Documentation and

* Documentation updated
* Rotatable key sets fixed
* Configuration Helper updated
* Bugs fixed and tests added

Command/DeleteCommand.php

@@ -0,0 +1,64 @@
+<?php
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2016 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license.  See the LICENSE file for details.
+ */
+
+namespace SpomkyLabs\JoseBundle\Command;
+
+use Jose\Object\StorableInterface;
+use Symfony\Bundle\FrameworkBundle\Command\ContainerAwareCommand;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+
+class DeleteCommand extends ContainerAwareCommand
+{
+    /**
+     * {@inheritdoc}
+     */
+    protected function configure()
+    {
+        $this
+            ->setName('spomky-labs:jose:delete')
+            ->setDescription('Delete a key or key set.')
+            ->addArgument(
+                'service',
+                InputArgument::REQUIRED
+            )
+            ->setHelp(<<<'EOT'
+The <info>%command.name%</info> command will delete a key or key set.
+If the service is called, then the key will be created again.
+
+  <info>php %command.full_name%</info>
+EOT
+        );
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function execute(InputInterface $input, OutputInterface $output)
+    {
+        $service_name = $input->getArgument('service');
+        if (!$this->getContainer()->has($service_name)) {
+            $output->writeln(sprintf('<error>The service "%s" does not exist.</error>', $service_name));
+
+            return 1;
+        }
+        $service = $this->getContainer()->get($service_name);
+        if (!$service instanceof StorableInterface) {
+            $output->writeln(sprintf('<error>The service "%s" is not a storable object.</error>', $service_name));
+
+            return 2;
+        }
+
+        $service->delete();
+        $output->writeln('Done.');
+    }
+}

Command/RegenCommand.php

@@ -0,0 +1,63 @@
+<?php
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2016 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license.  See the LICENSE file for details.
+ */
+
+namespace SpomkyLabs\JoseBundle\Command;
+
+use Jose\Object\StorableInterface;
+use Symfony\Bundle\FrameworkBundle\Command\ContainerAwareCommand;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+
+class RegenCommand extends ContainerAwareCommand
+{
+    /**
+     * {@inheritdoc}
+     */
+    protected function configure()
+    {
+        $this
+            ->setName('spomky-labs:jose:regen')
+            ->setDescription('Generate a new key or key set.')
+            ->addArgument(
+                'service',
+                InputArgument::REQUIRED
+            )
+            ->setHelp(<<<'EOT'
+The <info>%command.name%</info> command will generate a new key or key set.
+
+  <info>php %command.full_name%</info>
+EOT
+        );
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function execute(InputInterface $input, OutputInterface $output)
+    {
+        $service_name = $input->getArgument('service');
+        if (!$this->getContainer()->has($service_name)) {
+            $output->writeln(sprintf('<error>The service "%s" does not exist.</error>', $service_name));
+
+            return 1;
+        }
+        $service = $this->getContainer()->get($service_name);
+        if (!$service instanceof StorableInterface) {
+            $output->writeln(sprintf('<error>The service "%s" is not a storable object.</error>', $service_name));
+
+            return 2;
+        }
+
+        $service->regen();
+        $output->writeln('Done.');
+    }
+}

