fix: allowed_algs not properly set for string value (#489)

googleapis · Oct 17, 2023 · 0042b52 · 0042b52
1 parent b882500
commit 0042b52
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 1 deletion.
diff --git a/src/OAuth2.php b/src/OAuth2.php
@@ -1723,7 +1723,7 @@ private function getFirebaseJwtKeys($publicKey, $allowedAlgs)
 
         $allowedAlg = null;
         if (is_string($allowedAlgs)) {
-            $allowedAlg = $allowedAlg;
+            $allowedAlg = $allowedAlgs;
         } elseif (is_array($allowedAlgs)) {
             if (count($allowedAlgs) > 1) {
                 throw new \InvalidArgumentException(

diff --git a/tests/OAuth2Test.php b/tests/OAuth2Test.php
@@ -1250,8 +1250,14 @@ public function testShouldReturnAValidIdToken()
         $alg = 'RS256';
         $jwtIdToken = JWT::encode($origIdToken, $privateKey, $alg);
         $o->setIdToken($jwtIdToken);
+
+        // Test with array alg
         $roundTrip = $o->verifyIdToken($publicKey, [$alg]);
         $this->assertEquals($origIdToken['aud'], $roundTrip->aud);
+
+        // Test with string alg
+        $roundTrip2 = $o->verifyIdToken($publicKey, $alg);
+        $this->assertEquals($origIdToken['aud'], $roundTrip2->aud);
     }
 }