'sha384', - 'HS512' => 'sha512', - ); - if (empty($methods[$method])) { - throw new \DomainException('Algorithm not supported'); - } - return hash_hmac($methods[$method], $msg, $key, true); - } - - /** - * Decode a JSON string into a PHP object. - * - * @param string $input JSON string - * - * @return object Object representation of JSON string - * @throws \DomainException Provided string was invalid JSON - */ - public static function jsonDecode($input) - { - $obj = json_decode($input); - if (function_exists('json_last_error') && $errno = json_last_error()) { - JWT::_handleJsonError($errno); - } else if ($obj === null && $input !== 'null') { - throw new \DomainException('Null result with non-null input'); - } - return $obj; - } - - /** - * Encode a PHP object into a JSON string. - * - * @param object|array $input A PHP object or array - * - * @return string JSON representation of the PHP object or array - * @throws \DomainException Provided object could not be encoded to valid JSON - */ - public static function jsonEncode($input) - { - $json = json_encode($input); - if (function_exists('json_last_error') && $errno = json_last_error()) { - JWT::_handleJsonError($errno); - } else if ($json === 'null' && $input !== null) { - throw new \DomainException('Null result with non-null input'); - } - return $json; - } - - /** - * Decode a string with URL-safe Base64. - * - * @param string $input A Base64 encoded string - * - * @return string A decoded string - */ - public static function urlsafeB64Decode($input) - { - $remainder = strlen($input) % 4; - if ($remainder) { - $padlen = 4 - $remainder; - $input .= str_repeat('=', $padlen); - } - return base64_decode(strtr($input, '-_', '+/')); - } - - /** - * Encode a string with URL-safe Base64. - * - * @param string $input The string you want encoded - * - * @return string The base64 encode of what you passed in - */ - public static function urlsafeB64Encode($input) - { - return str_replace('=', '', strtr(base64_encode($input), '+/', '-_')); - } - - /** - * Helper method to create a JSON error. - * - * @param int $errno An error number from json_last_error() - * - * @return void - */ - private static function _handleJsonError($errno) - { - $messages = array( - JSON_ERROR_DEPTH => 'Maximum stack depth exceeded', - JSON_ERROR_CTRL_CHAR => 'Unexpected control character found', - JSON_ERROR_SYNTAX => 'Syntax error, malformed JSON' - ); - throw new \DomainException( - isset($messages[$errno]) - ? $messages[$errno] - : 'Unknown JSON error: ' . $errno - ); - } - -} diff --git a/core/External/composer.json b/core/External/composer.json index 1f5c939..8aa9920 100644 --- a/core/External/composer.json +++ b/core/External/composer.json @@ -5,7 +5,8 @@ "chillerlan/php-qrcode": "^4.3", "christian-riesen/base32": "^1.6", "spomky-labs/cbor-php": "2.0.1", - "web-auth/cose-lib": "^3.3" + "web-auth/cose-lib": "^3.3", + "firebase/php-jwt": "^6.2" }, "require-dev": { "phpunit/phpunit": "^9.5" diff --git a/core/External/composer.lock b/core/External/composer.lock index 7ecf941..68a6ac3 100644 --- a/core/External/composer.lock +++ b/core/External/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "87a2e9cab051caf2f9ae6d46668f0886", + "content-hash": "edfe59e1489b0594cfe6ff0276be3419", "packages": [ { "name": "beberlei/assert", @@ -135,16 +135,16 @@ }, { "name": "chillerlan/php-qrcode", - "version": "4.3.2", + "version": "4.3.3", "source": { "type": "git", "url": "https://github.com/chillerlan/php-qrcode.git", - "reference": "b625396e0752d79747a55205ae7e191eeb459dcd" + "reference": "6356b246948ac1025882b3f55e7c68ebd4515ae3" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/chillerlan/php-qrcode/zipball/b625396e0752d79747a55205ae7e191eeb459dcd", - "reference": "b625396e0752d79747a55205ae7e191eeb459dcd", + "url": "https://api.github.com/repos/chillerlan/php-qrcode/zipball/6356b246948ac1025882b3f55e7c68ebd4515ae3", + "reference": "6356b246948ac1025882b3f55e7c68ebd4515ae3", "shasum": "" }, "require": { @@ -197,7 +197,7 @@ ], "support": { "issues": "https://github.com/chillerlan/php-qrcode/issues", - "source": "https://github.com/chillerlan/php-qrcode/tree/4.3.2" + "source": "https://github.com/chillerlan/php-qrcode/tree/4.3.3" }, "funding": [ { @@ -209,20 +209,20 @@ "type": "ko_fi" } ], - "time": "2021-11-18T08:46:03+00:00" + "time": "2021-11-25T22:38:09+00:00" }, { "name": "chillerlan/php-settings-container", - "version": "2.1.2", + "version": "2.1.3", "source": { "type": "git", "url": "https://github.com/chillerlan/php-settings-container.git", - "reference": "ec834493a88682dd69652a1eeaf462789ed0c5f5" + "reference": "125dd573b45ffc7cabecf385986a356ba2c6f602" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/chillerlan/php-settings-container/zipball/ec834493a88682dd69652a1eeaf462789ed0c5f5", - "reference": "ec834493a88682dd69652a1eeaf462789ed0c5f5", + "url": "https://api.github.com/repos/chillerlan/php-settings-container/zipball/125dd573b45ffc7cabecf385986a356ba2c6f602", + "reference": "125dd573b45ffc7cabecf385986a356ba2c6f602", "shasum": "" }, "require": { @@ -230,7 +230,7 @@ "php": "^7.4 || ^8.0" }, "require-dev": { - "phan/phan": "^4.0", + "phan/phan": "^5.3", "phpunit/phpunit": "^9.5" }, "type": "library", @@ -255,6 +255,7 @@ "keywords": [ "PHP7", "Settings", + "configuration", "container", "helper" ], @@ -272,7 +273,7 @@ "type": "ko_fi" } ], - "time": "2021-09-06T15:17:01+00:00" + "time": "2022-03-09T13:18:58+00:00" }, { "name": "christian-riesen/base32", @@ -408,6 +409,68 @@ }, "time": "2021-12-11T12:41:06+00:00" }, + { + "name": "firebase/php-jwt", + "version": "v6.2.0", + "source": { + "type": "git", + "url": "https://github.com/firebase/php-jwt.git", + "reference": "d28e6df83830252650da4623c78aaaf98fb385f3" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/firebase/php-jwt/zipball/d28e6df83830252650da4623c78aaaf98fb385f3", + "reference": "d28e6df83830252650da4623c78aaaf98fb385f3", + "shasum": "" + }, + "require": { + "php": "^7.1||^8.0" + }, + "require-dev": { + "guzzlehttp/guzzle": "^6.5||^7.4", + "phpspec/prophecy-phpunit": "^1.1", + "phpunit/phpunit": "^7.5||^9.5", + "psr/cache": "^1.0||^2.0", + "psr/http-client": "^1.0", + "psr/http-factory": "^1.0" + }, + "suggest": { + "paragonie/sodium_compat": "Support EdDSA (Ed25519) signatures when libsodium is not present" + }, + "type": "library", + "autoload": { + "psr-4": { + "Firebase\\JWT\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Neuman Vong", + "email": "neuman+pear@twilio.com", + "role": "Developer" + }, + { + "name": "Anant Narayanan", + "email": "anant@php.net", + "role": "Developer" + } + ], + "description": "A simple library to encode and decode JSON Web Tokens (JWT) in PHP. Should conform to the current spec.", + "homepage": "https://github.com/firebase/php-jwt", + "keywords": [ + "jwt", + "php" + ], + "support": { + "issues": "https://github.com/firebase/php-jwt/issues", + "source": "https://github.com/firebase/php-jwt/tree/v6.2.0" + }, + "time": "2022-05-13T20:54:50+00:00" + }, { "name": "myclabs/php-enum", "version": "1.8.3", @@ -470,16 +533,16 @@ }, { "name": "php-mqtt/client", - "version": "v1.1.3", + "version": "v1.3.0", "source": { "type": "git", "url": "https://github.com/php-mqtt/client.git", - "reference": "0a0b2ed1946d466245cfc1ce78b2b8392e160bee" + "reference": "5813fd257f27e1e9537cd29c0152102e129437d0" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/php-mqtt/client/zipball/0a0b2ed1946d466245cfc1ce78b2b8392e160bee", - "reference": "0a0b2ed1946d466245cfc1ce78b2b8392e160bee", + "url": "https://api.github.com/repos/php-mqtt/client/zipball/5813fd257f27e1e9537cd29c0152102e129437d0", + "reference": "5813fd257f27e1e9537cd29c0152102e129437d0", "shasum": "" }, "require": { @@ -521,36 +584,36 @@ ], "support": { "issues": "https://github.com/php-mqtt/client/issues", - "source": "https://github.com/php-mqtt/client/tree/v1.1.3" + "source": "https://github.com/php-mqtt/client/tree/v1.3.0" }, - "time": "2022-02-15T19:47:14+00:00" + "time": "2022-05-26T17:31:01+00:00" }, { "name": "psr/log", - "version": "1.1.4", + "version": "3.0.0", "source": { "type": "git", "url": "https://github.com/php-fig/log.git", - "reference": "d49695b909c3b7628b6289db5479a1c204601f11" + "reference": "fe5ea303b0887d5caefd3d431c3e61ad47037001" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/php-fig/log/zipball/d49695b909c3b7628b6289db5479a1c204601f11", - "reference": "d49695b909c3b7628b6289db5479a1c204601f11", + "url": "https://api.github.com/repos/php-fig/log/zipball/fe5ea303b0887d5caefd3d431c3e61ad47037001", + "reference": "fe5ea303b0887d5caefd3d431c3e61ad47037001", "shasum": "" }, "require": { - "php": ">=5.3.0" + "php": ">=8.0.0" }, "type": "library", "extra": { "branch-alias": { - "dev-master": "1.1.x-dev" + "dev-master": "3.x-dev" } }, "autoload": { "psr-4": { - "Psr\\Log\\": "Psr/Log/" + "Psr\\Log\\": "src" } }, "notification-url": "https://packagist.org/downloads/", @@ -571,9 +634,9 @@ "psr-3" ], "support": { - "source": "https://github.com/php-fig/log/tree/1.1.4" + "source": "https://github.com/php-fig/log/tree/3.0.0" }, - "time": "2021-05-03T11:20:27+00:00" + "time": "2021-07-14T16:46:02+00:00" }, { "name": "spomky-labs/cbor-php", @@ -644,16 +707,16 @@ }, { "name": "symfony/polyfill-ctype", - "version": "v1.24.0", + "version": "v1.26.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-ctype.git", - "reference": "30885182c981ab175d4d034db0f6f469898070ab" + "reference": "6fd1b9a79f6e3cf65f9e679b23af304cd9e010d4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/30885182c981ab175d4d034db0f6f469898070ab", - "reference": "30885182c981ab175d4d034db0f6f469898070ab", + "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/6fd1b9a79f6e3cf65f9e679b23af304cd9e010d4", + "reference": "6fd1b9a79f6e3cf65f9e679b23af304cd9e010d4", "shasum": "" }, "require": { @@ -668,7 +731,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "1.23-dev" + "dev-main": "1.26-dev" }, "thanks": { "name": "symfony/polyfill", @@ -676,12 +739,12 @@ } }, "autoload": { - "psr-4": { - "Symfony\\Polyfill\\Ctype\\": "" - }, "files": [ "bootstrap.php" - ] + ], + "psr-4": { + "Symfony\\Polyfill\\Ctype\\": "" + } }, "notification-url": "https://packagist.org/downloads/", "license": [ @@ -706,7 +769,7 @@ "portable" ], "support": { - "source": "https://github.com/symfony/polyfill-ctype/tree/v1.24.0" + "source": "https://github.com/symfony/polyfill-ctype/tree/v1.26.0" }, "funding": [ { @@ -722,20 +785,20 @@ "type": "tidelift" } ], - "time": "2021-10-20T20:35:02+00:00" + "time": "2022-05-24T11:49:31+00:00" }, { "name": "symfony/polyfill-mbstring", - "version": "v1.24.0", + "version": "v1.26.