Преглед на файлове

updated JWT to 4.1.5
updated createToken and jwtParse function to reflect new version of JWT
added configToken and validationConstraints function for new version of JWT

CauseFX преди 4 години
родител
ревизия
65fe4231b8
променени са 100 файла, в които са добавени 2668 реда и са изтрити 2539 реда
  1. 34 25
      api/classes/organizr.class.php
  2. 1 1
      api/composer.json
  3. 95 19
      api/composer.lock
  4. 39 37
      api/functions/token-functions.php
  5. 1 0
      api/vendor/composer/autoload_psr4.php
  6. 5 0
      api/vendor/composer/autoload_static.php
  7. 98 19
      api/vendor/composer/installed.json
  8. 14 5
      api/vendor/composer/installed.php
  9. 2 2
      api/vendor/composer/platform_check.php
  10. 21 0
      api/vendor/lcobucci/clock/LICENSE
  11. 40 0
      api/vendor/lcobucci/clock/composer.json
  12. 11 0
      api/vendor/lcobucci/clock/src/Clock.php
  13. 32 0
      api/vendor/lcobucci/clock/src/FrozenClock.php
  14. 34 0
      api/vendor/lcobucci/clock/src/SystemClock.php
  15. 0 3
      api/vendor/lcobucci/jwt/.gitignore
  16. 0 56
      api/vendor/lcobucci/jwt/.scrutinizer.yml
  17. 0 15
      api/vendor/lcobucci/jwt/.travis.yml
  18. 1 1
      api/vendor/lcobucci/jwt/LICENSE
  19. 0 194
      api/vendor/lcobucci/jwt/README.md
  20. 33 22
      api/vendor/lcobucci/jwt/composer.json
  21. 0 27
      api/vendor/lcobucci/jwt/phpunit.xml.dist
  22. 26 421
      api/vendor/lcobucci/jwt/src/Builder.php
  23. 0 40
      api/vendor/lcobucci/jwt/src/Claim.php
  24. 0 75
      api/vendor/lcobucci/jwt/src/Claim/Basic.php
  25. 0 34
      api/vendor/lcobucci/jwt/src/Claim/EqualsTo.php
  26. 0 118
      api/vendor/lcobucci/jwt/src/Claim/Factory.php
  27. 0 34
      api/vendor/lcobucci/jwt/src/Claim/GreaterOrEqualsTo.php
  28. 0 34
      api/vendor/lcobucci/jwt/src/Claim/LesserOrEqualsTo.php
  29. 0 30
      api/vendor/lcobucci/jwt/src/Claim/Validatable.php
  30. 14 0
      api/vendor/lcobucci/jwt/src/ClaimsFormatter.php
  31. 154 0
      api/vendor/lcobucci/jwt/src/Configuration.php
  32. 27 0
      api/vendor/lcobucci/jwt/src/Decoder.php
  33. 25 0
      api/vendor/lcobucci/jwt/src/Encoder.php
  34. 21 0
      api/vendor/lcobucci/jwt/src/Encoding/CannotDecodeContent.php
  35. 16 0
      api/vendor/lcobucci/jwt/src/Encoding/CannotEncodeContent.php
  36. 37 0
      api/vendor/lcobucci/jwt/src/Encoding/ChainedFormatter.php
  37. 60 0
      api/vendor/lcobucci/jwt/src/Encoding/JoseEncoder.php
  38. 37 0
      api/vendor/lcobucci/jwt/src/Encoding/MicrosecondBasedDateConversion.php
  39. 29 0
      api/vendor/lcobucci/jwt/src/Encoding/UnifyAudience.php
  40. 32 0
      api/vendor/lcobucci/jwt/src/Encoding/UnixTimestampDates.php
  41. 10 0
      api/vendor/lcobucci/jwt/src/Exception.php
  42. 9 146
      api/vendor/lcobucci/jwt/src/Parser.php
  43. 0 56
      api/vendor/lcobucci/jwt/src/Parsing/Decoder.php
  44. 0 51
      api/vendor/lcobucci/jwt/src/Parsing/Encoder.php
  45. 0 59
      api/vendor/lcobucci/jwt/src/Signature.php
  46. 13 38
      api/vendor/lcobucci/jwt/src/Signer.php
  47. 0 85
      api/vendor/lcobucci/jwt/src/Signer/BaseSigner.php
  48. 15 0
      api/vendor/lcobucci/jwt/src/Signer/CannotSignPayload.php
  49. 23 39
      api/vendor/lcobucci/jwt/src/Signer/Ecdsa.php
  50. 25 0
      api/vendor/lcobucci/jwt/src/Signer/Ecdsa/ConversionFailed.php
  51. 39 27
      api/vendor/lcobucci/jwt/src/Signer/Ecdsa/MultibyteStringConverter.php
  52. 8 25
      api/vendor/lcobucci/jwt/src/Signer/Ecdsa/Sha256.php
  53. 8 25
      api/vendor/lcobucci/jwt/src/Signer/Ecdsa/Sha384.php
  54. 8 25
      api/vendor/lcobucci/jwt/src/Signer/Ecdsa/Sha512.php
  55. 6 10
      api/vendor/lcobucci/jwt/src/Signer/Ecdsa/SignatureConverter.php
  56. 36 0
      api/vendor/lcobucci/jwt/src/Signer/Eddsa.php
  57. 12 63
      api/vendor/lcobucci/jwt/src/Signer/Hmac.php
  58. 4 20
      api/vendor/lcobucci/jwt/src/Signer/Hmac/Sha256.php
  59. 4 20
      api/vendor/lcobucci/jwt/src/Signer/Hmac/Sha384.php
  60. 4 20
      api/vendor/lcobucci/jwt/src/Signer/Hmac/Sha512.php
  61. 20 0
      api/vendor/lcobucci/jwt/src/Signer/InvalidKeyProvided.php
  62. 4 85
      api/vendor/lcobucci/jwt/src/Signer/Key.php
  63. 20 0
      api/vendor/lcobucci/jwt/src/Signer/Key/FileCouldNotBeRead.php
  64. 69 0
      api/vendor/lcobucci/jwt/src/Signer/Key/InMemory.php
  65. 54 0
      api/vendor/lcobucci/jwt/src/Signer/Key/LocalFileReference.php
  66. 0 44
      api/vendor/lcobucci/jwt/src/Signer/Keychain.php
  67. 26 0
      api/vendor/lcobucci/jwt/src/Signer/None.php
  68. 62 40
      api/vendor/lcobucci/jwt/src/Signer/OpenSSL.php
  69. 12 12
      api/vendor/lcobucci/jwt/src/Signer/Rsa.php
  70. 6 20
      api/vendor/lcobucci/jwt/src/Signer/Rsa/Sha256.php
  71. 6 20
      api/vendor/lcobucci/jwt/src/Signer/Rsa/Sha384.php
  72. 6 20
      api/vendor/lcobucci/jwt/src/Signer/Rsa/Sha512.php
  73. 88 0
      api/vendor/lcobucci/jwt/src/SodiumBase64Polyfill.php
  74. 19 248
      api/vendor/lcobucci/jwt/src/Token.php
  75. 128 0
      api/vendor/lcobucci/jwt/src/Token/Builder.php
  76. 46 0
      api/vendor/lcobucci/jwt/src/Token/DataSet.php
  77. 25 0
      api/vendor/lcobucci/jwt/src/Token/InvalidTokenStructure.php
  78. 154 0
      api/vendor/lcobucci/jwt/src/Token/Parser.php
  79. 92 0
      api/vendor/lcobucci/jwt/src/Token/Plain.php
  80. 20 0
      api/vendor/lcobucci/jwt/src/Token/RegisteredClaimGiven.php
  81. 77 0
      api/vendor/lcobucci/jwt/src/Token/RegisteredClaims.php
  82. 34 0
      api/vendor/lcobucci/jwt/src/Token/Signature.php
  83. 15 0
      api/vendor/lcobucci/jwt/src/Token/UnsupportedHeaderFound.php
  84. 25 0
      api/vendor/lcobucci/jwt/src/UnencryptedToken.php
  85. 12 0
      api/vendor/lcobucci/jwt/src/Validation/Constraint.php
  86. 27 0
      api/vendor/lcobucci/jwt/src/Validation/Constraint/IdentifiedBy.php
  87. 28 0
      api/vendor/lcobucci/jwt/src/Validation/Constraint/IssuedBy.php
  88. 15 0
      api/vendor/lcobucci/jwt/src/Validation/Constraint/LeewayCannotBeNegative.php
  89. 69 0
      api/vendor/lcobucci/jwt/src/Validation/Constraint/LooseValidAt.php
  90. 27 0
      api/vendor/lcobucci/jwt/src/Validation/Constraint/PermittedFor.php
  91. 27 0
      api/vendor/lcobucci/jwt/src/Validation/Constraint/RelatedTo.php
  92. 37 0
      api/vendor/lcobucci/jwt/src/Validation/Constraint/SignedWith.php
  93. 86 0
      api/vendor/lcobucci/jwt/src/Validation/Constraint/StrictValidAt.php
  94. 25 0
      api/vendor/lcobucci/jwt/src/Validation/Constraint/ValidAt.php
  95. 11 0
      api/vendor/lcobucci/jwt/src/Validation/ConstraintViolation.php
  96. 11 0
      api/vendor/lcobucci/jwt/src/Validation/NoConstraintsGiven.php
  97. 46 0
      api/vendor/lcobucci/jwt/src/Validation/RequiredConstraintsViolated.php
  98. 56 0
      api/vendor/lcobucci/jwt/src/Validation/Validator.php
  99. 0 129
      api/vendor/lcobucci/jwt/src/ValidationData.php
  100. 20 0
      api/vendor/lcobucci/jwt/src/Validator.php

+ 34 - 25
api/classes/organizr.class.php

@@ -3483,30 +3483,39 @@ class Organizr
 		$days = ($days > 365) ? 365 : $days;
 		$days = ($days > 365) ? 365 : $days;
 		//Quick get user ID
 		//Quick get user ID
 		$result = $this->getUserByUsernameAndEmail($username, $email);
 		$result = $this->getUserByUsernameAndEmail($username, $email);
-		// Create JWT
-		// Set key
-		// SHA256 Encryption
-		$signer = new Lcobucci\JWT\Signer\Hmac\Sha256();
-		// Start Builder
-		$jwttoken = (new Lcobucci\JWT\Builder())->issuedBy('Organizr')// Configures the issuer (iss claim)
-		->permittedFor('Organizr')// Configures the audience (aud claim)
-		->identifiedBy('4f1g23a12aa', true)// Configures the id (jti claim), replicating as a header item
-		->issuedAt(time())// Configures the time that the token was issue (iat claim)
-		->expiresAt(time() + (86400 * $days))// Configures the expiration time of the token (exp claim)
-		->withClaim('name', $result['username'])// Configures a new claim, called "name"
-		->withClaim('group', $result['group'])// Configures a new claim, called "group"
-		->withClaim('groupID', $result['group_id'])// Configures a new claim, called "groupID"
-		->withClaim('email', $result['email'])// Configures a new claim, called "email"
-		->withClaim('image', $result['image'])// Configures a new claim, called "image"
-		->withClaim('userID', $result['id'])// Configures a new claim, called "image"
-		->sign($signer, $this->config['organizrHash'])// creates a signature using "testing" as key
-		->getToken(); // Retrieves the generated token
-		$jwttoken->getHeaders(); // Retrieves the token headers
-		$jwttoken->getClaims(); // Retrieves the token claims
-		$this->coookie('set', $this->cookieName, $jwttoken, $days);
+		$config = $this->configToken();
+		assert($config instanceof Lcobucci\JWT\Configuration);
+		$now = new DateTimeImmutable();
+		$token = $config->builder()
+			// Configures the issuer (iss claim)
+			->issuedBy('Organizr')
+			// Configures the audience (aud claim)
+			->permittedFor('Organizr')
+			// Configures the id (jti claim)
+			->identifiedBy('4f1g23a12aa')
+			// Configures the time that the token was issue (iat claim)
+			->issuedAt($now)
+			// Configures the time that the token can be used (nbf claim)
+			->canOnlyBeUsedAfter($now)
+			// Configures the expiration time of the token (exp claim)
+			->expiresAt($now->modify('+' . $days . ' days'))
+			// Configures a new claim, called "uid"
+			->withClaim('name', $result['username'])// Configures a new claim, called "name"
+			->withClaim('group', $result['group'])// Configures a new claim, called "group"
+			->withClaim('groupID', $result['group_id'])// Configures a new claim, called "groupID"
+			->withClaim('email', $result['email'])// Configures a new claim, called "email"
+			->withClaim('image', $result['image'])// Configures a new claim, called "image"
+			->withClaim('userID', $result['id'])// Configures a new claim, called "image"
+			// Configures a new header, called "foo"
+			//->withHeader('foo', 'bar')
+			// Builds a new token
+			->getToken($config->signer(), $config->signingKey());
+		//$token->headers(); // Retrieves the token headers
+		//$token->claims(); // Retrieves the token claims
+		$this->coookie('set', $this->cookieName, $token->toString(), $days);
 		// Add token to DB
 		// Add token to DB
 		$addToken = [
 		$addToken = [
-			'token' => (string)$jwttoken,
+			'token' => $token->toString(),
 			'user_id' => $result['id'],
 			'user_id' => $result['id'],
 			'created' => gmdate('Y-m-d H:i:s'),
 			'created' => gmdate('Y-m-d H:i:s'),
 			'browser' => $_SERVER ['HTTP_USER_AGENT'] ?? null,
 			'browser' => $_SERVER ['HTTP_USER_AGENT'] ?? null,
@@ -3522,14 +3531,14 @@ class Organizr
 				)
 				)
 			),
 			),
 		];
 		];
-		$token = $this->processQueries($response);
-		if ($jwttoken) {
+		$this->processQueries($response);
+		if ($token) {
 			$this->logger->debug('Token has been created');
 			$this->logger->debug('Token has been created');
 		} else {
 		} else {
 			$this->logger->warning('Token creation error');
 			$this->logger->warning('Token creation error');
 		}
 		}
 		$this->logger->debug('Token creation function has finished');
 		$this->logger->debug('Token creation function has finished');
-		return $jwttoken;
+		return $token->toString();
 	}
 	}
 
 
 	public function login($array)
 	public function login($array)

+ 1 - 1
api/composer.json

@@ -1,7 +1,7 @@
 {
 {
   "require": {
   "require": {
     "dibi/dibi": "^4.2",
     "dibi/dibi": "^4.2",
-    "lcobucci/jwt": "3.3.1",
+    "lcobucci/jwt": "^4.1",
     "composer/semver": "^1.4",
     "composer/semver": "^1.4",
     "phpmailer/phpmailer": "^6.2",
     "phpmailer/phpmailer": "^6.2",
     "rmccue/requests": "^1.7",
     "rmccue/requests": "^1.7",

+ 95 - 19
api/composer.lock

@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
         "This file is @generated automatically"
     ],
     ],
-    "content-hash": "3f2f3b854484a2014e64d2327a1b8c29",
+    "content-hash": "b9b8c0d029836d5199c013198edf67e3",
     "packages": [
     "packages": [
         {
         {
             "name": "adldap2/adldap2",
             "name": "adldap2/adldap2",
@@ -1018,38 +1018,104 @@
             "description": "PHP Sonarr API Wrapper",
             "description": "PHP Sonarr API Wrapper",
             "time": "2017-06-30T01:25:49+00:00"
             "time": "2017-06-30T01:25:49+00:00"
         },
         },
+        {
+            "name": "lcobucci/clock",
+            "version": "2.0.0",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/lcobucci/clock.git",
+                "reference": "353d83fe2e6ae95745b16b3d911813df6a05bfb3"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/lcobucci/clock/zipball/353d83fe2e6ae95745b16b3d911813df6a05bfb3",
+                "reference": "353d83fe2e6ae95745b16b3d911813df6a05bfb3",
+                "shasum": ""
+            },
+            "require": {
+                "php": "^7.4 || ^8.0"
+            },
+            "require-dev": {
+                "infection/infection": "^0.17",
+                "lcobucci/coding-standard": "^6.0",
+                "phpstan/extension-installer": "^1.0",
+                "phpstan/phpstan": "^0.12",
+                "phpstan/phpstan-deprecation-rules": "^0.12",
+                "phpstan/phpstan-phpunit": "^0.12",
+                "phpstan/phpstan-strict-rules": "^0.12",
+                "phpunit/php-code-coverage": "9.1.4",
+                "phpunit/phpunit": "9.3.7"
+            },
+            "type": "library",
+            "autoload": {
+                "psr-4": {
+                    "Lcobucci\\Clock\\": "src"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Luís Cobucci",
+                    "email": "lcobucci@gmail.com"
+                }
+            ],
+            "description": "Yet another clock abstraction",
+            "support": {
+                "issues": "https://github.com/lcobucci/clock/issues",
+                "source": "https://github.com/lcobucci/clock/tree/2.0.x"
+            },
+            "funding": [
+                {
+                    "url": "https://github.com/lcobucci",
+                    "type": "github"
+                },
+                {
+                    "url": "https://www.patreon.com/lcobucci",
+                    "type": "patreon"
+                }
+            ],
+            "time": "2020-08-27T18:56:02+00:00"
+        },
         {
         {
             "name": "lcobucci/jwt",
             "name": "lcobucci/jwt",
-            "version": "3.3.1",
+            "version": "4.1.5",
             "source": {
             "source": {
                 "type": "git",
                 "type": "git",
                 "url": "https://github.com/lcobucci/jwt.git",
                 "url": "https://github.com/lcobucci/jwt.git",
-                "reference": "a11ec5f4b4d75d1fcd04e133dede4c317aac9e18"
+                "reference": "fe2d89f2eaa7087af4aa166c6f480ef04e000582"
             },
             },
             "dist": {
             "dist": {
                 "type": "zip",
                 "type": "zip",
-                "url": "https://api.github.com/repos/lcobucci/jwt/zipball/a11ec5f4b4d75d1fcd04e133dede4c317aac9e18",
-                "reference": "a11ec5f4b4d75d1fcd04e133dede4c317aac9e18",
+                "url": "https://api.github.com/repos/lcobucci/jwt/zipball/fe2d89f2eaa7087af4aa166c6f480ef04e000582",
+                "reference": "fe2d89f2eaa7087af4aa166c6f480ef04e000582",
                 "shasum": ""
                 "shasum": ""
             },
             },
             "require": {
             "require": {
+                "ext-hash": "*",
+                "ext-json": "*",
                 "ext-mbstring": "*",
                 "ext-mbstring": "*",
                 "ext-openssl": "*",
                 "ext-openssl": "*",
-                "php": "^5.6 || ^7.0"
+                "ext-sodium": "*",
+                "lcobucci/clock": "^2.0",
+                "php": "^7.4 || ^8.0"
             },
             },
             "require-dev": {
             "require-dev": {
-                "mikey179/vfsstream": "~1.5",
-                "phpmd/phpmd": "~2.2",
-                "phpunit/php-invoker": "~1.1",
-                "phpunit/phpunit": "^5.7 || ^7.3",
-                "squizlabs/php_codesniffer": "~2.3"
+                "infection/infection": "^0.21",
+                "lcobucci/coding-standard": "^6.0",
+                "mikey179/vfsstream": "^1.6.7",
+                "phpbench/phpbench": "^1.0",
+                "phpstan/extension-installer": "^1.0",
+                "phpstan/phpstan": "^0.12",
+                "phpstan/phpstan-deprecation-rules": "^0.12",
+                "phpstan/phpstan-phpunit": "^0.12",
+                "phpstan/phpstan-strict-rules": "^0.12",
+                "phpunit/php-invoker": "^3.1",
+                "phpunit/phpunit": "^9.5"
             },
             },
             "type": "library",
             "type": "library",
-            "extra": {
-                "branch-alias": {
-                    "dev-master": "3.1-dev"
-                }
-            },
             "autoload": {
             "autoload": {
                 "psr-4": {
                 "psr-4": {
                     "Lcobucci\\JWT\\": "src"
                     "Lcobucci\\JWT\\": "src"
@@ -1061,7 +1127,7 @@
             ],
             ],
             "authors": [
             "authors": [
                 {
                 {
-                    "name": "Luís Otávio Cobucci Oblonczyk",
+                    "name": "Luís Cobucci",
                     "email": "lcobucci@gmail.com",
                     "email": "lcobucci@gmail.com",
                     "role": "Developer"
                     "role": "Developer"
                 }
                 }
@@ -1073,9 +1139,19 @@
             ],
             ],
             "support": {
             "support": {
                 "issues": "https://github.com/lcobucci/jwt/issues",
                 "issues": "https://github.com/lcobucci/jwt/issues",
-                "source": "https://github.com/lcobucci/jwt/tree/3.3"
+                "source": "https://github.com/lcobucci/jwt/tree/4.1.5"
             },
             },
-            "time": "2019-05-24T18:30:49+00:00"
+            "funding": [
+                {
+                    "url": "https://github.com/lcobucci",
+                    "type": "github"
+                },
+                {
+                    "url": "https://www.patreon.com/lcobucci",
+                    "type": "patreon"
+                }
+            ],
+            "time": "2021-09-28T19:34:56+00:00"
         },
         },
         {
         {
             "name": "league/oauth2-client",
             "name": "league/oauth2-client",

+ 39 - 37
api/functions/token-functions.php

@@ -2,52 +2,54 @@
 
 
 trait TokenFunctions
 trait TokenFunctions
 {
 {
-	public function jwtParse($token)
+	public function configToken()
+	{
+		return Lcobucci\JWT\Configuration::forSymmetricSigner(
+		// You may use any HMAC variations (256, 384, and 512)
+			new Lcobucci\JWT\Signer\Hmac\Sha256(),
+			// replace the value below with a key of your own!
+			Lcobucci\JWT\Signer\Key\InMemory::plainText($this->config['organizrHash'])
+		// You may also override the JOSE encoder/decoder if needed by providing extra arguments here
+		);
+	}
+
+	public function validationConstraints()
+	{
+		return [
+			new Lcobucci\JWT\Validation\Constraint\IssuedBy('Organizr'),
+			new Lcobucci\JWT\Validation\Constraint\PermittedFor('Organizr'),
+			new Lcobucci\JWT\Validation\Constraint\LooseValidAt(Lcobucci\Clock\SystemClock::fromUTC())
+		];
+	}
+
+	public function jwtParse($userToken)
 	{
 	{
 		try {
 		try {
-			$result = array();
-			$result['valid'] = false;
+			$result = [];
 			// Check Token with JWT
 			// Check Token with JWT
 			// Set key
 			// Set key
 			if (!isset($this->config['organizrHash'])) {
 			if (!isset($this->config['organizrHash'])) {
 				return null;
 				return null;
 			}
 			}
-			$key = $this->config['organizrHash'];
-			// SHA256 Encryption
-			$signer = new Lcobucci\JWT\Signer\Hmac\Sha256();
-			$jwttoken = (new Lcobucci\JWT\Parser())->parse((string)$token); // Parses from a string
-			$jwttoken->getHeaders(); // Retrieves the token header
-			$jwttoken->getClaims(); // Retrieves the token claims
-			// Start Validation
-			if ($jwttoken->verify($signer, $key)) {
-				$data = new Lcobucci\JWT\ValidationData(); // It will use the current time to validate (iat, nbf and exp)
-				$data->setIssuer('Organizr');
-				$data->setAudience('Organizr');
-				if ($jwttoken->validate($data)) {
-					$result['valid'] = true;
-					$result['username'] = ($jwttoken->hasClaim('name')) ? $jwttoken->getClaim('name') : 'N/A';
-					$result['group'] = ($jwttoken->hasClaim('group')) ? $jwttoken->getClaim('group') : 'N/A';
-					$result['groupID'] = $jwttoken->getClaim('groupID');
-					$result['userID'] = $jwttoken->getClaim('userID');
-					$result['email'] = $jwttoken->getClaim('email');
-					$result['image'] = $jwttoken->getClaim('image');
-					$result['tokenExpire'] = $jwttoken->getClaim('exp');
-					$result['tokenDate'] = $jwttoken->getClaim('iat');
-					//$result['token'] = $jwttoken->getClaim('exp');
-				}
-			}
-			if ($result['valid'] == true) {
-				return $result;
-			} else {
+			$config = $this->configToken();
+			assert($config instanceof Lcobucci\JWT\Configuration);
+			$token = $config->parser()->parse($userToken);
+			assert($token instanceof Lcobucci\JWT\UnencryptedToken);
+			$constraints = $this->validationConstraints();
+			if (!$config->validator()->validate($token, ...$constraints)) {
 				return false;
 				return false;
 			}
 			}
-		} catch (\RunException $e) {
-			return false;
-		} catch (\OutOfBoundsException $e) {
-			return false;
-		} catch (\RunTimeException $e) {
-			return false;
-		} catch (\InvalidArgumentException $e) {
+			$result['username'] = ($token->claims()->has('name')) ? $token->claims()->get('name') : 'N/A';
+			$result['group'] = ($token->claims()->has('group')) ? $token->claims()->get('group') : 'N/A';
+			$result['groupID'] = $token->claims()->get('groupID');
+			$result['userID'] = $token->claims()->get('userID');
+			$result['email'] = $token->claims()->get('email');
+			$result['image'] = $token->claims()->get('image');
+			$result['tokenExpire'] = $token->claims()->get('exp');
+			$result['tokenDate'] = $token->claims()->get('iat');
+			return $result;
+		} catch (\OutOfBoundsException | \RunTimeException | \InvalidArgumentException | \Lcobucci\JWT\Validation\RequiredConstraintsViolated $e) {
+			$this->setLoggerChannel('Token Error')->error($e);
 			return false;
 			return false;
 		}
 		}
 	}
 	}

+ 1 - 0
api/vendor/composer/autoload_psr4.php

@@ -40,6 +40,7 @@ return array(
     'Monolog\\' => array($vendorDir . '/monolog/monolog/src/Monolog'),
     'Monolog\\' => array($vendorDir . '/monolog/monolog/src/Monolog'),
     'League\\OAuth2\\Client\\' => array($vendorDir . '/league/oauth2-client/src'),
     'League\\OAuth2\\Client\\' => array($vendorDir . '/league/oauth2-client/src'),
     'Lcobucci\\JWT\\' => array($vendorDir . '/lcobucci/jwt/src'),
     'Lcobucci\\JWT\\' => array($vendorDir . '/lcobucci/jwt/src'),
+    'Lcobucci\\Clock\\' => array($vendorDir . '/lcobucci/clock/src'),
     'Kryptonit3\\Sonarr\\' => array($vendorDir . '/kryptonit3/sonarr/src'),
     'Kryptonit3\\Sonarr\\' => array($vendorDir . '/kryptonit3/sonarr/src'),
     'Kryptonit3\\SickRage\\' => array($vendorDir . '/kryptonit3/sickrage/src'),
     'Kryptonit3\\SickRage\\' => array($vendorDir . '/kryptonit3/sickrage/src'),
     'Kryptonit3\\CouchPotato\\' => array($vendorDir . '/kryptonit3/couchpotato/src'),
     'Kryptonit3\\CouchPotato\\' => array($vendorDir . '/kryptonit3/couchpotato/src'),

+ 5 - 0
api/vendor/composer/autoload_static.php

@@ -87,6 +87,7 @@ class ComposerStaticInitcbdc783d76f8e7563dcce7d8af053ecb
         array (
         array (
             'League\\OAuth2\\Client\\' => 21,
             'League\\OAuth2\\Client\\' => 21,
             'Lcobucci\\JWT\\' => 13,
             'Lcobucci\\JWT\\' => 13,
+            'Lcobucci\\Clock\\' => 15,
         ),
         ),
         'K' => 
         'K' => 
         array (
         array (
@@ -276,6 +277,10 @@ class ComposerStaticInitcbdc783d76f8e7563dcce7d8af053ecb
         array (
         array (
             0 => __DIR__ . '/..' . '/lcobucci/jwt/src',
             0 => __DIR__ . '/..' . '/lcobucci/jwt/src',
         ),
         ),
+        'Lcobucci\\Clock\\' => 
+        array (
+            0 => __DIR__ . '/..' . '/lcobucci/clock/src',
+        ),
         'Kryptonit3\\Sonarr\\' => 
         'Kryptonit3\\Sonarr\\' => 
         array (
         array (
             0 => __DIR__ . '/..' . '/kryptonit3/sonarr/src',
             0 => __DIR__ . '/..' . '/kryptonit3/sonarr/src',

+ 98 - 19
api/vendor/composer/installed.json

@@ -1063,40 +1063,109 @@
             "description": "PHP Sonarr API Wrapper",
             "description": "PHP Sonarr API Wrapper",
             "install-path": "../kryptonit3/sonarr"
             "install-path": "../kryptonit3/sonarr"
         },
         },
+        {
+            "name": "lcobucci/clock",
+            "version": "2.0.0",
+            "version_normalized": "2.0.0.0",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/lcobucci/clock.git",
+                "reference": "353d83fe2e6ae95745b16b3d911813df6a05bfb3"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/lcobucci/clock/zipball/353d83fe2e6ae95745b16b3d911813df6a05bfb3",
+                "reference": "353d83fe2e6ae95745b16b3d911813df6a05bfb3",
+                "shasum": ""
+            },
+            "require": {
+                "php": "^7.4 || ^8.0"
+            },
+            "require-dev": {
+                "infection/infection": "^0.17",
+                "lcobucci/coding-standard": "^6.0",
+                "phpstan/extension-installer": "^1.0",
+                "phpstan/phpstan": "^0.12",
+                "phpstan/phpstan-deprecation-rules": "^0.12",
+                "phpstan/phpstan-phpunit": "^0.12",
+                "phpstan/phpstan-strict-rules": "^0.12",
+                "phpunit/php-code-coverage": "9.1.4",
+                "phpunit/phpunit": "9.3.7"
+            },
+            "time": "2020-08-27T18:56:02+00:00",
+            "type": "library",
+            "installation-source": "dist",
+            "autoload": {
+                "psr-4": {
+                    "Lcobucci\\Clock\\": "src"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Luís Cobucci",
+                    "email": "lcobucci@gmail.com"
+                }
+            ],
+            "description": "Yet another clock abstraction",
+            "support": {
+                "issues": "https://github.com/lcobucci/clock/issues",
+                "source": "https://github.com/lcobucci/clock/tree/2.0.x"
+            },
+            "funding": [
+                {
+                    "url": "https://github.com/lcobucci",
+                    "type": "github"
+                },
+                {
+                    "url": "https://www.patreon.com/lcobucci",
+                    "type": "patreon"
+                }
+            ],
+            "install-path": "../lcobucci/clock"
+        },
         {
         {
             "name": "lcobucci/jwt",
             "name": "lcobucci/jwt",
-            "version": "3.3.1",
-            "version_normalized": "3.3.1.0",
+            "version": "4.1.5",
+            "version_normalized": "4.1.5.0",
             "source": {
             "source": {
                 "type": "git",
                 "type": "git",
                 "url": "https://github.com/lcobucci/jwt.git",
                 "url": "https://github.com/lcobucci/jwt.git",
-                "reference": "a11ec5f4b4d75d1fcd04e133dede4c317aac9e18"
+                "reference": "fe2d89f2eaa7087af4aa166c6f480ef04e000582"
             },
             },
             "dist": {
             "dist": {
                 "type": "zip",
                 "type": "zip",
-                "url": "https://api.github.com/repos/lcobucci/jwt/zipball/a11ec5f4b4d75d1fcd04e133dede4c317aac9e18",
-                "reference": "a11ec5f4b4d75d1fcd04e133dede4c317aac9e18",
+                "url": "https://api.github.com/repos/lcobucci/jwt/zipball/fe2d89f2eaa7087af4aa166c6f480ef04e000582",
+                "reference": "fe2d89f2eaa7087af4aa166c6f480ef04e000582",
                 "shasum": ""
                 "shasum": ""
             },
             },
             "require": {
             "require": {
+                "ext-hash": "*",
+                "ext-json": "*",
                 "ext-mbstring": "*",
                 "ext-mbstring": "*",
                 "ext-openssl": "*",
                 "ext-openssl": "*",
-                "php": "^5.6 || ^7.0"
+                "ext-sodium": "*",
+                "lcobucci/clock": "^2.0",
+                "php": "^7.4 || ^8.0"
             },
             },
             "require-dev": {
             "require-dev": {
-                "mikey179/vfsstream": "~1.5",
-                "phpmd/phpmd": "~2.2",
-                "phpunit/php-invoker": "~1.1",
-                "phpunit/phpunit": "^5.7 || ^7.3",
-                "squizlabs/php_codesniffer": "~2.3"
+                "infection/infection": "^0.21",
+                "lcobucci/coding-standard": "^6.0",
+                "mikey179/vfsstream": "^1.6.7",
+                "phpbench/phpbench": "^1.0",
+                "phpstan/extension-installer": "^1.0",
+                "phpstan/phpstan": "^0.12",
+                "phpstan/phpstan-deprecation-rules": "^0.12",
+                "phpstan/phpstan-phpunit": "^0.12",
+                "phpstan/phpstan-strict-rules": "^0.12",
+                "phpunit/php-invoker": "^3.1",
+                "phpunit/phpunit": "^9.5"
             },
             },
-            "time": "2019-05-24T18:30:49+00:00",
+            "time": "2021-09-28T19:34:56+00:00",
             "type": "library",
             "type": "library",
-            "extra": {
-                "branch-alias": {
-                    "dev-master": "3.1-dev"
-                }
-            },
             "installation-source": "dist",
             "installation-source": "dist",
             "autoload": {
             "autoload": {
                 "psr-4": {
                 "psr-4": {
@@ -1109,7 +1178,7 @@
             ],
             ],
             "authors": [
             "authors": [
                 {
                 {
-                    "name": "Luís Otávio Cobucci Oblonczyk",
+                    "name": "Luís Cobucci",
                     "email": "lcobucci@gmail.com",
                     "email": "lcobucci@gmail.com",
                     "role": "Developer"
                     "role": "Developer"
                 }
                 }
@@ -1121,8 +1190,18 @@
             ],
             ],
             "support": {
             "support": {
                 "issues": "https://github.com/lcobucci/jwt/issues",
                 "issues": "https://github.com/lcobucci/jwt/issues",
-                "source": "https://github.com/lcobucci/jwt/tree/3.3"
+                "source": "https://github.com/lcobucci/jwt/tree/4.1.5"
             },
             },
+            "funding": [
+                {
+                    "url": "https://github.com/lcobucci",
+                    "type": "github"
+                },
+                {
+                    "url": "https://www.patreon.com/lcobucci",
+                    "type": "patreon"
+                }
+            ],
             "install-path": "../lcobucci/jwt"
             "install-path": "../lcobucci/jwt"
         },
         },
         {
         {

