From a19ebf7e00407730a2f1c9aeb48ed8300c80de15 Mon Sep 17 00:00:00 2001
From: Florent Morselli <contact@spomky-labs.com>
Date: Thu, 1 Feb 2024 16:30:52 +0100
Subject: [PATCH] Ensure JWS serializers only throw InvalidArgumentException
 (#513)

---
 src/Library/Core/Util/JsonConverter.php           | 15 ++++++++++++---
 .../KeyManagement/UrlKeySetFactoryTest.php        | 10 +++++-----
 2 files changed, 17 insertions(+), 8 deletions(-)

diff --git a/src/Library/Core/Util/JsonConverter.php b/src/Library/Core/Util/JsonConverter.php
index aeecede6..d51c9777 100644
--- a/src/Library/Core/Util/JsonConverter.php
+++ b/src/Library/Core/Util/JsonConverter.php
@@ -4,7 +4,7 @@
 
 namespace Jose\Component\Core\Util;
 
-use RuntimeException;
+use InvalidArgumentException;
 use Throwable;
 use const JSON_THROW_ON_ERROR;
 use const JSON_UNESCAPED_SLASHES;
@@ -17,12 +17,21 @@ public static function encode(mixed $payload): string
         try {
             return json_encode($payload, JSON_THROW_ON_ERROR | JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
         } catch (Throwable $throwable) {
-            throw new RuntimeException('Invalid content.', $throwable->getCode(), $throwable);
+            throw new InvalidArgumentException('Invalid content.', $throwable->getCode(), $throwable);
         }
     }
 
     public static function decode(string $payload): mixed
     {
-        return json_decode($payload, true, 512, JSON_THROW_ON_ERROR | JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
+        try {
+            return json_decode(
+                $payload,
+                true,
+                512,
+                JSON_THROW_ON_ERROR | JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE
+            );
+        } catch (Throwable $throwable) {
+            throw new InvalidArgumentException('Unsupported input.', $throwable->getCode(), $throwable);
+        }
     }
 }
diff --git a/tests/Component/KeyManagement/UrlKeySetFactoryTest.php b/tests/Component/KeyManagement/UrlKeySetFactoryTest.php
index 4f3fd77f..9cce4e70 100644
--- a/tests/Component/KeyManagement/UrlKeySetFactoryTest.php
+++ b/tests/Component/KeyManagement/UrlKeySetFactoryTest.php
@@ -5,9 +5,9 @@
 namespace Jose\Tests\Component\KeyManagement;
 
 use Http\Mock\Client;
+use InvalidArgumentException;
 use Jose\Component\KeyManagement\JKUFactory;
 use Jose\Component\KeyManagement\X5UFactory;
-use JsonException;
 use Nyholm\Psr7\Factory\Psr17Factory;
 use PHPUnit\Framework\Attributes\Test;
 use PHPUnit\Framework\TestCase;
@@ -52,8 +52,8 @@ public function iCanGetAKeySetFromAJWKUrl(): void
     #[Test]
     public function theJWKUrlIsValidButDoesNotContainAKeySet(): void
     {
-        $this->expectException(JsonException::class);
-        $this->expectExceptionMessage('Syntax error');
+        $this->expectException(InvalidArgumentException::class);
+        $this->expectExceptionMessage('Unsupported input.');
 
         $response = $this->messageFactory->createResponse(200);
         $response->getBody()
@@ -104,8 +104,8 @@ public function iCanGetAKeySetFromAX509Url(): void
     #[Test]
     public function theX509UrlIsValidButDoesNotContainAKeySet(): void
     {
-        $this->expectException(JsonException::class);
-        $this->expectExceptionMessage('Syntax error');
+        $this->expectException(InvalidArgumentException::class);
+        $this->expectExceptionMessage('Unsupported input.');
 
         $response = $this->messageFactory->createResponse(200);
         $response->getBody()