Libs update (#14)

* Update libs and run linters

* Update infection to v0.27

* Remove infection exceptions

* Update phpUnit to v10

* Fix constructors

* Add JwtSecretFactory

* Add JwtSignerFactory::createRsa

* Add JwtSignerFactory::createHmac

.github/dependabot.yml

@@ -0,0 +1,18 @@
+
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "composer" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly"
+    allow:
+      - dependency-name: "marvin255/optional"
+      - dependency-name: "phpunit/phpunit"
+      - dependency-name: "friendsofphp/php-cs-fixer"
+      - dependency-name: "vimeo/psalm"
+      - dependency-name: "infection/infection"

.github/workflows/php.yml

@@ -13,7 +13,7 @@ jobs:
     strategy:
       fail-fast: true
       matrix:
-        php-versions: ['8.1']
+        php-versions: ['8.1', '8.2']
     steps:
     - uses: actions/checkout@v2
     - name: Install PHP

README.md

@@ -30,15 +30,16 @@ $token = JwtFactory::decoder()->decodeHeader($_SERVER['HTTP_AUTHORIZE']);
 
 ```php
 use Marvin255\Jwt\JwtFactory;
-use Marvin255\Jwt\Signer\SecretBase;
-use Marvin255\Jwt\Signer\RsaSha512Signer;
+use Marvin255\Jwt\JwtSecretFactory;
+use Marvin255\Jwt\JwtSignerFactory;
+use Marvin255\Jwt\Signer\Algorithm;
 use Marvin255\Jwt\Validator\ExpirationConstraint;
 use Marvin255\Jwt\Validator\NotBeforeConstraint;
 use Marvin255\Jwt\Validator\AudienceConstraint;
 use Marvin255\Jwt\Validator\SignatureConstraint;
 
-$publicKey = new SecretBase('file:///path/to/public.key');
-$signer = new RsaSha512Signer($publicKey);
+$publicKey = JwtSecretFactory::create('file:///path/to/public.key');
+$signer = JwtSignerFactory::createRsa(Algorithm::RSA_SHA_512, $publicKey);
 
 $constraints = [
     new ExpirationConstraint(3),          // checks that token is not expired with 3s leeway
@@ -75,11 +76,12 @@ $customClaim = $token->claims()->param('custom_claim')->get(); // any custom cla
 
 ```php
 use Marvin255\Jwt\JwtFactory;
-use Marvin255\Jwt\Signer\SecretBase;
-use Marvin255\Jwt\Signer\RsaSha512Signer;
+use Marvin255\Jwt\JwtSecretFactory;
+use Marvin255\Jwt\JwtSignerFactory;
+use Marvin255\Jwt\Signer\Algorithm;
 
-$privateKey = new SecretBase('file:///path/to/private.key');
-$signer = new RsaSha512Signer(null, $privateKey);
+$privateKey = JwtSecretFactory::create('file:///path/to/private.key');
+$signer = JwtSignerFactory::createRsa(Algorithm::RSA_SHA_512, null, $privateKey);
 
 $token = JwtFactory::builder()
     ->setJoseParam('test', 'test') // any custom JOSE param

composer.json

@@ -9,11 +9,10 @@
     "marvin255/optional": "^0.1"
   },
   "require-dev": {
-    "phpunit/phpunit": "^9.0",
+    "phpunit/phpunit": "^10.0",
     "friendsofphp/php-cs-fixer": "^3.0",
-    "sebastian/phpcpd": "^6.0",
     "vimeo/psalm": "^5.0",
-    "infection/infection": "^0.26"
+    "infection/infection": "^0.27"
   },
   "autoload": {
     "psr-4": {
@@ -37,7 +36,6 @@
     ],
     "linter": [
         "vendor/bin/php-cs-fixer fix --config=.php-cs-fixer.dist.php -v --dry-run --stop-on-violation --allow-risky=yes",
-        "vendor/bin/phpcpd ./ --exclude vendor --exclude docker",
         "vendor/bin/psalm --show-info=true --php-version=$(php -r \"echo phpversion();\")"
     ],
     "infection": [

docker/php/Dockerfile

@@ -12,10 +12,11 @@ RUN set -xe && apk update && apk add --no-cache \
     git \
     autoconf \
     g++ \
-    make
+    make \
+    linux-headers
 