+ 14 - 5
api/vendor/composer/installed.php

@@ -5,7 +5,7 @@
         'type' => 'library',
         'type' => 'library',
         'install_path' => __DIR__ . '/../../',
         'install_path' => __DIR__ . '/../../',
         'aliases' => array(),
         'aliases' => array(),
-        'reference' => '3a141f74828baa2322d2a095494c4ddf646790d9',
+        'reference' => 'e20df3c36c967d374fdacb21f84497b19e5f042e',
         'name' => '__root__',
         'name' => '__root__',
         'dev' => true,
         'dev' => true,
     ),
     ),
@@ -16,7 +16,7 @@
             'type' => 'library',
             'type' => 'library',
             'install_path' => __DIR__ . '/../../',
             'install_path' => __DIR__ . '/../../',
             'aliases' => array(),
             'aliases' => array(),
-            'reference' => '3a141f74828baa2322d2a095494c4ddf646790d9',
+            'reference' => 'e20df3c36c967d374fdacb21f84497b19e5f042e',
             'dev_requirement' => false,
             'dev_requirement' => false,
         ),
         ),
         'adldap2/adldap2' => array(
         'adldap2/adldap2' => array(
@@ -178,13 +178,22 @@
             'reference' => 'e30c5c783a837270bcef81571ca9b95909c52e5e',
             'reference' => 'e30c5c783a837270bcef81571ca9b95909c52e5e',
             'dev_requirement' => false,
             'dev_requirement' => false,
         ),
         ),
+        'lcobucci/clock' => array(
+            'pretty_version' => '2.0.0',
+            'version' => '2.0.0.0',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../lcobucci/clock',
+            'aliases' => array(),
+            'reference' => '353d83fe2e6ae95745b16b3d911813df6a05bfb3',
+            'dev_requirement' => false,
+        ),
         'lcobucci/jwt' => array(
         'lcobucci/jwt' => array(
-            'pretty_version' => '3.3.1',
-            'version' => '3.3.1.0',
+            'pretty_version' => '4.1.5',
+            'version' => '4.1.5.0',
             'type' => 'library',
             'type' => 'library',
             'install_path' => __DIR__ . '/../lcobucci/jwt',
             'install_path' => __DIR__ . '/../lcobucci/jwt',
             'aliases' => array(),
             'aliases' => array(),
-            'reference' => 'a11ec5f4b4d75d1fcd04e133dede4c317aac9e18',
+            'reference' => 'fe2d89f2eaa7087af4aa166c6f480ef04e000582',
             'dev_requirement' => false,
             'dev_requirement' => false,
         ),
         ),
         'league/oauth2-client' => array(
         'league/oauth2-client' => array(

+ 2 - 2
api/vendor/composer/platform_check.php

@@ -4,8 +4,8 @@
 
 
 $issues = array();
 $issues = array();
 
 
-if (!(PHP_VERSION_ID >= 70300)) {
-    $issues[] = 'Your Composer dependencies require a PHP version ">= 7.3.0". You are running ' . PHP_VERSION . '.';
+if (!(PHP_VERSION_ID >= 70400)) {
+    $issues[] = 'Your Composer dependencies require a PHP version ">= 7.4.0". You are running ' . PHP_VERSION . '.';
 }
 }
 
 
 if ($issues) {
 if ($issues) {

+ 21 - 0
api/vendor/lcobucci/clock/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2017 Luís Cobucci
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

+ 40 - 0
api/vendor/lcobucci/clock/composer.json

@@ -0,0 +1,40 @@
+{
+    "name": "lcobucci/clock",
+    "description": "Yet another clock abstraction",
+    "type": "library",
+    "license": "MIT",
+    "authors": [
+        {
+            "name": "Luís Cobucci",
+            "email": "lcobucci@gmail.com"
+        }
+    ],
+    "require": {
+        "php": "^7.4 || ^8.0"
+    },
+    "require-dev": {
+        "infection/infection": "^0.17",
+        "lcobucci/coding-standard": "^6.0",
+        "phpstan/extension-installer": "^1.0",
+        "phpstan/phpstan": "^0.12",
+        "phpstan/phpstan-deprecation-rules": "^0.12",
+        "phpstan/phpstan-phpunit": "^0.12",
+        "phpstan/phpstan-strict-rules": "^0.12",
+        "phpunit/php-code-coverage": "9.1.4",
+        "phpunit/phpunit": "9.3.7"
+    },
+    "autoload": {
+        "psr-4": {
+            "Lcobucci\\Clock\\": "src"
+        }
+    },
+    "autoload-dev": {
+        "psr-4": {
+            "Lcobucci\\Clock\\": "test"
+        }
+    },
+    "config": {
+        "preferred-install": "dist",
+        "sort-packages": true
+    }
+}

+ 11 - 0
api/vendor/lcobucci/clock/src/Clock.php

@@ -0,0 +1,11 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\Clock;
+
+use DateTimeImmutable;
+
+interface Clock
+{
+    public function now(): DateTimeImmutable;
+}

+ 32 - 0
api/vendor/lcobucci/clock/src/FrozenClock.php

@@ -0,0 +1,32 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\Clock;
+
+use DateTimeImmutable;
+use DateTimeZone;
+
+final class FrozenClock implements Clock
+{
+    private DateTimeImmutable $now;
+
+    public function __construct(DateTimeImmutable $now)
+    {
+        $this->now = $now;
+    }
+
+    public static function fromUTC(): self
+    {
+        return new self(new DateTimeImmutable('now', new DateTimeZone('UTC')));
+    }
+
+    public function setTo(DateTimeImmutable $now): void
+    {
+        $this->now = $now;
+    }
+
+    public function now(): DateTimeImmutable
+    {
+        return $this->now;
+    }
+}

+ 34 - 0
api/vendor/lcobucci/clock/src/SystemClock.php

@@ -0,0 +1,34 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\Clock;
+
+use DateTimeImmutable;
+use DateTimeZone;
+
+use function date_default_timezone_get;
+
+final class SystemClock implements Clock
+{
+    private DateTimeZone $timezone;
+
+    public function __construct(DateTimeZone $timezone)
+    {
+        $this->timezone = $timezone;
+    }
+
+    public static function fromUTC(): self
+    {
+        return new self(new DateTimeZone('UTC'));
+    }
+
+    public static function fromSystemTimezone(): self
+    {
+        return new self(new DateTimeZone(date_default_timezone_get()));
+    }
+
+    public function now(): DateTimeImmutable
+    {
+        return new DateTimeImmutable('now', $this->timezone);
+    }
+}

+ 0 - 3
api/vendor/lcobucci/jwt/.gitignore

@@ -1,3 +0,0 @@
-/vendor
-/phpunit.xml
-/composer.lock

+ 0 - 56
api/vendor/lcobucci/jwt/.scrutinizer.yml

@@ -1,56 +0,0 @@
-build:
-    environment:
-        mysql: false
-        postgresql: false
-        redis: false
-        rabbitmq: false
-        php:
-            version: 5.6
-tools:
-    php_sim: true
-    php_pdepend: true
-    php_analyzer: true
-    php_changetracking: true
-    php_code_sniffer:
-        config:
-            standard: "PSR2"
-    php_mess_detector: true
-checks:
-    php:
-        code_rating: true
-        duplication: true
-        argument_type_checks: true
-        assignment_of_null_return: true
-        avoid_conflicting_incrementers: true
-        avoid_useless_overridden_methods: true
-        catch_class_exists: true
-        closure_use_modifiable: true
-        closure_use_not_conflicting: true
-        deprecated_code_usage: true
-        method_calls_on_non_object: true
-        missing_arguments: true
-        no_duplicate_arguments: true
-        no_non_implemented_abstract_methods: true
-        no_property_on_interface: true
-        parameter_non_unique: true
-        precedence_in_conditions: true
-        precedence_mistakes: true
-        require_php_tag_first: true
-        security_vulnerabilities: true
-        sql_injection_vulnerabilities: true
-        too_many_arguments: true
-        unreachable_code: true
-        unused_methods: true
-        unused_parameters: true
-        unused_properties: true
-        unused_variables: true
-        use_statement_alias_conflict: true
-        useless_calls: true
-        variable_existence: true
-        verify_access_scope_valid: true
-        verify_argument_usable_as_reference: true
-        verify_property_names: true
-
-filter:
-    excluded_paths:
-        - test/*

+ 0 - 15
api/vendor/lcobucci/jwt/.travis.yml

@@ -1,15 +0,0 @@
-language: php
-php:
-  - 5.6
-  - 7.0
-  - 7.1
-  - 7.2
-  - 7.3
-  - nightly
-
-matrix:
-  allow_failures:
-    - php: nightly
-
-before_script:
-  - composer install --prefer-dist -o

+ 1 - 1
api/vendor/lcobucci/jwt/LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2014-2015, Luís Otávio Cobucci Oblonczyk
+Copyright (c) 2014, Luís Cobucci
 All rights reserved.
 All rights reserved.
 
 
 Redistribution and use in source and binary forms, with or without
 Redistribution and use in source and binary forms, with or without

+ 0 - 194
api/vendor/lcobucci/jwt/README.md

@@ -1,194 +0,0 @@
-# JWT
-[![Gitter](https://img.shields.io/badge/GITTER-JOIN%20CHAT%20%E2%86%92-brightgreen.svg?style=flat-square)](https://gitter.im/lcobucci/jwt?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Total Downloads](https://img.shields.io/packagist/dt/lcobucci/jwt.svg?style=flat-square)](https://packagist.org/packages/lcobucci/jwt) [![Latest Stable Version](https://img.shields.io/packagist/v/lcobucci/jwt.svg?style=flat-square)](https://packagist.org/packages/lcobucci/jwt)
-
-![Branch master](https://img.shields.io/badge/branch-master-brightgreen.svg?style=flat-square)
-[![Build Status](https://img.shields.io/travis/lcobucci/jwt/master.svg?style=flat-square)](http://travis-ci.org/#!/lcobucci/jwt)
-[![Scrutinizer Code Quality](https://img.shields.io/scrutinizer/g/lcobucci/jwt/master.svg?style=flat-square)](https://scrutinizer-ci.com/g/lcobucci/jwt/?branch=master)
-[![Code Coverage](https://img.shields.io/scrutinizer/coverage/g/lcobucci/jwt/master.svg?style=flat-square)](https://scrutinizer-ci.com/g/lcobucci/jwt/?branch=master)
-
-A simple library to work with JSON Web Token and JSON Web Signature (requires PHP 5.6+).
-The implementation is based on the [RFC 7519](https://tools.ietf.org/html/rfc7519).
-
-## Installation
-
-Package is available on [Packagist](http://packagist.org/packages/lcobucci/jwt),
-you can install it using [Composer](http://getcomposer.org).
-
-```shell
-composer require lcobucci/jwt
-```
-
-### Dependencies
-
-- PHP 5.6+
-- OpenSSL Extension
-
-## Basic usage
-
-### Creating
-
-Just use the builder to create a new JWT/JWS tokens:
-
-```php
-use Lcobucci\JWT\Builder;
-
-$time = time();
-$token = (new Builder())->issuedBy('http://example.com') // Configures the issuer (iss claim)
-                        ->permittedFor('http://example.org') // Configures the audience (aud claim)
-                        ->identifiedBy('4f1g23a12aa', true) // Configures the id (jti claim), replicating as a header item
-                        ->issuedAt($time) // Configures the time that the token was issue (iat claim)
-                        ->canOnlyBeUsedAfter($time + 60) // Configures the time that the token can be used (nbf claim)
-                        ->expiresAt($time + 3600) // Configures the expiration time of the token (exp claim)
-                        ->withClaim('uid', 1) // Configures a new claim, called "uid"
-                        ->getToken(); // Retrieves the generated token
-
-
-$token->getHeaders(); // Retrieves the token headers
-$token->getClaims(); // Retrieves the token claims
-
-echo $token->getHeader('jti'); // will print "4f1g23a12aa"
-echo $token->getClaim('iss'); // will print "http://example.com"
-echo $token->getClaim('uid'); // will print "1"
-echo $token; // The string representation of the object is a JWT string (pretty easy, right?)
-```
-
-### Parsing from strings
-
-Use the parser to create a new token from a JWT string (using the previous token as example):
-
-```php
-use Lcobucci\JWT\Parser;
-
-$token = (new Parser())->parse((string) $token); // Parses from a string
-$token->getHeaders(); // Retrieves the token header
-$token->getClaims(); // Retrieves the token claims
-
-echo $token->getHeader('jti'); // will print "4f1g23a12aa"
-echo $token->getClaim('iss'); // will print "http://example.com"
-echo $token->getClaim('uid'); // will print "1"
-```
-
-### Validating
-
-We can easily validate if the token is valid (using the previous token and time as example):
-
-```php
-use Lcobucci\JWT\ValidationData;
-
-$data = new ValidationData(); // It will use the current time to validate (iat, nbf and exp)
-$data->setIssuer('http://example.com');
-$data->setAudience('http://example.org');
-$data->setId('4f1g23a12aa');
-
-var_dump($token->validate($data)); // false, because token cannot be used before now() + 60
-
-$data->setCurrentTime($time + 61); // changing the validation time to future
-
-var_dump($token->validate($data)); // true, because current time is between "nbf" and "exp" claims
-
-$data->setCurrentTime($time + 4000); // changing the validation time to future
-
-var_dump($token->validate($data)); // false, because token is expired since current time is greater than exp
-
-// We can also use the $leeway parameter to deal with clock skew (see notes below)
-// If token's claimed time is invalid but the difference between that and the validation time is less than $leeway, 
-// then token is still considered valid
-$dataWithLeeway = new ValidationData($time, 20); 
-$dataWithLeeway->setIssuer('http://example.com');
-$dataWithLeeway->setAudience('http://example.org');
-$dataWithLeeway->setId('4f1g23a12aa');
-
-var_dump($token->validate($dataWithLeeway)); // false, because token can't be used before now() + 60, not within leeway
-
-$dataWithLeeway->setCurrentTime($time + 51); // changing the validation time to future
-
-var_dump($token->validate($dataWithLeeway)); // true, because current time plus leeway is between "nbf" and "exp" claims
-
-$dataWithLeeway->setCurrentTime($time + 3610); // changing the validation time to future but within leeway
-
-var_dump($token->validate($dataWithLeeway)); // true, because current time - 20 seconds leeway is less than exp
-
-$dataWithLeeway->setCurrentTime($time + 4000); // changing the validation time to future outside of leeway
-
-var_dump($token->validate($dataWithLeeway)); // false, because token is expired since current time is greater than exp
-```
-
-#### Important
-
-- You have to configure ```ValidationData``` informing all claims you want to validate the token.
-- If ```ValidationData``` contains claims that are not being used in token or token has claims that are not
-configured in ```ValidationData``` they will be ignored by ```Token::validate()```.
-- ```exp```, ```nbf``` and ```iat``` claims are configured by default in ```ValidationData::__construct()```
-with the current UNIX time (```time()```).
-- The optional ```$leeway``` parameter of ```ValidationData``` will cause us to use that number of seconds of leeway 
-when validating the time-based claims, pretending we are further in the future for the "Issued At" (```iat```) and "Not 
-Before" (```nbf```) claims and pretending we are further in the past for the "Expiration Time" (```exp```) claim. This
-allows for situations where the clock of the issuing server has a different time than the clock of the verifying server, 
-as mentioned in [section 4.1 of RFC 7519](https://tools.ietf.org/html/rfc7519#section-4.1).
-
-## Token signature
-
-We can use signatures to be able to verify if the token was not modified after its generation. This library implements Hmac, RSA and ECDSA signatures (using 256, 384 and 512).
-
-### Important
-
-Do not allow the string sent to the Parser to dictate which signature algorithm
-to use, or else your application will be vulnerable to a [critical JWT security vulnerability](https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries).
-
-The examples below are safe because the choice in `Signer` is hard-coded and
-cannot be influenced by malicious users.
-
-### Hmac
-
-Hmac signatures are really simple to be used:
-
-```php
-use Lcobucci\JWT\Builder;
-use Lcobucci\JWT\Signer\Key;
-use Lcobucci\JWT\Signer\Hmac\Sha256;
-
-$signer = new Sha256();
-$time = time();
-
-$token = (new Builder())->issuedBy('http://example.com') // Configures the issuer (iss claim)
-                        ->permittedFor('http://example.org') // Configures the audience (aud claim)
-                        ->identifiedBy('4f1g23a12aa', true) // Configures the id (jti claim), replicating as a header item
-                        ->issuedAt($time) // Configures the time that the token was issue (iat claim)
-                        ->canOnlyBeUsedAfter($time + 60) // Configures the time that the token can be used (nbf claim)
-                        ->expiresAt($time + 3600) // Configures the expiration time of the token (exp claim)
-                        ->withClaim('uid', 1) // Configures a new claim, called "uid"
-                        ->getToken($signer, new Key('testing')); // Retrieves the generated token
-
-
-var_dump($token->verify($signer, 'testing 1')); // false, because the key is different
-var_dump($token->verify($signer, 'testing')); // true, because the key is the same
-```
-
-### RSA and ECDSA
-
-RSA and ECDSA signatures are based on public and private keys so you have to generate using the private key and verify using the public key:
-
-```php
-use Lcobucci\JWT\Builder;
-use Lcobucci\JWT\Signer\Key;
-use Lcobucci\JWT\Signer\Rsa\Sha256; // you can use Lcobucci\JWT\Signer\Ecdsa\Sha256 if you're using ECDSA keys
-
-$signer = new Sha256();
-$privateKey = new Key('file://{path to your private key}');
-$time = time();
-
-$token = (new Builder())->issuedBy('http://example.com') // Configures the issuer (iss claim)
-                        ->permittedFor('http://example.org') // Configures the audience (aud claim)
-                        ->identifiedBy('4f1g23a12aa', true) // Configures the id (jti claim), replicating as a header item
-                        ->issuedAt($time) // Configures the time that the token was issue (iat claim)
-                        ->canOnlyBeUsedAfter($time + 60) // Configures the time that the token can be used (nbf claim)
-                        ->expiresAt($time + 3600) // Configures the expiration time of the token (exp claim)
-                        ->withClaim('uid', 1) // Configures a new claim, called "uid"
-                        ->getToken($signer,  $privateKey); // Retrieves the generated token
-
-$publicKey = new Key('file://{path to your public key}');
-
-var_dump($token->verify($signer, $publicKey)); // true when the public key was generated by the private one =)
-```
-
-**It's important to say that if you're using RSA keys you shouldn't invoke ECDSA signers (and vice-versa), otherwise ```sign()``` and ```verify()``` will raise an exception!**

