From 1e48410a125ac8f6659d388ebb0b66a6c41fc885 Mon Sep 17 00:00:00 2001 From: Spomky Date: Tue, 27 Feb 2018 13:48:52 +0100 Subject: [PATCH 1/4] PHPDoc updated for the Checker component classes. --- src/Component/Checker/AlgorithmChecker.php | 4 ++++ src/Component/Checker/AudienceChecker.php | 4 ++++ src/Component/Checker/ClaimChecker.php | 7 ++++++- src/Component/Checker/ClaimCheckerManager.php | 17 +++++++++++++++++ .../Checker/ClaimCheckerManagerFactory.php | 9 +++++++++ src/Component/Checker/ExpirationTimeChecker.php | 6 ++++++ src/Component/Checker/HeaderChecker.php | 9 ++++++++- src/Component/Checker/HeaderCheckerManager.php | 17 ++++++++++++++--- .../Checker/HeaderCheckerManagerFactory.php | 11 +++++++++++ src/Component/Checker/InvalidClaimException.php | 7 +++++++ .../Checker/InvalidHeaderException.php | 7 +++++++ src/Component/Checker/IssuedAtChecker.php | 6 ++++++ src/Component/Checker/NotBeforeChecker.php | 6 ++++++ .../Checker/Tests/Stub/TokenSupport.php | 2 +- src/Component/Checker/TokenTypeSupport.php | 11 +++++++++-- .../Checker/UnencodedPayloadChecker.php | 6 ++++++ src/Component/Encryption/JWETokenSupport.php | 6 +++--- src/Component/Signature/JWSTokenSupport.php | 8 ++++---- 18 files changed, 128 insertions(+), 15 deletions(-) diff --git a/src/Component/Checker/AlgorithmChecker.php b/src/Component/Checker/AlgorithmChecker.php index ed138d66..de5e06c8 100644 --- a/src/Component/Checker/AlgorithmChecker.php +++ b/src/Component/Checker/AlgorithmChecker.php @@ -13,6 +13,10 @@ namespace Jose\Component\Checker; +/** + * This class is a header parameter checker. + * When the "alg" header parameter is present, it will check if the value is within the allowed ones. + */ class AlgorithmChecker implements HeaderChecker { private const HEADER_NAME = 'alg'; diff --git a/src/Component/Checker/AudienceChecker.php b/src/Component/Checker/AudienceChecker.php index 66c6d517..1d73e476 100644 --- a/src/Component/Checker/AudienceChecker.php +++ b/src/Component/Checker/AudienceChecker.php @@ -13,6 +13,10 @@ namespace Jose\Component\Checker; +/** + * This class is a header parameter and claim checker. + * When the "aud" header parameter or claim is present, it will check if the value is within the allowed ones. + */ class AudienceChecker implements ClaimChecker, HeaderChecker { private const CLAIM_NAME = 'aud'; diff --git a/src/Component/Checker/ClaimChecker.php b/src/Component/Checker/ClaimChecker.php index cfe88990..2fa2c1d1 100644 --- a/src/Component/Checker/ClaimChecker.php +++ b/src/Component/Checker/ClaimChecker.php @@ -16,13 +16,18 @@ interface ClaimChecker { /** + * When the token has the applicable claim, the value is checked. + * If for some reason the value is not valid, an InvalidClaimException must be thrown. + * * @param mixed $value * - * @throws \InvalidArgumentException + * @throws InvalidClaimException */ public function checkClaim($value); /** + * The method returns the claim to be checked. + * * @return string */ public function supportedClaim(): string; diff --git a/src/Component/Checker/ClaimCheckerManager.php b/src/Component/Checker/ClaimCheckerManager.php index e274faee..dea9fcfc 100644 --- a/src/Component/Checker/ClaimCheckerManager.php +++ b/src/Component/Checker/ClaimCheckerManager.php @@ -13,6 +13,9 @@ namespace Jose\Component\Checker; +/** + * This manager handles as many claim checkers as needed. + */ class ClaimCheckerManager { /** @@ -33,6 +36,9 @@ private function __construct(array $checkers) } /** + * This method creates the ClaimCheckerManager. + * The argument is a list of claim checkers objects. + * * @param ClaimChecker[] $checkers * * @return ClaimCheckerManager @@ -56,6 +62,8 @@ private function add(ClaimChecker $checker): self } /** + * This method returns all checkers handled by this manager. + * * @return ClaimChecker[] */ public function getCheckers(): array @@ -64,9 +72,18 @@ public function getCheckers(): array } /** + * This method checks all the claims passed as argument. + * All claims are checked against the claim checkers. + * If one fails, the InvalidClaimException is thrown. + * + * This method returns an array with all checked claims. + * It is up to the implementor to decide use the claims that have not been checked. + * * @param array $claims * * @return array + * + * @throws InvalidClaimException */ public function check(array $claims): array { diff --git a/src/Component/Checker/ClaimCheckerManagerFactory.php b/src/Component/Checker/ClaimCheckerManagerFactory.php index 69f9c193..f5c592c1 100644 --- a/src/Component/Checker/ClaimCheckerManagerFactory.php +++ b/src/Component/Checker/ClaimCheckerManagerFactory.php @@ -21,6 +21,9 @@ class ClaimCheckerManagerFactory private $checkers = []; /** + * This method creates a Claim Checker Manager and populate it with the claim checkers found based on the alias. + * If the alias is not supported, an InvalidArgumentException is thrown. + * * @param string[] $aliases * * @return ClaimCheckerManager @@ -40,6 +43,8 @@ public function create(array $aliases): ClaimCheckerManager } /** + * This method adds a claim checker to this factory. + * * @param string $alias * @param ClaimChecker $checker * @@ -53,6 +58,8 @@ public function add(string $alias, ClaimChecker $checker): self } /** + * Returns all claim checker aliases supported by this factory. + * * @return string[] */ public function aliases(): array @@ -61,6 +68,8 @@ public function aliases(): array } /** + * Returns all claim checkers supported by this factory. + * * @return ClaimChecker[] */ public function all(): array diff --git a/src/Component/Checker/ExpirationTimeChecker.php b/src/Component/Checker/ExpirationTimeChecker.php index 8ee44c0c..00ba031c 100644 --- a/src/Component/Checker/ExpirationTimeChecker.php +++ b/src/Component/Checker/ExpirationTimeChecker.php @@ -13,6 +13,12 @@ namespace Jose\Component\Checker; +/** + * This class is a claim checker. + * When the "exp" is present, it will compare the value with the current timestamp. + * + * A time drift is allowed but its use is NOT recommended. + */ class ExpirationTimeChecker implements ClaimChecker { private const CLAIM_NAME = 'exp'; diff --git a/src/Component/Checker/HeaderChecker.php b/src/Component/Checker/HeaderChecker.php index 83d9e99d..7eb0436b 100644 --- a/src/Component/Checker/HeaderChecker.php +++ b/src/Component/Checker/HeaderChecker.php @@ -16,18 +16,25 @@ interface HeaderChecker { /** + * This method is called when the header parameter is present. + * If for some reason the value is not valid, an InvalidHeaderException must be thrown. + * * @param mixed $value * - * @throws \InvalidArgumentException + * @throws InvalidHeaderException */ public function checkHeader($value); /** + * The method returns the header parameter to be checked. + * * @return string */ public function supportedHeader(): string; /** + * When true, the header parameter to be checked MUST be set in the protected header of the token. + * * @return bool */ public function protectedHeaderOnly(): bool; diff --git a/src/Component/Checker/HeaderCheckerManager.php b/src/Component/Checker/HeaderCheckerManager.php index 0ddd04ee..29f4ee6a 100644 --- a/src/Component/Checker/HeaderCheckerManager.php +++ b/src/Component/Checker/HeaderCheckerManager.php @@ -44,6 +44,11 @@ private function __construct(array $checkers, array $tokenTypes) } /** + * This method creates the HeaderCheckerManager. + * The first argument is a list of header parameter checkers objects. + * The second argument is a list of token type support objects. + * It is recommended to support only one token type per manager + * * @param HeaderChecker[] $checkers * @param TokenTypeSupport[] $tokenTypes * @@ -55,6 +60,8 @@ public static function create(array $checkers, array $tokenTypes): self } /** + * This method returns all checkers handled by this manager. + * * @return HeaderChecker[] */ public function getCheckers(): array @@ -88,18 +95,22 @@ private function add(HeaderChecker $checker): self } /** + * This method checks all the header parameters passed as argument. + * All header parameters are checked against the header parameter checkers. + * If one fails, the InvalidHeaderException is thrown. + * * @param JWT $jwt - * @param int $component + * @param int $index * * @throws InvalidHeaderException */ - public function check(JWT $jwt, int $component) + public function check(JWT $jwt, int $index) { foreach ($this->tokenTypes as $tokenType) { if ($tokenType->supports($jwt)) { $protected = []; $unprotected = []; - $tokenType->retrieveTokenHeaders($jwt, $component, $protected, $unprotected); + $tokenType->retrieveTokenHeaders($jwt, $index, $protected, $unprotected); $this->checkDuplicatedHeaderParameters($protected, $unprotected); $this->checkHeaders($protected, $unprotected); diff --git a/src/Component/Checker/HeaderCheckerManagerFactory.php b/src/Component/Checker/HeaderCheckerManagerFactory.php index a3557dad..b137d064 100644 --- a/src/Component/Checker/HeaderCheckerManagerFactory.php +++ b/src/Component/Checker/HeaderCheckerManagerFactory.php @@ -26,6 +26,9 @@ class HeaderCheckerManagerFactory private $tokenTypes = []; /** + * This method creates a Header Checker Manager and populate it with the header parameter checkers found based on the alias. + * If the alias is not supported, an InvalidArgumentException is thrown. + * * @param string[] $aliases * * @return HeaderCheckerManager @@ -45,6 +48,8 @@ public function create(array $aliases): HeaderCheckerManager } /** + * This method adds a header parameter checker to this factory. + * * @param string $alias * @param HeaderChecker $checker * @@ -58,6 +63,8 @@ public function add(string $alias, HeaderChecker $checker): self } /** + * This method adds a token type support to this factory. + * * @param TokenTypeSupport $tokenType * * @return HeaderCheckerManagerFactory @@ -70,6 +77,8 @@ public function addTokenTypeSupport(TokenTypeSupport $tokenType): self } /** + * Returns all header parameter checker aliases supported by this factory. + * * @return string[] */ public function aliases(): array @@ -78,6 +87,8 @@ public function aliases(): array } /** + * Returns all header parameter checkers supported by this factory. + * * @return HeaderChecker[] */ public function all(): array diff --git a/src/Component/Checker/InvalidClaimException.php b/src/Component/Checker/InvalidClaimException.php index 3ef2bac9..5c248469 100644 --- a/src/Component/Checker/InvalidClaimException.php +++ b/src/Component/Checker/InvalidClaimException.php @@ -13,6 +13,9 @@ namespace Jose\Component\Checker; +/** + * This exception is thrown by claim checkers when a claim check failed. + */ class InvalidClaimException extends \Exception { /** @@ -41,6 +44,8 @@ public function __construct(string $message, string $claim, $value) } /** + * Returns the claim that caused the exception + * * @return string */ public function getClaim(): string @@ -49,6 +54,8 @@ public function getClaim(): string } /** + * Returns the claim value that caused the exception + * * @return mixed */ public function getValue() diff --git a/src/Component/Checker/InvalidHeaderException.php b/src/Component/Checker/InvalidHeaderException.php index 961b087c..baf0216d 100644 --- a/src/Component/Checker/InvalidHeaderException.php +++ b/src/Component/Checker/InvalidHeaderException.php @@ -13,6 +13,9 @@ namespace Jose\Component\Checker; +/** + * This exception is thrown by header parameter checkers when a header parameter check failed. + */ class InvalidHeaderException extends \Exception { /** @@ -41,6 +44,8 @@ public function __construct(string $message, string $header, $value) } /** + * Returns the header parameter that caused the exception + * * @return string */ public function getHeader(): string @@ -49,6 +54,8 @@ public function getHeader(): string } /** + * Returns the header parameter value that caused the exception + * * @return mixed */ public function getValue() diff --git a/src/Component/Checker/IssuedAtChecker.php b/src/Component/Checker/IssuedAtChecker.php index c920cff8..4f8a8ecb 100644 --- a/src/Component/Checker/IssuedAtChecker.php +++ b/src/Component/Checker/IssuedAtChecker.php @@ -13,6 +13,12 @@ namespace Jose\Component\Checker; +/** + * This class is a claim checker. + * When the "iat" is present, it will compare the value with the current timestamp. + * + * A time drift is allowed but its use is NOT recommended. + */ class IssuedAtChecker implements ClaimChecker { private const CLAIM_NAME = 'iat'; diff --git a/src/Component/Checker/NotBeforeChecker.php b/src/Component/Checker/NotBeforeChecker.php index 35eff635..297ec7ec 100644 --- a/src/Component/Checker/NotBeforeChecker.php +++ b/src/Component/Checker/NotBeforeChecker.php @@ -13,6 +13,12 @@ namespace Jose\Component\Checker; +/** + * This class is a claim checker. + * When the "nbf" is present, it will compare the value with the current timestamp. + * + * A time drift is allowed but its use is NOT recommended. + */ class NotBeforeChecker implements ClaimChecker { private const CLAIM_NAME = 'nbf'; diff --git a/src/Component/Checker/Tests/Stub/TokenSupport.php b/src/Component/Checker/Tests/Stub/TokenSupport.php index f679eac4..033ad8e1 100644 --- a/src/Component/Checker/Tests/Stub/TokenSupport.php +++ b/src/Component/Checker/Tests/Stub/TokenSupport.php @@ -21,7 +21,7 @@ class TokenSupport implements TokenTypeSupport /** * {@inheritdoc} */ - public function retrieveTokenHeaders(JWT $jwt, int $signature, array &$protectedHeader, array &$unprotectedHeader): void + public function retrieveTokenHeaders(JWT $jwt, int $index, array &$protectedHeader, array &$unprotectedHeader): void { if (!$jwt instanceof Token) { throw new \InvalidArgumentException('Unsupported token.'); diff --git a/src/Component/Checker/TokenTypeSupport.php b/src/Component/Checker/TokenTypeSupport.php index bee996da..ec78308f 100644 --- a/src/Component/Checker/TokenTypeSupport.php +++ b/src/Component/Checker/TokenTypeSupport.php @@ -18,14 +18,21 @@ interface TokenTypeSupport { /** + * This method will retrieve the protect and unprotected headers of the token for the given index. + * The index is useful when the token is serialized using the Json General Serialization mode. + * For example the JWE Json General Serialization Mode allows several recipients to be set. + * The unprotected headers correspond to the share unprotected header and the selected recipient header. + * * @param JWT $jwt - * @param int $component + * @param int $index * @param array $protectedHeader * @param array $unprotectedHeader */ - public function retrieveTokenHeaders(JWT $jwt, int $component, array &$protectedHeader, array &$unprotectedHeader): void; + public function retrieveTokenHeaders(JWT $jwt, int $index, array &$protectedHeader, array &$unprotectedHeader): void; /** + * This method returns true if the token in argument is supported, otherwise false. + * * @param JWT $jwt * * @return bool diff --git a/src/Component/Checker/UnencodedPayloadChecker.php b/src/Component/Checker/UnencodedPayloadChecker.php index 9120c957..38d77b28 100644 --- a/src/Component/Checker/UnencodedPayloadChecker.php +++ b/src/Component/Checker/UnencodedPayloadChecker.php @@ -13,6 +13,12 @@ namespace Jose\Component\Checker; +/** + * This class is a header parameter checker. + * When the "b64" is present, it will check if the value is a boolean or not. + * + * The use of this checker will allow the use of token with unencoded payload. + */ class UnencodedPayloadChecker implements HeaderChecker { private const HEADER_NAME = 'b64'; diff --git a/src/Component/Encryption/JWETokenSupport.php b/src/Component/Encryption/JWETokenSupport.php index 64f3a793..c07aace3 100644 --- a/src/Component/Encryption/JWETokenSupport.php +++ b/src/Component/Encryption/JWETokenSupport.php @@ -29,18 +29,18 @@ public function supports(JWT $jwt): bool /** * {@inheritdoc} */ - public function retrieveTokenHeaders(JWT $jwt, int $component, array &$protectedHeader, array &$unprotectedHeader): void + public function retrieveTokenHeaders(JWT $jwt, int $index, array &$protectedHeader, array &$unprotectedHeader): void { if (!$jwt instanceof JWE) { return; } - if ($component > $jwt->countRecipients()) { + if ($index > $jwt->countRecipients()) { throw new \InvalidArgumentException('Unknown recipient index.'); } $protectedHeader = $jwt->getSharedProtectedHeader(); $unprotectedHeader = $jwt->getSharedHeader(); - $recipient = $jwt->getRecipient($component)->getHeader(); + $recipient = $jwt->getRecipient($index)->getHeader(); $unprotectedHeader = array_merge( $unprotectedHeader, diff --git a/src/Component/Signature/JWSTokenSupport.php b/src/Component/Signature/JWSTokenSupport.php index 0254c948..a516f6c2 100644 --- a/src/Component/Signature/JWSTokenSupport.php +++ b/src/Component/Signature/JWSTokenSupport.php @@ -29,16 +29,16 @@ public function supports(JWT $jwt): bool /** * {@inheritdoc} */ - public function retrieveTokenHeaders(JWT $jwt, int $component, array &$protectedHeader, array &$unprotectedHeader): void + public function retrieveTokenHeaders(JWT $jwt, int $index, array &$protectedHeader, array &$unprotectedHeader): void { if (!$jwt instanceof JWS) { return; } - if ($component > $jwt->countSignatures()) { + if ($index > $jwt->countSignatures()) { throw new \InvalidArgumentException('Unknown signature index.'); } - $protectedHeader = $jwt->getSignature($component)->getProtectedHeader(); - $unprotectedHeader = $jwt->getSignature($component)->getHeader(); + $protectedHeader = $jwt->getSignature($index)->getProtectedHeader(); + $unprotectedHeader = $jwt->getSignature($index)->getHeader(); } } From d384c04de0353aac9b1bae86709c13b6fc7e01f3 Mon Sep 17 00:00:00 2001 From: Spomky Date: Tue, 27 Feb 2018 13:49:36 +0100 Subject: [PATCH 2/4] Apply fixes from StyleCI (#94) [ci skip] [skip ci] --- src/Component/Checker/ClaimCheckerManager.php | 4 ++-- src/Component/Checker/HeaderCheckerManager.php | 2 +- src/Component/Checker/InvalidClaimException.php | 4 ++-- src/Component/Checker/InvalidHeaderException.php | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/Component/Checker/ClaimCheckerManager.php b/src/Component/Checker/ClaimCheckerManager.php index dea9fcfc..9b02cf82 100644 --- a/src/Component/Checker/ClaimCheckerManager.php +++ b/src/Component/Checker/ClaimCheckerManager.php @@ -81,9 +81,9 @@ public function getCheckers(): array * * @param array $claims * - * @return array - * * @throws InvalidClaimException + * + * @return array */ public function check(array $claims): array { diff --git a/src/Component/Checker/HeaderCheckerManager.php b/src/Component/Checker/HeaderCheckerManager.php index 29f4ee6a..7fd8b04b 100644 --- a/src/Component/Checker/HeaderCheckerManager.php +++ b/src/Component/Checker/HeaderCheckerManager.php @@ -47,7 +47,7 @@ private function __construct(array $checkers, array $tokenTypes) * This method creates the HeaderCheckerManager. * The first argument is a list of header parameter checkers objects. * The second argument is a list of token type support objects. - * It is recommended to support only one token type per manager + * It is recommended to support only one token type per manager. * * @param HeaderChecker[] $checkers * @param TokenTypeSupport[] $tokenTypes diff --git a/src/Component/Checker/InvalidClaimException.php b/src/Component/Checker/InvalidClaimException.php index 5c248469..c44aeb73 100644 --- a/src/Component/Checker/InvalidClaimException.php +++ b/src/Component/Checker/InvalidClaimException.php @@ -44,7 +44,7 @@ public function __construct(string $message, string $claim, $value) } /** - * Returns the claim that caused the exception + * Returns the claim that caused the exception. * * @return string */ @@ -54,7 +54,7 @@ public function getClaim(): string } /** - * Returns the claim value that caused the exception + * Returns the claim value that caused the exception. * * @return mixed */ diff --git a/src/Component/Checker/InvalidHeaderException.php b/src/Component/Checker/InvalidHeaderException.php index baf0216d..c0415fda 100644 --- a/src/Component/Checker/InvalidHeaderException.php +++ b/src/Component/Checker/InvalidHeaderException.php @@ -44,7 +44,7 @@ public function __construct(string $message, string $header, $value) } /** - * Returns the header parameter that caused the exception + * Returns the header parameter that caused the exception. * * @return string */ @@ -54,7 +54,7 @@ public function getHeader(): string } /** - * Returns the header parameter value that caused the exception + * Returns the header parameter value that caused the exception. * * @return mixed */ From 7f94cf4639d538114856063ca988ff2d10a8cc77 Mon Sep 17 00:00:00 2001 From: Spomky Date: Fri, 9 Mar 2018 12:38:01 +0100 Subject: [PATCH 3/4] PhpDoc --- .../DataCollector/JWECollector.php | 2 +- .../Functional/Encryption/JWELoaderTest.php | 2 +- src/Component/Checker/AlgorithmChecker.php | 2 +- src/Component/Checker/AudienceChecker.php | 2 +- .../Checker/ExpirationTimeChecker.php | 2 +- .../Checker/HeaderCheckerManagerFactory.php | 2 + src/Component/Checker/IssuedAtChecker.php | 2 +- src/Component/Checker/NotBeforeChecker.php | 2 +- .../Checker/UnencodedPayloadChecker.php | 2 +- .../Console/AddKeyIntoKeysetCommand.php | 2 +- .../Console/EcKeyGeneratorCommand.php | 2 +- .../Console/EcKeysetGeneratorCommand.php | 2 +- .../Console/GetThumbprintCommand.php | 2 +- src/Component/Console/JKULoaderCommand.php | 2 +- src/Component/Console/KeyAnalyzerCommand.php | 2 +- .../Console/KeyFileLoaderCommand.php | 2 +- .../Console/KeysetAnalyzerCommand.php | 2 +- src/Component/Console/MergeKeysetCommand.php | 2 +- .../Console/NoneKeyGeneratorCommand.php | 2 +- .../Console/OctKeyGeneratorCommand.php | 2 +- .../Console/OctKeysetGeneratorCommand.php | 2 +- .../Console/OkpKeyGeneratorCommand.php | 2 +- .../Console/OkpKeysetGeneratorCommand.php | 2 +- .../Console/OptimizeRsaKeyCommand.php | 2 +- .../Console/P12CertificateLoaderCommand.php | 2 +- src/Component/Console/PemConverterCommand.php | 2 +- src/Component/Console/PublicKeyCommand.php | 2 +- src/Component/Console/PublicKeysetCommand.php | 2 +- src/Component/Console/RotateKeysetCommand.php | 2 +- .../Console/RsaKeyGeneratorCommand.php | 2 +- .../Console/RsaKeysetGeneratorCommand.php | 2 +- .../Console/SecretKeyGeneratorCommand.php | 2 +- .../Console/X509CertificateLoaderCommand.php | 2 +- src/Component/Console/X5ULoaderCommand.php | 2 +- src/Component/Core/Algorithm.php | 8 +++- src/Component/Core/AlgorithmManager.php | 16 ++++++-- .../Core/AlgorithmManagerFactory.php | 12 ++++++ .../Core/Converter/JsonConverter.php | 4 ++ .../Core/Converter/StandardConverter.php | 2 +- src/Component/Core/JWK.php | 17 ++++++++- src/Component/Core/JWKSet.php | 34 +++++++++++++++-- src/Component/Core/JWT.php | 1 + .../ContentEncryption/A128CBCHS256.php | 2 +- .../Algorithm/ContentEncryption/A128GCM.php | 2 +- .../ContentEncryption/A192CBCHS384.php | 2 +- .../Algorithm/ContentEncryption/A192GCM.php | 2 +- .../ContentEncryption/A256CBCHS512.php | 2 +- .../Algorithm/ContentEncryption/A256GCM.php | 2 +- .../Algorithm/ContentEncryption/AESCBCHS.php | 11 +----- .../Algorithm/ContentEncryption/AESGCM.php | 2 +- .../Algorithm/ContentEncryptionAlgorithm.php | 11 ++++-- .../Algorithm/KeyEncryption/A128GCMKW.php | 2 +- .../Algorithm/KeyEncryption/A128KW.php | 2 +- .../Algorithm/KeyEncryption/A192GCMKW.php | 2 +- .../Algorithm/KeyEncryption/A192KW.php | 2 +- .../Algorithm/KeyEncryption/A256GCMKW.php | 2 +- .../Algorithm/KeyEncryption/A256KW.php | 2 +- .../Algorithm/KeyEncryption/Dir.php | 2 +- .../KeyEncryption/DirectEncryption.php | 4 +- .../Algorithm/KeyEncryption/ECDHES.php | 2 +- .../Algorithm/KeyEncryption/ECDHESA128KW.php | 2 +- .../Algorithm/KeyEncryption/ECDHESA192KW.php | 2 +- .../Algorithm/KeyEncryption/ECDHESA256KW.php | 2 +- .../Algorithm/KeyEncryption/KeyAgreement.php | 2 + .../KeyAgreementWithKeyWrapping.php | 6 +-- .../Algorithm/KeyEncryption/KeyEncryption.php | 4 +- .../Algorithm/KeyEncryption/KeyWrapping.php | 4 +- .../KeyEncryption/PBES2HS256A128KW.php | 2 +- .../KeyEncryption/PBES2HS384A192KW.php | 2 +- .../KeyEncryption/PBES2HS512A256KW.php | 2 +- .../Algorithm/KeyEncryption/RSA15.php | 2 +- .../Algorithm/KeyEncryption/RSAOAEP.php | 2 +- .../Algorithm/KeyEncryption/RSAOAEP256.php | 2 +- .../Algorithm/KeyEncryptionAlgorithm.php | 2 + .../Compression/CompressionMethod.php | 10 +++-- .../Compression/CompressionMethodManager.php | 20 +++++++++- .../CompressionMethodManagerFactory.php | 11 ++++++ .../Encryption/Compression/Deflate.php | 2 +- src/Component/Encryption/Compression/GZip.php | 2 +- src/Component/Encryption/Compression/ZLib.php | 2 +- src/Component/Encryption/JWE.php | 37 ++++++++++++++++++- src/Component/Encryption/JWEBuilder.php | 28 +++++++++++--- .../Encryption/JWEBuilderFactory.php | 2 + src/Component/Encryption/JWEDecrypter.php | 10 +++++ .../Encryption/JWEDecrypterFactory.php | 2 + src/Component/Encryption/JWELoader.php | 12 ++++++ src/Component/Encryption/JWELoaderFactory.php | 3 ++ src/Component/Encryption/JWETokenSupport.php | 2 +- .../Encryption/NestedTokenBuilder.php | 2 + .../Encryption/NestedTokenBuilderFactory.php | 2 + .../Encryption/NestedTokenLoader.php | 3 ++ .../Encryption/NestedTokenLoaderFactory.php | 2 + src/Component/Encryption/Recipient.php | 16 +++++++- .../Serializer/CompactSerializer.php | 2 +- .../Serializer/JSONFlattenedSerializer.php | 2 +- .../Serializer/JSONGeneralSerializer.php | 2 +- .../Encryption/Serializer/JWESerializer.php | 7 +++- .../Serializer/JWESerializerManager.php | 20 ++++++++++ .../JWESerializerManagerFactory.php | 10 ++++- .../Encryption/Tests/CompressionTest.php | 2 +- src/Component/KeyManagement/JKUFactory.php | 3 ++ src/Component/KeyManagement/JWKFactory.php | 34 +++++++++++++++++ .../KeyAnalyzer/AlgorithmAnalyzer.php | 2 +- .../KeyManagement/KeyAnalyzer/KeyAnalyzer.php | 2 + .../KeyAnalyzer/KeyAnalyzerManager.php | 5 +++ .../KeyAnalyzer/KeyIdentifierAnalyzer.php | 2 +- .../KeyManagement/KeyAnalyzer/Message.php | 10 +++++ .../KeyManagement/KeyAnalyzer/MessageBag.php | 4 ++ .../KeyAnalyzer/NoneAnalyzer.php | 2 +- .../KeyManagement/KeyAnalyzer/OctAnalyzer.php | 2 +- .../KeyManagement/KeyAnalyzer/RsaAnalyzer.php | 2 +- .../KeyAnalyzer/UsageAnalyzer.php | 2 +- src/Component/KeyManagement/X5UFactory.php | 3 ++ src/Component/Signature/Algorithm/ES256.php | 2 +- src/Component/Signature/Algorithm/ES384.php | 2 +- src/Component/Signature/Algorithm/ES512.php | 2 +- src/Component/Signature/Algorithm/EdDSA.php | 2 +- src/Component/Signature/Algorithm/HS256.php | 2 +- src/Component/Signature/Algorithm/HS384.php | 2 +- src/Component/Signature/Algorithm/HS512.php | 2 +- src/Component/Signature/Algorithm/None.php | 2 +- src/Component/Signature/Algorithm/PS256.php | 2 +- src/Component/Signature/Algorithm/PS384.php | 2 +- src/Component/Signature/Algorithm/PS512.php | 2 +- src/Component/Signature/Algorithm/RS256.php | 2 +- src/Component/Signature/Algorithm/RS384.php | 2 +- src/Component/Signature/Algorithm/RS512.php | 2 +- src/Component/Signature/JWS.php | 16 +++++++- src/Component/Signature/JWSBuilder.php | 10 +++++ src/Component/Signature/JWSBuilderFactory.php | 2 + src/Component/Signature/JWSLoader.php | 12 ++++++ src/Component/Signature/JWSLoaderFactory.php | 3 ++ src/Component/Signature/JWSTokenSupport.php | 2 +- src/Component/Signature/JWSVerifier.php | 9 ++++- .../Signature/JWSVerifierFactory.php | 2 + .../Serializer/CompactSerializer.php | 2 +- .../Serializer/JSONFlattenedSerializer.php | 2 +- .../Serializer/JSONGeneralSerializer.php | 2 +- src/Component/Signature/Signature.php | 8 +++- 139 files changed, 498 insertions(+), 140 deletions(-) diff --git a/src/Bundle/JoseFramework/DataCollector/JWECollector.php b/src/Bundle/JoseFramework/DataCollector/JWECollector.php index 06cc0fd1..42a1d35e 100644 --- a/src/Bundle/JoseFramework/DataCollector/JWECollector.php +++ b/src/Bundle/JoseFramework/DataCollector/JWECollector.php @@ -125,7 +125,7 @@ private function collectSupportedJWELoaders(array &$data) $data['jwe']['jwe_loaders'] = []; foreach ($this->jweLoaders as $id => $jweLoader) { $data['jwe']['jwe_loaders'][$id] = [ - 'serializers' => $jweLoader->getSerializerManager()->list(), + 'serializers' => $jweLoader->getSerializerManager()->names(), 'key_encryption_algorithms' => $jweLoader->getJweDecrypter()->getKeyEncryptionAlgorithmManager()->list(), 'content_encryption_algorithms' => $jweLoader->getJweDecrypter()->getContentEncryptionAlgorithmManager()->list(), 'compression_methods' => $jweLoader->getJweDecrypter()->getCompressionMethodManager()->list(), diff --git a/src/Bundle/JoseFramework/Tests/Functional/Encryption/JWELoaderTest.php b/src/Bundle/JoseFramework/Tests/Functional/Encryption/JWELoaderTest.php index 711aaf8f..fee5e66b 100644 --- a/src/Bundle/JoseFramework/Tests/Functional/Encryption/JWELoaderTest.php +++ b/src/Bundle/JoseFramework/Tests/Functional/Encryption/JWELoaderTest.php @@ -58,7 +58,7 @@ public function theWELoaderFactoryCanCreateAJWELoader() $jwe = $jweLoaderFactory->create(['jwe_compact'], ['RSA1_5'], ['A256GCM'], ['DEF']); self::assertInstanceOf(JWELoader::class, $jwe); - self::assertEquals(['jwe_compact'], $jwe->getSerializerManager()->list()); + self::assertEquals(['jwe_compact'], $jwe->getSerializerManager()->names()); self::assertEquals(['RSA1_5'], $jwe->getJweDecrypter()->getKeyEncryptionAlgorithmManager()->list()); self::assertEquals(['A256GCM'], $jwe->getJweDecrypter()->getContentEncryptionAlgorithmManager()->list()); self::assertEquals(['DEF'], $jwe->getJweDecrypter()->getCompressionMethodManager()->list()); diff --git a/src/Component/Checker/AlgorithmChecker.php b/src/Component/Checker/AlgorithmChecker.php index de5e06c8..2f2117fe 100644 --- a/src/Component/Checker/AlgorithmChecker.php +++ b/src/Component/Checker/AlgorithmChecker.php @@ -17,7 +17,7 @@ * This class is a header parameter checker. * When the "alg" header parameter is present, it will check if the value is within the allowed ones. */ -class AlgorithmChecker implements HeaderChecker +final class AlgorithmChecker implements HeaderChecker { private const HEADER_NAME = 'alg'; diff --git a/src/Component/Checker/AudienceChecker.php b/src/Component/Checker/AudienceChecker.php index 1d73e476..c752fe22 100644 --- a/src/Component/Checker/AudienceChecker.php +++ b/src/Component/Checker/AudienceChecker.php @@ -17,7 +17,7 @@ * This class is a header parameter and claim checker. * When the "aud" header parameter or claim is present, it will check if the value is within the allowed ones. */ -class AudienceChecker implements ClaimChecker, HeaderChecker +final class AudienceChecker implements ClaimChecker, HeaderChecker { private const CLAIM_NAME = 'aud'; diff --git a/src/Component/Checker/ExpirationTimeChecker.php b/src/Component/Checker/ExpirationTimeChecker.php index 00ba031c..8f785d0a 100644 --- a/src/Component/Checker/ExpirationTimeChecker.php +++ b/src/Component/Checker/ExpirationTimeChecker.php @@ -19,7 +19,7 @@ * * A time drift is allowed but its use is NOT recommended. */ -class ExpirationTimeChecker implements ClaimChecker +final class ExpirationTimeChecker implements ClaimChecker { private const CLAIM_NAME = 'exp'; diff --git a/src/Component/Checker/HeaderCheckerManagerFactory.php b/src/Component/Checker/HeaderCheckerManagerFactory.php index b137d064..953355c6 100644 --- a/src/Component/Checker/HeaderCheckerManagerFactory.php +++ b/src/Component/Checker/HeaderCheckerManagerFactory.php @@ -49,6 +49,8 @@ public function create(array $aliases): HeaderCheckerManager /** * This method adds a header parameter checker to this factory. + * The checker is uniquely identified by an alias. This allows the same header parameter checker to be added twice (or more) + * using several configuration options. * * @param string $alias * @param HeaderChecker $checker diff --git a/src/Component/Checker/IssuedAtChecker.php b/src/Component/Checker/IssuedAtChecker.php index 4f8a8ecb..4ae52f23 100644 --- a/src/Component/Checker/IssuedAtChecker.php +++ b/src/Component/Checker/IssuedAtChecker.php @@ -19,7 +19,7 @@ * * A time drift is allowed but its use is NOT recommended. */ -class IssuedAtChecker implements ClaimChecker +final class IssuedAtChecker implements ClaimChecker { private const CLAIM_NAME = 'iat'; diff --git a/src/Component/Checker/NotBeforeChecker.php b/src/Component/Checker/NotBeforeChecker.php index 297ec7ec..71993c47 100644 --- a/src/Component/Checker/NotBeforeChecker.php +++ b/src/Component/Checker/NotBeforeChecker.php @@ -19,7 +19,7 @@ * * A time drift is allowed but its use is NOT recommended. */ -class NotBeforeChecker implements ClaimChecker +final class NotBeforeChecker implements ClaimChecker { private const CLAIM_NAME = 'nbf'; diff --git a/src/Component/Checker/UnencodedPayloadChecker.php b/src/Component/Checker/UnencodedPayloadChecker.php index 38d77b28..e389e876 100644 --- a/src/Component/Checker/UnencodedPayloadChecker.php +++ b/src/Component/Checker/UnencodedPayloadChecker.php @@ -19,7 +19,7 @@ * * The use of this checker will allow the use of token with unencoded payload. */ -class UnencodedPayloadChecker implements HeaderChecker +final class UnencodedPayloadChecker implements HeaderChecker { private const HEADER_NAME = 'b64'; diff --git a/src/Component/Console/AddKeyIntoKeysetCommand.php b/src/Component/Console/AddKeyIntoKeysetCommand.php index d363f9ca..bbc0766c 100644 --- a/src/Component/Console/AddKeyIntoKeysetCommand.php +++ b/src/Component/Console/AddKeyIntoKeysetCommand.php @@ -20,7 +20,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class AddKeyIntoKeysetCommand extends ObjectOutputCommand +final class AddKeyIntoKeysetCommand extends ObjectOutputCommand { /** * KeyAnalyzerCommand constructor. diff --git a/src/Component/Console/EcKeyGeneratorCommand.php b/src/Component/Console/EcKeyGeneratorCommand.php index eacb91a4..e168c14b 100644 --- a/src/Component/Console/EcKeyGeneratorCommand.php +++ b/src/Component/Console/EcKeyGeneratorCommand.php @@ -18,7 +18,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class