Update to php-jwt 6.2.0

This commit is contained in:
Joachim Bauch 2022-06-17 14:35:44 +02:00
parent 4941f94cf6
commit 195434fc28
No known key found for this signature in database
GPG key ID: 77C1D22D53E15F02
4 changed files with 22 additions and 9 deletions

2
3rdparty/php-jwt vendored

@ -1 +1 @@
Subproject commit bac0422822b92fe7a0ed1fc7b1b633d9efa37bae Subproject commit d28e6df83830252650da4623c78aaaf98fb385f3

View file

@ -41,9 +41,18 @@ if (class_exists('\\OCP\\AppFramework\\Http\\EmptyContentSecurityPolicy')) {
return new Capabilities(); return new Capabilities();
}); });
if (!class_exists('\\Firebase\\JWT\\JWT')) { if (!class_exists('\\Firebase\\JWT\\BeforeValidException')) {
require_once __DIR__ . "/../3rdparty/php-jwt/src/BeforeValidException.php"; require_once __DIR__ . "/../3rdparty/php-jwt/src/BeforeValidException.php";
require_once __DIR__ . "/../3rdparty/php-jwt/src/ExpiredException.php"; }
require_once __DIR__ . "/../3rdparty/php-jwt/src/SignatureInvalidException.php"; if (!class_exists('\\Firebase\\JWT\\ExpiredException')) {
require_once __DIR__ . "/../3rdparty/php-jwt/src/JWT.php"; require_once __DIR__ . "/../3rdparty/php-jwt/src/ExpiredException.php";
}
if (!class_exists('\\Firebase\\JWT\\SignatureInvalidException')) {
require_once __DIR__ . "/../3rdparty/php-jwt/src/SignatureInvalidException.php";
}
if (!class_exists('\\Firebase\\JWT\\JWT')) {
require_once __DIR__ . "/../3rdparty/php-jwt/src/JWT.php";
}
if (!class_exists('\\Firebase\\JWT\\Key')) {
require_once __DIR__ . "/../3rdparty/php-jwt/src/Key.php";
} }

View file

@ -25,6 +25,7 @@ namespace OCA\Pdfdraw\Controller;
use Doctrine\DBAL\Exception\UniqueConstraintViolationException; use Doctrine\DBAL\Exception\UniqueConstraintViolationException;
use \Firebase\JWT\JWT; use \Firebase\JWT\JWT;
use \Firebase\JWT\Key;
use OC\Files\Filesystem; use OC\Files\Filesystem;
use OCP\AppFramework\Http; use OCP\AppFramework\Http;
use OCP\AppFramework\Http\DataDownloadResponse; use OCP\AppFramework\Http\DataDownloadResponse;
@ -100,7 +101,8 @@ class ApiController extends OCSController {
} }
try { try {
$decoded = JWT::decode($token, $secret, array('HS256')); $key = new Key($secret, 'HS256');
$decoded = JWT::decode($token, $key);
} catch (\Exception $e) { } catch (\Exception $e) {
return null; return null;
} }

View file

@ -24,6 +24,7 @@ declare(strict_types=1);
namespace OCA\Pdfdraw\Controller; namespace OCA\Pdfdraw\Controller;
use \Firebase\JWT\JWT; use \Firebase\JWT\JWT;
use \Firebase\JWT\Key;
use OCP\AppFramework\Controller; use OCP\AppFramework\Controller;
use OCP\AppFramework\Http; use OCP\AppFramework\Http;
use OCP\AppFramework\Http\ContentSecurityPolicy; use OCP\AppFramework\Http\ContentSecurityPolicy;
@ -259,7 +260,7 @@ class ViewerController extends Controller {
'fileId' => $fileId, 'fileId' => $fileId,
'token' => $token, 'token' => $token,
]; ];
$jwt = JWT::encode($data, $secret); $jwt = JWT::encode($data, $secret, 'HS256');
$fileUrl = $this->urlGenerator->linkToRouteAbsolute($this->appName . ".viewer.downloadFile", ["token" => $jwt]); $fileUrl = $this->urlGenerator->linkToRouteAbsolute($this->appName . ".viewer.downloadFile", ["token" => $jwt]);
@ -404,7 +405,7 @@ class ViewerController extends Controller {
'displayname' => $displayName, 'displayname' => $displayName,
'permissions' => $permissions, 'permissions' => $permissions,
]; ];
$jwt = JWT::encode($token, $secret); $jwt = JWT::encode($token, $secret, 'HS256');
} }
$params = [ $params = [
'urlGenerator' => $this->urlGenerator, 'urlGenerator' => $this->urlGenerator,
@ -447,7 +448,8 @@ class ViewerController extends Controller {
public function downloadFile(string $token) { public function downloadFile(string $token) {
$secret = $this->getDownloadSecret(); $secret = $this->getDownloadSecret();
try { try {
$data = JWT::decode($token, $secret, ['HS256']); $key = new Key($secret, 'HS256');
$data = JWT::decode($token, $key);
} catch (\Exception $e) { } catch (\Exception $e) {
$this->logger->logException($e, [ $this->logger->logException($e, [
'message' => 'download: ' . $token, 'message' => 'download: ' . $token,