+ 33 - 22
api/vendor/lcobucci/jwt/composer.json

@@ -1,14 +1,7 @@
 {
 {
     "name": "lcobucci/jwt",
     "name": "lcobucci/jwt",
-    "description": "A simple library to work with JSON Web Token and JSON Web Signature",
     "type": "library",
     "type": "library",
-    "authors": [
-        {
-            "name": "Luís Otávio Cobucci Oblonczyk",
-            "email": "lcobucci@gmail.com",
-            "role": "Developer"
-        }
-    ],
+    "description": "A simple library to work with JSON Web Token and JSON Web Signature",
     "keywords": [
     "keywords": [
         "JWT",
         "JWT",
         "JWS"
         "JWS"
@@ -16,17 +9,38 @@
     "license": [
     "license": [
         "BSD-3-Clause"
         "BSD-3-Clause"
     ],
     ],
+    "authors": [
+        {
+            "name": "Luís Cobucci",
+            "email": "lcobucci@gmail.com",
+            "role": "Developer"
+        }
+    ],
     "require": {
     "require": {
-        "php": "^5.6 || ^7.0",
+        "php": "^7.4 || ^8.0",
+        "ext-hash": "*",
+        "ext-json": "*",
         "ext-mbstring": "*",
         "ext-mbstring": "*",
-        "ext-openssl": "*"
+        "ext-openssl": "*",
+        "ext-sodium": "*",
+        "lcobucci/clock": "^2.0"
     },
     },
     "require-dev": {
     "require-dev": {
-        "phpunit/phpunit": "^5.7 || ^7.3",
-        "squizlabs/php_codesniffer": "~2.3",
-        "phpmd/phpmd": "~2.2",
-        "phpunit/php-invoker": "~1.1",
-        "mikey179/vfsstream": "~1.5"
+        "infection/infection": "^0.21",
+        "lcobucci/coding-standard": "^6.0",
+        "mikey179/vfsstream": "^1.6.7",
+        "phpbench/phpbench": "^1.0",
+        "phpstan/extension-installer": "^1.0",
+        "phpstan/phpstan": "^0.12",
+        "phpstan/phpstan-deprecation-rules": "^0.12",
+        "phpstan/phpstan-phpunit": "^0.12",
+        "phpstan/phpstan-strict-rules": "^0.12",
+        "phpunit/php-invoker": "^3.1",
+        "phpunit/phpunit": "^9.5"
+    },
+    "config": {
+        "preferred-install": "dist",
+        "sort-packages": true
     },
     },
     "autoload": {
     "autoload": {
         "psr-4": {
         "psr-4": {
@@ -36,14 +50,11 @@
     "autoload-dev": {
     "autoload-dev": {
         "psr-4": {
         "psr-4": {
             "Lcobucci\\JWT\\": [
             "Lcobucci\\JWT\\": [
+                "test/_keys",
                 "test/unit",
                 "test/unit",
-                "test/functional"
-            ]
-        }
-    },
-    "extra": {
-        "branch-alias": {
-            "dev-master": "3.1-dev"
+                "test/performance"
+            ],
+            "Lcobucci\\JWT\\FunctionalTests\\": "test/functional"
         }
         }
     }
     }
 }
 }

+ 0 - 27
api/vendor/lcobucci/jwt/phpunit.xml.dist

@@ -1,27 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:noNamespaceSchemaLocation="vendor/phpunit/phpunit/phpunit.xsd"
-    colors="true"
-    verbose="true"
-    beStrictAboutOutputDuringTests="true"
-    beStrictAboutTodoAnnotatedTests="true"
-    beStrictAboutChangesToGlobalState="true"
-    beStrictAboutCoversAnnotation="true"
-    beStrictAboutResourceUsageDuringSmallTests="true"
-    beStrictAboutTestsThatDoNotTestAnything="true"
-    forceCoversAnnotation="true">
-	<testsuites>
-		<testsuite name="Unit Test Suite">
-			<directory>test/unit</directory>
-		</testsuite>
-		<testsuite name="Integration Test Suite">
-			<directory>test/functional</directory>
-		</testsuite>
-	</testsuites>
-
-    <filter>
-        <whitelist processUncoveredFilesFromWhitelist="true">
-            <directory suffix=".php">src</directory>
-        </whitelist>
-    </filter>
-</phpunit>

+ 26 - 421
api/vendor/lcobucci/jwt/src/Builder.php

@@ -1,472 +1,77 @@
 <?php
 <?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
+declare(strict_types=1);
 
 
 namespace Lcobucci\JWT;
 namespace Lcobucci\JWT;
 
 
-use Lcobucci\JWT\Claim\Factory as ClaimFactory;
-use Lcobucci\JWT\Parsing\Encoder;
+use DateTimeImmutable;
+use Lcobucci\JWT\Encoding\CannotEncodeContent;
+use Lcobucci\JWT\Signer\CannotSignPayload;
+use Lcobucci\JWT\Signer\Ecdsa\ConversionFailed;
+use Lcobucci\JWT\Signer\InvalidKeyProvided;
 use Lcobucci\JWT\Signer\Key;
 use Lcobucci\JWT\Signer\Key;
-use function implode;
+use Lcobucci\JWT\Token\Plain;
+use Lcobucci\JWT\Token\RegisteredClaimGiven;
 
 
-/**
- * This class makes easier the token creation process
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 0.1.0
- */
-class Builder
+interface Builder
 {
 {
     /**
     /**
-     * The token header
-     *
-     * @var array
-     */
-    private $headers = ['typ'=> 'JWT', 'alg' => 'none'];
-
-    /**
-     * The token claim set
-     *
-     * @var array
-     */
-    private $claims = [];
-
-    /**
-     * The data encoder
-     *
-     * @var Encoder
-     */
-    private $encoder;
-
-    /**
-     * The factory of claims
-     *
-     * @var ClaimFactory
-     */
-    private $claimFactory;
-
-    /**
-     * @var Signer|null
+     * Appends new items to audience
      */
      */
-    private $signer;
-
-    /**
-     * @var Key|null
-     */
-    private $key;
-
-    /**
-     * Initializes a new builder
-     *
-     * @param Encoder $encoder
-     * @param ClaimFactory $claimFactory
-     */
-    public function __construct(
-        Encoder $encoder = null,
-        ClaimFactory $claimFactory = null
-    ) {
-        $this->encoder = $encoder ?: new Encoder();
-        $this->claimFactory = $claimFactory ?: new ClaimFactory();
-    }
-
-    /**
-     * Configures the audience
-     *
-     * @deprecated This method has been wrongly added and doesn't exist on v4
-     * @see Builder::permittedFor()
-     *
-     * @param string $audience
-     * @param bool $replicateAsHeader
-     *
-     * @return Builder
-     */
-    public function canOnlyBeUsedBy($audience, $replicateAsHeader = false)
-    {
-        return $this->setRegisteredClaim('aud', (string) $audience, $replicateAsHeader);
-    }
-
-    /**
-     * Configures the audience
-     *
-     * @param string $audience
-     * @param bool $replicateAsHeader
-     *
-     * @return Builder
-     */
-    public function permittedFor($audience, $replicateAsHeader = false)
-    {
-        return $this->setRegisteredClaim('aud', (string) $audience, $replicateAsHeader);
-    }
-
-    /**
-     * Configures the audience
-     *
-     * @deprecated This method will be removed on v4
-     * @see Builder::permittedFor()
-     *
-     * @param string $audience
-     * @param boolean $replicateAsHeader
-     *
-     * @return Builder
-     */
-    public function setAudience($audience, $replicateAsHeader = false)
-    {
-        return $this->setRegisteredClaim('aud', (string) $audience, $replicateAsHeader);
-    }
-
-    /**
-     * Configures the expiration time
-     *
-     * @param int $expiration
-     * @param boolean $replicateAsHeader
-     *
-     * @return Builder
-     */
-    public function expiresAt($expiration, $replicateAsHeader = false)
-    {
-        return $this->setRegisteredClaim('exp', (int) $expiration, $replicateAsHeader);
-    }
+    public function permittedFor(string ...$audiences): Builder;
 
 
     /**
     /**
      * Configures the expiration time
      * Configures the expiration time
-     *
-     * @deprecated This method will be removed on v4
-     * @see Builder::expiresAt()
-     *
-     * @param int $expiration
-     * @param boolean $replicateAsHeader
-     *
-     * @return Builder
      */
      */
-    public function setExpiration($expiration, $replicateAsHeader = false)
-    {
-        return $this->setRegisteredClaim('exp', (int) $expiration, $replicateAsHeader);
-    }
+    public function expiresAt(DateTimeImmutable $expiration): Builder;
 
 
     /**
     /**
      * Configures the token id
      * Configures the token id
-     *
-     * @param string $id
-     * @param boolean $replicateAsHeader
-     *
-     * @return Builder
-     */
-    public function identifiedBy($id, $replicateAsHeader = false)
-    {
-        return $this->setRegisteredClaim('jti', (string) $id, $replicateAsHeader);
-    }
-
-    /**
-     * Configures the token id
-     *
-     * @deprecated This method will be removed on v4
-     * @see Builder::identifiedBy()
-     *
-     * @param string $id
-     * @param boolean $replicateAsHeader
-     *
-     * @return Builder
      */
      */
-    public function setId($id, $replicateAsHeader = false)
-    {
-        return $this->identifiedBy($id, $replicateAsHeader);
-    }
+    public function identifiedBy(string $id): Builder;
 
 
     /**
     /**
      * Configures the time that the token was issued
      * Configures the time that the token was issued
-     *
-     * @param int $issuedAt
-     * @param boolean $replicateAsHeader
-     *
-     * @return Builder
-     */
-    public function issuedAt($issuedAt, $replicateAsHeader = false)
-    {
-        return $this->setRegisteredClaim('iat', (int) $issuedAt, $replicateAsHeader);
-    }
-
-    /**
-     * Configures the time that the token was issued
-     *
-     * @deprecated This method will be removed on v4
-     * @see Builder::issuedAt()
-     *
-     * @param int $issuedAt
-     * @param boolean $replicateAsHeader
-     *
-     * @return Builder
      */
      */
-    public function setIssuedAt($issuedAt, $replicateAsHeader = false)
-    {
-        return $this->issuedAt($issuedAt, $replicateAsHeader);
-    }
+    public function issuedAt(DateTimeImmutable $issuedAt): Builder;
 
 
     /**
     /**
      * Configures the issuer
      * Configures the issuer
-     *
-     * @param string $issuer
-     * @param boolean $replicateAsHeader
-     *
-     * @return Builder
      */
      */
-    public function issuedBy($issuer, $replicateAsHeader = false)
-    {
-        return $this->setRegisteredClaim('iss', (string) $issuer, $replicateAsHeader);
-    }
-
-    /**
-     * Configures the issuer
-     *
-     * @deprecated This method will be removed on v4
-     * @see Builder::issuedBy()
-     *
-     * @param string $issuer
-     * @param boolean $replicateAsHeader
-     *
-     * @return Builder
-     */
-    public function setIssuer($issuer, $replicateAsHeader = false)
-    {
-        return $this->issuedBy($issuer, $replicateAsHeader);
-    }
+    public function issuedBy(string $issuer): Builder;
 
 
     /**
     /**
      * Configures the time before which the token cannot be accepted
      * Configures the time before which the token cannot be accepted
-     *
-     * @param int $notBefore
-     * @param boolean $replicateAsHeader
-     *
-     * @return Builder
-     */
-    public function canOnlyBeUsedAfter($notBefore, $replicateAsHeader = false)
-    {
-        return $this->setRegisteredClaim('nbf', (int) $notBefore, $replicateAsHeader);
-    }
-
-    /**
-     * Configures the time before which the token cannot be accepted
-     *
-     * @deprecated This method will be removed on v4
-     * @see Builder::canOnlyBeUsedAfter()
-     *
-     * @param int $notBefore
-     * @param boolean $replicateAsHeader
-     *
-     * @return Builder
      */
      */
-    public function setNotBefore($notBefore, $replicateAsHeader = false)
-    {
-        return $this->canOnlyBeUsedAfter($notBefore, $replicateAsHeader);
-    }
+    public function canOnlyBeUsedAfter(DateTimeImmutable $notBefore): Builder;
 
 
     /**
     /**
      * Configures the subject
      * Configures the subject
-     *
-     * @param string $subject
-     * @param boolean $replicateAsHeader
-     *
-     * @return Builder
-     */
-    public function relatedTo($subject, $replicateAsHeader = false)
-    {
-        return $this->setRegisteredClaim('sub', (string) $subject, $replicateAsHeader);
-    }
-
-    /**
-     * Configures the subject
-     *
-     * @deprecated This method will be removed on v4
-     * @see Builder::relatedTo()
-     *
-     * @param string $subject
-     * @param boolean $replicateAsHeader
-     *
-     * @return Builder
-     */
-    public function setSubject($subject, $replicateAsHeader = false)
-    {
-        return $this->relatedTo($subject, $replicateAsHeader);
-    }
-
-    /**
-     * Configures a registered claim
-     *
-     * @param string $name
-     * @param mixed $value
-     * @param boolean $replicate
-     *
-     * @return Builder
      */
      */
-    protected function setRegisteredClaim($name, $value, $replicate)
-    {
-        $this->withClaim($name, $value);
-
-        if ($replicate) {
-            $this->headers[$name] = $this->claims[$name];
-        }
-
-        return $this;
-    }
+    public function relatedTo(string $subject): Builder;
 
 
     /**
     /**
      * Configures a header item
      * Configures a header item
      *
      *
-     * @param string $name
-     * @param mixed $value
-     *
-     * @return Builder
-     */
-    public function withHeader($name, $value)
-    {
-        $this->headers[(string) $name] = $this->claimFactory->create($name, $value);
-
-        return $this;
-    }
-
-    /**
-     * Configures a header item
-     *
-     * @deprecated This method will be removed on v4
-     * @see Builder::withHeader()
-     *
-     * @param string $name
-     * @param mixed $value
-     *
-     * @return Builder
-     */
-    public function setHeader($name, $value)
-    {
-        return $this->withHeader($name, $value);
-    }
-
-    /**
-     * Configures a claim item
-     *
-     * @deprecated This method has been wrongly added and doesn't exist on v4
-     * @see Builder::withClaim()
-     *
-     * @param string $name
      * @param mixed $value
      * @param mixed $value
-     *
-     * @return Builder
      */
      */
-    public function with($name, $value)
-    {
-        return $this->withClaim($name, $value);
-    }
+    public function withHeader(string $name, $value): Builder;
 
 
     /**
     /**
      * Configures a claim item
      * Configures a claim item
      *
      *
-     * @param string $name
      * @param mixed $value
      * @param mixed $value
      *
      *
-     * @return Builder
-     */
-    public function withClaim($name, $value)
-    {
-        $this->claims[(string) $name] = $this->claimFactory->create($name, $value);
-
-        return $this;
-    }
-
-    /**
-     * Configures a claim item
-     *
-     * @deprecated This method will be removed on v4
-     * @see Builder::withClaim()
-     *
-     * @param string $name
-     * @param mixed $value
-     *
-     * @return Builder
-     */
-    public function set($name, $value)
-    {
-        return $this->withClaim($name, $value);
-    }
-
-    /**
-     * Signs the data
-     *
-     * @deprecated This method will be removed on v4
-     * @see Builder::getToken()
-     *
-     * @param Signer $signer
-     * @param Key|string $key
-     *
-     * @return Builder
-     */
-    public function sign(Signer $signer, $key)
-    {
-        if (! $key instanceof Key) {
-            $key = new Key($key);
-        }
-
-        $this->signer = $signer;
-        $this->key = $key;
-
-        return $this;
-    }
-
-    /**
-     * Removes the signature from the builder
-     *
-     * @deprecated This method will be removed on v4
-     * @see Builder::getToken()
-     *
-     * @return Builder
+     * @throws RegisteredClaimGiven When trying to set a registered claim.
      */
      */
-    public function unsign()
-    {
-        $this->signer = null;
-        $this->key = null;
-
-        return $this;
-    }
+    public function withClaim(string $name, $value): Builder;
 
 
     /**
     /**
-     * Returns the resultant token
+     * Returns a signed token to be used
      *
      *
-     * @return Token
+     * @throws CannotEncodeContent When data cannot be converted to JSON.
+     * @throws CannotSignPayload   When payload signing fails.
+     * @throws InvalidKeyProvided  When issue key is invalid/incompatible.
+     * @throws ConversionFailed    When signature could not be converted.
      */
      */
-    public function getToken(Signer $signer = null, Key $key = null)
-    {
-        $signer = $signer ?: $this->signer;
-        $key = $key ?: $this->key;
-
-        if ($signer instanceof Signer) {
-            $signer->modifyHeader($this->headers);
-        }
-
-        $payload = [
-            $this->encoder->base64UrlEncode($this->encoder->jsonEncode($this->headers)),
-            $this->encoder->base64UrlEncode($this->encoder->jsonEncode($this->claims))
-        ];
-
-        $signature = $this->createSignature($payload, $signer, $key);
-
-        if ($signature !== null) {
-            $payload[] = $this->encoder->base64UrlEncode($signature);
-        }
-
-        return new Token($this->headers, $this->claims, $signature, $payload);
-    }
-
-    /**
-     * @param string[] $payload
-     *
-     * @return Signature|null
-     */
-    private function createSignature(array $payload, Signer $signer = null, Key $key = null)
-    {
-        if ($signer === null || $key === null) {
-            return null;
-        }
-
-        return $signer->sign(implode('.', $payload), $key);
-    }
+    public function getToken(Signer $signer, Key $key): Plain;
 }
 }