EcKeyGeneratorCommand extends GeneratorCommand +final class EcKeyGeneratorCommand extends GeneratorCommand { /** * {@inheritdoc} diff --git a/src/Component/Console/EcKeysetGeneratorCommand.php b/src/Component/Console/EcKeysetGeneratorCommand.php index f16787b6..c0715b33 100644 --- a/src/Component/Console/EcKeysetGeneratorCommand.php +++ b/src/Component/Console/EcKeysetGeneratorCommand.php @@ -19,7 +19,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class EcKeysetGeneratorCommand extends GeneratorCommand +final class EcKeysetGeneratorCommand extends GeneratorCommand { /** * {@inheritdoc} diff --git a/src/Component/Console/GetThumbprintCommand.php b/src/Component/Console/GetThumbprintCommand.php index e7b98585..9ee1247a 100644 --- a/src/Component/Console/GetThumbprintCommand.php +++ b/src/Component/Console/GetThumbprintCommand.php @@ -19,7 +19,7 @@ use Symfony\Component\Console\Input\InputOption; use Symfony\Component\Console\Output\OutputInterface; -class GetThumbprintCommand extends ObjectOutputCommand +final class GetThumbprintCommand extends ObjectOutputCommand { /** * {@inheritdoc} diff --git a/src/Component/Console/JKULoaderCommand.php b/src/Component/Console/JKULoaderCommand.php index 545dc06e..dcab3b7f 100644 --- a/src/Component/Console/JKULoaderCommand.php +++ b/src/Component/Console/JKULoaderCommand.php @@ -19,7 +19,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class JKULoaderCommand extends ObjectOutputCommand +final class JKULoaderCommand extends ObjectOutputCommand { /** * @var JKUFactory diff --git a/src/Component/Console/KeyAnalyzerCommand.php b/src/Component/Console/KeyAnalyzerCommand.php index 3e562d1d..e15ed0c3 100644 --- a/src/Component/Console/KeyAnalyzerCommand.php +++ b/src/Component/Console/KeyAnalyzerCommand.php @@ -22,7 +22,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class KeyAnalyzerCommand extends Command +final class KeyAnalyzerCommand extends Command { /** * @var KeyAnalyzerManager diff --git a/src/Component/Console/KeyFileLoaderCommand.php b/src/Component/Console/KeyFileLoaderCommand.php index 03e4956b..6275f49c 100644 --- a/src/Component/Console/KeyFileLoaderCommand.php +++ b/src/Component/Console/KeyFileLoaderCommand.php @@ -19,7 +19,7 @@ use Symfony\Component\Console\Input\InputOption; use Symfony\Component\Console\Output\OutputInterface; -class KeyFileLoaderCommand extends GeneratorCommand +final class KeyFileLoaderCommand extends GeneratorCommand { /** * {@inheritdoc} diff --git a/src/Component/Console/KeysetAnalyzerCommand.php b/src/Component/Console/KeysetAnalyzerCommand.php index d7f8ab65..a0d3290c 100644 --- a/src/Component/Console/KeysetAnalyzerCommand.php +++ b/src/Component/Console/KeysetAnalyzerCommand.php @@ -22,7 +22,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class KeysetAnalyzerCommand extends Command +final class KeysetAnalyzerCommand extends Command { /** * @var KeyAnalyzerManager diff --git a/src/Component/Console/MergeKeysetCommand.php b/src/Component/Console/MergeKeysetCommand.php index 6e16d803..e962e7d8 100644 --- a/src/Component/Console/MergeKeysetCommand.php +++ b/src/Component/Console/MergeKeysetCommand.php @@ -19,7 +19,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class MergeKeysetCommand extends ObjectOutputCommand +final class MergeKeysetCommand extends ObjectOutputCommand { /** * KeyAnalyzerCommand constructor. diff --git a/src/Component/Console/NoneKeyGeneratorCommand.php b/src/Component/Console/NoneKeyGeneratorCommand.php index ba42be76..6834c544 100644 --- a/src/Component/Console/NoneKeyGeneratorCommand.php +++ b/src/Component/Console/NoneKeyGeneratorCommand.php @@ -17,7 +17,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class NoneKeyGeneratorCommand extends GeneratorCommand +final class NoneKeyGeneratorCommand extends GeneratorCommand { /** * {@inheritdoc} diff --git a/src/Component/Console/OctKeyGeneratorCommand.php b/src/Component/Console/OctKeyGeneratorCommand.php index 38314368..376e1439 100644 --- a/src/Component/Console/OctKeyGeneratorCommand.php +++ b/src/Component/Console/OctKeyGeneratorCommand.php @@ -18,7 +18,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class OctKeyGeneratorCommand extends GeneratorCommand +final class OctKeyGeneratorCommand extends GeneratorCommand { /** * {@inheritdoc} diff --git a/src/Component/Console/OctKeysetGeneratorCommand.php b/src/Component/Console/OctKeysetGeneratorCommand.php index f924d367..e923ed99 100644 --- a/src/Component/Console/OctKeysetGeneratorCommand.php +++ b/src/Component/Console/OctKeysetGeneratorCommand.php @@ -19,7 +19,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class OctKeysetGeneratorCommand extends GeneratorCommand +final class OctKeysetGeneratorCommand extends GeneratorCommand { /** * {@inheritdoc} diff --git a/src/Component/Console/OkpKeyGeneratorCommand.php b/src/Component/Console/OkpKeyGeneratorCommand.php index df0abe3a..f4d61c14 100644 --- a/src/Component/Console/OkpKeyGeneratorCommand.php +++ b/src/Component/Console/OkpKeyGeneratorCommand.php @@ -18,7 +18,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class OkpKeyGeneratorCommand extends GeneratorCommand +final class OkpKeyGeneratorCommand extends GeneratorCommand { /** * {@inheritdoc} diff --git a/src/Component/Console/OkpKeysetGeneratorCommand.php b/src/Component/Console/OkpKeysetGeneratorCommand.php index e0415fcf..6bd307f0 100644 --- a/src/Component/Console/OkpKeysetGeneratorCommand.php +++ b/src/Component/Console/OkpKeysetGeneratorCommand.php @@ -19,7 +19,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class OkpKeysetGeneratorCommand extends GeneratorCommand +final class OkpKeysetGeneratorCommand extends GeneratorCommand { /** * {@inheritdoc} diff --git a/src/Component/Console/OptimizeRsaKeyCommand.php b/src/Component/Console/OptimizeRsaKeyCommand.php index 8788067b..f7189ba3 100644 --- a/src/Component/Console/OptimizeRsaKeyCommand.php +++ b/src/Component/Console/OptimizeRsaKeyCommand.php @@ -19,7 +19,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class OptimizeRsaKeyCommand extends ObjectOutputCommand +final class OptimizeRsaKeyCommand extends ObjectOutputCommand { /** * {@inheritdoc} diff --git a/src/Component/Console/P12CertificateLoaderCommand.php b/src/Component/Console/P12CertificateLoaderCommand.php index 201366cf..7e9e3efc 100644 --- a/src/Component/Console/P12CertificateLoaderCommand.php +++ b/src/Component/Console/P12CertificateLoaderCommand.php @@ -19,7 +19,7 @@ use Symfony\Component\Console\Input\InputOption; use Symfony\Component\Console\Output\OutputInterface; -class P12CertificateLoaderCommand extends GeneratorCommand +final class P12CertificateLoaderCommand extends GeneratorCommand { /** * {@inheritdoc} diff --git a/src/Component/Console/PemConverterCommand.php b/src/Component/Console/PemConverterCommand.php index 4239aa42..d4c2d28d 100644 --- a/src/Component/Console/PemConverterCommand.php +++ b/src/Component/Console/PemConverterCommand.php @@ -20,7 +20,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class PemConverterCommand extends ObjectOutputCommand +final class PemConverterCommand extends ObjectOutputCommand { /** * {@inheritdoc} diff --git a/src/Component/Console/PublicKeyCommand.php b/src/Component/Console/PublicKeyCommand.php index 5f9f999e..cf3be408 100644 --- a/src/Component/Console/PublicKeyCommand.php +++ b/src/Component/Console/PublicKeyCommand.php @@ -19,7 +19,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class PublicKeyCommand extends ObjectOutputCommand +final class PublicKeyCommand extends ObjectOutputCommand { /** * KeyAnalyzerCommand constructor. diff --git a/src/Component/Console/PublicKeysetCommand.php b/src/Component/Console/PublicKeysetCommand.php index e1b1107b..3b9d9419 100644 --- a/src/Component/Console/PublicKeysetCommand.php +++ b/src/Component/Console/PublicKeysetCommand.php @@ -19,7 +19,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class PublicKeysetCommand extends ObjectOutputCommand +final class PublicKeysetCommand extends ObjectOutputCommand { /** * KeyAnalyzerCommand constructor. diff --git a/src/Component/Console/RotateKeysetCommand.php b/src/Component/Console/RotateKeysetCommand.php index a23c13c2..1d766272 100644 --- a/src/Component/Console/RotateKeysetCommand.php +++ b/src/Component/Console/RotateKeysetCommand.php @@ -20,7 +20,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class RotateKeysetCommand extends ObjectOutputCommand +final class RotateKeysetCommand extends ObjectOutputCommand { /** * KeyAnalyzerCommand constructor. diff --git a/src/Component/Console/RsaKeyGeneratorCommand.php b/src/Component/Console/RsaKeyGeneratorCommand.php index 336b04e1..4ad93d37 100644 --- a/src/Component/Console/RsaKeyGeneratorCommand.php +++ b/src/Component/Console/RsaKeyGeneratorCommand.php @@ -18,7 +18,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class RsaKeyGeneratorCommand extends GeneratorCommand +final class RsaKeyGeneratorCommand extends GeneratorCommand { /** * {@inheritdoc} diff --git a/src/Component/Console/RsaKeysetGeneratorCommand.php b/src/Component/Console/RsaKeysetGeneratorCommand.php index 4f67f4d7..962aecc0 100644 --- a/src/Component/Console/RsaKeysetGeneratorCommand.php +++ b/src/Component/Console/RsaKeysetGeneratorCommand.php @@ -19,7 +19,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class RsaKeysetGeneratorCommand extends GeneratorCommand +final class RsaKeysetGeneratorCommand extends GeneratorCommand { /** * {@inheritdoc} diff --git a/src/Component/Console/SecretKeyGeneratorCommand.php b/src/Component/Console/SecretKeyGeneratorCommand.php index 2240a371..a531f3a9 100644 --- a/src/Component/Console/SecretKeyGeneratorCommand.php +++ b/src/Component/Console/SecretKeyGeneratorCommand.php @@ -19,7 +19,7 @@ use Symfony\Component\Console\Input\InputOption; use Symfony\Component\Console\Output\OutputInterface; -class SecretKeyGeneratorCommand extends GeneratorCommand +final class SecretKeyGeneratorCommand extends GeneratorCommand { /** * {@inheritdoc} diff --git a/src/Component/Console/X509CertificateLoaderCommand.php b/src/Component/Console/X509CertificateLoaderCommand.php index 6d014449..e6e94cce 100644 --- a/src/Component/Console/X509CertificateLoaderCommand.php +++ b/src/Component/Console/X509CertificateLoaderCommand.php @@ -18,7 +18,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class X509CertificateLoaderCommand extends GeneratorCommand +final class X509CertificateLoaderCommand extends GeneratorCommand { /** * {@inheritdoc} diff --git a/src/Component/Console/X5ULoaderCommand.php b/src/Component/Console/X5ULoaderCommand.php index 217ee298..d5d3f70a 100644 --- a/src/Component/Console/X5ULoaderCommand.php +++ b/src/Component/Console/X5ULoaderCommand.php @@ -19,7 +19,7 @@ use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Output\OutputInterface; -class X5ULoaderCommand extends ObjectOutputCommand +final class X5ULoaderCommand extends ObjectOutputCommand { /** * @var X5UFactory diff --git a/src/Component/Core/Algorithm.php b/src/Component/Core/Algorithm.php index eba5758c..032f3bf7 100644 --- a/src/Component/Core/Algorithm.php +++ b/src/Component/Core/Algorithm.php @@ -16,12 +16,16 @@ interface Algorithm { /** - * @return string Returns the name of the algorithm + * Returns the name of the algorithm. + * + * @return string */ public function name(): string; /** - * @return string[] Returns the key types suitable for this algorithm + * Returns the key types suitable for this algorithm (e.g. "oct", "RSA"...). + * + * @return string[] */ public function allowedKeyTypes(): array; } diff --git a/src/Component/Core/AlgorithmManager.php b/src/Component/Core/AlgorithmManager.php index 9e26fdcc..33cb76e0 100644 --- a/src/Component/Core/AlgorithmManager.php +++ b/src/Component/Core/AlgorithmManager.php @@ -33,6 +33,8 @@ private function __construct(array $algorithms) } /** + * This method creates an alogithm manager using the given algorithms. + * * @param Algorithm[] $algorithms * * @return AlgorithmManager @@ -43,9 +45,11 @@ public static function create(array $algorithms): self } /** + * Returns true if the algorithm is supported + * * @param string $algorithm The algorithm * - * @return bool Returns true if the algorithm is supported + * @return bool */ public function has(string $algorithm): bool { @@ -53,7 +57,9 @@ public function has(string $algorithm): bool } /** - * @return string[] Returns the list of names of supported algorithms + * Returns the list of names of supported algorithms + * + * @return string[] */ public function list(): array { @@ -61,9 +67,11 @@ public function list(): array } /** + * Returns the algorithm if supported, otherwise throw an exception + * * @param string $algorithm The algorithm * - * @return Algorithm Returns JWAInterface object if the algorithm is supported, else null + * @return Algorithm */ public function get(string $algorithm): Algorithm { @@ -75,6 +83,8 @@ public function get(string $algorithm): Algorithm } /** + * Adds an algorithm to the manager. + * * @param Algorithm $algorithm * * @return AlgorithmManager diff --git a/src/Component/Core/AlgorithmManagerFactory.php b/src/Component/Core/AlgorithmManagerFactory.php index 89858b98..6a53e842 100644 --- a/src/Component/Core/AlgorithmManagerFactory.php +++ b/src/Component/Core/AlgorithmManagerFactory.php @@ -21,6 +21,11 @@ class AlgorithmManagerFactory private $algorithms = []; /** + * Adds an algorithm. + * + * Each algorithm is identified by an alias hence it is allowed to have the same algorithm twice (or more). + * This can be helpful when an algorithm have several configuration options. + * * @param string $alias * @param Algorithm $algorithm * @@ -34,6 +39,8 @@ public function add(string $alias, Algorithm $algorithm): self } /** + * Returns the list of aliases + * * @return string[] */ public function aliases(): array @@ -42,6 +49,9 @@ public function aliases(): array } /** + * Returns all algorithms supported by this factory. + * This is an associative array. Keys are the aliases of the algorithms + * * @return Algorithm[] */ public function all(): array @@ -50,6 +60,8 @@ public function all(): array } /** + * Create an algorithm manager using the given aliases. + * * @param string[] $aliases * * @return AlgorithmManager diff --git a/src/Component/Core/Converter/JsonConverter.php b/src/Component/Core/Converter/JsonConverter.php index cff0ee05..44e28d1f 100644 --- a/src/Component/Core/Converter/JsonConverter.php +++ b/src/Component/Core/Converter/JsonConverter.php @@ -16,6 +16,8 @@ interface JsonConverter { /** + * Convert the payload into a string. + * * @param mixed $payload * * @return string @@ -23,6 +25,8 @@ interface JsonConverter public function encode($payload): string; /** + * Convert a string into payload + * * @param string $payload * @param bool $associativeArray * diff --git a/src/Component/Core/Converter/StandardConverter.php b/src/Component/Core/Converter/StandardConverter.php index f533fbb7..49b34b48 100644 --- a/src/Component/Core/Converter/StandardConverter.php +++ b/src/Component/Core/Converter/StandardConverter.php @@ -13,7 +13,7 @@ namespace Jose\Component\Core\Converter; -class StandardConverter implements JsonConverter +final class StandardConverter implements JsonConverter { /** * @var int diff --git a/src/Component/Core/JWK.php b/src/Component/Core/JWK.php index 5fbbe4fd..e477a7c8 100644 --- a/src/Component/Core/JWK.php +++ b/src/Component/Core/JWK.php @@ -33,6 +33,9 @@ private function __construct(array $values) } /** + * Creates a JWK object using the given values. + * The member "kty" is mandatory. Other members are NOT checked. + * * @param array $values * * @return JWK @@ -47,6 +50,8 @@ public static function create(array $values): self } /** + * Creates a JWK object using the given Json string. + * * @param string $json * * @return JWK @@ -62,6 +67,8 @@ public static function createFromJson(string $json): self } /** + * Returns the values to be serialized. + * * {@inheritdoc} */ public function jsonSerialize() @@ -76,7 +83,7 @@ public function jsonSerialize() * * @throws \InvalidArgumentException * - * @return mixed|null The value + * @return mixed|null */ public function get(string $key) { @@ -134,6 +141,14 @@ public function thumbprint(string $hash_algorithm): string } /** + * Returns the associated public key. + * This method has no effect for: + * - public keys + * - shared keys + * - unknown keys + * + * Known keys are "oct", "RSA", "EC" and "OKP". + * * @return JWK */ public function toPublic(): self diff --git a/src/Component/Core/JWKSet.php b/src/Component/Core/JWKSet.php index c4d053af..ee1a859a 100644 --- a/src/Component/Core/JWKSet.php +++ b/src/Component/Core/JWKSet.php @@ -31,6 +31,8 @@ private function __construct(array $keys) } /** + * Creates a JWKSet object using the given values. + * * @param array $data * * @return JWKSet @@ -56,6 +58,8 @@ public static function createFromKeyData(array $data): self } /** + * Creates a JWKSet object using the given