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-mbstring.git", - "reference": "0abb51d2f102e00a4eefcf46ba7fec406d245825" + "reference": "9344f9cb97f3b19424af1a21a3b0e75b0a7d8d7e" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/0abb51d2f102e00a4eefcf46ba7fec406d245825", - "reference": "0abb51d2f102e00a4eefcf46ba7fec406d245825", + "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/9344f9cb97f3b19424af1a21a3b0e75b0a7d8d7e", + "reference": "9344f9cb97f3b19424af1a21a3b0e75b0a7d8d7e", "shasum": "" }, "require": { @@ -750,7 +813,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "1.23-dev" + "dev-main": "1.26-dev" }, "thanks": { "name": "symfony/polyfill", @@ -789,7 +852,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.24.0" + "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.26.0" }, "funding": [ { @@ -805,20 +868,20 @@ "type": "tidelift" } ], - "time": "2021-11-30T18:21:41+00:00" + "time": "2022-05-24T11:49:31+00:00" }, { "name": "twig/twig", - "version": "v3.3.8", + "version": "v3.4.1", "source": { "type": "git", "url": "https://github.com/twigphp/Twig.git", - "reference": "972d8604a92b7054828b539f2febb0211dd5945c" + "reference": "e939eae92386b69b49cfa4599dd9bead6bf4a342" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/twigphp/Twig/zipball/972d8604a92b7054828b539f2febb0211dd5945c", - "reference": "972d8604a92b7054828b539f2febb0211dd5945c", + "url": "https://api.github.com/repos/twigphp/Twig/zipball/e939eae92386b69b49cfa4599dd9bead6bf4a342", + "reference": "e939eae92386b69b49cfa4599dd9bead6bf4a342", "shasum": "" }, "require": { @@ -833,7 +896,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "3.3-dev" + "dev-master": "3.4-dev" } }, "autoload": { @@ -869,7 +932,7 @@ ], "support": { "issues": "https://github.com/twigphp/Twig/issues", - "source": "https://github.com/twigphp/Twig/tree/v3.3.8" + "source": "https://github.com/twigphp/Twig/tree/v3.4.1" }, "funding": [ { @@ -881,11 +944,11 @@ "type": "tidelift" } ], - "time": "2022-02-04T06:59:48+00:00" + "time": "2022-05-17T05:48:52+00:00" }, { "name": "web-auth/cose-lib", - "version": "v3.3.11", + "version": "v3.3.12", "source": { "type": "git", "url": "https://github.com/web-auth/cose-lib.git", @@ -932,7 +995,7 @@ "RFC8152" ], "support": { - "source": "https://github.com/web-auth/cose-lib/tree/v3.3.11" + "source": "https://github.com/web-auth/cose-lib/tree/v3.3.12" }, "funding": [ { @@ -950,29 +1013,30 @@ "packages-dev": [ { "name": "doctrine/instantiator", - "version": "1.4.0", + "version": "1.4.1", "source": { "type": "git", "url": "https://github.com/doctrine/instantiator.git", - "reference": "d56bf6102915de5702778fe20f2de3b2fe570b5b" + "reference": "10dcfce151b967d20fde1b34ae6640712c3891bc" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/doctrine/instantiator/zipball/d56bf6102915de5702778fe20f2de3b2fe570b5b", - "reference": "d56bf6102915de5702778fe20f2de3b2fe570b5b", + "url": "https://api.github.com/repos/doctrine/instantiator/zipball/10dcfce151b967d20fde1b34ae6640712c3891bc", + "reference": "10dcfce151b967d20fde1b34ae6640712c3891bc", "shasum": "" }, "require": { "php": "^7.1 || ^8.0" }, "require-dev": { - "doctrine/coding-standard": "^8.0", + "doctrine/coding-standard": "^9", "ext-pdo": "*", "ext-phar": "*", - "phpbench/phpbench": "^0.13 || 1.0.0-alpha2", - "phpstan/phpstan": "^0.12", - "phpstan/phpstan-phpunit": "^0.12", - "phpunit/phpunit": "^7.0 || ^8.0 || ^9.0" + "phpbench/phpbench": "^0.16 || ^1", + "phpstan/phpstan": "^1.4", + "phpstan/phpstan-phpunit": "^1", + "phpunit/phpunit": "^7.5 || ^8.5 || ^9.5", + "vimeo/psalm": "^4.22" }, "type": "library", "autoload": { @@ -999,7 +1063,7 @@ ], "support": { "issues": "https://github.com/doctrine/instantiator/issues", - "source": "https://github.com/doctrine/instantiator/tree/1.4.0" + "source": "https://github.com/doctrine/instantiator/tree/1.4.1" }, "funding": [ { @@ -1015,29 +1079,33 @@ "type": "tidelift" } ], - "time": "2020-11-10T18:47:58+00:00" + "time": "2022-03-03T08:28:38+00:00" }, { "name": "myclabs/deep-copy", - "version": "1.10.2", + "version": "1.11.0", "source": { "type": "git", "url": "https://github.com/myclabs/DeepCopy.git", - "reference": "776f831124e9c62e1a2c601ecc52e776d8bb7220" + "reference": "14daed4296fae74d9e3201d2c4925d1acb7aa614" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/myclabs/DeepCopy/zipball/776f831124e9c62e1a2c601ecc52e776d8bb7220", - "reference": "776f831124e9c62e1a2c601ecc52e776d8bb7220", + "url": "https://api.github.com/repos/myclabs/DeepCopy/zipball/14daed4296fae74d9e3201d2c4925d1acb7aa614", + "reference": "14daed4296fae74d9e3201d2c4925d1acb7aa614", "shasum": "" }, "require": { "php": "^7.1 || ^8.0" }, + "conflict": { + "doctrine/collections": "<1.6.8", + "doctrine/common": "<2.13.3 || >=3,<3.2.2" + }, "require-dev": { - "doctrine/collections": "^1.0", - "doctrine/common": "^2.6", - "phpunit/phpunit": "^7.1" + "doctrine/collections": "^1.6.8", + "doctrine/common": "^2.13.3 || ^3.2.2", + "phpunit/phpunit": "^7.5.20 || ^8.5.23 || ^9.5.13" }, "type": "library", "autoload": { @@ -1062,7 +1130,7 @@ ], "support": { "issues": "https://github.com/myclabs/DeepCopy/issues", - "source": "https://github.com/myclabs/DeepCopy/tree/1.10.2" + "source": "https://github.com/myclabs/DeepCopy/tree/1.11.0" }, "funding": [ { @@ -1070,20 +1138,20 @@ "type": "tidelift" } ], - "time": "2020-11-13T09:40:50+00:00" + "time": "2022-03-03T13:19:32+00:00" }, { "name": "nikic/php-parser", - "version": "v4.13.2", + "version": "v4.14.0", "source": { "type": "git", "url": "https://github.com/nikic/PHP-Parser.git", - "reference": "210577fe3cf7badcc5814d99455df46564f3c077" + "reference": "34bea19b6e03d8153165d8f30bba4c3be86184c1" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/210577fe3cf7badcc5814d99455df46564f3c077", - "reference": "210577fe3cf7badcc5814d99455df46564f3c077", + "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/34bea19b6e03d8153165d8f30bba4c3be86184c1", + "reference": "34bea19b6e03d8153165d8f30bba4c3be86184c1", "shasum": "" }, "require": { @@ -1124,9 +1192,9 @@ ], "support": { "issues": "https://github.com/nikic/PHP-Parser/issues", - "source": "https://github.com/nikic/PHP-Parser/tree/v4.13.2" + "source": "https://github.com/nikic/PHP-Parser/tree/v4.14.0" }, - "time": "2021-11-30T19:35:32+00:00" + "time": "2022-05-31T20:59:12+00:00" }, { "name": "phar-io/manifest", @@ -1190,16 +1258,16 @@ }, { "name": "phar-io/version", - "version": "3.1.1", + "version": "3.2.1", "source": { "type": "git", "url": "https://github.com/phar-io/version.git", - "reference": "15a90844ad40f127afd244c0cad228de2a80052a" + "reference": "4f7fd7836c6f332bb2933569e566a0d6c4cbed74" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phar-io/version/zipball/15a90844ad40f127afd244c0cad228de2a80052a", - "reference": "15a90844ad40f127afd244c0cad228de2a80052a", + "url": "https://api.github.com/repos/phar-io/version/zipball/4f7fd7836c6f332bb2933569e566a0d6c4cbed74", + "reference": "4f7fd7836c6f332bb2933569e566a0d6c4cbed74", "shasum": "" }, "require": { @@ -1235,9 +1303,9 @@ "description": "Library for handling version information and constraints", "support": { "issues": "https://github.com/phar-io/version/issues", - "source": "https://github.com/phar-io/version/tree/3.1.1" + "source": "https://github.com/phar-io/version/tree/3.2.1" }, - "time": "2022-02-07T21:56:48+00:00" + "time": "2022-02-21T01:04:05+00:00" }, { "name": "phpdocumentor/reflection-common", @@ -1351,16 +1419,16 @@ }, { "name": "phpdocumentor/type-resolver", - "version": "1.6.0", + "version": "1.6.1", "source": { "type": "git", "url": "https://github.com/phpDocumentor/TypeResolver.git", - "reference": "93ebd0014cab80c4ea9f5e297ea48672f1b87706" + "reference": "77a32518733312af16a44300404e945338981de3" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpDocumentor/TypeResolver/zipball/93ebd0014cab80c4ea9f5e297ea48672f1b87706", - "reference": "93ebd0014cab80c4ea9f5e297ea48672f1b87706", + "url": "https://api.github.com/repos/phpDocumentor/TypeResolver/zipball/77a32518733312af16a44300404e945338981de3", + "reference": "77a32518733312af16a44300404e945338981de3", "shasum": "" }, "require": { @@ -1395,9 +1463,9 @@ "description": "A PSR-5 based resolver of Class names, Types and Structural Element Names", "support": { "issues": "https://github.com/phpDocumentor/TypeResolver/issues", - "source": "https://github.com/phpDocumentor/TypeResolver/tree/1.6.0" + "source": "https://github.com/phpDocumentor/TypeResolver/tree/1.6.1" }, - "time": "2022-01-04T19:58:01+00:00" + "time": "2022-03-15T21:29:03+00:00" }, { "name": "phpspec/prophecy", @@ -1468,16 +1536,16 @@ }, { "name": "phpunit/php-code-coverage", - "version": "9.2.11", + "version": "9.2.15", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/php-code-coverage.git", - "reference": "665a1ac0a763c51afc30d6d130dac0813092b17f" + "reference": "2e9da11878c4202f97915c1cb4bb1ca318a63f5f" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/665a1ac0a763c51afc30d6d130dac0813092b17f", - "reference": "665a1ac0a763c51afc30d6d130dac0813092b17f", + "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/2e9da11878c4202f97915c1cb4bb1ca318a63f5f", + "reference": "2e9da11878c4202f97915c1cb4bb1ca318a63f5f", "shasum": "" }, "require": { @@ -1533,7 +1601,7 @@ ], "support": { "issues": "https://github.com/sebastianbergmann/php-code-coverage/issues", - "source": "https://github.com/sebastianbergmann/php-code-coverage/tree/9.2.11" + "source": "https://github.com/sebastianbergmann/php-code-coverage/tree/9.2.15" }, "funding": [ { @@ -1541,7 +1609,7 @@ "type": "github" } ], - "time": "2022-02-18T12:46:09+00:00" + "time": "2022-03-07T09:28:20+00:00" }, { "name": "phpunit/php-file-iterator", @@ -1786,16 +1854,16 @@ }, { "name": "phpunit/phpunit", - "version": "9.5.14", + "version": "9.5.20", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/phpunit.git", - "reference": "1883687169c017d6ae37c58883ca3994cfc34189" + "reference": "12bc8879fb65aef2138b26fc633cb1e3620cffba" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/1883687169c017d6ae37c58883ca3994cfc34189", - "reference": "1883687169c017d6ae37c58883ca3994cfc34189", + "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/12bc8879fb65aef2138b26fc633cb1e3620cffba", + "reference": "12bc8879fb65aef2138b26fc633cb1e3620cffba", "shasum": "" }, "require": { @@ -1811,7 +1879,7 @@ "phar-io/version": "^3.0.2", "php": ">=7.3", "phpspec/prophecy": "^1.12.1", - "phpunit/php-code-coverage": "^9.2.7", + "phpunit/php-code-coverage": "^9.2.13", "phpunit/php-file-iterator": "^3.0.5", "phpunit/php-invoker": "^3.1.1", "phpunit/php-text-template": "^2.0.3", @@ -1825,7 +1893,7 @@ "sebastian/global-state": "^5.0.1", "sebastian/object-enumerator": "^4.0.3", "sebastian/resource-operations": "^3.0.3", - "sebastian/type": "^2.3.4", + "sebastian/type": "^3.0", "sebastian/version": "^3.0.2" }, "require-dev": { @@ -1873,7 +1941,7 @@ ], "support": { "issues": "https://github.com/sebastianbergmann/phpunit/issues", - "source": "https://github.com/sebastianbergmann/phpunit/tree/9.5.14" + "source": "https://github.com/sebastianbergmann/phpunit/tree/9.5.20" }, "funding": [ { @@ -1885,7 +1953,7 @@ "type": "github" } ], - "time": "2022-02-18T12:54:07+00:00" + "time": "2022-04-01T12:37:26+00:00" }, { "name": "sebastian/cli-parser", @@ -2253,16 +2321,16 @@ }, { "name": "sebastian/environment", - "version": "5.1.3", + "version": "5.1.4", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/environment.git", - "reference": "388b6ced16caa751030f6a69e588299fa09200ac" + "reference": "1b5dff7bb151a4db11d49d90e5408e4e938270f7" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/environment/zipball/388b6ced16caa751030f6a69e588299fa09200ac", - "reference": "388b6ced16caa751030f6a69e588299fa09200ac", + "url": "https://api.github.com/repos/sebastianbergmann/environment/zipball/1b5dff7bb151a4db11d49d90e5408e4e938270f7", + "reference": "1b5dff7bb151a4db11d49d90e5408e4e938270f7", "shasum": "" }, "require": { @@ -2304,7 +2372,7 @@ ], "support": { "issues": "https://github.com/sebastianbergmann/environment/issues", - "source": "https://github.com/sebastianbergmann/environment/tree/5.1.3" + "source": "https://github.com/sebastianbergmann/environment/tree/5.1.4" }, "funding": [ { @@ -2312,7 +2380,7 @@ "type": "github" } ], - "time": "2020-09-28T05:52:38+00:00" + "time": "2022-04-03T09:37:03+00:00" }, { "name": "sebastian/exporter", @@ -2744,28 +2812,28 @@ }, { "name": "sebastian/type", - "version": "2.3.4", + "version": "3.0.0", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/type.git", - "reference": "b8cd8a1c753c90bc1a0f5372170e3e489136f914" + "reference": "b233b84bc4465aff7b57cf1c4bc75c86d00d6dad" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/type/zipball/b8cd8a1c753c90bc1a0f5372170e3e489136f914", - "reference": "b8cd8a1c753c90bc1a0f5372170e3e489136f914", + "url": "https://api.github.com/repos/sebastianbergmann/type/zipball/b233b84bc4465aff7b57cf1c4bc75c86d00d6dad", + "reference": "b233b84bc4465aff7b57cf1c4bc75c86d00d6dad", "shasum": "" }, "require": { "php": ">=7.3" }, "require-dev": { - "phpunit/phpunit": "^9.3" + "phpunit/phpunit": "^9.5" }, "type": "library", "extra": { "branch-alias": { - "dev-master": "2.3-dev" + "dev-master": "3.0-dev" } }, "autoload": { @@ -2788,7 +2856,7 @@ "homepage": "https://github.com/sebastianbergmann/type", "support": { "issues": "https://github.com/sebastianbergmann/type/issues", - "source": "https://github.com/sebastianbergmann/type/tree/2.3.4" + "source": "https://github.com/sebastianbergmann/type/tree/3.0.0" }, "funding": [ { @@ -2796,7 +2864,7 @@ "type": "github" } ], - "time": "2021-06-15T12:49:02+00:00" + "time": "2022-03-15T09:54:48+00:00" }, { "name": "sebastian/version", @@ -2903,21 +2971,21 @@ }, { "name": "webmozart/assert", - "version": "1.10.0", + "version": "1.11.0", "source": { "type": "git", "url": "https://github.com/webmozarts/assert.git", - "reference": "6964c76c7804814a842473e0c8fd15bab0f18e25" + "reference": "11cb2199493b2f8a3b53e7f19068fc6aac760991" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/webmozarts/assert/zipball/6964c76c7804814a842473e0c8fd15bab0f18e25", - "reference": "6964c76c7804814a842473e0c8fd15bab0f18e25", + "url": "https://api.github.com/repos/webmozarts/assert/zipball/11cb2199493b2f8a3b53e7f19068fc6aac760991", + "reference": "11cb2199493b2f8a3b53e7f19068fc6aac760991", "shasum": "" }, "require": { - "php": "^7.2 || ^8.0", - "symfony/polyfill-ctype": "^1.8" + "ext-ctype": "*", + "php": "^7.2 || ^8.0" }, "conflict": { "phpstan/phpstan": "<0.12.20", @@ -2955,9 +3023,9 @@ ], "support": { "issues": "https://github.com/webmozarts/assert/issues", - "source": "https://github.com/webmozarts/assert/tree/1.10.0" + "source": "https://github.com/webmozarts/assert/tree/1.11.0" }, - "time": "2021-03-09T10:59:23+00:00" + "time": "2022-06-03T18:03:27+00:00" } ], "aliases": [], @@ -2967,5 +3035,5 @@ "prefer-lowest": false, "platform": [], "platform-dev": [], - "plugin-api-version": "2.2.0" + "plugin-api-version": "2.3.0" } diff --git a/core/Objects/Session.class.php b/core/Objects/Session.class.php index e9c8e12..6e2c6f2 100644 --- a/core/Objects/Session.class.php +++ b/core/Objects/Session.class.php @@ -6,7 +6,7 @@ use DateTime; use \Driver\SQL\Condition\Compare; use Driver\SQL\Expression\CurrentTimeStamp; use Exception; -use External\JWT; +use Firebase\JWT\JWT; class Session extends ApiObject { @@ -66,7 +66,8 @@ class Session extends ApiObject { $this->updateMetaData(); $settings = $this->user->getConfiguration()->getSettings(); $token = ['userId' => $this->user->getId(), 'sessionId' => $this->sessionId]; - return JWT::encode($token, $settings->getJwtSecret()); + $jwtKey = $settings->getJwtKey(); + return JWT::encode($token, $jwtKey->getKeyMaterial(), $jwtKey->getAlgorithm()); } public function sendCookie(?string $domain = null) { diff --git a/core/Objects/User.class.php b/core/Objects/User.class.php index 6be59d2..b379e06 100644 --- a/core/Objects/User.class.php +++ b/core/Objects/User.class.php @@ -5,9 +5,9 @@ namespace Objects; use Configuration\Configuration; use Driver\SQL\Condition\CondAnd; use Exception; -use External\JWT; use Driver\SQL\SQL; use Driver\SQL\Condition\Compare; +use Firebase\JWT\JWT; use Objects\TwoFactor\TwoFactorToken; class User extends ApiObject { @@ -232,7 +232,7 @@ class User extends ApiObject { try { $token = $_COOKIE['session']; $settings = $this->configuration->getSettings(); - $decoded = (array)JWT::decode($token, $settings->getJwtSecret()); + $decoded = (array)JWT::decode($token, $settings->getJwtKey()); if (!is_null($decoded)) { $userId = ($decoded['userId'] ?? NULL); $sessionId = ($decoded['sessionId'] ?? NULL);