+ 0 - 40
api/vendor/lcobucci/jwt/src/Claim.php

@@ -1,40 +0,0 @@
-<?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
-
-namespace Lcobucci\JWT;
-
-use JsonSerializable;
-
-/**
- * Basic interface for token claims
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 2.0.0
- */
-interface Claim extends JsonSerializable
-{
-    /**
-     * Returns the claim name
-     *
-     * @return string
-     */
-    public function getName();
-
-    /**
-     * Returns the claim value
-     *
-     * @return string
-     */
-    public function getValue();
-
-    /**
-     * Returns the string representation of the claim
-     *
-     * @return string
-     */
-    public function __toString();
-}

+ 0 - 75
api/vendor/lcobucci/jwt/src/Claim/Basic.php

@@ -1,75 +0,0 @@
-<?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
-
-namespace Lcobucci\JWT\Claim;
-
-use Lcobucci\JWT\Claim;
-
-/**
- * The default claim
- *
- * @deprecated This class will be removed on v4
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 2.0.0
- */
-class Basic implements Claim
-{
-    /**
-     * @var string
-     */
-    private $name;
-
-    /**
-     * @var mixed
-     */
-    private $value;
-
-    /**
-     * Initializes the claim
-     *
-     * @param string $name
-     * @param mixed $value
-     */
-    public function __construct($name, $value)
-    {
-        $this->name = $name;
-        $this->value = $value;
-    }
-
-    /**
-     * {@inheritdoc}
-     */
-    public function getName()
-    {
-        return $this->name;
-    }
-
-    /**
-     * {@inheritdoc}
-     */
-    public function getValue()
-    {
-        return $this->value;
-    }
-
-    /**
-     * {@inheritdoc}
-     */
-    public function jsonSerialize()
-    {
-        return $this->value;
-    }
-
-    /**
-     * {@inheritdoc}
-     */
-    public function __toString()
-    {
-        return (string) $this->value;
-    }
-}

+ 0 - 34
api/vendor/lcobucci/jwt/src/Claim/EqualsTo.php

@@ -1,34 +0,0 @@
-<?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
-
-namespace Lcobucci\JWT\Claim;
-
-use Lcobucci\JWT\Claim;
-use Lcobucci\JWT\ValidationData;
-
-/**
- * Validatable claim that checks if value is strictly equals to the given data
- *
- * @deprecated This class will be removed on v4
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 2.0.0
- */
-class EqualsTo extends Basic implements Claim, Validatable
-{
-    /**
-     * {@inheritdoc}
-     */
-    public function validate(ValidationData $data)
-    {
-        if ($data->has($this->getName())) {
-            return $this->getValue() === $data->get($this->getName());
-        }
-
-        return true;
-    }
-}

+ 0 - 118
api/vendor/lcobucci/jwt/src/Claim/Factory.php

@@ -1,118 +0,0 @@
-<?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
-
-namespace Lcobucci\JWT\Claim;
-
-use Lcobucci\JWT\Claim;
-
-/**
- * Class that create claims
- *
- * @deprecated This class will be removed on v4
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 2.0.0
- */
-class Factory
-{
-    /**
-     * The list of claim callbacks
-     *
-     * @var array
-     */
-    private $callbacks;
-
-    /**
-     * Initializes the factory, registering the default callbacks
-     *
-     * @param array $callbacks
-     */
-    public function __construct(array $callbacks = [])
-    {
-        $this->callbacks = array_merge(
-            [
-                'iat' => [$this, 'createLesserOrEqualsTo'],
-                'nbf' => [$this, 'createLesserOrEqualsTo'],
-                'exp' => [$this, 'createGreaterOrEqualsTo'],
-                'iss' => [$this, 'createEqualsTo'],
-                'aud' => [$this, 'createEqualsTo'],
-                'sub' => [$this, 'createEqualsTo'],
-                'jti' => [$this, 'createEqualsTo']
-            ],
-            $callbacks
-        );
-    }
-
-    /**
-     * Create a new claim
-     *
-     * @param string $name
-     * @param mixed $value
-     *
-     * @return Claim
-     */
-    public function create($name, $value)
-    {
-        if (!empty($this->callbacks[$name])) {
-            return call_user_func($this->callbacks[$name], $name, $value);
-        }
-
-        return $this->createBasic($name, $value);
-    }
-
-    /**
-     * Creates a claim that can be compared (greator or equals)
-     *
-     * @param string $name
-     * @param mixed $value
-     *
-     * @return GreaterOrEqualsTo
-     */
-    private function createGreaterOrEqualsTo($name, $value)
-    {
-        return new GreaterOrEqualsTo($name, $value);
-    }
-
-    /**
-     * Creates a claim that can be compared (greator or equals)
-     *
-     * @param string $name
-     * @param mixed $value
-     *
-     * @return LesserOrEqualsTo
-     */
-    private function createLesserOrEqualsTo($name, $value)
-    {
-        return new LesserOrEqualsTo($name, $value);
-    }
-
-    /**
-     * Creates a claim that can be compared (equals)
-     *
-     * @param string $name
-     * @param mixed $value
-     *
-     * @return EqualsTo
-     */
-    private function createEqualsTo($name, $value)
-    {
-        return new EqualsTo($name, $value);
-    }
-
-    /**
-     * Creates a basic claim
-     *
-     * @param string $name
-     * @param mixed $value
-     *
-     * @return Basic
-     */
-    private function createBasic($name, $value)
-    {
-        return new Basic($name, $value);
-    }
-}

+ 0 - 34
api/vendor/lcobucci/jwt/src/Claim/GreaterOrEqualsTo.php

@@ -1,34 +0,0 @@
-<?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
-
-namespace Lcobucci\JWT\Claim;
-
-use Lcobucci\JWT\Claim;
-use Lcobucci\JWT\ValidationData;
-
-/**
- * Validatable claim that checks if value is greater or equals the given data
- *
- * @deprecated This class will be removed on v4
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 2.0.0
- */
-class GreaterOrEqualsTo extends Basic implements Claim, Validatable
-{
-    /**
-     * {@inheritdoc}
-     */
-    public function validate(ValidationData $data)
-    {
-        if ($data->has($this->getName())) {
-            return $this->getValue() >= $data->get($this->getName());
-        }
-
-        return true;
-    }
-}

+ 0 - 34
api/vendor/lcobucci/jwt/src/Claim/LesserOrEqualsTo.php

@@ -1,34 +0,0 @@
-<?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
-
-namespace Lcobucci\JWT\Claim;
-
-use Lcobucci\JWT\Claim;
-use Lcobucci\JWT\ValidationData;
-
-/**
- * Validatable claim that checks if value is lesser or equals to the given data
- *
- * @deprecated This class will be removed on v4
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 2.0.0
- */
-class LesserOrEqualsTo extends Basic implements Claim, Validatable
-{
-    /**
-     * {@inheritdoc}
-     */
-    public function validate(ValidationData $data)
-    {
-        if ($data->has($this->getName())) {
-            return $this->getValue() <= $data->get($this->getName());
-        }
-
-        return true;
-    }
-}

+ 0 - 30
api/vendor/lcobucci/jwt/src/Claim/Validatable.php

@@ -1,30 +0,0 @@
-<?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
-
-namespace Lcobucci\JWT\Claim;
-
-use Lcobucci\JWT\ValidationData;
-
-/**
- * Basic interface for validatable token claims
- *
- * @deprecated This interface will be removed on v4
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 2.0.0
- */
-interface Validatable
-{
-    /**
-     * Returns if claim is valid according with given data
-     *
-     * @param ValidationData $data
-     *
-     * @return boolean
-     */
-    public function validate(ValidationData $data);
-}

+ 14 - 0
api/vendor/lcobucci/jwt/src/ClaimsFormatter.php

@@ -0,0 +1,14 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT;
+
+interface ClaimsFormatter
+{
+    /**
+     * @param array<string, mixed> $claims
+     *
+     * @return array<string, mixed>
+     */
+    public function formatClaims(array $claims): array;
+}

+ 154 - 0
api/vendor/lcobucci/jwt/src/Configuration.php

@@ -0,0 +1,154 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT;
+
+use Closure;
+use Lcobucci\JWT\Encoding\ChainedFormatter;
+use Lcobucci\JWT\Encoding\JoseEncoder;
+use Lcobucci\JWT\Signer\Key;
+use Lcobucci\JWT\Signer\Key\InMemory;
+use Lcobucci\JWT\Signer\None;
+use Lcobucci\JWT\Validation\Constraint;
+
+/**
+ * Configuration container for the JWT Builder and Parser
+ *
+ * Serves like a small DI container to simplify the creation and usage
+ * of the objects.
+ */
+final class Configuration
+{
+    private Parser $parser;
+    private Signer $signer;
+    private Key $signingKey;
+    private Key $verificationKey;
+    private Validator $validator;
+
+    /** @var Closure(ClaimsFormatter $claimFormatter): Builder */
+    private Closure $builderFactory;
+
+    /** @var Constraint[] */
+    private array $validationConstraints = [];
+
+    private function __construct(
+        Signer $signer,
+        Key $signingKey,
+        Key $verificationKey,
+        ?Encoder $encoder = null,
+        ?Decoder $decoder = null
+    ) {
+        $this->signer          = $signer;
+        $this->signingKey      = $signingKey;
+        $this->verificationKey = $verificationKey;
+        $this->parser          = new Token\Parser($decoder ?? new JoseEncoder());
+        $this->validator       = new Validation\Validator();
+
+        $this->builderFactory = static function (ClaimsFormatter $claimFormatter) use ($encoder): Builder {
+            return new Token\Builder($encoder ?? new JoseEncoder(), $claimFormatter);
+        };
+    }
+
+    public static function forAsymmetricSigner(
+        Signer $signer,
+        Key $signingKey,
+        Key $verificationKey,
+        ?Encoder $encoder = null,
+        ?Decoder $decoder = null
+    ): self {
+        return new self(
+            $signer,
+            $signingKey,
+            $verificationKey,
+            $encoder,
+            $decoder
+        );
+    }
+
+    public static function forSymmetricSigner(
+        Signer $signer,
+        Key $key,
+        ?Encoder $encoder = null,
+        ?Decoder $decoder = null
+    ): self {
+        return new self(
+            $signer,
+            $key,
+            $key,
+            $encoder,
+            $decoder
+        );
+    }
+
+    public static function forUnsecuredSigner(
+        ?Encoder $encoder = null,
+        ?Decoder $decoder = null
+    ): self {
+        $key = InMemory::empty();
+
+        return new self(
+            new None(),
+            $key,
+            $key,
+            $encoder,
+            $decoder
+        );
+    }
+
+    /** @param callable(ClaimsFormatter): Builder $builderFactory */
+    public function setBuilderFactory(callable $builderFactory): void
+    {
+        $this->builderFactory = Closure::fromCallable($builderFactory);
+    }
+
+    public function builder(?ClaimsFormatter $claimFormatter = null): Builder
+    {
+        return ($this->builderFactory)($claimFormatter ?? ChainedFormatter::default());
+    }
+
+    public function parser(): Parser
+    {
+        return $this->parser;
+    }
+
+    public function setParser(Parser $parser): void
+    {
+        $this->parser = $parser;
+    }
+
+    public function signer(): Signer
+    {
+        return $this->signer;
+    }
+
+    public function signingKey(): Key
+    {
+        return $this->signingKey;
+    }
+
+    public function verificationKey(): Key
+    {
+        return $this->verificationKey;
+    }
+
+    public function validator(): Validator
+    {
+        return $this->validator;
+    }
+
+    public function setValidator(Validator $validator): void
+    {
+        $this->validator = $validator;
+    }
+
+    /** @return Constraint[] */
+    public function validationConstraints(): array
+    {
+        return $this->validationConstraints;
+    }
+
+    public function setValidationConstraints(Constraint ...$validationConstraints): void
+    {
+        $this->validationConstraints = $validationConstraints;
+    }
+}

+ 27 - 0
api/vendor/lcobucci/jwt/src/Decoder.php

@@ -0,0 +1,27 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT;
+
+use Lcobucci\JWT\Encoding\CannotDecodeContent;
+
+interface Decoder
+{
+    /**
+     * Decodes from JSON, validating the errors
+     *
+     * @return mixed
+     *
+     * @throws CannotDecodeContent When something goes wrong while decoding.
+     */
+    public function jsonDecode(string $json);
+
+    /**
+     * Decodes from Base64URL
+     *
+     * @link http://tools.ietf.org/html/rfc4648#section-5
+     *
+     * @throws CannotDecodeContent When something goes wrong while decoding.
+     */
+    public function base64UrlDecode(string $data): string;
+}

+ 25 - 0
api/vendor/lcobucci/jwt/src/Encoder.php

@@ -0,0 +1,25 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT;
+
+use Lcobucci\JWT\Encoding\CannotEncodeContent;
+
+interface Encoder
+{
+    /**
+     * Encodes to JSON, validating the errors
+     *
+     * @param mixed $data
+     *
+     * @throws CannotEncodeContent When something goes wrong while encoding.
+     */
+    public function jsonEncode($data): string;
+
+    /**
+     * Encodes to base64url
+     *
+     * @link http://tools.ietf.org/html/rfc4648#section-5
+     */
+    public function base64UrlEncode(string $data): string;
+}

+ 21 - 0
api/vendor/lcobucci/jwt/src/Encoding/CannotDecodeContent.php

@@ -0,0 +1,21 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Encoding;
+
+use JsonException;
+use Lcobucci\JWT\Exception;
+use RuntimeException;
+
+final class CannotDecodeContent extends RuntimeException implements Exception
+{
+    public static function jsonIssues(JsonException $previous): self
+    {
+        return new self('Error while decoding from JSON', 0, $previous);
+    }
+
+    public static function invalidBase64String(): self
+    {
+        return new self('Error while decoding from Base64Url, invalid base64 characters detected');
+    }
+}

+ 16 - 0
api/vendor/lcobucci/jwt/src/Encoding/CannotEncodeContent.php

@@ -0,0 +1,16 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Encoding;
+
+use JsonException;
+use Lcobucci\JWT\Exception;
+use RuntimeException;
+
+final class CannotEncodeContent extends RuntimeException implements Exception
+{
+    public static function jsonIssues(JsonException $previous): self
+    {
+        return new self('Error while encoding to JSON', 0, $previous);
+    }
+}

+ 37 - 0
api/vendor/lcobucci/jwt/src/Encoding/ChainedFormatter.php

@@ -0,0 +1,37 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Encoding;
+
+use Lcobucci\JWT\ClaimsFormatter;
+
+final class ChainedFormatter implements ClaimsFormatter
+{
+    /** @var list<ClaimsFormatter> */
+    private array $formatters;
+
+    public function __construct(ClaimsFormatter ...$formatters)
+    {
+        $this->formatters = $formatters;
+    }
+
+    public static function default(): self
+    {
+        return new self(new UnifyAudience(), new MicrosecondBasedDateConversion());
+    }
+
+    public static function withUnixTimestampDates(): self
+    {
+        return new self(new UnifyAudience(), new UnixTimestampDates());
+    }
+
+    /** @inheritdoc */
+    public function formatClaims(array $claims): array
+    {
+        foreach ($this->formatters as $formatter) {
+            $claims = $formatter->formatClaims($claims);
+        }
+
+        return $claims;
+    }
+}

+ 60 - 0
api/vendor/lcobucci/jwt/src/Encoding/JoseEncoder.php

@@ -0,0 +1,60 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Encoding;
+
+use JsonException;
+use Lcobucci\JWT\Decoder;
+use Lcobucci\JWT\Encoder;
+use Lcobucci\JWT\SodiumBase64Polyfill;
+
+use function json_decode;
+use function json_encode;
+
+use const JSON_THROW_ON_ERROR;
+use const JSON_UNESCAPED_SLASHES;
+use const JSON_UNESCAPED_UNICODE;
+
+/**
+ * A utilitarian class that encodes and decodes data according with JOSE specifications
+ */
+final class JoseEncoder implements Encoder, Decoder
+{
+    private const JSON_DEFAULT_DEPTH = 512;
+
+    /** @inheritdoc */
+    public function jsonEncode($data): string
+    {
+        try {
+            return json_encode($data, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE | JSON_THROW_ON_ERROR);
+        } catch (JsonException $exception) {
+            throw CannotEncodeContent::jsonIssues($exception);
+        }
+    }
+
+    /** @inheritdoc */
+    public function jsonDecode(string $json)
+    {
+        try {
+            return json_decode($json, true, self::JSON_DEFAULT_DEPTH, JSON_THROW_ON_ERROR);
+        } catch (JsonException $exception) {
+            throw CannotDecodeContent::jsonIssues($exception);
+        }
+    }
+
+    public function base64UrlEncode(string $data): string
+    {
+        return SodiumBase64Polyfill::bin2base64(
+            $data,
+            SodiumBase64Polyfill::SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING
+        );
+    }
+
+    public function base64UrlDecode(string $data): string
+    {
+        return SodiumBase64Polyfill::base642bin(
+            $data,
+            SodiumBase64Polyfill::SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING
+        );
+    }
+}

+ 37 - 0
api/vendor/lcobucci/jwt/src/Encoding/MicrosecondBasedDateConversion.php

@@ -0,0 +1,37 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Encoding;
+
+use DateTimeImmutable;
+use Lcobucci\JWT\ClaimsFormatter;
+use Lcobucci\JWT\Token\RegisteredClaims;
+
+use function array_key_exists;
+
+final class MicrosecondBasedDateConversion implements ClaimsFormatter
+{
+    /** @inheritdoc */
+    public function formatClaims(array $claims): array
+    {
+        foreach (RegisteredClaims::DATE_CLAIMS as $claim) {
+            if (! array_key_exists($claim, $claims)) {
+                continue;
+            }
+
+            $claims[$claim] = $this->convertDate($claims[$claim]);
+        }
+
+        return $claims;
+    }
+
+    /** @return int|float */
+    private function convertDate(DateTimeImmutable $date)
+    {
+        if ($date->format('u') === '000000') {
+            return (int) $date->format('U');
+        }
+
+        return (float) $date->format('U.u');
+    }
+}

