Skip to content

Commit

Permalink
chore: remove jwt incorrect key warning
Browse files Browse the repository at this point in the history
  • Loading branch information
@vishwarajanand
vishwarajanand committed Mar 7, 2024
1 parent 1b9e871 commit fb53943
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 0 deletions.
3 changes: 3 additions & 0 deletions src/JWT.php
View file
Expand Up @@ -251,6 +251,9 @@ public static function sign(
return \hash_hmac($algorithm, $msg, $key, true);
case 'openssl':
$signature = '';
if (!openssl_pkey_get_private($key)) {

Check failure on line 254 in src/JWT.php

View workflow job for this annotation

GitHub Actions / PHPStan Static Analysis 

Parameter #1 $private_key of function openssl_pkey_get_private expects array|OpenSSLAsymmetricKey|OpenSSLCertificate|string, OpenSSLAsymmetricKey|OpenSSLCertificate|resource|string given.
throw new DomainException('OpenSSL unable to validate key');
}
$success = \openssl_sign($msg, $signature, $key, $algorithm); // @phpstan-ignore-line
if (!$success) {
throw new DomainException('OpenSSL unable to sign data');
Expand Down
6 changes: 6 additions & 0 deletions tests/JWTTest.php
View file
Expand Up @@ -26,6 +26,12 @@ public function testMalformedUtf8StringsFail()
JWT::encode(['message' => pack('c', 128)], 'a', 'HS256');
}

public function testInvalidKeyOpensslSignFail()
{
$this->expectException(DomainException::class);
JWT::sign('message', 'invalid key', 'openssl');
}

public function testMalformedJsonThrowsException()
{
$this->expectException(DomainException::class);
Expand Down

0 comments on commit fb53943

Please sign in to comment.