JWK objects. + * * @param JWK[] $keys * * @return JWKSet @@ -76,6 +80,8 @@ public static function createFromKeys(array $keys): self } /** + * Creates a JWKSet object using the given Json string. + * * @param string $json * * @return JWKSet @@ -91,9 +97,9 @@ public static function createFromJson(string $json): self } /** - * Returns all keys in the key set. + * Returns an array of keys stored in the key set * - * @return JWK[] An array of keys stored in the key set + * @return JWK[] */ public function all(): array { @@ -101,9 +107,10 @@ public function all(): array } /** - * Add key in the key set. + * Add key to store in the key set. + * This method is immutable and will return a new object. * - * @param JWK $jwk A key to store in the key set + * @param JWK $jwk * * @return JWKSet */ @@ -122,6 +129,7 @@ public function with(JWK $jwk): self /** * Remove key from the key set. + * This method is immutable and will return a new object. * * @param int|string $key Key to remove from the key set * @@ -140,6 +148,8 @@ public function without($key): self } /** + * Returns true if the key set contains a key with the given index. + * * @param int|string $index * * @return bool @@ -150,6 +160,8 @@ public function has($index): bool } /** + * Returns the key with the given index. Throws an exception if the index is not present in the key store. + * * @param int|string $index * * @return JWK @@ -164,6 +176,8 @@ public function get($index): JWK } /** + * Returns the values to be serialized. + * * @return array */ public function jsonSerialize(): array @@ -172,6 +186,8 @@ public function jsonSerialize(): array } /** + * Returns the number of keys in the key set. + * * @param int $mode * * @return int @@ -182,6 +198,9 @@ public function count($mode = COUNT_NORMAL): int } /** + * Try to find a key that fits on the selected requirements. + * Returns null if not found. + * * @param string $type Must be 'sig' (signature) or 'enc' (encryption) * @param Algorithm|null $algorithm Specifies the algorithm to be used * @param array $restrictions More restrictions such as 'kid' or 'kty' @@ -304,6 +323,10 @@ private static function convertKeyOpsToKeyUse(string $key_ops): string } /** + * Internal method only. Should not be used. + * + * @internal + * * @param array $a * @param array $b * @@ -321,6 +344,9 @@ public static function sortKeys(array $a, array $b): int } /** + * Internal method only. Should not be used. + * + * @internal * {@inheritdoc} */ public function getIterator() diff --git a/src/Component/Core/JWT.php b/src/Component/Core/JWT.php index a4132ba1..d0fc0dc6 100644 --- a/src/Component/Core/JWT.php +++ b/src/Component/Core/JWT.php @@ -17,6 +17,7 @@ interface JWT { /** * Returns the payload of the JWT. + * null is a valid payload (e.g. JWS with detached payload). * * @return string|null */ diff --git a/src/Component/Encryption/Algorithm/ContentEncryption/A128CBCHS256.php b/src/Component/Encryption/Algorithm/ContentEncryption/A128CBCHS256.php index 31e629b9..088d4872 100644 --- a/src/Component/Encryption/Algorithm/ContentEncryption/A128CBCHS256.php +++ b/src/Component/Encryption/Algorithm/ContentEncryption/A128CBCHS256.php @@ -13,7 +13,7 @@ namespace Jose\Component\Encryption\Algorithm\ContentEncryption; -class A128CBCHS256 extends AESCBCHS +final class A128CBCHS256 extends AESCBCHS { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/ContentEncryption/A128GCM.php b/src/Component/Encryption/Algorithm/ContentEncryption/A128GCM.php index 5e70b268..a63d4586 100644 --- a/src/Component/Encryption/Algorithm/ContentEncryption/A128GCM.php +++ b/src/Component/Encryption/Algorithm/ContentEncryption/A128GCM.php @@ -13,7 +13,7 @@ namespace Jose\Component\Encryption\Algorithm\ContentEncryption; -class A128GCM extends AESGCM +final class A128GCM extends AESGCM { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/ContentEncryption/A192CBCHS384.php b/src/Component/Encryption/Algorithm/ContentEncryption/A192CBCHS384.php index db62fe9e..25bf3548 100644 --- a/src/Component/Encryption/Algorithm/ContentEncryption/A192CBCHS384.php +++ b/src/Component/Encryption/Algorithm/ContentEncryption/A192CBCHS384.php @@ -13,7 +13,7 @@ namespace Jose\Component\Encryption\Algorithm\ContentEncryption; -class A192CBCHS384 extends AESCBCHS +final class A192CBCHS384 extends AESCBCHS { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/ContentEncryption/A192GCM.php b/src/Component/Encryption/Algorithm/ContentEncryption/A192GCM.php index 3cd83cca..3d850165 100644 --- a/src/Component/Encryption/Algorithm/ContentEncryption/A192GCM.php +++ b/src/Component/Encryption/Algorithm/ContentEncryption/A192GCM.php @@ -13,7 +13,7 @@ namespace Jose\Component\Encryption\Algorithm\ContentEncryption; -class A192GCM extends AESGCM +final class A192GCM extends AESGCM { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/ContentEncryption/A256CBCHS512.php b/src/Component/Encryption/Algorithm/ContentEncryption/A256CBCHS512.php index 045acc43..b55dc536 100644 --- a/src/Component/Encryption/Algorithm/ContentEncryption/A256CBCHS512.php +++ b/src/Component/Encryption/Algorithm/ContentEncryption/A256CBCHS512.php @@ -13,7 +13,7 @@ namespace Jose\Component\Encryption\Algorithm\ContentEncryption; -class A256CBCHS512 extends AESCBCHS +final class A256CBCHS512 extends AESCBCHS { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/ContentEncryption/A256GCM.php b/src/Component/Encryption/Algorithm/ContentEncryption/A256GCM.php index 6d0de5b8..5d73afd7 100644 --- a/src/Component/Encryption/Algorithm/ContentEncryption/A256GCM.php +++ b/src/Component/Encryption/Algorithm/ContentEncryption/A256GCM.php @@ -13,7 +13,7 @@ namespace Jose\Component\Encryption\Algorithm\ContentEncryption; -class A256GCM extends AESGCM +final class A256GCM extends AESGCM { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/ContentEncryption/AESCBCHS.php b/src/Component/Encryption/Algorithm/ContentEncryption/AESCBCHS.php index 8cbf1e5d..da46953f 100644 --- a/src/Component/Encryption/Algorithm/ContentEncryption/AESCBCHS.php +++ b/src/Component/Encryption/Algorithm/ContentEncryption/AESCBCHS.php @@ -42,14 +42,7 @@ public function encryptContent(string $data, string $cek, string $iv, ?string $a } /** - * @param string $data - * @param string $cek - * @param string $iv - * @param string $encoded_protected_header - * @param string|null $aad - * @param string $tag - * - * @return string + * {@inheritdoc} */ public function decryptContent(string $data, string $cek, string $iv, ?string $aad, string $encoded_protected_header, string $tag): string { @@ -121,7 +114,7 @@ abstract protected function getHashAlgorithm(): string; abstract protected function getMode(): string; /** - * @return int + * {@inheritdoc} */ public function getIVSize(): int { diff --git a/src/Component/Encryption/Algorithm/ContentEncryption/AESGCM.php b/src/Component/Encryption/Algorithm/ContentEncryption/AESGCM.php index a4f61d41..341a920c 100644 --- a/src/Component/Encryption/Algorithm/ContentEncryption/AESGCM.php +++ b/src/Component/Encryption/Algorithm/ContentEncryption/AESGCM.php @@ -62,7 +62,7 @@ public function decryptContent(string $data, string $cek, string $iv, ?string $a } /** - * @return int + * {@inheritdoc} */ public function getIVSize(): int { diff --git a/src/Component/Encryption/Algorithm/ContentEncryptionAlgorithm.php b/src/Component/Encryption/Algorithm/ContentEncryptionAlgorithm.php index dbe3a977..10319c9d 100644 --- a/src/Component/Encryption/Algorithm/ContentEncryptionAlgorithm.php +++ b/src/Component/Encryption/Algorithm/ContentEncryptionAlgorithm.php @@ -18,7 +18,8 @@ interface ContentEncryptionAlgorithm extends Algorithm { /** - * Encrypt data. + * This method encrypts the data using the given CEK, IV, AAD and protected header. + * The variable $tag is populated on success. * * @param string $data The data to encrypt * @param string $cek The content encryption key @@ -27,12 +28,12 @@ interface ContentEncryptionAlgorithm extends Algorithm * @param string $encoded_protected_header The Protected Header encoded in Base64Url * @param string $tag Tag * - * @return string The encrypted data + * @return string */ public function encryptContent(string $data, string $cek, string $iv, ?string $aad, string $encoded_protected_header, ?string &$tag = null): string; /** - * Decrypt data. + * This method tries to decrypt the data using the given CEK, IV, AAD, protected header and tag. * * @param string $data The data to decrypt * @param string $cek The content encryption key @@ -46,11 +47,15 @@ public function encryptContent(string $data, string $cek, string $iv, ?string $a public function decryptContent(string $data, string $cek, string $iv, ?string $aad, string $encoded_protected_header, string $tag): string; /** + * Returns the size of the IV used by this encryption method. + * * @return int */ public function getIVSize(): int; /** + * Returns the size of the CEK used by this encryption method. + * * @return int */ public function getCEKSize(): int; diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/A128GCMKW.php b/src/Component/Encryption/Algorithm/KeyEncryption/A128GCMKW.php index 15634d7b..d10ee75a 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/A128GCMKW.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/A128GCMKW.php @@ -13,7 +13,7 @@ namespace Jose\Component\Encryption\Algorithm\KeyEncryption; -class A128GCMKW extends AESGCMKW +final class A128GCMKW extends AESGCMKW { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/A128KW.php b/src/Component/Encryption/Algorithm/KeyEncryption/A128KW.php index 369d4eca..c0c5902a 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/A128KW.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/A128KW.php @@ -15,7 +15,7 @@ use AESKW\A128KW as Wrapper; -class A128KW extends AESKW +final class A128KW extends AESKW { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/A192GCMKW.php b/src/Component/Encryption/Algorithm/KeyEncryption/A192GCMKW.php index f1e2d159..43f1831b 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/A192GCMKW.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/A192GCMKW.php @@ -13,7 +13,7 @@ namespace Jose\Component\Encryption\Algorithm\KeyEncryption; -class A192GCMKW extends AESGCMKW +final class A192GCMKW extends AESGCMKW { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/A192KW.php b/src/Component/Encryption/Algorithm/KeyEncryption/A192KW.php index 4baddb60..bee84f5a 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/A192KW.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/A192KW.php @@ -15,7 +15,7 @@ use AESKW\A192KW as Wrapper; -class A192KW extends AESKW +final class A192KW extends AESKW { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/A256GCMKW.php b/src/Component/Encryption/Algorithm/KeyEncryption/A256GCMKW.php index 1cf89e2a..f5fbf936 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/A256GCMKW.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/A256GCMKW.php @@ -13,7 +13,7 @@ namespace Jose\Component\Encryption\Algorithm\KeyEncryption; -class A256GCMKW extends AESGCMKW +final class A256GCMKW extends AESGCMKW { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/A256KW.php b/src/Component/Encryption/Algorithm/KeyEncryption/A256KW.php index 42d166c4..3d9a48ee 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/A256KW.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/A256KW.php @@ -15,7 +15,7 @@ use AESKW\A256KW as Wrapper; -class A256KW extends AESKW +final class A256KW extends AESKW { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/Dir.php b/src/Component/Encryption/Algorithm/KeyEncryption/Dir.php index 1e5ab0f8..f3b156e7 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/Dir.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/Dir.php @@ -16,7 +16,7 @@ use Base64Url\Base64Url; use Jose\Component\Core\JWK; -class Dir implements DirectEncryption +final class Dir implements DirectEncryption { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/DirectEncryption.php b/src/Component/Encryption/Algorithm/KeyEncryption/DirectEncryption.php index b7a0cefc..0022b5d2 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/DirectEncryption.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/DirectEncryption.php @@ -19,11 +19,13 @@ interface DirectEncryption extends KeyEncryptionAlgorithm { /** + * Returns the CEK. + * * @param JWK $key The key used to get the CEK * * @throws \Exception If key does not support the algorithm or if the key usage does not authorize the operation * - * @return string The CEK + * @return string */ public function getCEK(JWK $key): string; } diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/ECDHES.php b/src/Component/Encryption/Algorithm/KeyEncryption/ECDHES.php index b61561cd..8af0bd52 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/ECDHES.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/ECDHES.php @@ -21,7 +21,7 @@ use Jose\Component\Encryption\Util\ConcatKDF; use Jose\Component\Encryption\Util\Ecc\EcDH; -class ECDHES implements KeyAgreement +final class ECDHES implements KeyAgreement { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/ECDHESA128KW.php b/src/Component/Encryption/Algorithm/KeyEncryption/ECDHESA128KW.php index cc92d8cd..6f698ade 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/ECDHESA128KW.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/ECDHESA128KW.php @@ -15,7 +15,7 @@ use AESKW\A128KW as Wrapper; -class ECDHESA128KW extends ECDHESAESKW +final class ECDHESA128KW extends ECDHESAESKW { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/ECDHESA192KW.php b/src/Component/Encryption/Algorithm/KeyEncryption/ECDHESA192KW.php index 36c98db2..dcdc252d 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/ECDHESA192KW.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/ECDHESA192KW.php @@ -15,7 +15,7 @@ use AESKW\A192KW as Wrapper; -class ECDHESA192KW extends ECDHESAESKW +final class ECDHESA192KW extends ECDHESAESKW { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/ECDHESA256KW.php b/src/Component/Encryption/Algorithm/KeyEncryption/ECDHESA256KW.php index 8845a879..4a452e4f 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/ECDHESA256KW.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/ECDHESA256KW.php @@ -15,7 +15,7 @@ use AESKW\A256KW as Wrapper; -class ECDHESA256KW extends ECDHESAESKW +final class ECDHESA256KW extends ECDHESAESKW { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/KeyAgreement.php b/src/Component/Encryption/Algorithm/KeyEncryption/KeyAgreement.php index 461f363a..97c3af0f 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/KeyAgreement.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/KeyAgreement.php @@ -19,6 +19,8 @@ interface KeyAgreement extends KeyEncryptionAlgorithm { /** + * Computes the agreement key. + * * @param int $encryption_key_length Size of the key expected for the algorithm used for data encryption * @param string $algorithm The algorithm * @param JWK $recipient_key The recipient key. If the key is public, then an ephemeral private key will be created, else will try to find the ephemeral key in the header diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/KeyAgreementWithKeyWrapping.php b/src/Component/Encryption/Algorithm/KeyEncryption/KeyAgreementWithKeyWrapping.php index 95585837..6e7f824d 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/KeyAgreementWithKeyWrapping.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/KeyAgreementWithKeyWrapping.php @@ -19,7 +19,7 @@ interface KeyAgreementWithKeyWrapping extends KeyEncryptionAlgorithm { /** - * Wrap the agreement key. + * Compute and wrap the agreement key. * * @param JWK $receiver_key The receiver's key * @param string $cek The CEK to wrap @@ -29,12 +29,12 @@ interface KeyAgreementWithKeyWrapping extends KeyEncryptionAlgorithm * * @throws \Exception If key does not support the algorithm or if the key usage does not authorize the operation * - * @return string The encrypted CEK + * @return string */ public function wrapAgreementKey(JWK $receiver_key, string $cek, int $encryption_key_length, array $complete_header, array &$additional_header_values): string; /** - * Unwrap the agreement key. + * Unwrap and compute the agreement key. * * @param JWK $receiver_key The receiver's key * @param string $encrypted_cek The encrypted CEK diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/KeyEncryption.php b/src/Component/Encryption/Algorithm/KeyEncryption/KeyEncryption.php index d9c5b0ea..4468fa63 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/KeyEncryption.