+ 29 - 0
api/vendor/lcobucci/jwt/src/Encoding/UnifyAudience.php

@@ -0,0 +1,29 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Encoding;
+
+use Lcobucci\JWT\ClaimsFormatter;
+use Lcobucci\JWT\Token\RegisteredClaims;
+
+use function array_key_exists;
+use function count;
+use function current;
+
+final class UnifyAudience implements ClaimsFormatter
+{
+    /** @inheritdoc */
+    public function formatClaims(array $claims): array
+    {
+        if (
+            ! array_key_exists(RegisteredClaims::AUDIENCE, $claims)
+            || count($claims[RegisteredClaims::AUDIENCE]) !== 1
+        ) {
+            return $claims;
+        }
+
+        $claims[RegisteredClaims::AUDIENCE] = current($claims[RegisteredClaims::AUDIENCE]);
+
+        return $claims;
+    }
+}

+ 32 - 0
api/vendor/lcobucci/jwt/src/Encoding/UnixTimestampDates.php

@@ -0,0 +1,32 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Encoding;
+
+use DateTimeImmutable;
+use Lcobucci\JWT\ClaimsFormatter;
+use Lcobucci\JWT\Token\RegisteredClaims;
+
+use function array_key_exists;
+
+final class UnixTimestampDates implements ClaimsFormatter
+{
+    /** @inheritdoc */
+    public function formatClaims(array $claims): array
+    {
+        foreach (RegisteredClaims::DATE_CLAIMS as $claim) {
+            if (! array_key_exists($claim, $claims)) {
+                continue;
+            }
+
+            $claims[$claim] = $this->convertDate($claims[$claim]);
+        }
+
+        return $claims;
+    }
+
+    private function convertDate(DateTimeImmutable $date): int
+    {
+        return $date->getTimestamp();
+    }
+}

+ 10 - 0
api/vendor/lcobucci/jwt/src/Exception.php

@@ -0,0 +1,10 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT;
+
+use Throwable;
+
+interface Exception extends Throwable
+{
+}

+ 9 - 146
api/vendor/lcobucci/jwt/src/Parser.php

@@ -1,157 +1,20 @@
 <?php
 <?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
+declare(strict_types=1);
 
 
 namespace Lcobucci\JWT;
 namespace Lcobucci\JWT;
 
 
-use InvalidArgumentException;
-use Lcobucci\JWT\Claim\Factory as ClaimFactory;
-use Lcobucci\JWT\Parsing\Decoder;
+use Lcobucci\JWT\Encoding\CannotDecodeContent;
+use Lcobucci\JWT\Token\InvalidTokenStructure;
+use Lcobucci\JWT\Token\UnsupportedHeaderFound;
 
 
-/**
- * This class parses the JWT strings and convert them into tokens
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 0.1.0
- */
-class Parser
+interface Parser
 {
 {
-    /**
-     * The data decoder
-     *
-     * @var Decoder
-     */
-    private $decoder;
-
-    /**
-     * The claims factory
-     *
-     * @var ClaimFactory
-     */
-    private $claimFactory;
-
-    /**
-     * Initializes the object
-     *
-     * @param Decoder $decoder
-     * @param ClaimFactory $claimFactory
-     */
-    public function __construct(
-        Decoder $decoder = null,
-        ClaimFactory $claimFactory = null
-    ) {
-        $this->decoder = $decoder ?: new Decoder();
-        $this->claimFactory = $claimFactory ?: new ClaimFactory();
-    }
-
     /**
     /**
      * Parses the JWT and returns a token
      * Parses the JWT and returns a token
      *
      *
-     * @param string $jwt
-     *
-     * @return Token
-     */
-    public function parse($jwt)
-    {
-        $data = $this->splitJwt($jwt);
-        $header = $this->parseHeader($data[0]);
-        $claims = $this->parseClaims($data[1]);
-        $signature = $this->parseSignature($header, $data[2]);
-
-        foreach ($claims as $name => $value) {
-            if (isset($header[$name])) {
-                $header[$name] = $value;
-            }
-        }
-
-        if ($signature === null) {
-            unset($data[2]);
-        }
-
-        return new Token($header, $claims, $signature, $data);
-    }
-
-    /**
-     * Splits the JWT string into an array
-     *
-     * @param string $jwt
-     *
-     * @return array
-     *
-     * @throws InvalidArgumentException When JWT is not a string or is invalid
+     * @throws CannotDecodeContent      When something goes wrong while decoding.
+     * @throws InvalidTokenStructure    When token string structure is invalid.
+     * @throws UnsupportedHeaderFound   When parsed token has an unsupported header.
      */
      */
-    protected function splitJwt($jwt)
-    {
-        if (!is_string($jwt)) {
-            throw new InvalidArgumentException('The JWT string must have two dots');
-        }
-
-        $data = explode('.', $jwt);
-
-        if (count($data) != 3) {
-            throw new InvalidArgumentException('The JWT string must have two dots');
-        }
-
-        return $data;
-    }
-
-    /**
-     * Parses the header from a string
-     *
-     * @param string $data
-     *
-     * @return array
-     *
-     * @throws InvalidArgumentException When an invalid header is informed
-     */
-    protected function parseHeader($data)
-    {
-        $header = (array) $this->decoder->jsonDecode($this->decoder->base64UrlDecode($data));
-
-        if (isset($header['enc'])) {
-            throw new InvalidArgumentException('Encryption is not supported yet');
-        }
-
-        return $header;
-    }
-
-    /**
-     * Parses the claim set from a string
-     *
-     * @param string $data
-     *
-     * @return array
-     */
-    protected function parseClaims($data)
-    {
-        $claims = (array) $this->decoder->jsonDecode($this->decoder->base64UrlDecode($data));
-
-        foreach ($claims as $name => &$value) {
-            $value = $this->claimFactory->create($name, $value);
-        }
-
-        return $claims;
-    }
-
-    /**
-     * Returns the signature from given data
-     *
-     * @param array $header
-     * @param string $data
-     *
-     * @return Signature
-     */
-    protected function parseSignature(array $header, $data)
-    {
-        if ($data == '' || !isset($header['alg']) || $header['alg'] == 'none') {
-            return null;
-        }
-
-        $hash = $this->decoder->base64UrlDecode($data);
-
-        return new Signature($hash);
-    }
+    public function parse(string $jwt): Token;
 }
 }

+ 0 - 56
api/vendor/lcobucci/jwt/src/Parsing/Decoder.php

@@ -1,56 +0,0 @@
-<?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
-
-namespace Lcobucci\JWT\Parsing;
-
-use RuntimeException;
-
-/**
- * Class that decodes data according with the specs of RFC-4648
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 0.1.0
- *
- * @link http://tools.ietf.org/html/rfc4648#section-5
- */
-class Decoder
-{
-    /**
-     * Decodes from JSON, validating the errors (will return an associative array
-     * instead of objects)
-     *
-     * @param string $json
-     * @return mixed
-     *
-     * @throws RuntimeException When something goes wrong while decoding
-     */
-    public function jsonDecode($json)
-    {
-        $data = json_decode($json);
-
-        if (json_last_error() != JSON_ERROR_NONE) {
-            throw new RuntimeException('Error while decoding to JSON: ' . json_last_error_msg());
-        }
-
-        return $data;
-    }
-
-    /**
-     * Decodes from base64url
-     *
-     * @param string $data
-     * @return string
-     */
-    public function base64UrlDecode($data)
-    {
-        if ($remainder = strlen($data) % 4) {
-            $data .= str_repeat('=', 4 - $remainder);
-        }
-
-        return base64_decode(strtr($data, '-_', '+/'));
-    }
-}

+ 0 - 51
api/vendor/lcobucci/jwt/src/Parsing/Encoder.php

@@ -1,51 +0,0 @@
-<?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
-
-namespace Lcobucci\JWT\Parsing;
-
-use RuntimeException;
-
-/**
- * Class that encodes data according with the specs of RFC-4648
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 0.1.0
- *
- * @link http://tools.ietf.org/html/rfc4648#section-5
- */
-class Encoder
-{
-    /**
-     * Encodes to JSON, validating the errors
-     *
-     * @param mixed $data
-     * @return string
-     *
-     * @throws RuntimeException When something goes wrong while encoding
-     */
-    public function jsonEncode($data)
-    {
-        $json = json_encode($data);
-
-        if (json_last_error() != JSON_ERROR_NONE) {
-            throw new RuntimeException('Error while encoding to JSON: ' . json_last_error_msg());
-        }
-
-        return $json;
-    }
-
-    /**
-     * Encodes to base64url
-     *
-     * @param string $data
-     * @return string
-     */
-    public function base64UrlEncode($data)
-    {
-        return str_replace('=', '', strtr(base64_encode($data), '+/', '-_'));
-    }
-}

+ 0 - 59
api/vendor/lcobucci/jwt/src/Signature.php

@@ -1,59 +0,0 @@
-<?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
-
-namespace Lcobucci\JWT;
-
-/**
- * This class represents a token signature
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 0.1.0
- */
-class Signature
-{
-    /**
-     * The resultant hash
-     *
-     * @var string
-     */
-    protected $hash;
-
-    /**
-     * Initializes the object
-     *
-     * @param string $hash
-     */
-    public function __construct($hash)
-    {
-        $this->hash = $hash;
-    }
-
-    /**
-     * Verifies if the current hash matches with with the result of the creation of
-     * a new signature with given data
-     *
-     * @param Signer $signer
-     * @param string $payload
-     * @param string $key
-     *
-     * @return boolean
-     */
-    public function verify(Signer $signer, $payload, $key)
-    {
-        return $signer->verify($this->hash, $payload, $key);
-    }
-
-    /**
-     * Returns the current hash as a string representation of the signature
-     *
-     * @return string
-     */
-    public function __toString()
-    {
-        return $this->hash;
-    }
-}

+ 13 - 38
api/vendor/lcobucci/jwt/src/Signer.php

@@ -1,59 +1,34 @@
 <?php
 <?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
+declare(strict_types=1);
 
 
 namespace Lcobucci\JWT;
 namespace Lcobucci\JWT;
 
 
-use InvalidArgumentException;
+use Lcobucci\JWT\Signer\CannotSignPayload;
+use Lcobucci\JWT\Signer\Ecdsa\ConversionFailed;
+use Lcobucci\JWT\Signer\InvalidKeyProvided;
 use Lcobucci\JWT\Signer\Key;
 use Lcobucci\JWT\Signer\Key;
 
 
-/**
- * Basic interface for token signers
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 0.1.0
- */
 interface Signer
 interface Signer
 {
 {
     /**
     /**
      * Returns the algorithm id
      * Returns the algorithm id
-     *
-     * @return string
      */
      */
-    public function getAlgorithmId();
+    public function algorithmId(): string;
 
 
     /**
     /**
-     * Apply changes on headers according with algorithm
+     * Creates a hash for the given payload
      *
      *
-     * @param array $headers
+     * @throws CannotSignPayload  When payload signing fails.
+     * @throws InvalidKeyProvided When issue key is invalid/incompatible.
+     * @throws ConversionFailed   When signature could not be converted.
      */
      */
-    public function modifyHeader(array &$headers);
-
-    /**
-     * Returns a signature for given data
-     *
-     * @param string $payload
-     * @param Key|string $key
-     *
-     * @return Signature
-     *
-     * @throws InvalidArgumentException When given key is invalid
-     */
-    public function sign($payload, $key);
+    public function sign(string $payload, Key $key): string;
 
 
     /**
     /**
      * Returns if the expected hash matches with the data and key
      * Returns if the expected hash matches with the data and key
      *
      *
-     * @param string $expected
-     * @param string $payload
-     * @param Key|string $key
-     *
-     * @return boolean
-     *
-     * @throws InvalidArgumentException When given key is invalid
+     * @throws InvalidKeyProvided When issue key is invalid/incompatible.
+     * @throws ConversionFailed   When signature could not be converted.
      */
      */
-    public function verify($expected, $payload, $key);
+    public function verify(string $expected, string $payload, Key $key): bool;
 }
 }

+ 0 - 85
api/vendor/lcobucci/jwt/src/Signer/BaseSigner.php

@@ -1,85 +0,0 @@
-<?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
-
-namespace Lcobucci\JWT\Signer;
-
-use Lcobucci\JWT\Signature;
-use Lcobucci\JWT\Signer;
-
-/**
- * Base class for signers
- *
- * @deprecated This class will be removed on v4
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 0.1.0
- */
-abstract class BaseSigner implements Signer
-{
-    /**
-     * {@inheritdoc}
-     */
-    public function modifyHeader(array &$headers)
-    {
-        $headers['alg'] = $this->getAlgorithmId();
-    }
-
-    /**
-     * {@inheritdoc}
-     */
-    public function sign($payload, $key)
-    {
-        return new Signature($this->createHash($payload, $this->getKey($key)));
-    }
-
-    /**
-     * {@inheritdoc}
-     */
-    public function verify($expected, $payload, $key)
-    {
-        return $this->doVerify($expected, $payload, $this->getKey($key));
-    }
-
-    /**
-     * @param Key|string $key
-     *
-     * @return Key
-     */
-    private function getKey($key)
-    {
-        if (is_string($key)) {
-            $key = new Key($key);
-        }
-
-        return $key;
-    }
-
-    /**
-     * Creates a hash with the given data
-     *
-     * @internal
-     *
-     * @param string $payload
-     * @param Key $key
-     *
-     * @return string
-     */
-    abstract public function createHash($payload, Key $key);
-
-    /**
-     * Performs the signature verification
-     *
-     * @internal
-     *
-     * @param string $expected
-     * @param string $payload
-     * @param Key $key
-     *
-     * @return boolean
-     */
-    abstract public function doVerify($expected, $payload, Key $key);
-}

+ 15 - 0
api/vendor/lcobucci/jwt/src/Signer/CannotSignPayload.php

@@ -0,0 +1,15 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Signer;
+
+use InvalidArgumentException;
+use Lcobucci\JWT\Exception;
+
+final class CannotSignPayload extends InvalidArgumentException implements Exception
+{
+    public static function errorHappened(string $error): self
+    {
+        return new self('There was an error while creating the signature: ' . $error);
+    }
+}

+ 23 - 39
api/vendor/lcobucci/jwt/src/Signer/Ecdsa.php

@@ -1,69 +1,53 @@
 <?php
 <?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
+declare(strict_types=1);
 
 
 namespace Lcobucci\JWT\Signer;
 namespace Lcobucci\JWT\Signer;
 
 
 use Lcobucci\JWT\Signer\Ecdsa\MultibyteStringConverter;
 use Lcobucci\JWT\Signer\Ecdsa\MultibyteStringConverter;
 use Lcobucci\JWT\Signer\Ecdsa\SignatureConverter;
 use Lcobucci\JWT\Signer\Ecdsa\SignatureConverter;
+
 use const OPENSSL_KEYTYPE_EC;
 use const OPENSSL_KEYTYPE_EC;
 
 
-/**
- * Base class for ECDSA signers
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 2.1.0
- */
 abstract class Ecdsa extends OpenSSL
 abstract class Ecdsa extends OpenSSL
 {
 {
-    /**
-     * @var SignatureConverter
-     */
-    private $converter;
+    private SignatureConverter $converter;
 
 
-    public function __construct(SignatureConverter $converter = null)
+    public function __construct(SignatureConverter $converter)
     {
     {
-        $this->converter = $converter ?: new MultibyteStringConverter();
+        $this->converter = $converter;
     }
     }
 
 
-    /**
-     * {@inheritdoc}
-     */
-    public function createHash($payload, Key $key)
+    public static function create(): Ecdsa
+    {
+        return new static(new MultibyteStringConverter());  // @phpstan-ignore-line
+    }
+
+    final public function sign(string $payload, Key $key): string
     {
     {
         return $this->converter->fromAsn1(
         return $this->converter->fromAsn1(
-            parent::createHash($payload, $key),
-            $this->getKeyLength()
+            $this->createSignature($key->contents(), $key->passphrase(), $payload),
+            $this->keyLength()
         );
         );
     }
     }
 
 
-    /**
-     * {@inheritdoc}
-     */
-    public function doVerify($expected, $payload, Key $key)
+    final public function verify(string $expected, string $payload, Key $key): bool
     {
     {
-        return parent::doVerify(
-            $this->converter->toAsn1($expected, $this->getKeyLength()),
+        return $this->verifySignature(
+            $this->converter->toAsn1($expected, $this->keyLength()),
             $payload,
             $payload,
-            $key
+            $key->contents()
         );
         );
     }
     }
 
 
+    final public function keyType(): int
+    {
+        return OPENSSL_KEYTYPE_EC;
+    }
+
     /**
     /**
      * Returns the length of each point in the signature, so that we can calculate and verify R and S points properly
      * Returns the length of each point in the signature, so that we can calculate and verify R and S points properly
      *
      *
      * @internal
      * @internal
      */
      */
-    abstract public function getKeyLength();
-
-    /**
-     * {@inheritdoc}
-     */
-    final public function getKeyType()
-    {
-        return OPENSSL_KEYTYPE_EC;
-    }
+    abstract public function keyLength(): int;
 }
 }

+ 25 - 0
api/vendor/lcobucci/jwt/src/Signer/Ecdsa/ConversionFailed.php

@@ -0,0 +1,25 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Signer\Ecdsa;
+
+use InvalidArgumentException;
+use Lcobucci\JWT\Exception;
+
+final class ConversionFailed extends InvalidArgumentException implements Exception
+{
+    public static function invalidLength(): self
+    {
+        return new self('Invalid signature length.');
+    }
+
+    public static function incorrectStartSequence(): self
+    {
+        return new self('Invalid data. Should start with a sequence.');
+    }
+
+    public static function integerExpected(): self
+    {
+        return new self('Invalid data. Should contain an integer.');
+    }
+}

