php-jwt
php-jwt copied to clipboard
firebase
PHP package for JWT
This file https://github.com/firebase/php-jwt/blob/main/src/CachedKeySet.php#L216 and this function `private function rateLimitExceeded(): bool` 1. `$cacheItem->expiresAfter(1); // # of calls are cached each minute`, but according to PSR 6 spec (https://www.php-fig.org/psr/psr-6/), `public function expiresAfter($time);`...
When using the https://github.com/firebase/php-jwt/blob/main/src/JWK.php#L55 `parseKeySet` function with a list of jwks which contains keys with unsupported algorithms, for example when using this lib with Keycloak for OIDC then the method...
:robot: I have created a release *beep* *boop* --- ## [6.10.1](https://github.com/firebase/php-jwt/compare/v6.10.0...v6.10.1) (2024-03-15) ### Bug Fixes * ratelimit cache expiration ([#550](https://github.com/firebase/php-jwt/issues/550)) ([dda7250](https://github.com/firebase/php-jwt/commit/dda725033585ece30ff8cae8937320d7e9f18bae)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See...
![release-please[bot] avatar](https://avatars.githubusercontent.com/in/40688?v=4 "release-please[bot] avatar"){kind=avatar}
Additionally: - drop support for `guzzlehttp/guzzle:v6` - drop support for `psr/cache:v1` and add support for `psr/cache:v3` (dev only)
This is a follow-up to https://github.com/firebase/php-jwt/pull/492 where an inconsistency was introduced. When triggering these error messages, if the value should be rounded up, then the value in the error message...
**Describe the bug** While scanning my Laravel application's manifest file using Vulert for vulnerability checks, I identified an issue associated with your package. **Reference** Upon conducting a vulnerability scan, the...
The following code does not work: ``` $keyInfo = [ "kty" => "oct", "kid" => "unitTestJWKHMAC", "alg" => "HS256", "k" => "SecretKey", ] $jwk = \Firebase\JWT\JWK::parseKey($keyInfo); ``` Is there an...
fixes https://github.com/firebase/php-jwt/issues/543 Without setting the cached item expiry every time, the expiry is not persisted. In order to address this, we cache an array instead of an integer for the...
The JWT.php decode() has a nonstandard check to verify that "the time according to the JWT on the issuing server" is not later than "the time on the machine that...