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/KeyEncryption.php @@ -28,7 +28,7 @@ interface KeyEncryption extends KeyEncryptionAlgorithm * * @throws \Exception If key does not support the algorithm or if the key usage does not authorize the operation * - * @return string The encrypted CEK + * @return string */ public function encryptKey(JWK $key, string $cek, array $completeHeader, array &$additionalHeader): string; @@ -41,7 +41,7 @@ public function encryptKey(JWK $key, string $cek, array $completeHeader, array & * * @throws \Exception If key does not support the algorithm or if the key usage does not authorize the operation * - * @return string The decrypted CEK + * @return string */ public function decryptKey(JWK $key, string $encrypted_cek, array $header): string; } diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/KeyWrapping.php b/src/Component/Encryption/Algorithm/KeyEncryption/KeyWrapping.php index a030b775..e1ebfd60 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/KeyWrapping.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/KeyWrapping.php @@ -28,7 +28,7 @@ interface KeyWrapping extends KeyEncryptionAlgorithm * * @throws \Exception If key does not support the algorithm or if the key usage does not authorize the operation * - * @return string The encrypted CEK + * @return string */ public function wrapKey(JWK $key, string $cek, array $completeHeader, array &$additionalHeader): string; @@ -41,7 +41,7 @@ public function wrapKey(JWK $key, string $cek, array $completeHeader, array &$ad * * @throws \Exception If key does not support the algorithm or if the key usage does not authorize the operation * - * @return string The decrypted CEK + * @return string */ public function unwrapKey(JWK $key, string $encrypted_cek, array $completeHeader): string; } diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/PBES2HS256A128KW.php b/src/Component/Encryption/Algorithm/KeyEncryption/PBES2HS256A128KW.php index f3185c8e..8bf1876a 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/PBES2HS256A128KW.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/PBES2HS256A128KW.php @@ -15,7 +15,7 @@ use AESKW\A128KW as Wrapper; -class PBES2HS256A128KW extends PBES2AESKW +final class PBES2HS256A128KW extends PBES2AESKW { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/PBES2HS384A192KW.php b/src/Component/Encryption/Algorithm/KeyEncryption/PBES2HS384A192KW.php index f90e19f7..26b95e62 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/PBES2HS384A192KW.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/PBES2HS384A192KW.php @@ -15,7 +15,7 @@ use AESKW\A192KW as Wrapper; -class PBES2HS384A192KW extends PBES2AESKW +final class PBES2HS384A192KW extends PBES2AESKW { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/PBES2HS512A256KW.php b/src/Component/Encryption/Algorithm/KeyEncryption/PBES2HS512A256KW.php index ca6594d4..b7c234c1 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/PBES2HS512A256KW.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/PBES2HS512A256KW.php @@ -15,7 +15,7 @@ use AESKW\A256KW as Wrapper; -class PBES2HS512A256KW extends PBES2AESKW +final class PBES2HS512A256KW extends PBES2AESKW { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/RSA15.php b/src/Component/Encryption/Algorithm/KeyEncryption/RSA15.php index fe337293..7b8a38ba 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/RSA15.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/RSA15.php @@ -15,7 +15,7 @@ use Jose\Component\Encryption\Util\RSACrypt; -class RSA15 extends RSA +final class RSA15 extends RSA { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/RSAOAEP.php b/src/Component/Encryption/Algorithm/KeyEncryption/RSAOAEP.php index 4d774385..5e3edbba 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/RSAOAEP.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/RSAOAEP.php @@ -15,7 +15,7 @@ use Jose\Component\Encryption\Util\RSACrypt; -class RSAOAEP extends RSA +final class RSAOAEP extends RSA { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/KeyEncryption/RSAOAEP256.php b/src/Component/Encryption/Algorithm/KeyEncryption/RSAOAEP256.php index 11f3f5ae..b0c00c00 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryption/RSAOAEP256.php +++ b/src/Component/Encryption/Algorithm/KeyEncryption/RSAOAEP256.php @@ -15,7 +15,7 @@ use Jose\Component\Encryption\Util\RSACrypt; -class RSAOAEP256 extends RSA +final class RSAOAEP256 extends RSA { /** * {@inheritdoc} diff --git a/src/Component/Encryption/Algorithm/KeyEncryptionAlgorithm.php b/src/Component/Encryption/Algorithm/KeyEncryptionAlgorithm.php index 73f910e8..8fa55bfe 100644 --- a/src/Component/Encryption/Algorithm/KeyEncryptionAlgorithm.php +++ b/src/Component/Encryption/Algorithm/KeyEncryptionAlgorithm.php @@ -26,6 +26,8 @@ interface KeyEncryptionAlgorithm extends Algorithm public const MODE_AGREEMENT = 'agree'; /** + * Returns the key management mode used by the key encryption algorithm. + * * @return string */ public function getKeyManagementMode(): string; diff --git a/src/Component/Encryption/Compression/CompressionMethod.php b/src/Component/Encryption/Compression/CompressionMethod.php index 52a190ff..7a3c892d 100644 --- a/src/Component/Encryption/Compression/CompressionMethod.php +++ b/src/Component/Encryption/Compression/CompressionMethod.php @@ -16,29 +16,33 @@ interface CompressionMethod { /** - * @return string Return the name of the method + * Returns the name of the method + * + * @return string */ public function name(): string; /** * Compress the data. + * Throws an exception in case of failure. * * @param string $data The data to compress * * @throws \RuntimeException * - * @return string The compressed data + * @return string */ public function compress(string $data): string; /** * Uncompress the data. + * Throws an exception in case of failure. * * @param string $data The data to uncompress * * @throws \RuntimeException * - * @return string The uncompressed data + * @return string */ public function uncompress(string $data): string; } diff --git a/src/Component/Encryption/Compression/CompressionMethodManager.php b/src/Component/Encryption/Compression/CompressionMethodManager.php index a1ef806f..8c651522 100644 --- a/src/Component/Encryption/Compression/CompressionMethodManager.php +++ b/src/Component/Encryption/Compression/CompressionMethodManager.php @@ -21,6 +21,17 @@ class CompressionMethodManager private $compressionMethods = []; /** + * CompressionMethodManager constructor. + * + * @deprecated Will be private in v2.x. Please use CompressionManager::create() instead. + */ + public function __construct() + { + } + + /** + * This method creates a Compression Manager with the selected compression methods. + * * @param CompressionMethod[] $methods * * @return CompressionMethodManager @@ -36,6 +47,8 @@ public static function create(array $methods): self } /** + * Add the given compression method to the manager. + * * @param CompressionMethod $compressionMethod */ protected function add(CompressionMethod $compressionMethod) @@ -49,6 +62,8 @@ protected function add(CompressionMethod $compressionMethod) } /** + * Returns true if the givn compression method is supported. + * * @param string $name * * @return bool @@ -59,7 +74,8 @@ public function has(string $name): bool } /** - * This method will try to find a CompressionInterface object able to support the compression method. + * This method returns the compression method with the given name. + * Throws an exception if the method is not supported. * * @param string $name The name of the compression method * @@ -75,6 +91,8 @@ public function get(string $name): CompressionMethod } /** + * Returns the list of compression method names supported by the manager. + * * @return string[] */ public function list(): array diff --git a/src/Component/Encryption/Compression/CompressionMethodManagerFactory.php b/src/Component/Encryption/Compression/CompressionMethodManagerFactory.php index 779777d3..5b8d80b1 100644 --- a/src/Component/Encryption/Compression/CompressionMethodManagerFactory.php +++ b/src/Component/Encryption/Compression/CompressionMethodManagerFactory.php @@ -21,6 +21,10 @@ class CompressionMethodManagerFactory private $compressionMethods = []; /** + * This method adds a compression method to this factory. + * The method is uniquely identified by an alias. This allows the same method to be added twice (or more) + * using several configuration options. + * * @param string $alias * @param CompressionMethod $compressionMethod * @@ -37,6 +41,8 @@ public function add(string $alias, CompressionMethod $compressionMethod): self } /** + * Returns the list of compression method aliases supported by the factory. + * * @return string[] */ public function aliases(): array @@ -45,6 +51,8 @@ public function aliases(): array } /** + * Returns all compression methods supported by this factory. + * * @return CompressionMethod[] */ public function all(): array @@ -53,6 +61,9 @@ public function all(): array } /** + * Creates a compression method manager using the compression methods identified by the given aliases. + * If one of the aliases does not exist, an exception is thrown. + * * @param string[] $aliases * * @return CompressionMethodManager diff --git a/src/Component/Encryption/Compression/Deflate.php b/src/Component/Encryption/Compression/Deflate.php index 3478482e..bcfc83d4 100644 --- a/src/Component/Encryption/Compression/Deflate.php +++ b/src/Component/Encryption/Compression/Deflate.php @@ -13,7 +13,7 @@ namespace Jose\Component\Encryption\Compression; -class Deflate implements CompressionMethod +final class Deflate implements CompressionMethod { /** * @var int diff --git a/src/Component/Encryption/Compression/GZip.php b/src/Component/Encryption/Compression/GZip.php index bd9577e1..b0daae6e 100644 --- a/src/Component/Encryption/Compression/GZip.php +++ b/src/Component/Encryption/Compression/GZip.php @@ -13,7 +13,7 @@ namespace Jose\Component\Encryption\Compression; -class GZip implements CompressionMethod +final class GZip implements CompressionMethod { /** * @var int diff --git a/src/Component/Encryption/Compression/ZLib.php b/src/Component/Encryption/Compression/ZLib.php index 2e778f8f..f619d6f1 100644 --- a/src/Component/Encryption/Compression/ZLib.php +++ b/src/Component/Encryption/Compression/ZLib.php @@ -13,7 +13,7 @@ namespace Jose\Component\Encryption\Compression; -class ZLib implements CompressionMethod +final class ZLib implements CompressionMethod { /** * @var int diff --git a/src/Component/Encryption/JWE.php b/src/Component/Encryption/JWE.php index 0cfece31..e2478787 100644 --- a/src/Component/Encryption/JWE.php +++ b/src/Component/Encryption/JWE.php @@ -87,6 +87,8 @@ private function __construct(string $ciphertext, string $iv, string $tag, ?strin } /** + * Creates a new JWE object. + * * @param string $ciphertext * @param string $iv * @param string $tag @@ -112,6 +114,9 @@ public function getPayload(): ?string } /** + * Set the payload. + * This method is immutable and a new object will be returned. + * * @param string $payload * * @return JWE @@ -135,6 +140,8 @@ public function countRecipients(): int } /** + * Returns true is the JWE has already been encrypted. + * * @return bool */ public function isEncrypted(): bool @@ -153,6 +160,8 @@ public function getRecipients(): array } /** + * Returns the recipient object at the given index. + * * @param int $id * * @return Recipient @@ -167,6 +176,8 @@ public function getRecipient(int $id): Recipient } /** + * Returns the ciphertext. This method will return null is the JWE has not yet been encrypted. + * * @return string|null The cyphertext */ public function getCiphertext(): ?string @@ -175,6 +186,8 @@ public function getCiphertext(): ?string } /** + * Returns the Additional Authentication Data if available. + * * @return string|null */ public function getAAD(): ?string @@ -183,6 +196,8 @@ public function getAAD(): ?string } /** + * Returns the Initialization Vector if available. + * * @return string|null */ public function getIV(): ?string @@ -191,6 +206,8 @@ public function getIV(): ?string } /** + * Returns the tag if available. + * * @return string|null */ public function getTag(): ?string @@ -199,6 +216,8 @@ public function getTag(): ?string } /** + * Returns the encoded shared protected header. + * * @return string */ public function getEncodedSharedProtectedHeader(): string @@ -207,6 +226,8 @@ public function getEncodedSharedProtectedHeader(): string } /** + * Returns the shared protected header. + * * @return array */ public function getSharedProtectedHeader(): array @@ -215,9 +236,12 @@ public function getSharedProtectedHeader(): array } /** + * Returns the shared protected header parameter identified by the given key. + * Throws an exception is the the parameter is not available. + * * @param string $key The key * - * @return mixed|null Header value + * @return mixed|null */ public function getSharedProtectedHeaderParameter(string $key) { @@ -229,6 +253,8 @@ public function getSharedProtectedHeaderParameter(string $key) } /** + * Returns true if the shared protected header has the parameter identified by the given key. + * * @param string $key The key * * @return bool @@ -239,6 +265,8 @@ public function hasSharedProtectedHeaderParameter(string $key): bool } /** + * Returns the shared header. + * * @return array */ public function getSharedHeader(): array @@ -247,9 +275,12 @@ public function getSharedHeader(): array } /** + * Returns the shared header parameter identified by the given key. + * Throws an exception is the the parameter is not available. + * * @param string $key The key * - * @return mixed|null Header value + * @return mixed|null */ public function getSharedHeaderParameter(string $key) { @@ -261,6 +292,8 @@ public function getSharedHeaderParameter(string $key) } /** + * Returns true if the shared header has the parameter identified by the given key. + * * @param string $key The key * * @return bool diff --git a/src/Component/Encryption/JWEBuilder.php b/src/Component/Encryption/JWEBuilder.php index 7189a926..31ef4ac8 100644 --- a/src/Component/Encryption/JWEBuilder.php +++ b/src/Component/Encryption/JWEBuilder.php @@ -126,6 +126,8 @@ public function create(): self } /** + * Returns the key encryption algorithm manager. + * * @return AlgorithmManager */ public function getKeyEncryptionAlgorithmManager(): AlgorithmManager @@ -134,6 +136,8 @@ public function getKeyEncryptionAlgorithmManager(): AlgorithmManager } /** + * Returns the content encryption algorithm manager. + * * @return AlgorithmManager */ public function getContentEncryptionAlgorithmManager(): AlgorithmManager @@ -142,6 +146,8 @@ public function getContentEncryptionAlgorithmManager(): AlgorithmManager } /** + * Returns the compression method manager. + * * @return CompressionMethodManager */ public function getCompressionMethodManager(): CompressionMethodManager @@ -150,6 +156,8 @@ public function getCompressionMethodManager(): CompressionMethodManager } /** + * Set the payload of the JWE to build. + * * @param mixed $payload * * @return JWEBuilder @@ -167,6 +175,8 @@ public function withPayload($payload): self } /** + * Set the Additional Authenticated Data of the JWE to build. + * * @param string|null $aad * * @return JWEBuilder @@ -180,6 +190,8 @@ public function withAAD(?string $aad): self } /** + * Set the shared protected header of the JWE to build. + * * @param array $sharedProtectedHeader * * @return JWEBuilder @@ -197,6 +209,8 @@ public function withSharedProtectedHeader(array $sharedProtectedHeader): self } /** + * Set the shared header of the JWE to build. + * * @param array $sharedHeader * * @return JWEBuilder @@ -214,6 +228,8 @@ public function withSharedHeader(array $sharedHeader): self } /** + * Adds a recipient to the JWE to build. + * * @param JWK $recipientKey * @param array $recipientHeader * @@ -257,6 +273,8 @@ public function addRecipient(JWK $recipientKey, array $recipientHeader = []): se } /** + * Builds the JWE. + * * @return JWE */ public function build(): JWE @@ -292,7 +310,7 @@ public function build(): JWE /** * @param array $completeHeader */ - protected function checkAndSetContentEncryptionAlgorithm(array $completeHeader): void + private function checkAndSetContentEncryptionAlgorithm(array $completeHeader): void { $contentEncryptionAlgorithm = $this->getContentEncryptionAlgorithm($completeHeader); if (null === $this->contentEncryptionAlgorithm) { @@ -429,7 +447,7 @@ private function getEncryptedKeyFromKeyWrappingAlgorithm(array $completeHeader, * @param KeyEncryptionAlgorithm $keyEncryptionAlgorithm * @param JWK $recipientKey */ - protected function checkKey(KeyEncryptionAlgorithm $keyEncryptionAlgorithm, JWK $recipientKey) + private function checkKey(KeyEncryptionAlgorithm $keyEncryptionAlgorithm, JWK $recipientKey) { KeyChecker::checkKeyUsage($recipientKey, 'encryption'); if ('dir' !