+ 39 - 27
api/vendor/lcobucci/jwt/src/Signer/Ecdsa/MultibyteStringConverter.php

@@ -1,4 +1,6 @@
 <?php
 <?php
+declare(strict_types=1);
+
 /*
 /*
  * The MIT License (MIT)
  * The MIT License (MIT)
  *
  *
@@ -9,16 +11,19 @@
  *
  *
  * @link https://github.com/web-token/jwt-framework/blob/v1.2/src/Component/Core/Util/ECSignature.php
  * @link https://github.com/web-token/jwt-framework/blob/v1.2/src/Component/Core/Util/ECSignature.php
  */
  */
+
 namespace Lcobucci\JWT\Signer\Ecdsa;
 namespace Lcobucci\JWT\Signer\Ecdsa;
 
 
-use InvalidArgumentException;
+use function assert;
 use function bin2hex;
 use function bin2hex;
 use function dechex;
 use function dechex;
 use function hex2bin;
 use function hex2bin;
 use function hexdec;
 use function hexdec;
+use function is_string;
 use function mb_strlen;
 use function mb_strlen;
 use function mb_substr;
 use function mb_substr;
 use function str_pad;
 use function str_pad;
+
 use const STR_PAD_LEFT;
 use const STR_PAD_LEFT;
 
 
 /**
 /**
@@ -28,24 +33,24 @@ use const STR_PAD_LEFT;
  */
  */
 final class MultibyteStringConverter implements SignatureConverter
 final class MultibyteStringConverter implements SignatureConverter
 {
 {
-    const ASN1_SEQUENCE          = '30';
-    const ASN1_INTEGER           = '02';
-    const ASN1_MAX_SINGLE_BYTE   = 128;
-    const ASN1_LENGTH_2BYTES     = '81';
-    const ASN1_BIG_INTEGER_LIMIT = '7f';
-    const ASN1_NEGATIVE_INTEGER  = '00';
-    const BYTE_SIZE              = 2;
-
-    public function toAsn1($signature, $length)
+    private const ASN1_SEQUENCE          = '30';
+    private const ASN1_INTEGER           = '02';
+    private const ASN1_MAX_SINGLE_BYTE   = 128;
+    private const ASN1_LENGTH_2BYTES     = '81';
+    private const ASN1_BIG_INTEGER_LIMIT = '7f';
+    private const ASN1_NEGATIVE_INTEGER  = '00';
+    private const BYTE_SIZE              = 2;
+
+    public function toAsn1(string $points, int $length): string
     {
     {
-        $signature = bin2hex($signature);
+        $points = bin2hex($points);
 
 
-        if (self::octetLength($signature) !== $length) {
-            throw new InvalidArgumentException('Invalid signature length.');
+        if (self::octetLength($points) !== $length) {
+            throw ConversionFailed::invalidLength();
         }
         }
 
 
-        $pointR = self::preparePositiveInteger(mb_substr($signature, 0, $length, '8bit'));
-        $pointS = self::preparePositiveInteger(mb_substr($signature, $length, null, '8bit'));
+        $pointR = self::preparePositiveInteger(mb_substr($points, 0, $length, '8bit'));
+        $pointS = self::preparePositiveInteger(mb_substr($points, $length, null, '8bit'));
 
 
         $lengthR = self::octetLength($pointR);
         $lengthR = self::octetLength($pointR);
         $lengthS = self::octetLength($pointS);
         $lengthS = self::octetLength($pointS);
@@ -59,38 +64,42 @@ final class MultibyteStringConverter implements SignatureConverter
             . self::ASN1_INTEGER . dechex($lengthR) . $pointR
             . self::ASN1_INTEGER . dechex($lengthR) . $pointR
             . self::ASN1_INTEGER . dechex($lengthS) . $pointS
             . self::ASN1_INTEGER . dechex($lengthS) . $pointS
         );
         );
+        assert(is_string($asn1));
 
 
         return $asn1;
         return $asn1;
     }
     }
 
 
-    private static function octetLength($data)
+    private static function octetLength(string $data): int
     {
     {
         return (int) (mb_strlen($data, '8bit') / self::BYTE_SIZE);
         return (int) (mb_strlen($data, '8bit') / self::BYTE_SIZE);
     }
     }
 
 
-    private static function preparePositiveInteger($data)
+    private static function preparePositiveInteger(string $data): string
     {
     {
         if (mb_substr($data, 0, self::BYTE_SIZE, '8bit') > self::ASN1_BIG_INTEGER_LIMIT) {
         if (mb_substr($data, 0, self::BYTE_SIZE, '8bit') > self::ASN1_BIG_INTEGER_LIMIT) {
             return self::ASN1_NEGATIVE_INTEGER . $data;
             return self::ASN1_NEGATIVE_INTEGER . $data;
         }
         }
 
 
-        while (mb_substr($data, 0, self::BYTE_SIZE, '8bit') === self::ASN1_NEGATIVE_INTEGER
-            && mb_substr($data, 2, self::BYTE_SIZE, '8bit') <= self::ASN1_BIG_INTEGER_LIMIT) {
+        while (
+            mb_substr($data, 0, self::BYTE_SIZE, '8bit') === self::ASN1_NEGATIVE_INTEGER
+            && mb_substr($data, 2, self::BYTE_SIZE, '8bit') <= self::ASN1_BIG_INTEGER_LIMIT
+        ) {
             $data = mb_substr($data, 2, null, '8bit');
             $data = mb_substr($data, 2, null, '8bit');
         }
         }
 
 
         return $data;
         return $data;
     }
     }
 
 
-    public function fromAsn1($signature, $length)
+    public function fromAsn1(string $signature, int $length): string
     {
     {
         $message  = bin2hex($signature);
         $message  = bin2hex($signature);
         $position = 0;
         $position = 0;
 
 
         if (self::readAsn1Content($message, $position, self::BYTE_SIZE) !== self::ASN1_SEQUENCE) {
         if (self::readAsn1Content($message, $position, self::BYTE_SIZE) !== self::ASN1_SEQUENCE) {
-            throw new InvalidArgumentException('Invalid data. Should start with a sequence.');
+            throw ConversionFailed::incorrectStartSequence();
         }
         }
 
 
+        // @phpstan-ignore-next-line
         if (self::readAsn1Content($message, $position, self::BYTE_SIZE) === self::ASN1_LENGTH_2BYTES) {
         if (self::readAsn1Content($message, $position, self::BYTE_SIZE) === self::ASN1_LENGTH_2BYTES) {
             $position += self::BYTE_SIZE;
             $position += self::BYTE_SIZE;
         }
         }
@@ -99,11 +108,12 @@ final class MultibyteStringConverter implements SignatureConverter
         $pointS = self::retrievePositiveInteger(self::readAsn1Integer($message, $position));
         $pointS = self::retrievePositiveInteger(self::readAsn1Integer($message, $position));
 
 
         $points = hex2bin(str_pad($pointR, $length, '0', STR_PAD_LEFT) . str_pad($pointS, $length, '0', STR_PAD_LEFT));
         $points = hex2bin(str_pad($pointR, $length, '0', STR_PAD_LEFT) . str_pad($pointS, $length, '0', STR_PAD_LEFT));
+        assert(is_string($points));
 
 
         return $points;
         return $points;
     }
     }
 
 
-    private static function readAsn1Content($message, &$position, $length)
+    private static function readAsn1Content(string $message, int &$position, int $length): string
     {
     {
         $content   = mb_substr($message, $position, $length, '8bit');
         $content   = mb_substr($message, $position, $length, '8bit');
         $position += $length;
         $position += $length;
@@ -111,10 +121,10 @@ final class MultibyteStringConverter implements SignatureConverter
         return $content;
         return $content;
     }
     }
 
 
-    private static function readAsn1Integer($message, &$position)
+    private static function readAsn1Integer(string $message, int &$position): string
     {
     {
         if (self::readAsn1Content($message, $position, self::BYTE_SIZE) !== self::ASN1_INTEGER) {
         if (self::readAsn1Content($message, $position, self::BYTE_SIZE) !== self::ASN1_INTEGER) {
-            throw new InvalidArgumentException('Invalid data. Should contain an integer.');
+            throw ConversionFailed::integerExpected();
         }
         }
 
 
         $length = (int) hexdec(self::readAsn1Content($message, $position, self::BYTE_SIZE));
         $length = (int) hexdec(self::readAsn1Content($message, $position, self::BYTE_SIZE));
@@ -122,10 +132,12 @@ final class MultibyteStringConverter implements SignatureConverter
         return self::readAsn1Content($message, $position, $length * self::BYTE_SIZE);
         return self::readAsn1Content($message, $position, $length * self::BYTE_SIZE);
     }
     }
 
 
-    private static function retrievePositiveInteger($data)
+    private static function retrievePositiveInteger(string $data): string
     {
     {
-        while (mb_substr($data, 0, self::BYTE_SIZE, '8bit') === self::ASN1_NEGATIVE_INTEGER
-            && mb_substr($data, 2, self::BYTE_SIZE, '8bit') > self::ASN1_BIG_INTEGER_LIMIT) {
+        while (
+            mb_substr($data, 0, self::BYTE_SIZE, '8bit') === self::ASN1_NEGATIVE_INTEGER
+            && mb_substr($data, 2, self::BYTE_SIZE, '8bit') > self::ASN1_BIG_INTEGER_LIMIT
+        ) {
             $data = mb_substr($data, 2, null, '8bit');
             $data = mb_substr($data, 2, null, '8bit');
         }
         }
 
 

+ 8 - 25
api/vendor/lcobucci/jwt/src/Signer/Ecdsa/Sha256.php

@@ -1,42 +1,25 @@
 <?php
 <?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
+declare(strict_types=1);
 
 
 namespace Lcobucci\JWT\Signer\Ecdsa;
 namespace Lcobucci\JWT\Signer\Ecdsa;
 
 
 use Lcobucci\JWT\Signer\Ecdsa;
 use Lcobucci\JWT\Signer\Ecdsa;
 
 
-/**
- * Signer for ECDSA SHA-256
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 2.1.0
- */
-class Sha256 extends Ecdsa
+use const OPENSSL_ALGO_SHA256;
+
+final class Sha256 extends Ecdsa
 {
 {
-    /**
-     * {@inheritdoc}
-     */
-    public function getAlgorithmId()
+    public function algorithmId(): string
     {
     {
         return 'ES256';
         return 'ES256';
     }
     }
 
 
-    /**
-     * {@inheritdoc}
-     */
-    public function getAlgorithm()
+    public function algorithm(): int
     {
     {
-        return 'sha256';
+        return OPENSSL_ALGO_SHA256;
     }
     }
 
 
-    /**
-     * {@inheritdoc}
-     */
-    public function getKeyLength()
+    public function keyLength(): int
     {
     {
         return 64;
         return 64;
     }
     }

+ 8 - 25
api/vendor/lcobucci/jwt/src/Signer/Ecdsa/Sha384.php

@@ -1,42 +1,25 @@
 <?php
 <?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
+declare(strict_types=1);
 
 
 namespace Lcobucci\JWT\Signer\Ecdsa;
 namespace Lcobucci\JWT\Signer\Ecdsa;
 
 
 use Lcobucci\JWT\Signer\Ecdsa;
 use Lcobucci\JWT\Signer\Ecdsa;
 
 
-/**
- * Signer for ECDSA SHA-384
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 2.1.0
- */
-class Sha384 extends Ecdsa
+use const OPENSSL_ALGO_SHA384;
+
+final class Sha384 extends Ecdsa
 {
 {
-    /**
-     * {@inheritdoc}
-     */
-    public function getAlgorithmId()
+    public function algorithmId(): string
     {
     {
         return 'ES384';
         return 'ES384';
     }
     }
 
 
-    /**
-     * {@inheritdoc}
-     */
-    public function getAlgorithm()
+    public function algorithm(): int
     {
     {
-        return 'sha384';
+        return OPENSSL_ALGO_SHA384;
     }
     }
 
 
-    /**
-     * {@inheritdoc}
-     */
-    public function getKeyLength()
+    public function keyLength(): int
     {
     {
         return 96;
         return 96;
     }
     }

+ 8 - 25
api/vendor/lcobucci/jwt/src/Signer/Ecdsa/Sha512.php

@@ -1,42 +1,25 @@
 <?php
 <?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
+declare(strict_types=1);
 
 
 namespace Lcobucci\JWT\Signer\Ecdsa;
 namespace Lcobucci\JWT\Signer\Ecdsa;
 
 
 use Lcobucci\JWT\Signer\Ecdsa;
 use Lcobucci\JWT\Signer\Ecdsa;
 
 
-/**
- * Signer for ECDSA SHA-512
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 2.1.0
- */
-class Sha512 extends Ecdsa
+use const OPENSSL_ALGO_SHA512;
+
+final class Sha512 extends Ecdsa
 {
 {
-    /**
-     * {@inheritdoc}
-     */
-    public function getAlgorithmId()
+    public function algorithmId(): string
     {
     {
         return 'ES512';
         return 'ES512';
     }
     }
 
 
-    /**
-     * {@inheritdoc}
-     */
-    public function getAlgorithm()
+    public function algorithm(): int
     {
     {
-        return 'sha512';
+        return OPENSSL_ALGO_SHA512;
     }
     }
 
 
-    /**
-     * {@inheritdoc}
-     */
-    public function getKeyLength()
+    public function keyLength(): int
     {
     {
         return 132;
         return 132;
     }
     }

+ 6 - 10
api/vendor/lcobucci/jwt/src/Signer/Ecdsa/SignatureConverter.php

@@ -1,4 +1,6 @@
 <?php
 <?php
+declare(strict_types=1);
+
 namespace Lcobucci\JWT\Signer\Ecdsa;
 namespace Lcobucci\JWT\Signer\Ecdsa;
 
 
 /**
 /**
@@ -19,20 +21,14 @@ interface SignatureConverter
     /**
     /**
      * Converts the signature generated by OpenSSL into what JWA defines
      * Converts the signature generated by OpenSSL into what JWA defines
      *
      *
-     * @param string $signature
-     * @param int $length
-     *
-     * @return string
+     * @throws ConversionFailed When there was an issue during the format conversion.
      */
      */
-    public function fromAsn1($signature, $length);
+    public function fromAsn1(string $signature, int $length): string;
 
 
     /**
     /**
      * Converts the JWA signature into something OpenSSL understands
      * Converts the JWA signature into something OpenSSL understands
      *
      *
-     * @param string $points
-     * @param int $length
-     *
-     * @return string
+     * @throws ConversionFailed When there was an issue during the format conversion.
      */
      */
-    public function toAsn1($points, $length);
+    public function toAsn1(string $points, int $length): string;
 }
 }

+ 36 - 0
api/vendor/lcobucci/jwt/src/Signer/Eddsa.php

@@ -0,0 +1,36 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Signer;
+
+use Lcobucci\JWT\Signer;
+use SodiumException;
+
+use function sodium_crypto_sign_detached;
+use function sodium_crypto_sign_verify_detached;
+
+final class Eddsa implements Signer
+{
+    public function algorithmId(): string
+    {
+        return 'EdDSA';
+    }
+
+    public function sign(string $payload, Key $key): string
+    {
+        try {
+            return sodium_crypto_sign_detached($payload, $key->contents());
+        } catch (SodiumException $sodiumException) {
+            throw new InvalidKeyProvided($sodiumException->getMessage(), 0, $sodiumException);
+        }
+    }
+
+    public function verify(string $expected, string $payload, Key $key): bool
+    {
+        try {
+            return sodium_crypto_sign_verify_detached($expected, $payload, $key->contents());
+        } catch (SodiumException $sodiumException) {
+            throw new InvalidKeyProvided($sodiumException->getMessage(), 0, $sodiumException);
+        }
+    }
+}

+ 12 - 63
api/vendor/lcobucci/jwt/src/Signer/Hmac.php

@@ -1,75 +1,24 @@
 <?php
 <?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
+declare(strict_types=1);
 
 
 namespace Lcobucci\JWT\Signer;
 namespace Lcobucci\JWT\Signer;
 
 
-/**
- * Base class for hmac signers
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 0.1.0
- */
-abstract class Hmac extends BaseSigner
-{
-    /**
-     * {@inheritdoc}
-     */
-    public function createHash($payload, Key $key)
-    {
-        return hash_hmac($this->getAlgorithm(), $payload, $key->getContent(), true);
-    }
+use Lcobucci\JWT\Signer;
 
 
-    /**
-     * {@inheritdoc}
-     */
-    public function doVerify($expected, $payload, Key $key)
-    {
-        if (!is_string($expected)) {
-            return false;
-        }
-
-        $callback = function_exists('hash_equals') ? 'hash_equals' : [$this, 'hashEquals'];
+use function hash_equals;
+use function hash_hmac;
 
 
-        return call_user_func($callback, $expected, $this->createHash($payload, $key));
+abstract class Hmac implements Signer
+{
+    final public function sign(string $payload, Key $key): string
+    {
+        return hash_hmac($this->algorithm(), $payload, $key->contents(), true);
     }
     }
 
 
-    /**
-     * PHP < 5.6 timing attack safe hash comparison
-     *
-     * @internal
-     *
-     * @param string $expected
-     * @param string $generated
-     *
-     * @return boolean
-     */
-    public function hashEquals($expected, $generated)
+    final public function verify(string $expected, string $payload, Key $key): bool
     {
     {
-        $expectedLength = strlen($expected);
-
-        if ($expectedLength !== strlen($generated)) {
-            return false;
-        }
-
-        $res = 0;
-
-        for ($i = 0; $i < $expectedLength; ++$i) {
-            $res |= ord($expected[$i]) ^ ord($generated[$i]);
-        }
-
-        return $res === 0;
+        return hash_equals($expected, $this->sign($payload, $key));
     }
     }
 
