Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

\Lcobucci\JWT\Configuration::forSymmetricSigner should set up validations. #950

Open
SamMousa opened this issue Oct 27, 2022 · 1 comment
Open

\Lcobucci\JWT\Configuration::forSymmetricSigner should set up validations. #950

SamMousa opened this issue Oct 27, 2022 · 1 comment

Comments

@SamMousa
Copy link

When using a configuration object it makes sense to me to set up constraints when using helpers like forSymmetricSigner.

public static function forSymmetricSigner(
        Signer $signer,
        Key $key,
        ?Encoder $encoder = null,
        ?Decoder $decoder = null
    ): self {
        $result new self(
            $signer,
            $key,
            $key,
            $encoder,
            $decoder
        );
        $result->validationConstraints[] = new SignedWith($signer, $key);
        return $result;
    }

Of course this will then need to be kept in sync when someone calls setSigner later... So additional point: we should make Configuration immutable.
@piotr-cz
Copy link

I think this is related to: #721 and #768.

I has been partially addressed by adding JwtFacade in #759, however IMHO it's not explicit enough that SignedWith constraint should be set up when using Configuration

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@SamMousa @piotr-cz