== $keyEncryptionAlgorithm->name()) { @@ -482,7 +500,7 @@ private function determineCEK(array &$additionalHeader): string * * @return CompressionMethod|null */ - protected function getCompressionMethod(array $completeHeader): ?CompressionMethod + private function getCompressionMethod(array $completeHeader): ?CompressionMethod { if (!array_key_exists('zip', $completeHeader)) { return null; @@ -497,7 +515,7 @@ protected function getCompressionMethod(array $completeHeader): ?CompressionMeth * * @return bool */ - protected function areKeyManagementModesCompatible(string $current, string $new): bool + private function areKeyManagementModesCompatible(string $current, string $new): bool { $agree = KeyEncryptionAlgorithm::MODE_AGREEMENT; $dir = KeyEncryptionAlgorithm::MODE_DIRECT; @@ -537,7 +555,7 @@ private function createIV(int $size): string * * @return KeyEncryptionAlgorithm */ - protected function getKeyEncryptionAlgorithm(array $completeHeader): KeyEncryptionAlgorithm + private function getKeyEncryptionAlgorithm(array $completeHeader): KeyEncryptionAlgorithm { if (!array_key_exists('alg', $completeHeader)) { throw new \InvalidArgumentException('Parameter "alg" is missing.'); diff --git a/src/Component/Encryption/JWEBuilderFactory.php b/src/Component/Encryption/JWEBuilderFactory.php index 7df5b61c..5b887276 100644 --- a/src/Component/Encryption/JWEBuilderFactory.php +++ b/src/Component/Encryption/JWEBuilderFactory.php @@ -49,6 +49,8 @@ public function __construct(JsonConverter $jsonEncoder, AlgorithmManagerFactory } /** + * Creates a JWE Builder object using the given key encryption algorithms, content encryption algorithms and compression methods. + * * @param string[] $keyEncryptionAlgorithms * @param string[] $contentEncryptionAlgorithm * @param string[] $compressionMethods diff --git a/src/Component/Encryption/JWEDecrypter.php b/src/Component/Encryption/JWEDecrypter.php index 3d16c403..40d77b58 100644 --- a/src/Component/Encryption/JWEDecrypter.php +++ b/src/Component/Encryption/JWEDecrypter.php @@ -60,6 +60,8 @@ public function __construct(AlgorithmManager $keyEncryptionAlgorithmManager, Alg } /** + * Returns the key encryption algorithm manager. + * * @return AlgorithmManager */ public function getKeyEncryptionAlgorithmManager(): AlgorithmManager @@ -68,6 +70,8 @@ public function getKeyEncryptionAlgorithmManager(): AlgorithmManager } /** + * Returns the content encryption algorithm manager. + * * @return AlgorithmManager */ public function getContentEncryptionAlgorithmManager(): AlgorithmManager @@ -76,6 +80,8 @@ public function getContentEncryptionAlgorithmManager(): AlgorithmManager } /** + * Returns the compression method manager. + * * @return CompressionMethodManager */ public function getCompressionMethodManager(): CompressionMethodManager @@ -84,6 +90,8 @@ public function getCompressionMethodManager(): CompressionMethodManager } /** + * This method will try to decrypt the given JWE and recipient using a JWK. + * * @param JWE $jwe A JWE object to decrypt * @param JWK $jwk The key used to decrypt the input * @param int $recipient The recipient used to decrypt the token @@ -98,6 +106,8 @@ public function decryptUsingKey(JWE &$jwe, JWK $jwk, int $recipient): bool } /** + * This method will try to decrypt the given JWE and recipient using a JWKSet. + * * @param JWE $jwe A JWE object to decrypt * @param JWKSet $jwkset The key set used to decrypt the input * @param int $recipient The recipient used to decrypt the token diff --git a/src/Component/Encryption/JWEDecrypterFactory.php b/src/Component/Encryption/JWEDecrypterFactory.php index c8d54e7d..8c4f1b1f 100644 --- a/src/Component/Encryption/JWEDecrypterFactory.php +++ b/src/Component/Encryption/JWEDecrypterFactory.php @@ -41,6 +41,8 @@ public function __construct(AlgorithmManagerFactory $algorithmManagerFactory, Co } /** + * Creates a JWE Decrypter object using the given key encryption algorithms, content encryption algorithms and compression methods. + * * @param string[] $keyEncryptionAlgorithms * @param string[] $contentEncryptionAlgorithms * @param string[] $compressionMethods diff --git a/src/Component/Encryption/JWELoader.php b/src/Component/Encryption/JWELoader.php index a12e898f..8c661e51 100644 --- a/src/Component/Encryption/JWELoader.php +++ b/src/Component/Encryption/JWELoader.php @@ -50,6 +50,8 @@ public function __construct(JWESerializerManager $serializerManager, JWEDecrypte } /** + * Returns the JWE Decrypter object. + * * @return JWEDecrypter */ public function getJweDecrypter(): JWEDecrypter @@ -58,6 +60,8 @@ public function getJweDecrypter(): JWEDecrypter } /** + * Returns the header checker manager if set. + * * @return HeaderCheckerManager|null */ public function getHeaderCheckerManager(): ?HeaderCheckerManager @@ -66,6 +70,8 @@ public function getHeaderCheckerManager(): ?HeaderCheckerManager } /** + * Returns the serializer manager. + * * @return JWESerializerManager */ public function getSerializerManager(): JWESerializerManager @@ -74,6 +80,9 @@ public function getSerializerManager(): JWESerializerManager } /** + * This method will try to load and decrypt the given token using a JWK. + * If succeeded, the methods will populate the $recipient variable and returns the JWE. + * * @param string $token * @param JWK $key * @param null|int $recipient @@ -90,6 +99,9 @@ public function loadAndDecryptWithKey(string $token, JWK $key, ?int &$recipient) } /** + * This method will try to load and decrypt the given token using a JWKSet. + * If succeeded, the methods will populate the $recipient variable and returns the JWE. + * * @param string $token * @param JWKSet $keyset * @param null|int $recipient diff --git a/src/Component/Encryption/JWELoaderFactory.php b/src/Component/Encryption/JWELoaderFactory.php index cfa86049..b7b0e3f7 100644 --- a/src/Component/Encryption/JWELoaderFactory.php +++ b/src/Component/Encryption/JWELoaderFactory.php @@ -48,6 +48,9 @@ public function __construct(JWESerializerManagerFactory $jweSerializerManagerFac } /** + * Creates a JWELoader using the given serializer aliases, encryption algorithm aliases, compression method aliases + * and header checker aliases. + * * @param array $serializers * @param array $keyEncryptionAlgorithms * @param array $contentEncryptionAlgorithms diff --git a/src/Component/Encryption/JWETokenSupport.php b/src/Component/Encryption/JWETokenSupport.php index c07aace3..5b8aae47 100644 --- a/src/Component/Encryption/JWETokenSupport.php +++ b/src/Component/Encryption/JWETokenSupport.php @@ -16,7 +16,7 @@ use Jose\Component\Checker\TokenTypeSupport; use Jose\Component\Core\JWT; -class JWETokenSupport implements TokenTypeSupport +final class JWETokenSupport implements TokenTypeSupport { /** * {@inheritdoc} diff --git a/src/Component/Encryption/NestedTokenBuilder.php b/src/Component/Encryption/NestedTokenBuilder.php index 85e5354d..a3f53395 100644 --- a/src/Component/Encryption/NestedTokenBuilder.php +++ b/src/Component/Encryption/NestedTokenBuilder.php @@ -56,6 +56,8 @@ public function __construct(JWEBuilder $jweBuilder, JWESerializerManager $jweSer } /** + * Creates a nested token. + * * @param string $payload * @param array[] $signatures * @param string $jws_serialization_mode diff --git a/src/Component/Encryption/NestedTokenBuilderFactory.php b/src/Component/Encryption/NestedTokenBuilderFactory.php index e18d3333..4d97a2c6 100644 --- a/src/Component/Encryption/NestedTokenBuilderFactory.php +++ b/src/Component/Encryption/NestedTokenBuilderFactory.php @@ -56,6 +56,8 @@ public function __construct(JWEBuilderFactory $jweBuilderFactory, JWESerializerM } /** + * This method creates a Nested Token Builder with the given encryption/signature algorithms, serializers and compression methods. + * * @param array $jwe_serializers * @param array $keyEncryptionAlgorithms * @param array $contentEncryptionAlgorithms diff --git a/src/Component/Encryption/NestedTokenLoader.php b/src/Component/Encryption/NestedTokenLoader.php index d95102d0..944311e5 100644 --- a/src/Component/Encryption/NestedTokenLoader.php +++ b/src/Component/Encryption/NestedTokenLoader.php @@ -42,6 +42,9 @@ public function __construct(JWELoader $jweLoader, JWSLoader $jwsLoader) } /** + * This method will try to load, decrypt and verify the token. + * In case of failure, an exception is thrown, otherwise returns the JWS and populates the $signature variable. + * * @param string $token * @param JWKSet $encryptionKeySet * @param JWKSet $signatureKeySet diff --git a/src/Component/Encryption/NestedTokenLoaderFactory.php b/src/Component/Encryption/NestedTokenLoaderFactory.php index 14d48267..c5af46d6 100644 --- a/src/Component/Encryption/NestedTokenLoaderFactory.php +++ b/src/Component/Encryption/NestedTokenLoaderFactory.php @@ -40,6 +40,8 @@ public function __construct(JWELoaderFactory $jweLoaderFactory, JWSLoaderFactory } /** + * This method creates a Nested Token Loader with the given encryption/signature algorithms, serializers, compression methods and header checkers. + * * @param array $jweSerializers * @param array $keyEncryptionAlgorithms * @param array $contentEncryptionAlgorithms diff --git a/src/Component/Encryption/Recipient.php b/src/Component/Encryption/Recipient.php index 43422164..83bce6da 100644 --- a/src/Component/Encryption/Recipient.php +++ b/src/Component/Encryption/Recipient.php @@ -13,6 +13,9 @@ namespace Jose\Component\Encryption; +/** + * @internal + */ class Recipient { /** @@ -38,6 +41,9 @@ private function __construct(array $header, ?string $encryptedKey) } /** + * Creates a recipient. + * The creation of this object is meant to be used by the library, not by third party applications. + * * @param array $header * @param null|string $encryptedKey * @@ -49,6 +55,8 @@ public static function create(array $header, ?string $encryptedKey): self } /** + * Returns the recipient header. + * * @return array */ public function getHeader(): array @@ -57,11 +65,11 @@ public function getHeader(): array } /** - * Returns the value of the unprotected header of the specified key. + * Returns the value of the recipient header parameter with the specified key. * * @param string $key The key * - * @return mixed|null Header value + * @return mixed|null */ public function getHeaderParameter(string $key) { @@ -73,6 +81,8 @@ public function getHeaderParameter(string $key) } /** + * Returns true if the recipient header contains the parameter with the specified key. + * * @param string $key The key * * @return bool @@ -83,6 +93,8 @@ public function hasHeaderParameter(string $key): bool } /** + * Returns the encrypted key. + * * @return null|string */ public function getEncryptedKey(): ?string diff --git a/src/Component/Encryption/Serializer/CompactSerializer.php b/src/Component/Encryption/Serializer/CompactSerializer.php index 200fc219..14b79822 100644 --- a/src/Component/Encryption/Serializer/CompactSerializer.php +++ b/src/Component/Encryption/Serializer/CompactSerializer.php @@ -18,7 +18,7 @@ use Jose\Component\Encryption\JWE; use Jose\Component\Encryption\Recipient; -class CompactSerializer implements JWESerializer +final class CompactSerializer implements JWESerializer { public const NAME = 'jwe_compact'; diff --git a/src/Component/Encryption/Serializer/JSONFlattenedSerializer.php b/src/Component/Encryption/Serializer/JSONFlattenedSerializer.php index 49db6950..058697f0 100644 --- a/src/Component/Encryption/Serializer/JSONFlattenedSerializer.php +++ b/src/Component/Encryption/Serializer/JSONFlattenedSerializer.php @@ -18,7 +18,7 @@ use Jose\Component\Encryption\JWE; use Jose\Component\Encryption\Recipient; -class JSONFlattenedSerializer implements JWESerializer +final class JSONFlattenedSerializer implements JWESerializer { public const NAME = 'jwe_json_flattened'; diff --git a/src/Component/Encryption/Serializer/JSONGeneralSerializer.php b/src/Component/Encryption/Serializer/JSONGeneralSerializer.php index a185c727..a5773ccf 100644 --- a/src/Component/Encryption/Serializer/JSONGeneralSerializer.php +++ b/src/Component/Encryption/Serializer/JSONGeneralSerializer.php @@ -18,7 +18,7 @@ use Jose\Component\Encryption\JWE; use Jose\Component\Encryption\Recipient; -class JSONGeneralSerializer implements JWESerializer +final class JSONGeneralSerializer implements JWESerializer { public const NAME = 'jwe_json_general'; diff --git a/src/Component/Encryption/Serializer/JWESerializer.php b/src/Component/Encryption/Serializer/JWESerializer.php index 9e5318c7..1fae02dd 100644 --- a/src/Component/Encryption/Serializer/JWESerializer.php +++ b/src/Component/Encryption/Serializer/JWESerializer.php @@ -18,19 +18,23 @@ interface JWESerializer { /** - * The name of the serialization. + * The name of the serialization method. * * @return string */ public function name(): string; /** + * Display name of the serialization method. + * * @return string */ public function displayName(): string; /** * Converts a JWE into a string. + * If the JWE is designed for multiple recipients and the serializer only supports one recipient, + * the recipient index has to be set. * * @param JWE $jws * @param int|null $recipientIndex @@ -43,6 +47,7 @@ public function serialize(JWE $jws, ?int $recipientIndex = null): string; /** * Loads data and return a JWE object. + * Throws an exception in case of failure. * * @param string $input A string that represents a JWE * diff --git a/src/Component/Encryption/Serializer/JWESerializerManager.php b/src/Component/Encryption/Serializer/JWESerializerManager.php index f5e6b150..65edb732 100644 --- a/src/Component/Encryption/Serializer/JWESerializerManager.php +++ b/src/Component/Encryption/Serializer/JWESerializerManager.php @@ -35,6 +35,8 @@ private function __construct(array $serializers) } /** + * Creates a serializer manager using the given serializers. + * * @param JWESerializer[] $serializers * * @return JWESerializerManager @@ -45,6 +47,8 @@ public static function create(array $serializers): self } /** + * Adds a serializer to the manager. + * * @param JWESerializer $serializer * * @return JWESerializerManager @@ -57,15 +61,30 @@ private function add(JWESerializer $serializer): self } /** + * Return the serializer names supported by the manager. + * + * @deprecated Will be removed in v2.0. Please use names() instead. + * * @return string[] */ public function list(): array + { + return $this->names(); + } + + /** + * Return the serializer names supported by the manager. + * + * @return string[] + */ + public function names(): array { return array_keys($this->serializers); } /** * Converts a JWE into a string. + * Throws an exception if none of the serializer was able to convert the input. * * @param string $name * @param JWE $jws @@ -86,6 +105,7 @@ public function serialize(string $name, JWE $jws, ?int $recipientIndex = null): /** * Loads data and return a JWE object. + * Throws an exception if none of the serializer was able to convert the input. * * @param string $input A string that represents a JWE * @param string|null $name the name of the serializer if the input is unserialized diff --git a/src/Component/Encryption/Serializer/JWESerializerManagerFactory.php b/src/Component/Encryption/Serializer/JWESerializerManagerFactory.php index 9d391edf..faa12ce0 100644 --- a/src/Component/Encryption/Serializer/JWESerializerManagerFactory.php +++ b/src/Component/Encryption/Serializer/JWESerializerManagerFactory.php @@ -21,6 +21,8 @@ class JWESerializerManagerFactory private $serializers = []; /** + * Creates a serializer manager factory using the given serializers. + * * @param string[] $names * * @return JWESerializerManager @@ -30,7 +32,7 @@ public function create(array $names): JWESerializerManager $serializers = []; foreach ($names as $name) { if (!array_key_exists($name, $this->serializers)) { - throw new \InvalidArgumentException(sprintf('Unsupported serialiser "%s".', $name)); + throw new \InvalidArgumentException(sprintf('Unsupported serializer "%s".', $name)); } $serializers[] = $this->serializers[$name]; } @@ -39,6 +41,8 @@ public function create(array $names): JWESerializerManager } /** + * Return the serializer names supported by the manager. + * * @return string[] */ public function names(): array @@ -47,6 +51,8 @@ public function names(): array } /** + * Returns all serializers supported by this factory. + * * @return JWESerializer[] */ public function all(): array @@ -55,6 +61,8 @@ public function all(): array } /** + * Adds a serializer to the manager. + * * @param JWESerializer $serializer * * @return JWESerializerManagerFactory diff --git a/src/Component/Encryption/Tests/CompressionTest.php b/src/Component/Encryption/Tests/CompressionTest.php index db87b9ba..63e7d298 100644 --- a/src/Component/Encryption/Tests/CompressionTest.php +++ b/src/Component/Encryption/Tests/CompressionTest.php @@ -45,7 +45,7 @@ public function testGetValidCompressionAlgorithm() */ public function testGetInvalidCompressionAlgorithm() { - $manager = new CompressionMethodManager(); + $manager = CompressionMethodManager::create([]); self::assertFalse($manager->has('FOO')); $manager->get('FOO'); } diff --git a/src/Component/KeyManagement/JKUFactory.php b/src/Component/KeyManagement/JKUFactory.php index 58569326..188c6756 100644 --- a/src/Component/KeyManagement/JKUFactory.php +++ b/src/Component/KeyManagement/JKUFactory.php @@ -36,6 +36,9 @@ public function __construct(JsonConverter $jsonConverter, HttpClient $client, Re } /** + * This method will try to fetch the url a retrieve the key set. + * Throws an exception in case of