 
-RUN docker-php-ext-install zip soap \
+RUN docker-php-ext-install zip opcache \
     && docker-php-source extract \
     && pecl install xdebug \
     && docker-php-ext-enable xdebug \
@@ -24,8 +25,8 @@ RUN docker-php-ext-install zip soap \
     && echo 'xdebug.mode=coverage' >> /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini
 
 
-RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer  --version=2.5.1 \
+RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer  --version=2.5.8 \
     && mkdir -p /.composer && chmod -Rf 777 /.composer
 
 
-WORKDIR /var/app
+WORKDIR /var/app

infection.json

@@ -9,16 +9,6 @@
         "text": "infection.log"
     },
     "mutators": {
-        "@default": true,
-        "LogicalOr": {
-            "ignore": [
-                "Marvin255\\Jwt\\Signer\\SecretBase::getSecret"
-            ]
-        },
-        "CastString": {
-            "ignore": [
-                "Marvin255\\Jwt\\Token\\ParamSet::__construct"
-            ]
-        }
+        "@default": true
     }
 }

phpunit.xml.dist

@@ -1,19 +1,14 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<phpunit
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    colors="true"
-    bootstrap="./vendor/autoload.php"
-    xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/9.3/phpunit.xsd"
->
-    <coverage>
-        <include>
-           <directory>./src</directory>
-        </include>
-    </coverage>
-
-    <testsuites>
-        <testsuite name="JWT tests suit">
-            <directory>./tests</directory>
-        </testsuite>
-    </testsuites>
+<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" colors="true" bootstrap="./vendor/autoload.php" xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/10.3/phpunit.xsd">
+  <coverage/>
+  <testsuites>
+    <testsuite name="JWT tests suit">
+      <directory>./tests</directory>
+    </testsuite>
+  </testsuites>
+  <source>
+    <include>
+      <directory>./src</directory>
+    </include>
+  </source>
 </phpunit>

psalm.xml

@@ -4,6 +4,8 @@
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xmlns="https://getpsalm.org/schema/config"
     xsi:schemaLocation="https://getpsalm.org/schema/config file:///var/www/vendor/vimeo/psalm/config.xsd"
+    findUnusedBaselineEntry="true"
+    findUnusedCode="false"
 >
     <projectFiles>
         <directory name="./src"/>

src/Decoder/Decoder.php

@@ -15,11 +15,8 @@
  */
 final class Decoder implements JwtDecoder
 {
-    private readonly JwtBuilder $builder;
-
-    public function __construct(JwtBuilder $builder)
+    public function __construct(private readonly JwtBuilder $builder)
     {
-        $this->builder = $builder;
     }
 
     /**

src/Exception/SignerAlgorithmNotFoundException.php

@@ -0,0 +1,9 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Marvin255\Jwt\Exception;
+
+class SignerAlgorithmNotFoundException extends JwtException
+{
+}

src/JwtSecretFactory.php

@@ -0,0 +1,26 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Marvin255\Jwt;
+
+use Marvin255\Jwt\Signer\Secret;
+use Marvin255\Jwt\Signer\SecretBase;
+
+/**
+ * Factory object for Secrets.
+ */
+final class JwtSecretFactory
+{
+    private function __construct()
+    {
+    }
+
+    /**
+     * Creates object that contains key secret.
+     */
+    public static function create(string $secret, string $passPhrase = null): Secret
+    {
+        return new SecretBase($secret, $passPhrase);
+    }
+}

