Cleanup, doc update, more tests

README.md

@@ -12,7 +12,7 @@ For an example see [swagger-bundle-example](https://github.com/kleijnweb/swagger
 
 *NOTE:* Looking for PHP <7.0 and Symfony <2.8.7 support? Use a 0.x version.   
 
-## Install And Configure
+## Install
 
 Install using composer (`composer require kleijnweb/jwt-bundle`). You want to check out the [release page](https://github.com/kleijnweb/jwt-bundle/releases) to ensure you are getting what you want and optionally verify your download.
 
@@ -125,7 +125,7 @@ class SimpleSecretLoader implements SecretLoader
 }
 ```
 
-You could use any information available in the token, such as the `kid`, `alg` or any custom claims. You cannot configure both `secret` and `loader`. Be sure to throw an `AuthenticationException` when appropriate (eg missing claims needed for loading secret). 
+You could use any information available in the token, such as the `kid`, `alg` or any custom claims. You cannot configure both `secret` and `loader`. Be sure to throw an `AuthenticationException` when appropriate (eg missing claims needed for loading secret).
 
 ### Integration Into Symfony Security
 
@@ -147,22 +147,6 @@ security:
 
 Using the bundled user provider is optional. This will produce user objects from the token data alone with roles produced from the `aud` claim (and `IS_AUTHENTICATED_FULLY` whether `aud` was set or not).
 
-For BC reasons, the following also works:
-
-```yml
-security:
-  firewalls:
-    default:
-      stateless: true
-      simple_preauth:
-        authenticator: jwt.authenticator
-      provider: jwt
-
-  providers:
-    jwt:
-      id: jwt.user_provider
-```
-
 ### Assigning audience to user roles using an alternate UserProvider
 
 JwtBundle can assign the audience claims in the JwtToken to the User objects user roles properties. Ideally, this is done in the UserProvider, so that the groups cannot be modified.
@@ -172,6 +156,24 @@ This behavior may be removed in future versions.
 
 _NOTE:_ This function *only* copies the the roles from the token.
 
+### Issuing Token
+
+Issuing tokens is currently limited to `HS256`. To create a token string:
+
+```php
+$token = new JwtToken([
+    'header' => [
+        'alg' => 'HS256',
+        'typ' => 'JWT',
+        'kid' => 'Optional Key ID'
+    ],
+    'claims' => [ /*  Array of claims */ ],
+    'secret' => 'Your Secret'
+]);
+
+$token->getTokenString();
+```
+
 ## License
 
 KleijnWeb\JwtBundle is made available under the terms of the [LGPL, version 3.0](https://spdx.org/licenses/LGPL-3.0.html#licenseText).

src/DependencyInjection/KleijnWebJwtExtension.php

@@ -44,8 +44,8 @@ public function load(array $configs, ContainerBuilder $container)
             $keys[] = $keyDefinition;
         }
 
-        $container->getDefinition('jwt.authenticator')->addArgument($keys);
         $container->getDefinition('jwt.security.authentication.provider')->addArgument($keys);
+        $container->getDefinition('jwt.token_issuer')->addArgument($keys);
 
     }
 

src/Firewall/JwtAuthenticationListener.php

@@ -66,7 +66,7 @@ public function handle(GetResponseEvent $event)
      *
      * @return JwtAuthenticationToken|null
      */
-    public function createToken(Request $request)
+    private function createToken(Request $request)
     {
         $tokenString = $request->headers->get($this->header);
 

src/Resources/config/services.yml

@@ -1,12 +1,12 @@
 services:
-  jwt.authenticator:
-      class:  KleijnWeb\JwtBundle\Authenticator\Authenticator
-      public: false
-
   jwt.user_provider:
       class:  KleijnWeb\JwtBundle\User\JwtUserProvider
       public: false
 
+  jwt.token_issuer:
+      class:  KleijnWeb\JwtBundle\Jwt\TokenIssuer
+      public: true
+
   jwt.security.authentication.provider:
     class: KleijnWeb\JwtBundle\Authentication\JwtAuthenticationProvider
     arguments:

tests/functional/FunctionalTest.php

@@ -8,7 +8,7 @@
 
 namespace KleijnWeb\JwtBundle\Tests\Functional;
 
-use KleijnWeb\JwtBundle\Tests\Jwt\JwtAuthenticationProviderTest;
+use KleijnWeb\JwtBundle\Tests\Authentication\JwtAuthenticationProviderTest;
 use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException;

tests/unit/Firewall/JwtAuthenticationProviderTest.php → tests/unit/Authentication/JwtAuthenticationProviderTest.php

@@ -5,8 +5,9 @@
  * For the full copyright and license information, please view the LICENSE
  * file that was distributed with this source code.
  */
-namespace KleijnWeb\JwtBundle\Tests\Jwt;
+namespace KleijnWeb\JwtBundle\Tests\Authentication;
 
+use KleijnWeb\JwtBundle\Authentication\JwtAuthenticatedToken;
 use KleijnWeb\JwtBundle\Authentication\JwtAuthenticationProvider;
 use KleijnWeb\JwtBundle\Authentication\JwtAuthenticationToken;
 use KleijnWeb\JwtBundle\Jwt\JwtKey;
@@ -151,6 +152,24 @@ public function authenticateTokenWillThrowExceptionWhenTokenUnsupportedType()
         $jwtAuthenticationProvider->authenticate($anonToken);
     }
 
+    /**
+     * @test
+     */
+    public function authenticateWillReturnAuthenticatedToken()
+    {
+        $jwtAuthenticationProvider = new JwtAuthenticationProvider($this->standardUserProviderMock, $this->keys);
+        $authToken                 = new JwtAuthenticationToken([], self::TEST_TOKEN);
+
+        /** @var \PHPUnit_Framework_MockObject_MockObject $mock */
+        $mock = $this->standardUserProviderMock;
+        $mock
+            ->expects($this->once())
+            ->method('loadUserByUsername')
+            ->willReturn(new User('john', 'hi there'));
+
+        $this->assertInstanceOf(JwtAuthenticatedToken::class, $jwtAuthenticationProvider->authenticate($authToken));
+    }
+
     /**
      * @test
      */