Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do we really need to throw an exception when verifying the signature of an unsigned token? #52

Closed
lcobucci opened this issue Nov 8, 2015 · 3 comments
Closed

Do we really need to throw an exception when verifying the signature of an unsigned token? #52

lcobucci opened this issue Nov 8, 2015 · 3 comments
Assignees
@lcobucci
Labels
BC-break Improvement
Milestone
4.0.0-alpha1

Comments

@lcobucci
Copy link
Owner

lcobucci commented Nov 8, 2015

I thinking that just returning false would be good enough and will simplify the code of library users.

Instead of doing:

try {
    if (!$token->verify($signer, $key) || !$token->validate($data)) {
        // do something to tell that the token is unacceptable.
    }
} catch (\BadMethodCallException $e) {
    // do something to tell that the token is unacceptable.
}

Users could do:

if (!$token->verify($signer, $key) || !$token->validate($data)) {
    // do something to tell that the token is unacceptable.
}

Any thoughts?
@Ocramius
Copy link
Sponsor Collaborator

Ocramius commented Nov 8, 2015

Agreed: no signature or invalid signature are equivalent, from a functional standpoint.

@ricardofontanelli
Copy link

Hello guys,
Any news about this feature?

@lcobucci
Copy link
Owner Author

Hey @ricardofontanelli this will be implemented for v4. Soon I'll be working on it 😄

@lcobucci lcobucci added this to the 4.0.0 milestone Dec 12, 2015
@lcobucci lcobucci self-assigned this Dec 20, 2015
lcobucci added a commit that referenced this issue Dec 21, 2015
@lcobucci
Removing exception when verifying the signature of an unsigned token (c…
a6348a7 
…lose #52).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lcobucci lcobucci

Labels
BC-break Improvement
Projects
None yet
Milestone
4.0.0-alpha1
Development

No branches or pull requests
3 participants
@Ocramius @lcobucci @ricardofontanelli