oauth2-openid-connect-client icon indicating copy to clipboard operation
oauth2-openid-connect-client copied to clipboard

Published 20 hours ago verified publisher icon steverhoades

Refactor to Constraints when lcobucci/jwt 4.0 is released

Open steverhoades opened this issue 8 years ago • 11 comments

Reference: #https://github.com/lcobucci/jwt/issues/72

steverhoades avatar Oct 12 '16 21:10 steverhoades

Don't forget that v4.0 will require php: >=7.0

lcobucci avatar Oct 13 '16 16:10 lcobucci

@lcobucci this is a good point as PHP 5.6 is not EOL until Jan 2019.

steverhoades avatar Oct 13 '16 16:10 steverhoades

@steverhoades indeed. I saw that you don't have this requirement in this package so was just wanted to remind you about this. v3 will still be maintained (without new features) to keep the compatibility with PHP 5 :wink:

lcobucci avatar Oct 13 '16 19:10 lcobucci

@steverhoades PHP 7.2 is already EOL and the lcobucci/jwt 4.2.x already available. Are there any plans to run this also under PHP8?

fanglingsu avatar Oct 04 '21 12:10 fanglingsu

@fanglingsu Yes to the above. My time is the biggest limiting factor right now. PRs are much appreciated!

steverhoades avatar Oct 04 '21 14:10 steverhoades

I'm currently in the process of upgrading this package. Although I intend to keep the structure and interface as much intact as possible I do admit due to the upgrade to php 7.4 (because lcobucci/jwt requires php 7.4 as minimum) quite some code will change and will make use of type hinting and a bit more strict expectations.

See: https://github.com/Levivb/oauth2-openid-connect-client/tree/feature/update-dependencies

Will submit a PR later

Levivb avatar Nov 04 '21 18:11 Levivb

Also note that I lack full comprehension of OpenID Connect. So I have to take a careful look at https://lcobucci-jwt.readthedocs.io/en/latest/upgrading/ to see what has to be changed all the while keeping the code working. At the moment implementing (almost?) full test coverage with lcobucci/jwt:3.4 to ease the upgrade to lcobucci/jwt:4.1

Levivb avatar Nov 04 '21 18:11 Levivb

@Levivb that sounds great. Please let me know if there's anything I can do to help you!

lcobucci avatar Nov 04 '21 19:11 lcobucci

It's hard to believe this issue is 5 years old now. I apologize it hasn't been upgraded already. @Levivb your contribution will be greatly appreciated!

steverhoades avatar Nov 04 '21 21:11 steverhoades

Good to hear 😄

Currently all classes are fully tested except for the behemoth OpenIDConnectProvider::getAccessToken test which is WIP. I will continue that test tomorrow or possibly next week (got several meetings and appointments tomorrow).

Will check code coverage as well to be sure nothing is accidentally untested. After that, the lcobucci/jwtcan be updated to 4.1 and necessary code changes applied.

I also applied PSR12 through phpcs, added enlightn/security-checker, ergebnis/composer-normalize, insolita/unused-scanner, maglnet/composer-require-checker, php-parallel-lint/php-parallel-lint and roave/security-advisories to bring this package up to date with todays standards, quality and security.

Levivb avatar Nov 05 '21 02:11 Levivb

When can we expect support for lcobucci/jwt:^4.0? I'm working on upgrading the php version of one of my apps. And this package is the bottleneck right now.

The reason I'm asking is because the PR is already a few months in WIP :)

markwalet avatar Mar 02 '22 13:03 markwalet