Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

setSecret method for custom JWT key is not working #2234

Open
nargalzius opened this issue Nov 3, 2023 · 1 comment
Open

setSecret method for custom JWT key is not working #2234

nargalzius opened this issue Nov 3, 2023 · 1 comment

Comments

@nargalzius
Copy link

JWTAuth::getJWTProvider()->setSecret() doesn't seem to be working

So I have a method that will allow generation of custom JWTs for different sites (with different JWT secrets)

Here's the method, pretty simple and it used to work fine before I upgraded to Laravel 9

protected function createUserToken($user, $claims = null, $secret = null) {
        
        // GENERATE KEY WITH DIFFERENT JWT_SECRET
        if($secret) {
            JWTAuth::getJWTProvider()->setSecret($secret);
        }
        
        if($claims) {
            $factory = JWTFactory::customClaims($claims);
            
            $payload = $factory->make();

            return JWTAuth::encode($payload);
        }

        return JWTAuth::fromUser($user); 
    }

Your environment

Q A
Bug? yes
New Feature? no
Framework Laravel
Framework version 9
Package version 2
PHP version 8.2

Steps to reproduce

  1. Generate any token with a custom secret key
  2. Validate said token on jwt.io, and you'll notice that it will not be validated with the custom key you provided (will fail)
  3. Validate said token again, but this time use the key on the site's .env (will succeed)

Expected behaviour

The token generated should be encoded with the custom key, and should be able to validate on jwt.io when you provide said custom key.

Actual behaviour

The tokens being generated are still using the site's key instead of the custom provided key through the setSecret() method

@pcualmac
Copy link

pcualmac commented May 3, 2024

yes is same for me. Still an issues

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants