feat: Add JWT::fromJwtUnsafe for decode JWT without check signature #6
Annotations
18 warnings
PHP 7.1
The following actions uses node12 which is deprecated and will be forced to run on node16: actions/checkout@v2, szenius/set-timezone@v1.0. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/
|
PHP 7.3
The following actions uses node12 which is deprecated and will be forced to run on node16: actions/checkout@v2, szenius/set-timezone@v1.0. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/
|
PHP 8.1
The following actions uses node12 which is deprecated and will be forced to run on node16: actions/checkout@v2, szenius/set-timezone@v1.0. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/
|
PHP 7.4
The following actions uses node12 which is deprecated and will be forced to run on node16: actions/checkout@v2, szenius/set-timezone@v1.0. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/
|
PHP 7.2
The following actions uses node12 which is deprecated and will be forced to run on node16: actions/checkout@v2, szenius/set-timezone@v1.0. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/
|
PHP 8.2
The following actions uses node12 which is deprecated and will be forced to run on node16: actions/checkout@v2, szenius/set-timezone@v1.0. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/
|
PHP 8.0
The following actions uses node12 which is deprecated and will be forced to run on node16: actions/checkout@v2, szenius/set-timezone@v1.0. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/
|
Analysis
The following actions uses node12 which is deprecated and will be forced to run on node16: actions/checkout@v2, szenius/set-timezone@v1.0. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/
|
Analysis:
src/Claims.php#L74
Escaped Mutant:
--- Original
+++ New
@@ @@
{
// Disallow `$claims[] = xxx` operation
if ($offset === null) {
- throw new BadMethodCallException('Cannot use array push operator `$claims[] = $x` on ' . static::class);
+ throw new BadMethodCallException(static::class . 'Cannot use array push operator `$claims[] = $x` on ');
}
$this->claims[$offset] = $value;
}
|
Analysis:
src/Claims.php#L74
Escaped Mutant:
--- Original
+++ New
@@ @@
{
// Disallow `$claims[] = xxx` operation
if ($offset === null) {
- throw new BadMethodCallException('Cannot use array push operator `$claims[] = $x` on ' . static::class);
+ throw new BadMethodCallException(static::class);
}
$this->claims[$offset] = $value;
}
|
Analysis:
src/Claims.php#L74
Escaped Mutant:
--- Original
+++ New
@@ @@
{
// Disallow `$claims[] = xxx` operation
if ($offset === null) {
- throw new BadMethodCallException('Cannot use array push operator `$claims[] = $x` on ' . static::class);
+ throw new BadMethodCallException('Cannot use array push operator `$claims[] = $x` on ');
}
$this->claims[$offset] = $value;
}
|
Analysis:
src/EncodingOptions.php#L183
Escaped Mutant:
--- Original
+++ New
@@ @@
{
$options = new self(new JWKSet([$key]));
if ($key->has('alg')) {
- $options->setAlgorithm((string) $key->get('alg'));
+ $options->setAlgorithm($key->get('alg'));
}
if ($key->has('kid')) {
$options->setKid((string) $key->get('kid'));
|
Analysis:
src/EncodingOptions.php#L187
Escaped Mutant:
--- Original
+++ New
@@ @@
$options->setAlgorithm((string) $key->get('alg'));
}
if ($key->has('kid')) {
- $options->setKid((string) $key->get('kid'));
+ $options->setKid($key->get('kid'));
}
return $options;
}
}
|
Analysis:
src/JwtDecoder.php#L90
Escaped Mutant:
--- Original
+++ New
@@ @@
*/
public function decode(string $jwt, JWKSet $keySet) : JWT
{
- $loader = new JWSLoader($this->serializerManager, new JWSVerifier($this->jwa->manager()), new HeaderCheckerManager([new AlgorithmChecker($this->jwa->manager()->list())], [new JWSTokenSupport()]));
+ $loader = new JWSLoader($this->serializerManager, new JWSVerifier($this->jwa->manager()), new HeaderCheckerManager([], [new JWSTokenSupport()]));
try {
$decoded = $loader->loadAndVerifyWithKeySet($jwt, $keySet, $signatureOffset);
} catch (Exception $e) {
|
Analysis:
src/JwtDecoder.php#L96
Escaped Mutant:
--- Original
+++ New
@@ @@
try {
$decoded = $loader->loadAndVerifyWithKeySet($jwt, $keySet, $signatureOffset);
} catch (Exception $e) {
- throw new InvalidArgumentException('Invalid JWT or signature', 0, $e);
+ throw new InvalidArgumentException('Invalid JWT or signature', -1, $e);
}
/** @psalm-suppress PossiblyNullArrayOffset */
$signature = $decoded->getSignatures()[$signatureOffset];
|
Analysis:
src/JwtDecoder.php#L96
Escaped Mutant:
--- Original
+++ New
@@ @@
try {
$decoded = $loader->loadAndVerifyWithKeySet($jwt, $keySet, $signatureOffset);
} catch (Exception $e) {
- throw new InvalidArgumentException('Invalid JWT or signature', 0, $e);
+ throw new InvalidArgumentException('Invalid JWT or signature', 1, $e);
}
/** @psalm-suppress PossiblyNullArrayOffset */
$signature = $decoded->getSignatures()[$signatureOffset];
|
Analysis:
src/JwtDecoder.php#L102
Escaped Mutant:
--- Original
+++ New
@@ @@
}
/** @psalm-suppress PossiblyNullArrayOffset */
$signature = $decoded->getSignatures()[$signatureOffset];
- $payload = json_decode((string) $decoded->getPayload(), true);
+ $payload = json_decode($decoded->getPayload(), true);
if (!is_array($payload)) {
throw new InvalidArgumentException('Invalid JWT payload');
}
|
Analysis:
src/JwtEncoder.php#L38
Escaped Mutant:
--- Original
+++ New
@@ @@
*/
public function __construct(?JWA $jwa = null, ?JWSSerializer $serializer = null)
{
- $this->jwa = $jwa ?? new JWA();
+ $this->jwa = new JWA() ?? $jwa;
$this->serializer = $serializer ?? new CompactSerializer();
}
/**
|