failure. + * * @param string $url * @param array $header * diff --git a/src/Component/KeyManagement/JWKFactory.php b/src/Component/KeyManagement/JWKFactory.php index 17ec1a4d..1e27a0dc 100644 --- a/src/Component/KeyManagement/JWKFactory.php +++ b/src/Component/KeyManagement/JWKFactory.php @@ -23,6 +23,8 @@ class JWKFactory { /** + * Creates a RSA key with the given key size and additional values. + * * @param int $size The key size in bits * @param array $values values to configure the key * @@ -53,6 +55,8 @@ public static function createRSAKey(int $size, array $values = []): JWK } /** + * Creates a EC key with the given curve and additional values. + * * @param string $curve The curve * @param array $values values to configure the key * @@ -95,6 +99,8 @@ public static function createECKey(string $curve, array $values = []): JWK } /** + * Creates a octet key with the given key size and additional values. + * * @param int $size The key size in bits * @param array $values values to configure the key * @@ -117,6 +123,8 @@ public static function createOctKey(int $size, array $values = []): JWK } /** + * Creates a OKP key with the given curve and additional values. + * * @param string $curve The curve * @param array $values values to configure the key * @@ -155,6 +163,10 @@ public static function createOKPKey(string $curve, array $values = []): JWK } /** + * Creates a none key with the given additional values. + * Please note that this key type is not pat of any specification. + * It is used to prevent the use of the "none" algorithm with other key types. + * * @param array $values values to configure the key * * @return JWK @@ -174,6 +186,8 @@ public static function createNoneKey(array $values = []): JWK } /** + * Creates a key from a Json string. + * * @param string $value * * @return JWK|JWKSet @@ -189,6 +203,8 @@ public static function createFromJsonObject(string $value) } /** + * Creates a key or key set from the given input. + * * @param array $values * * @return JWK|JWKSet @@ -224,6 +240,8 @@ public static function createFromSecret(string $secret, array $additional_values } /** + * This method will try to load a X.509 certificate and convert it into a public key. + * * @param string $file * @param array $additional_values * @@ -238,6 +256,8 @@ public static function createFromCertificateFile(string $file, array $additional } /** + * Extract a keyfrom a key set identified by the given index . + * * @param JWKSet $jwkset * @param int|string $index * @@ -249,6 +269,8 @@ public static function createFromKeySet(JWKSet $jwkset, $index): JWK } /** + * This method will try to load a PKCS#12 file and convert it into a public key. + * * @param string $file * @param null|string $secret * @param array $additional_values @@ -268,6 +290,8 @@ public static function createFromPKCS12CertificateFile(string $file, ?string $se } /** + * This method will try to convert a X.509 certificate into a public key. + * * @param string $certificate * @param array $additional_values * @@ -282,6 +306,8 @@ public static function createFromCertificate(string $certificate, array $additio } /** + * This method will try to convert a X.509 certificate resource into a public key. + * * @param resource $res * @param array $additional_values * @@ -298,6 +324,9 @@ public static function createFromX509Resource($res, array $additional_values = [ } /** + * This method will try to load and convert a key file into a JWK object. + * If the key is encrypted, the password must be set. + * * @param string $file * @param null|string $password * @param array $additional_values @@ -315,6 +344,9 @@ public static function createFromKeyFile(string $file, ?string $password = null, } /** + * This method will try to load and convert a key into a JWK object. + * If the key is encrypted, the password must be set. + * * @param string $key * @param null|string $password * @param array $additional_values @@ -332,6 +364,8 @@ public static function createFromKey(string $key, ?string $password = null, arra } /** + * This method will try to load and convert a X.509 certificate chain into a public key. + * * @param array $x5c * @param array $additional_values * diff --git a/src/Component/KeyManagement/KeyAnalyzer/AlgorithmAnalyzer.php b/src/Component/KeyManagement/KeyAnalyzer/AlgorithmAnalyzer.php index 172623c2..6efc6daf 100644 --- a/src/Component/KeyManagement/KeyAnalyzer/AlgorithmAnalyzer.php +++ b/src/Component/KeyManagement/KeyAnalyzer/AlgorithmAnalyzer.php @@ -15,7 +15,7 @@ use Jose\Component\Core\JWK; -class AlgorithmAnalyzer implements KeyAnalyzer +final class AlgorithmAnalyzer implements KeyAnalyzer { /** * {@inheritdoc} diff --git a/src/Component/KeyManagement/KeyAnalyzer/KeyAnalyzer.php b/src/Component/KeyManagement/KeyAnalyzer/KeyAnalyzer.php index c9cf9aee..7421ede0 100644 --- a/src/Component/KeyManagement/KeyAnalyzer/KeyAnalyzer.php +++ b/src/Component/KeyManagement/KeyAnalyzer/KeyAnalyzer.php @@ -18,6 +18,8 @@ interface KeyAnalyzer { /** + * This method will analyse the key and add messages to the message bag if needed. + * * @param JWK $jwk * @param MessageBag $bag */ diff --git a/src/Component/KeyManagement/KeyAnalyzer/KeyAnalyzerManager.php b/src/Component/KeyManagement/KeyAnalyzer/KeyAnalyzerManager.php index 85986cf7..02585fab 100644 --- a/src/Component/KeyManagement/KeyAnalyzer/KeyAnalyzerManager.php +++ b/src/Component/KeyManagement/KeyAnalyzer/KeyAnalyzerManager.php @@ -23,6 +23,8 @@ class KeyAnalyzerManager private $analyzers = []; /** + * Adds a Key Analyzer to the manager + * * @param KeyAnalyzer $analyzer * * @return KeyAnalyzerManager @@ -35,6 +37,9 @@ public function add(KeyAnalyzer $analyzer): self } /** + * This method will analyze the JWK object using all analyzers. + * It returns a message bag that may contains messages. + * * @param JWK $jwk * * @return MessageBag diff --git a/src/Component/KeyManagement/KeyAnalyzer/KeyIdentifierAnalyzer.php b/src/Component/KeyManagement/KeyAnalyzer/KeyIdentifierAnalyzer.php index 2d73045e..fe0682c4 100644 --- a/src/Component/KeyManagement/KeyAnalyzer/KeyIdentifierAnalyzer.php +++ b/src/Component/KeyManagement/KeyAnalyzer/KeyIdentifierAnalyzer.php @@ -15,7 +15,7 @@ use Jose\Component\Core\JWK; -class KeyIdentifierAnalyzer implements KeyAnalyzer +final class KeyIdentifierAnalyzer implements KeyAnalyzer { /** * {@inheritdoc} diff --git a/src/Component/KeyManagement/KeyAnalyzer/Message.php b/src/Component/KeyManagement/KeyAnalyzer/Message.php index 4d14d7b3..db5c4556 100644 --- a/src/Component/KeyManagement/KeyAnalyzer/Message.php +++ b/src/Component/KeyManagement/KeyAnalyzer/Message.php @@ -44,6 +44,8 @@ private function __construct(string $message, string $severity) } /** + * Creates a message with severity=low. + * * @param string $message * * @return Message @@ -54,6 +56,8 @@ public static function low(string $message): self } /** + * Creates a message with severity=medium. + * * @param string $message * * @return Message @@ -64,6 +68,8 @@ public static function medium(string $message): self } /** + * Creates a message with severity=high. + * * @param string $message * * @return Message @@ -74,6 +80,8 @@ public static function high(string $message): self } /** + * Returns the message. + * * @return string */ public function getMessage(): string @@ -82,6 +90,8 @@ public function getMessage(): string } /** + * Returns the severity of the message + * * @return string */ public function getSeverity(): string diff --git a/src/Component/KeyManagement/KeyAnalyzer/MessageBag.php b/src/Component/KeyManagement/KeyAnalyzer/MessageBag.php index 01afc02b..d37478c8 100644 --- a/src/Component/KeyManagement/KeyAnalyzer/MessageBag.php +++ b/src/Component/KeyManagement/KeyAnalyzer/MessageBag.php @@ -21,6 +21,8 @@ class MessageBag implements \JsonSerializable, \IteratorAggregate, \Countable private $messages = []; /** + * Adds a message to the message bag. + * * @param Message $message * * @return MessageBag @@ -33,6 +35,8 @@ public function add(Message $message): self } /** + * Returns all messages. + * * @return Message[] */ public function all(): array diff --git a/src/Component/KeyManagement/KeyAnalyzer/NoneAnalyzer.php b/src/Component/KeyManagement/KeyAnalyzer/NoneAnalyzer.php index ea9e0782..7108f649 100644 --- a/src/Component/KeyManagement/KeyAnalyzer/NoneAnalyzer.php +++ b/src/Component/KeyManagement/KeyAnalyzer/NoneAnalyzer.php @@ -15,7 +15,7 @@ use Jose\Component\Core\JWK; -class NoneAnalyzer implements KeyAnalyzer +final class NoneAnalyzer implements KeyAnalyzer { /** * {@inheritdoc} diff --git a/src/Component/KeyManagement/KeyAnalyzer/OctAnalyzer.php b/src/Component/KeyManagement/KeyAnalyzer/OctAnalyzer.php index a24fde77..2c7f27bf 100644 --- a/src/Component/KeyManagement/KeyAnalyzer/OctAnalyzer.php +++ b/src/Component/KeyManagement/KeyAnalyzer/OctAnalyzer.php @@ -17,7 +17,7 @@ use Jose\Component\Core\JWK; use ZxcvbnPhp\Zxcvbn; -class OctAnalyzer implements KeyAnalyzer +final class OctAnalyzer implements KeyAnalyzer { /** * {@inheritdoc} diff --git a/src/Component/KeyManagement/KeyAnalyzer/RsaAnalyzer.php b/src/Component/KeyManagement/KeyAnalyzer/RsaAnalyzer.php index b4efa4ac..26099fe2 100644 --- a/src/Component/KeyManagement/KeyAnalyzer/RsaAnalyzer.php +++ b/src/Component/KeyManagement/KeyAnalyzer/RsaAnalyzer.php @@ -16,7 +16,7 @@ use Base64Url\Base64Url; use Jose\Component\Core\JWK; -class RsaAnalyzer implements KeyAnalyzer +final class RsaAnalyzer implements KeyAnalyzer { /** * {@inheritdoc} diff --git a/src/Component/KeyManagement/KeyAnalyzer/UsageAnalyzer.php b/src/Component/KeyManagement/KeyAnalyzer/UsageAnalyzer.php index b60d6d90..97478e47 100644 --- a/src/Component/KeyManagement/KeyAnalyzer/UsageAnalyzer.php +++ b/src/Component/KeyManagement/KeyAnalyzer/UsageAnalyzer.php @@ -15,7 +15,7 @@ use Jose\Component\Core\JWK; -class UsageAnalyzer implements KeyAnalyzer +final class UsageAnalyzer implements KeyAnalyzer { /** * {@inheritdoc} diff --git a/src/Component/KeyManagement/X5UFactory.php b/src/Component/KeyManagement/X5UFactory.php index 7e2f128c..eae4f583 100644 --- a/src/Component/KeyManagement/X5UFactory.php +++ b/src/Component/KeyManagement/X5UFactory.php @@ -38,6 +38,9 @@ public function __construct(JsonConverter $jsonConverter, HttpClient $client, Re } /** + * This method will try to fetch the url a retrieve the key set. + * Throws an exception in case of failure. + * * @param string $url * @param array $header * diff --git a/src/Component/Signature/Algorithm/ES256.php b/src/Component/Signature/Algorithm/ES256.php index 74b31960..fb4548b2 100644 --- a/src/Component/Signature/Algorithm/ES256.php +++ b/src/Component/Signature/Algorithm/ES256.php @@ -13,7 +13,7 @@ namespace Jose\Component\Signature\Algorithm; -class ES256 extends ECDSA +final class ES256 extends ECDSA { /** * @return string diff --git a/src/Component/Signature/Algorithm/ES384.php b/src/Component/Signature/Algorithm/ES384.php index 7efd8ba2..d38e33d3 100644 --- a/src/Component/Signature/Algorithm/ES384.php +++ b/src/Component/Signature/Algorithm/ES384.php @@ -13,7 +13,7 @@ namespace Jose\Component\Signature\Algorithm; -class ES384 extends ECDSA +final class ES384 extends ECDSA { /** * @return string diff --git a/src/Component/Signature/Algorithm/ES512.php b/src/Component/Signature/Algorithm/ES512.php index adc33e07..2f166feb 100644 --- a/src/Component/Signature/Algorithm/ES512.php +++ b/src/Component/Signature/Algorithm/ES512.php @@ -13,7 +13,7 @@ namespace Jose\Component\Signature\Algorithm; -class ES512 extends ECDSA +final class ES512 extends ECDSA { /** * @return string diff --git a/src/Component/Signature/Algorithm/EdDSA.php b/src/Component/Signature/Algorithm/EdDSA.php index b9692e5e..58df03d3 100644 --- a/src/Component/Signature/Algorithm/EdDSA.php +++ b/src/Component/Signature/Algorithm/EdDSA.php @@ -16,7 +16,7 @@ use Base64Url\Base64Url; use Jose\Component\Core\JWK; -class EdDSA implements SignatureAlgorithm +final class EdDSA implements SignatureAlgorithm { /** * {@inheritdoc} diff --git a/src/Component/Signature/Algorithm/HS256.php b/src/Component/Signature/Algorithm/HS256.php index e84ff87f..cebd9ca3 100644 --- a/src/Component/Signature/Algorithm/HS256.php +++ b/src/Component/Signature/Algorithm/HS256.php @@ -13,7 +13,7 @@ namespace Jose\Component\Signature\Algorithm; -class HS256 extends HMAC +final class HS256 extends HMAC { /** * @return string diff --git a/src/Component/Signature/Algorithm/HS384.php b/src/Component/Signature/Algorithm/HS384.php index d99c54f1..cc6b1b73 100644 --- a/src/Component/Signature/Algorithm/HS384.php +++ b/src/Component/Signature/Algorithm/HS384.php @@ -13,7 +13,7 @@ namespace Jose\Component\Signature\Algorithm; -class HS384 extends HMAC +final class HS384 extends HMAC { /** * @return string diff --git a/src/Component/Signature/Algorithm/HS512.php b/src/Component/Signature/Algorithm/HS512.php index 8cf8451f..b916dd45 100644 --- a/src/Component/Signature/Algorithm/HS512.php +++ b/src/Component/Signature/Algorithm/HS512.php @@ -13,7 +13,7 @@ namespace Jose\Component\Signature\Algorithm; -class HS512 extends HMAC +final class HS512 extends HMAC { /** * @return string diff --git a/src/Component/Signature/Algorithm/None.php b/src/Component/Signature/Algorithm/None.php index 3e4bae72..3e5cfc82 100644 --- a/src/Component/Signature/Algorithm/None.php +++ b/src/Component/Signature/Algorithm/None.php @@ -15,7 +15,7 @@ use Jose\Component\Core\JWK; -class None implements SignatureAlgorithm +final class None implements SignatureAlgorithm { /** * {@inheritdoc} diff --git a/src/Component/Signature/Algorithm/PS256.php b/src/Component/Signature/Algorithm/PS256.php index 12945cfd..33c7d859 100644 --- a/src/Component/Signature/Algorithm/PS256.php +++ b/src/Component/Signature/Algorithm/PS256.php @@ -15,7 +15,7 @@ use Jose\Component\Signature\Util\RSA as JoseRSA; -class PS256 extends RSA +final class PS256 extends RSA { /** * @return string diff --git a/src/Component/Signature/Algorithm/PS384.php b/src/Component/Signature/Algorithm/PS384.php index 77c38759..c977bd24 100644 --- a/src/Component/Signature/Algorithm/PS384.php +++ b/src/Component/Signature/Algorithm/PS384.php @@ -15,7 +15,7 @@ use Jose\Component\Signature\Util\RSA as JoseRSA; -class PS384 extends RSA +final class PS384 extends RSA { /** * @return string diff --git a/src/Component/Signature/Algorithm/PS512.php b/src/Component/Signature/Algorithm/PS512.php index 77a9aee4..b7abb0b2 100644 --- a/src/Component/Signature/Algorithm/PS512.php +++ b/src/Component/Signature/Algorithm/PS512.php @@ -15,7 +15,7 @@ use Jose\Component\Signature\Util\RSA as JoseRSA; -class PS512 extends RSA +final class PS512 extends RSA { /** * @return string diff --git a/src/Component/Signature/Algorithm/RS256.php b/src/Component/Signature/Algorithm/RS256.php index f66bc5a7..5dd057ff 100644 --- a/src/Component/Signature/Algorithm/RS256.php +++ b/src/Component/Signature/Algorithm/RS256.php @@ -15,7 +15,7 @@ use Jose\Component\Signature\Util\RSA as JoseRSA; -class RS256 extends RSA +final class RS256 extends RSA { /** * @return string diff --git a/src/Component/Signature/Algorithm/RS384.php b/src/Component/Signature/Algorithm/RS384.php index b0ac1241..1f5ae1cc 100644 --- a/src/Component/Signature/Algorithm/RS384.php +++ b/src/Component/Signature/Algorithm/RS384.php @@ -15,7 +15,7 @@ use Jose\Component\Signature\Util\RSA as JoseRSA; -class RS384 extends RSA +final class RS384 extends RSA { /** * @return string diff --git a/src/Component/Signature/Algorithm/RS512.php b/src/Component/Signature/Algorithm/RS512.php index ef1a4e43..62841fc3 100644 --- a/src/Component/Signature/Algorithm/RS512.php +++ b/src/Component/Signature/Algorithm/RS512.php @@ -15,7 +15,7 @@ use Jose\Component\Signature\Util\RSA as JoseRSA; -class RS512 extends RSA +final class RS512 extends RSA { /** * @return string diff --git a/src/Component/Signature/JWS.php b/src/Component/Signature/JWS.php index 72de1ce5..3723b807 100644 --- a/src/Component/Signature/JWS.php +++ b/src/Component/Signature/JWS.php @@ -52,6 +52,8 @@ private function __construct(?string $payload, ?string $encodedPayload = null, b } /** + * Creates a JWS object. + * * @param string|null $payload * @param string|null $encodedPayload * @param bool $isPayloadDetached @@ -72,6 +74,8 @@ public function getPayload(): ?string } /** + * Returns true if the payload is detached. + * * @return bool */ public function isPayloadDetached(): bool @@ -80,6 +84,9 @@ public function isPayloadDetached(): bool } /** + * Returns the Base64Url encoded payload. + * If the payload is detached, this method returns null. + * * @return string|null */ public function getEncodedPayload(): ?string @@ -92,7 +99,7 @@ public function getEncodedPayload(): ?string } /** - * Returns the signature associated with the JWS. + * Returns the signatures associated with the JWS. * * @return Signature[] */ @@ -102,6 +109,8 @@ public function getSignatures(): array } /** + * Returns the signature at the given index. + * * @param int $id * * @return Signature @@ -116,6 +125,10 @@ public function getSignature(int $id): Signature } /** + * This method adds a signature to the JWS object. + * Its returns a new JWS object. + * + * @internal * @param string $signature * @param array $protectedHeader * @param string|null $encodedProtectedHeader @@ -134,7 +147,6 @@ public function addSignature(string $signature, array $protectedHeader, ?string /** * Returns the number of signature associated with the JWS. * - * * @return int */ public function countSignatures(): int diff --git a/src/Component/Signature/JWSBuilder.php b/src/Component/Signature/JWSBuilder.php index 08222e2d..55568bd1 100644 --- a/src/Component/Signature/JWSBuilder.php +++ b/src/Component/Signature/JWSBuilder.php @@ -65,6 +65,8 @@ public function __construct(JsonConverter $jsonConverter, AlgorithmManager $sign } /** + * Returns the algorithm manager associated to the builder. + * * @return AlgorithmManager */ public function getSignatureAlgorithmManager(): AlgorithmManager @@ -88,6 +90,9 @@ public function create(): self } /** + * Set the payload. + * This method will return a new JWSBuilder object. + * * @param string $payload * @param bool $isPayloadDetached * @@ -106,6 +111,9 @@ public function withPayload(string $payload, bool $isPayloadDetached = false): s } /** + * Adds the information needed to compute the signature. + * This method will return a new JWSBuilder object. + * * @param JWK $signatureKey * @param array $protectedHeader * @param array $header @@ -137,6 +145,8 @@ public function addSignature(JWK $signatureKey, array $protectedHeader, array $h } /** + * Computes all signatures and return the expected JWS object. + * * @return JWS */ public function build(): JWS diff --git a/src/Component/Signature/JWSBuilderFactory.php b/src/Component/Signature/JWSBuilderFactory.php index 5e94a363..04ffbfd5 100644 --- a/src/Component/Signature/JWSBuilderFactory.php +++ b/src/Component/Signature/JWSBuilderFactory.php @@ -41,6 +41,8 @@ public function __construct(JsonConverter $jsonEncoder, AlgorithmManagerFactory } /** + * This method creates a JWSBuilder using the given algorithm aliases. + * * @param string[] $algorithms * * @return JWSBuilder diff --git a/src/Component/Signature/JWSLoader.php b/src/Component/Signature/JWSLoader.php index 515e5ea5..d413177d 100644 --- a/src/Component/Signature/JWSLoader.php +++ b/src/Component/Signature/JWSLoader.php @@ -50,6 +50,8 @@ public function __construct(JWSSerializerManager $serializerManager, JWSVerifier } /** + * Returns the JWSVerifier associated to the JWSLoader. + * * @return JWSVerifier */ public function getJwsVerifier(): JWSVerifier @@ -58,6 +60,8 @@ public function getJwsVerifier(): JWSVerifier } /** + * Returns the Header Checker Manager associated to the JWSLoader. + * * @return HeaderCheckerManager|null */ public function getHeaderCheckerManager(): ?HeaderCheckerManager @@ -66,6 +70,8 @@ public function getHeaderCheckerManager(): ?HeaderCheckerManager } /** + * Returns the JWSSerializer associated to the JWSLoader. + * * @return JWSSerializerManager */ public function getSerializerManager(): JWSSerializerManager @@ -74,6 +80,9 @@ public function getSerializerManager(): JWSSerializerManager } /** + * This method will try to load and verify the token using the given key. + * It returns a JWS and will populate the $signature variable in case of success, otherwise an exception is thrown + * * @param string $token * @param JWK $key * @param null|int $signature @@ -91,6 +100,9 @@ public function loadAndVerifyWithKey(string $token, JWK $key, ?int &$signature, } /** + * This method will try to load and verify the token using the given key set. + * It returns a JWS and will populate the $signature variable in case of success, otherwise an exception is thrown + * * @param string $token * @param JWKSet $keyset * @param null|int $signature diff --git a/src/Component/Signature/JWSLoaderFactory.php b/src/Component/Signature/JWSLoaderFactory.php index 3c47d186..2202a2e9 100644 --- a/src/Component/Signature/JWSLoaderFactory.php +++ b/src/Component/Signature/JWSLoaderFactory.php @@ -48,6 +48,9 @@ public function __construct(JWSSerializerManagerFactory $jwsSerializerManagerFac } /** + * Creates a JWSLoader using the given serializer aliases, signature algorithm aliases and (optionally) + * the header checker aliases. + * * @param array $serializers * @param array $algorithms * @param array $headerCheckers diff --git a/src/Component/Signature/JWSTokenSupport.php b/src/Component/Signature/JWSTokenSupport.php index a516f6c2..7bec8800 100644 --- a/src/Component/Signature/JWSTokenSupport.php +++ b/src/Component/Signature/JWSTokenSupport.php @@ -16,7 +16,7 @@ use Jose\Component\Checker\TokenTypeSupport; use Jose\Component\Core\JWT; -class JWSTokenSupport implements TokenTypeSupport +final class JWSTokenSupport implements TokenTypeSupport { /** * {@inheritdoc} diff --git a/src/Component/Signature/JWSVerifier.php b/src/Component/Signature/JWSVerifier.php index 409c31eb..a8b9f009 100644 --- a/src/Component/Signature/JWSVerifier.php +++ b/src/Component/Signature/JWSVerifier.php @@ -38,6 +38,8 @@ public function __construct(AlgorithmManager $signatureAlgorithmManager) } /** + * Returns the algorithm manager associated to the JWSVerifier. + * * @return AlgorithmManager */ public function getSignatureAlgorithmManager(): AlgorithmManager @@ -46,6 +48,9 @@ public function getSignatureAlgorithmManager(): AlgorithmManager } /** + * This method will try to verify the JWS object using the given key and for the given signature. + * It returns true if the signature is verified, otherwise false. + * * @param JWS $jws * @param JWK $jwk * @param int $signature @@ -61,8 +66,8 @@ public function verifyWithKey(JWS $jws, JWK $jwk, int $signature, ?string $detac } /** - * Verify the signature of the input. - * The input must be a valid JWS. This method is usually called after the "load" method. + * This method will try to verify the JWS object using the given key set and for the given signature. + * It returns true if the signature is verified, otherwise false. * * @param JWS $jws A JWS object * @param JWKSet $jwkset The signature will be verified using keys in the key set diff --git a/src/Component/Signature/JWSVerifierFactory.php b/src/Component/Signature/JWSVerifierFactory.php index f36a8cd3..67f6996b 100644 --- a/src/Component/Signature/JWSVerifierFactory.php +++ b/src/Component/Signature/JWSVerifierFactory.php @@ -33,6 +33,8 @@ public function __construct(AlgorithmManagerFactory $algorithmManagerFactory) } /** + * Creates a JWSVerifier using the given signature algorithm aliases. + * * @param string[] $algorithms * * @return JWSVerifier diff --git a/src/Component/Signature/Serializer/CompactSerializer.php b/src/Component/Signature/Serializer/CompactSerializer.php index 84525497..539e61a5 100644 --- a/src/Component/Signature/Serializer/CompactSerializer.php +++ b/src/Component/Signature/Serializer/CompactSerializer.php @@ -17,7 +17,7 @@ use Jose\Component\Core\Converter\JsonConverter; use Jose\Component\Signature\JWS; -class CompactSerializer extends Serializer +final class CompactSerializer extends Serializer { public const NAME = 'jws_compact'; diff --git a/src/Component/Signature/Serializer/JSONFlattenedSerializer.php b/src/Component/Signature/Serializer/JSONFlattenedSerializer.php index 14091c81..5c5195eb 100644 --- a/src/Component/Signature/Serializer/JSONFlattenedSerializer.php +++ b/src/Component/Signature/Serializer/JSONFlattenedSerializer.php @@ -17,7 +17,7 @@ use Jose\Component\Core\Converter\JsonConverter; use Jose\Component\Signature\JWS; -class JSONFlattenedSerializer extends Serializer +final class JSONFlattenedSerializer extends Serializer { public const NAME = 'jws_json_flattened'; diff --git a/src/Component/Signature/Serializer/JSONGeneralSerializer.php b/src/Component/Signature/Serializer/JSONGeneralSerializer.php index 3abf8941..ac2d1ba5 100644 --- a/src/Component/Signature/Serializer/JSONGeneralSerializer.php +++ b/src/Component/Signature/Serializer/JSONGeneralSerializer.php @@ -17,7 +17,7 @@ use Jose\Component\Core\Converter\JsonConverter; use Jose\Component\Signature\JWS; -class JSONGeneralSerializer extends Serializer +final class JSONGeneralSerializer extends Serializer { public const NAME = 'jws_json_general'; diff --git a/src/Component/Signature/Signature.php b/src/Component/Signature/Signature.php index f8036952..a4000607 100644 --- a/src/Component/Signature/Signature.php +++ b/src/Component/Signature/Signature.php @@ -52,6 +52,9 @@ private function __construct(string $signature, array $protectedHeader, ?string } /** + * Creates a new signature. + * + * @internal * @param string $signature * @param array $protectedHeader * @param string|null $encodedProtectedHeader @@ -87,7 +90,6 @@ public function getHeader(): array /** * The protected header associated with the signature. * - * * @return null|string */ public function getEncodedProtectedHeader(): ?string @@ -112,6 +114,8 @@ public function getProtectedHeaderParameter(string $key) } /** + * Returns true if the protected header has the given parameter. + * * @param string $key The key * * @return bool @@ -138,6 +142,8 @@ public function getHeaderParameter(string $key) } /** + * Returns true if the unprotected header has the given parameter. + * * @param string $key The key * * @return bool From 3c0af1791aab56bfa005c51ac5b1fb19b66e41f7 Mon Sep 17 00:00:00 2001 From: Spomky Date: Fri, 9 Mar 2018 12:39:45 +0100 Subject: [PATCH 4/4] Apply fixes from StyleCI (#99) [ci skip] [skip ci] --- src/Component/Core/AlgorithmManager.php | 6 +++--- src/Component/Core/AlgorithmManagerFactory.php | 4 ++-- src/Component/Core/Converter/JsonConverter.php | 2 +- src/Component/Core/JWK.php | 2 +- src/Component/Core/JWKSet.php | 2 +- src/Component/Encryption/Compression/CompressionMethod.php | 2 +- src/Component/Encryption/JWELoaderFactory.php | 2 +- .../KeyManagement/KeyAnalyzer/KeyAnalyzerManager.php | 2 +- src/Component/KeyManagement/KeyAnalyzer/Message.php | 2 +- src/Component/Signature/JWS.php | 1 + src/Component/Signature/JWSLoader.php | 4 ++-- src/Component/Signature/Signature.php | 1 + 12 files changed, 16 insertions(+), 14 deletions(-) diff --git a/src/Component/Core/AlgorithmManager.php b/src/Component/Core/AlgorithmManager.php index 33cb76e0..fceeff0b 100644 --- a/src/Component/Core/AlgorithmManager.php +++ b/src/Component/Core/AlgorithmManager.php @@ -45,7 +45,7 @@ public static function create(array $algorithms): self } /** - * Returns true if the algorithm is supported + * Returns true if the algorithm is supported. * * @param string $algorithm The algorithm * @@ -57,7 +57,7 @@ public function has(string $algorithm): bool } /** - * Returns the list of names of supported algorithms + * Returns the list of names of supported algorithms. * * @return string[] */ @@ -67,7 +67,7 @@ public function list(): array } /** - * Returns the algorithm if supported, otherwise throw an exception + * Returns the algorithm if supported, otherwise throw an exception. * * @param string $algorithm The algorithm * diff --git a/src/Component/Core/AlgorithmManagerFactory.php b/src/Component/Core/AlgorithmManagerFactory.php index 6a53e842..60c07995 100644 --- a/src/Component/Core/AlgorithmManagerFactory.php +++ b/src/Component/Core/AlgorithmManagerFactory.php @@ -39,7 +39,7 @@ public function add(string $alias, Algorithm $algorithm): self } /** - * Returns the list of aliases + * Returns the list of aliases. * * @return string[] */ @@ -50,7 +50,7 @@ public function aliases(): array /** * Returns all algorithms supported by this factory. - * This is an associative array. Keys are the aliases of the algorithms + * This is an associative array. Keys are the aliases of the algorithms. * * @return Algorithm[] */ diff --git a/src/Component/Core/Converter/JsonConverter.php b/src/Component/Core/Converter/JsonConverter.php index 44e28d1f..2f22f945 100644 --- a/src/Component/Core/Converter/JsonConverter.php +++ b/src/Component/Core/Converter/JsonConverter.php @@ -25,7 +25,7 @@ interface JsonConverter public function encode($payload): string; /** - * Convert a string into payload + * Convert a string into payload. * * @param string $payload * @param bool $associativeArray diff --git a/src/Component/Core/JWK.php b/src/Component/Core/JWK.php index e477a7c8..9536cb7d 100644 --- a/src/Component/Core/JWK.php +++ b/src/Component/Core/JWK.php @@ -145,7 +145,7 @@ public function thumbprint(string $hash_algorithm): string * This method has no effect for: * - public keys * - shared keys - * - unknown keys + * - unknown keys. * * Known keys are "oct", "RSA", "EC" and "OKP". * diff --git a/src/Component/Core/JWKSet.php b/src/Component/Core/JWKSet.php index ee1a859a..296c27a0 100644 --- a/src/Component/Core/JWKSet.php +++ b/src/Component/Core/JWKSet.php @@ -97,7 +97,7 @@ public static function createFromJson(string $json): self } /** - * Returns an array of keys stored in the key set + * Returns an array of keys stored in the key set. * * @return JWK[] */ diff --git a/src/Component/Encryption/Compression/CompressionMethod.php b/src/Component/Encryption/Compression/CompressionMethod.php index 7a3c892d..64fbcba9 100644 --- a/src/Component/Encryption/Compression/CompressionMethod.php +++ b/src/Component/Encryption/Compression/CompressionMethod.php @@ -16,7 +16,7 @@ interface CompressionMethod { /** - * Returns the name of the method + * Returns the name of the method. * * @return string */ diff --git a/src/Component/Encryption/JWELoaderFactory.php b/src/Component/Encryption/JWELoaderFactory.php index b7b0e3f7..8512356c 100644 --- a/src/Component/Encryption/JWELoaderFactory.php +++ b/src/Component/Encryption/JWELoaderFactory.php @@ -50,7 +50,7 @@ public function __construct(JWESerializerManagerFactory $jweSerializerManagerFac /** * Creates a JWELoader using the given serializer aliases, encryption algorithm aliases, compression method aliases * and header checker aliases. - * + * * @param array $serializers * @param array $keyEncryptionAlgorithms * @param array $contentEncryptionAlgorithms diff --git a/src/Component/KeyManagement/KeyAnalyzer/KeyAnalyzerManager.php b/src/Component/KeyManagement/KeyAnalyzer/KeyAnalyzerManager.php index 02585fab..715f5c09 100644 --- a/src/Component/KeyManagement/KeyAnalyzer/KeyAnalyzerManager.php +++ b/src/Component/KeyManagement/KeyAnalyzer/KeyAnalyzerManager.php @@ -23,7 +23,7 @@ class KeyAnalyzerManager private $analyzers = []; /** - * Adds a Key Analyzer to the manager + * Adds a Key Analyzer to the manager. * * @param KeyAnalyzer $analyzer * diff --git a/src/Component/KeyManagement/KeyAnalyzer/Message.php b/src/Component/KeyManagement/KeyAnalyzer/Message.php index db5c4556..9b6c5d78 100644 --- a/src/Component/KeyManagement/KeyAnalyzer/Message.php +++ b/src/Component/KeyManagement/KeyAnalyzer/Message.php @@ -90,7 +90,7 @@ public function getMessage(): string } /** - * Returns the severity of the message + * Returns the severity of the message. * * @return string */ diff --git a/src/Component/Signature/JWS.php b/src/Component/Signature/JWS.php index 3723b807..b0a2ca3e 100644 --- a/src/Component/Signature/JWS.php +++ b/src/Component/Signature/JWS.php @@ -129,6 +129,7 @@ public function getSignature(int $id): Signature * Its returns a new JWS object. * * @internal + * * @param string $signature * @param array $protectedHeader * @param string|null $encodedProtectedHeader diff --git a/src/Component/Signature/JWSLoader.php b/src/Component/Signature/JWSLoader.php index d413177d..635cbf76 100644 --- a/src/Component/Signature/JWSLoader.php +++ b/src/Component/Signature/JWSLoader.php @@ -81,7 +81,7 @@ public function getSerializerManager(): JWSSerializerManager /** * This method will try to load and verify the token using the given key. - * It returns a JWS and will populate the $signature variable in case of success, otherwise an exception is thrown + * It returns a JWS and will populate the $signature variable in case of success, otherwise an exception is thrown. * * @param string $token * @param JWK $key @@ -101,7 +101,7 @@ public function loadAndVerifyWithKey(string $token, JWK $key, ?int &$signature, /** * This method will try to load and verify the token using the given key set. - * It returns a JWS and will populate the $signature variable in case of success, otherwise an exception is thrown + * It returns a JWS and will populate the $signature variable in case of success, otherwise an exception is thrown. * * @param string $token * @param JWKSet $keyset diff --git a/src/Component/Signature/Signature.php b/src/Component/Signature/Signature.php index a4000607..42dc6d1b 100644 --- a/src/Component/Signature/Signature.php +++ b/src/Component/Signature/Signature.php @@ -55,6 +55,7 @@ private function __construct(string $signature, array $protectedHeader, ?string * Creates a new signature. * * @internal + * * @param string $signature * @param array $protectedHeader * @param string|null $encodedProtectedHeader