Skip to content

feat: add non-empty-only secret validation #79

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
restuarifp wants to merge 4 commits into
base: master
Choose a base branch
from
Open

feat: add non-empty-only secret validation #79

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
fc7d454
feat: add non-empty-only secret validation
restuarifp Aug 2, 2023
b17d9b9
feat: add validation options when creating token
restuarifp Aug 3, 2023
1ed2cee
fix: params type of object, should be array
restuarifp Aug 3, 2023
87ce57f
fix: params typo
restuarifp Aug 3, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 8 additions & 3 deletions src/Encoders/EncodeHS256Strong.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,9 @@ class EncodeHS256Strong extends EncodeHS256
/**
* This class only instantiates if the secret provided is strong enough.
*/
public function __construct(string $secret)
public function __construct(string $secret, array $options)
{
if (!$this->validSecret($secret)) {
if (!$this->validSecret($secret, !!$options['fixed_secret_length_enabled'])) {
throw new EncodeException('Invalid secret.', 9);
}

Expand All @@ -28,9 +28,14 @@ public function __construct(string $secret)
* The secret should contain a number, a upper and a lowercase letter, and a
* special character *&!@%^#$. It should be at least 12 characters in
* length. The regex here uses lookahead assertions.
* nonEmptyOnlyValidation is an option to only validate secret is empty or not.
*/
private function validSecret(string $secret): bool
private function validSecret(string $secret, bool $fixedSecretLengthEnabled = true): bool
{
if (!$fixedSecretLengthEnabled) {
return !empty($secret);
}

if (
!preg_match(
'/^.*(?=.{12,}+)(?=.*\d+)(?=.*[A-Z]+)(?=.*[a-z]+)(?=.*[\*&!@%\^#\$]+).*$/',
Expand Down
5 changes: 3 additions & 2 deletions src/Token.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,15 +25,16 @@ class Token
*
* @see Tokens::create()
*/
public static function create(string|int $userId, string $secret, int $expiration, string $issuer): string
public static function create(string|int $userId, string $secret, int $expiration, string $issuer, array $options = []): string
{
$tokens = new Tokens();
return $tokens->create(
'user_id',
$userId,
$secret,
$expiration,
$issuer
$issuer,
$options
)->getToken();
}

Expand Down
8 changes: 4 additions & 4 deletions src/Tokens.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,12 +21,12 @@ class Tokens
* Factory method to return an instance of the Build class for creating new
* JSON Web Tokens.
*/
public function builder(string $secret): Build
public function builder(string $secret, array $options): Build
{
return new Build(
'JWT',
new Validator(),
new EncodeHS256Strong($secret)
new EncodeHS256Strong($secret, $options)
);
}

Expand Down Expand Up @@ -91,9 +91,9 @@ public function getPayload(string $token): array
*
* @param string|int $userId
*/
public function create(string $userKey, string|int $userId, string $secret, int $expiration, string $issuer): Jwt
public function create(string $userKey, string|int $userId, string $secret, int $expiration, string $issuer, array $options): Jwt
{
$builder = $this->builder($secret);
$builder = $this->builder($secret, $options);

return $builder->setPayloadClaim($userKey, $userId)
->setExpiration($expiration)
Expand Down