Command/RotateCommand.php

@@ -0,0 +1,85 @@
+<?php
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2016 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license.  See the LICENSE file for details.
+ */
+
+namespace SpomkyLabs\JoseBundle\Command;
+
+use Jose\Object\JWKSetInterface;
+use Jose\Object\RotatableInterface;
+use Symfony\Bundle\FrameworkBundle\Command\ContainerAwareCommand;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+
+class RotateCommand extends ContainerAwareCommand
+{
+    /**
+     * {@inheritdoc}
+     */
+    protected function configure()
+    {
+        $this
+            ->setName('spomky-labs:jose:rotate')
+            ->setDescription('Rotate a key or keys in the key set')
+            ->addArgument(
+                'service',
+                InputArgument::REQUIRED
+            )
+            ->addArgument(
+                'ttl',
+                InputArgument::OPTIONAL,
+                '',
+                3600 * 24 * 7
+            )
+            ->setHelp(<<<'EOT'
+The <info>%command.name%</info> command will rotate a key or keys in the key set.
+
+  <info>php %command.full_name%</info>
+EOT
+        );
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function execute(InputInterface $input, OutputInterface $output)
+    {
+        $service_name = $input->getArgument('service');
+        if (!$this->getContainer()->has($service_name)) {
+            $output->writeln(sprintf('<error>The service "%s" does not exist.</error>', $service_name));
+
+            return 1;
+        }
+        $service = $this->getContainer()->get($service_name);
+        if (!$service instanceof JWKSetInterface) {
+            $output->writeln(sprintf('<error>The service "%s" is not a key set.</error>', $service_name));
+
+            return 2;
+        }
+
+        if (!$service instanceof RotatableInterface) {
+            $output->writeln(sprintf('<error>The service "%s" is not a rotatable key set.</error>', $service_name));
+
+            return 3;
+        }
+
+        $mtime = $service->getLastModificationTime();
+
+        if (null === $mtime) {
+            $service->regen();
+            $output->writeln('Done.');
+        } elseif ($mtime + $input->getArgument('ttl') <= time()) {
+            $service->rotate();
+            $output->writeln('Done.');
+        } else {
+            $output->writeln(sprintf('The key set "%s" has not expired.', $service_name));
+        }
+    }
+}

DependencyInjection/Compiler/AlgorithmCompilerPass.php

@@ -17,6 +17,9 @@
 
 final class AlgorithmCompilerPass implements CompilerPassInterface
 {
+    /**
+     * {@inheritdoc}
+     */
     public function process(ContainerBuilder $container)
     {
         if (!$container->hasDefinition('jose.algorithm_manager')) {

DependencyInjection/Compiler/CheckerCompilerPass.php

@@ -19,6 +19,9 @@
 
 final class CheckerCompilerPass implements CompilerPassInterface
 {
+    /**
+     * {@inheritdoc}
+     */
     public function process(ContainerBuilder $container)
     {
         if (!$container->hasDefinition('jose.checker_manager')) {

DependencyInjection/Compiler/CompressionCompilerPass.php

@@ -17,6 +17,9 @@
 
 final class CompressionCompilerPass implements CompilerPassInterface
 {
+    /**
+     * {@inheritdoc}
+     */
     public function process(ContainerBuilder $container)
     {
         if (!$container->hasDefinition('jose.compression_manager')) {

DependencyInjection/Source/AbstractSource.php

@@ -0,0 +1,52 @@
+<?php
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2016 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license.  See the LICENSE file for details.
+ */
+
+namespace SpomkyLabs\JoseBundle\DependencyInjection\Source;
+
+use Symfony\Component\Config\Definition\Builder\NodeDefinition;
+use Symfony\Component\DependencyInjection\ContainerBuilder;
+
+abstract class AbstractSource
+{
+    /**
+     * @param \Symfony\Component\DependencyInjection\ContainerBuilder $container
+     * @param array                                                   $config
+     *
+     * @return \Symfony\Component\DependencyInjection\Definition
+     */
+    abstract protected function createDefinition(ContainerBuilder $container, array $config);
+
+    /**
+     * @param \Symfony\Component\DependencyInjection\ContainerBuilder $container
+     * @param string                                                  $id
+     * @param array                                                   $config
+     */
+    public function create(ContainerBuilder $container, $id, array $config)
+    {
+        $definition = $this->createDefinition($container, $config);
+        $definition->setPublic($config['is_public']);
+        $container->setDefinition($id, $definition);
+    }
+
+    /**
+     * @param \Symfony\Component\Config\Definition\Builder\NodeDefinition $node
+     */
+    public function addConfiguration(NodeDefinition $node)
+    {
+        $node
+            ->children()
+                ->booleanNode('is_public')
+                    ->info('If true, the service will be public, else private.')
+                    ->defaultTrue()
+                ->end()
+            ->end();
+    }
+}

DependencyInjection/Source/DecrypterSource.php

@@ -40,7 +40,7 @@ public function createService($name, array $config, ContainerBuilder $container)
         $definition->setArguments([
             $config['key_encryption_algorithms'],
             $config['content_encryption_algorithms'],
-            $config['compression_methods']
+            $config['compression_methods'],
         ]);
         $definition->setPublic($config['is_public']);