src/JwtSignerFactory.php

@@ -0,0 +1,56 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Marvin255\Jwt;
+
+use Marvin255\Jwt\Exception\SignerAlgorithmNotFoundException;
+use Marvin255\Jwt\Signer\Algorithm;
+use Marvin255\Jwt\Signer\Hmac;
+use Marvin255\Jwt\Signer\NoneSigner;
+use Marvin255\Jwt\Signer\Rsa;
+use Marvin255\Jwt\Signer\Secret;
+
+/**
+ * Factory object that can create signer objects.
+ */
+final class JwtSignerFactory
+{
+    private function __construct()
+    {
+    }
+
+    /**
+     * Creates RSA signer.
+     */
+    public static function createRsa(Algorithm $algorithm, Secret $public = null, Secret $private = null): JwtSigner
+    {
+        $implementation = $algorithm->getImplementation();
+        if (!is_subclass_of($implementation, Rsa::class)) {
+            throw new SignerAlgorithmNotFoundException('Wrong algorithm provided');
+        }
+
+        return new $implementation($public, $private);
+    }
+
+    /**
+     * Creates HMAC signer.
+     */
+    public static function createHmac(Algorithm $algorithm, Secret $secret): JwtSigner
+    {
+        $implementation = $algorithm->getImplementation();
+        if (!is_subclass_of($implementation, Hmac::class)) {
+            throw new SignerAlgorithmNotFoundException('Wrong algorithm provided');
+        }
+
+        return new $implementation($secret);
+    }
+
+    /**
+     * Creates empty signer that does nothing.
+     */
+    public static function createNone(): JwtSigner
+    {
+        return new NoneSigner();
+    }
+}

src/JwtValidator.php

@@ -17,5 +17,5 @@ interface JwtValidator
      *
      * @param Constraint|Constraint[]|null $constraints
      */
-    public function validate(Jwt $token, Constraint|array|null $constraints = null): ValidationResult;
+    public function validate(Jwt $token, Constraint|array $constraints = null): ValidationResult;
 }

src/Signer/Algorithm.php

@@ -4,6 +4,8 @@
 
 namespace Marvin255\Jwt\Signer;
 
+use Marvin255\Jwt\JwtSigner;
+
 /**
  * Enum for algorithms names.
  */
@@ -30,6 +32,9 @@ public function getPhpAlgName(): string
         };
     }
 
+    /**
+     * @psalm-return class-string<JwtSigner>
+     */
     public function getImplementation(): string
     {
         return match ($this) {

src/Signer/Hmac.php

@@ -16,11 +16,8 @@
  */
 abstract class Hmac implements JwtSigner
 {
-    private readonly Secret $secret;
-
-    public function __construct(Secret $secret)
+    final public function __construct(private readonly Secret $secret)
     {
-        $this->secret = $secret;
     }
 
     /**

src/Signer/HmacSha256Signer.php

@@ -6,6 +6,8 @@
 
 /**
  * Hmac sha 256 signer.
+ *
+ * @internal
  */
 final class HmacSha256Signer extends Hmac
 {

src/Signer/HmacSha384Signer.php

@@ -6,6 +6,8 @@
 
 /**
  * Hmac sha 384 signer.
+ *
+ * @internal
  */
 final class HmacSha384Signer extends Hmac
 {

src/Signer/HmacSha512Signer.php

@@ -6,6 +6,8 @@
 
 /**
  * Hmac sha 512 signer.
+ *
+ * @internal
  */
 final class HmacSha512Signer extends Hmac
 {

src/Signer/NoneSigner.php

@@ -10,6 +10,8 @@
 
 /**
  * Signer for non signed tokens.
+ *
+ * @internal
  */
 final class NoneSigner implements JwtSigner
 {

src/Signer/Rsa.php

@@ -17,14 +17,10 @@
  */
 abstract class Rsa implements JwtSigner
 {
-    private readonly ?Secret $public;
-
-    private readonly ?Secret $private;
-
-    public function __construct(?Secret $public = null, ?Secret $private = null)
-    {
-        $this->public = $public;
-        $this->private = $private;
+    final public function __construct(
+        private readonly ?Secret $public = null,
+        private readonly ?Secret $private = null
+    ) {
     }
 
     /**

src/Signer/RsaSha256Signer.php

@@ -6,6 +6,8 @@
 
 /**
  * RSA sha 256 signer.
+ *
+ * @internal
  */
 final class RsaSha256Signer extends Rsa
 {

src/Signer/RsaSha384Signer.php

@@ -6,6 +6,8 @@
 
 /**
  * RSA sha 384 signer.
+ *
+ * @internal
  */
 final class RsaSha384Signer extends Rsa
 {