 
-    /**
-     * Returns the algorithm name
-     *
-     * @internal
-     *
-     * @return string
-     */
-    abstract public function getAlgorithm();
+    abstract public function algorithm(): string;
 }
 }

+ 4 - 20
api/vendor/lcobucci/jwt/src/Signer/Hmac/Sha256.php

@@ -1,34 +1,18 @@
 <?php
 <?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
+declare(strict_types=1);
 
 
 namespace Lcobucci\JWT\Signer\Hmac;
 namespace Lcobucci\JWT\Signer\Hmac;
 
 
 use Lcobucci\JWT\Signer\Hmac;
 use Lcobucci\JWT\Signer\Hmac;
 
 
-/**
- * Signer for HMAC SHA-256
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 0.1.0
- */
-class Sha256 extends Hmac
+final class Sha256 extends Hmac
 {
 {
-    /**
-     * {@inheritdoc}
-     */
-    public function getAlgorithmId()
+    public function algorithmId(): string
     {
     {
         return 'HS256';
         return 'HS256';
     }
     }
 
 
-    /**
-     * {@inheritdoc}
-     */
-    public function getAlgorithm()
+    public function algorithm(): string
     {
     {
         return 'sha256';
         return 'sha256';
     }
     }

+ 4 - 20
api/vendor/lcobucci/jwt/src/Signer/Hmac/Sha384.php

@@ -1,34 +1,18 @@
 <?php
 <?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
+declare(strict_types=1);
 
 
 namespace Lcobucci\JWT\Signer\Hmac;
 namespace Lcobucci\JWT\Signer\Hmac;
 
 
 use Lcobucci\JWT\Signer\Hmac;
 use Lcobucci\JWT\Signer\Hmac;
 
 
-/**
- * Signer for HMAC SHA-384
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 0.1.0
- */
-class Sha384 extends Hmac
+final class Sha384 extends Hmac
 {
 {
-    /**
-     * {@inheritdoc}
-     */
-    public function getAlgorithmId()
+    public function algorithmId(): string
     {
     {
         return 'HS384';
         return 'HS384';
     }
     }
 
 
-    /**
-     * {@inheritdoc}
-     */
-    public function getAlgorithm()
+    public function algorithm(): string
     {
     {
         return 'sha384';
         return 'sha384';
     }
     }

+ 4 - 20
api/vendor/lcobucci/jwt/src/Signer/Hmac/Sha512.php

@@ -1,34 +1,18 @@
 <?php
 <?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
+declare(strict_types=1);
 
 
 namespace Lcobucci\JWT\Signer\Hmac;
 namespace Lcobucci\JWT\Signer\Hmac;
 
 
 use Lcobucci\JWT\Signer\Hmac;
 use Lcobucci\JWT\Signer\Hmac;
 
 
-/**
- * Signer for HMAC SHA-512
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 0.1.0
- */
-class Sha512 extends Hmac
+final class Sha512 extends Hmac
 {
 {
-    /**
-     * {@inheritdoc}
-     */
-    public function getAlgorithmId()
+    public function algorithmId(): string
     {
     {
         return 'HS512';
         return 'HS512';
     }
     }
 
 
-    /**
-     * {@inheritdoc}
-     */
-    public function getAlgorithm()
+    public function algorithm(): string
     {
     {
         return 'sha512';
         return 'sha512';
     }
     }

+ 20 - 0
api/vendor/lcobucci/jwt/src/Signer/InvalidKeyProvided.php

@@ -0,0 +1,20 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Signer;
+
+use InvalidArgumentException;
+use Lcobucci\JWT\Exception;
+
+final class InvalidKeyProvided extends InvalidArgumentException implements Exception
+{
+    public static function cannotBeParsed(string $details): self
+    {
+        return new self('It was not possible to parse your key, reason: ' . $details);
+    }
+
+    public static function incompatibleKey(): self
+    {
+        return new self('This key is not compatible with this signer');
+    }
+}

+ 4 - 85
api/vendor/lcobucci/jwt/src/Signer/Key.php

@@ -1,92 +1,11 @@
 <?php
 <?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
+declare(strict_types=1);
 
 
 namespace Lcobucci\JWT\Signer;
 namespace Lcobucci\JWT\Signer;
 
 
-use Exception;
-use InvalidArgumentException;
-use SplFileObject;
-
-/**
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 3.0.4
- */
-final class Key
+interface Key
 {
 {
-    /**
-     * @var string
-     */
-    private $content;
-
-    /**
-     * @var string
-     */
-    private $passphrase;
-
-    /**
-     * @param string $content
-     * @param string $passphrase
-     */
-    public function __construct($content, $passphrase = null)
-    {
-        $this->setContent($content);
-        $this->passphrase = $passphrase;
-    }
-
-    /**
-     * @param string $content
-     *
-     * @throws InvalidArgumentException
-     */
-    private function setContent($content)
-    {
-        if (strpos($content, 'file://') === 0) {
-            $content = $this->readFile($content);
-        }
-
-        $this->content = $content;
-    }
-
-    /**
-     * @param string $content
-     *
-     * @return string
-     *
-     * @throws InvalidArgumentException
-     */
-    private function readFile($content)
-    {
-        try {
-            $file    = new SplFileObject(substr($content, 7));
-            $content = '';
-
-            while (! $file->eof()) {
-                $content .= $file->fgets();
-            }
-
-            return $content;
-        } catch (Exception $exception) {
-            throw new InvalidArgumentException('You must provide a valid key file', 0, $exception);
-        }
-    }
-
-    /**
-     * @return string
-     */
-    public function getContent()
-    {
-        return $this->content;
-    }
+    public function contents(): string;
 
 
-    /**
-     * @return string
-     */
-    public function getPassphrase()
-    {
-        return $this->passphrase;
-    }
+    public function passphrase(): string;
 }
 }

+ 20 - 0
api/vendor/lcobucci/jwt/src/Signer/Key/FileCouldNotBeRead.php

@@ -0,0 +1,20 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Signer\Key;
+
+use InvalidArgumentException;
+use Lcobucci\JWT\Exception;
+use Throwable;
+
+final class FileCouldNotBeRead extends InvalidArgumentException implements Exception
+{
+    public static function onPath(string $path, ?Throwable $cause = null): self
+    {
+        return new self(
+            'The path "' . $path . '" does not contain a valid key file',
+            0,
+            $cause
+        );
+    }
+}

+ 69 - 0
api/vendor/lcobucci/jwt/src/Signer/Key/InMemory.php

@@ -0,0 +1,69 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Signer\Key;
+
+use Lcobucci\JWT\Signer\Key;
+use Lcobucci\JWT\SodiumBase64Polyfill;
+use SplFileObject;
+use Throwable;
+
+use function assert;
+use function is_string;
+
+final class InMemory implements Key
+{
+    private string $contents;
+    private string $passphrase;
+
+    private function __construct(string $contents, string $passphrase)
+    {
+        $this->contents   = $contents;
+        $this->passphrase = $passphrase;
+    }
+
+    public static function empty(): self
+    {
+        return new self('', '');
+    }
+
+    public static function plainText(string $contents, string $passphrase = ''): self
+    {
+        return new self($contents, $passphrase);
+    }
+
+    public static function base64Encoded(string $contents, string $passphrase = ''): self
+    {
+        $decoded = SodiumBase64Polyfill::base642bin(
+            $contents,
+            SodiumBase64Polyfill::SODIUM_BASE64_VARIANT_ORIGINAL
+        );
+
+        return new self($decoded, $passphrase);
+    }
+
+    /** @throws FileCouldNotBeRead */
+    public static function file(string $path, string $passphrase = ''): self
+    {
+        try {
+            $file = new SplFileObject($path);
+        } catch (Throwable $exception) {
+            throw FileCouldNotBeRead::onPath($path, $exception);
+        }
+
+        $contents = $file->fread($file->getSize());
+        assert(is_string($contents));
+
+        return new self($contents, $passphrase);
+    }
+
+    public function contents(): string
+    {
+        return $this->contents;
+    }
+
+    public function passphrase(): string
+    {
+        return $this->passphrase;
+    }
+}

+ 54 - 0
api/vendor/lcobucci/jwt/src/Signer/Key/LocalFileReference.php

@@ -0,0 +1,54 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Signer\Key;
+
+use Lcobucci\JWT\Signer\Key;
+
+use function file_exists;
+use function strpos;
+use function substr;
+
+/** @deprecated please use {@see InMemory} instead */
+final class LocalFileReference implements Key
+{
+    private const PATH_PREFIX = 'file://';
+
+    private string $path;
+    private string $passphrase;
+    private string $contents;
+
+    private function __construct(string $path, string $passphrase)
+    {
+        $this->path       = $path;
+        $this->passphrase = $passphrase;
+    }
+
+    /** @throws FileCouldNotBeRead */
+    public static function file(string $path, string $passphrase = ''): self
+    {
+        if (strpos($path, self::PATH_PREFIX) === 0) {
+            $path = substr($path, 7);
+        }
+
+        if (! file_exists($path)) {
+            throw FileCouldNotBeRead::onPath($path);
+        }
+
+        return new self($path, $passphrase);
+    }
+
+    public function contents(): string
+    {
+        if (! isset($this->contents)) {
+            $this->contents = InMemory::file($this->path)->contents();
+        }
+
+        return $this->contents;
+    }
+
+    public function passphrase(): string
+    {
+        return $this->passphrase;
+    }
+}

+ 0 - 44
api/vendor/lcobucci/jwt/src/Signer/Keychain.php

@@ -1,44 +0,0 @@
-<?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
-
-namespace Lcobucci\JWT\Signer;
-
-/**
- * A utilitarian class that encapsulates the retrieval of public and private keys
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 2.1.0
- *
- * @deprecated Since we've removed OpenSSL from ECDSA there's no reason to use this class
- */
-class Keychain
-{
-    /**
-     * Returns a private key from file path or content
-     *
-     * @param string $key
-     * @param string $passphrase
-     *
-     * @return Key
-     */
-    public function getPrivateKey($key, $passphrase = null)
-    {
-        return new Key($key, $passphrase);
-    }
-
-    /**
-     * Returns a public key from file path or content
-     *
-     * @param string $certificate
-     *
-     * @return Key
-     */
-    public function getPublicKey($certificate)
-    {
-        return new Key($certificate);
-    }
-}

+ 26 - 0
api/vendor/lcobucci/jwt/src/Signer/None.php

@@ -0,0 +1,26 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Signer;
+
+use Lcobucci\JWT\Signer;
+
+final class None implements Signer
+{
+    public function algorithmId(): string
+    {
+        return 'none';
+    }
+
+    // @phpcs:ignore SlevomatCodingStandard.Functions.UnusedParameter.UnusedParameter
+    public function sign(string $payload, Key $key): string
+    {
+        return '';
+    }
+
+    // @phpcs:ignore SlevomatCodingStandard.Functions.UnusedParameter.UnusedParameter
+    public function verify(string $expected, string $payload, Key $key): bool
+    {
+        return $expected === '';
+    }
+}

+ 62 - 40
api/vendor/lcobucci/jwt/src/Signer/OpenSSL.php

@@ -1,11 +1,16 @@
 <?php
 <?php
+declare(strict_types=1);
+
 namespace Lcobucci\JWT\Signer;
 namespace Lcobucci\JWT\Signer;
 
 
-use InvalidArgumentException;
 use Lcobucci\JWT\Signer;
 use Lcobucci\JWT\Signer;
+use OpenSSLAsymmetricKey;
+
+use function array_key_exists;
 use function assert;
 use function assert;
 use function is_array;
 use function is_array;
-use function is_resource;
+use function is_bool;
+use function is_string;
 use function openssl_error_string;
 use function openssl_error_string;
 use function openssl_free_key;
 use function openssl_free_key;
 use function openssl_pkey_get_details;
 use function openssl_pkey_get_details;
@@ -14,34 +19,41 @@ use function openssl_pkey_get_public;
 use function openssl_sign;
 use function openssl_sign;
 use function openssl_verify;
 use function openssl_verify;
 
 
-abstract class OpenSSL extends BaseSigner
+abstract class OpenSSL implements Signer
 {
 {
-    public function createHash($payload, Key $key)
-    {
-        $privateKey = $this->getPrivateKey($key->getContent(), $key->getPassphrase());
+    /**
+     * @throws CannotSignPayload
+     * @throws InvalidKeyProvided
+     */
+    final protected function createSignature(
+        string $pem,
+        string $passphrase,
+        string $payload
+    ): string {
+        $key = $this->getPrivateKey($pem, $passphrase);
 
 
         try {
         try {
             $signature = '';
             $signature = '';
 
 
-            if (! openssl_sign($payload, $signature, $privateKey, $this->getAlgorithm())) {
-                throw new InvalidArgumentException(
-                    'There was an error while creating the signature: ' . openssl_error_string()
-                );
+            if (! openssl_sign($payload, $signature, $key, $this->algorithm())) {
+                $error = openssl_error_string();
+                assert(is_string($error));
+
+                throw CannotSignPayload::errorHappened($error);
             }
             }
 
 
             return $signature;
             return $signature;
         } finally {
         } finally {
-            openssl_free_key($privateKey);
+            $this->freeKey($key);
         }
         }
     }
     }
 
 
     /**
     /**
-     * @param string $pem
-     * @param string $passphrase
+     * @return resource|OpenSSLAsymmetricKey
      *
      *
-     * @return resource
+     * @throws CannotSignPayload
      */
      */
-    private function getPrivateKey($pem, $passphrase)
+    private function getPrivateKey(string $pem, string $passphrase)
     {
     {
         $privateKey = openssl_pkey_get_private($pem, $passphrase);
         $privateKey = openssl_pkey_get_private($pem, $passphrase);
         $this->validateKey($privateKey);
         $this->validateKey($privateKey);
@@ -49,27 +61,25 @@ abstract class OpenSSL extends BaseSigner
         return $privateKey;
         return $privateKey;
     }
     }
 
 
-    /**
-     * @param $expected
-     * @param $payload
-     * @param $pem
-     * @return bool
-     */
-    public function doVerify($expected, $payload, Key $key)
-    {
-        $publicKey = $this->getPublicKey($key->getContent());
-        $result    = openssl_verify($payload, $expected, $publicKey, $this->getAlgorithm());
-        openssl_free_key($publicKey);
+    /** @throws InvalidKeyProvided */
+    final protected function verifySignature(
+        string $expected,
+        string $payload,
+        string $pem
+    ): bool {
+        $key    = $this->getPublicKey($pem);
+        $result = openssl_verify($payload, $expected, $key, $this->algorithm());
+        $this->freeKey($key);
 
 
         return $result === 1;
         return $result === 1;
     }
     }
 
 
     /**
     /**
-     * @param string $pem
+     * @return resource|OpenSSLAsymmetricKey
      *
      *
-     * @return resource
+     * @throws InvalidKeyProvided
      */
      */
-    private function getPublicKey($pem)
+    private function getPublicKey(string $pem)
     {
     {
         $publicKey = openssl_pkey_get_public($pem);
         $publicKey = openssl_pkey_get_public($pem);
         $this->validateKey($publicKey);
         $this->validateKey($publicKey);
@@ -80,36 +90,48 @@ abstract class OpenSSL extends BaseSigner
     /**
     /**
      * Raises an exception when the key type is not the expected type
      * Raises an exception when the key type is not the expected type
      *
      *
-     * @param resource|bool $key
+     * @param resource|OpenSSLAsymmetricKey|bool $key
      *
      *
-     * @throws InvalidArgumentException
+     * @throws InvalidKeyProvided
      */
      */
-    private function validateKey($key)
+    private function validateKey($key): void
     {
     {
-        if (! is_resource($key)) {
-            throw new InvalidArgumentException(
-                'It was not possible to parse your key, reason: ' . openssl_error_string()
-            );
+        if (is_bool($key)) {
+            $error = openssl_error_string();
+            assert(is_string($error));
+
+            throw InvalidKeyProvided::cannotBeParsed($error);
         }
         }
 
 
         $details = openssl_pkey_get_details($key);
         $details = openssl_pkey_get_details($key);
+        assert(is_array($details));
 
 
-        if (! isset($details['key']) || $details['type'] !== $this->getKeyType()) {
-            throw new InvalidArgumentException('This key is not compatible with this signer');
+        if (! array_key_exists('key', $details) || $details['type'] !== $this->keyType()) {
+            throw InvalidKeyProvided::incompatibleKey();
         }
         }
     }
     }
 
 
+    /** @param resource|OpenSSLAsymmetricKey $key */
+    private function freeKey($key): void
+    {
+        if ($key instanceof OpenSSLAsymmetricKey) {
+            return;
+        }
+
+        openssl_free_key($key); // Deprecated and no longer necessary as of PHP >= 8.0
+    }
+
     /**
     /**
      * Returns the type of key to be used to create/verify the signature (using OpenSSL constants)
      * Returns the type of key to be used to create/verify the signature (using OpenSSL constants)
      *
      *
      * @internal
      * @internal
      */
      */
-    abstract public function getKeyType();
+    abstract public function keyType(): int;
 
 
     /**
     /**
      * Returns which algorithm to be used to create/verify the signature (using OpenSSL constants)
      * Returns which algorithm to be used to create/verify the signature (using OpenSSL constants)
      *
      *
      * @internal
      * @internal
      */
      */
-    abstract public function getAlgorithm();
+    abstract public function algorithm(): int;
 }
 }

+ 12 - 12
api/vendor/lcobucci/jwt/src/Signer/Rsa.php

@@ -1,23 +1,23 @@
 <?php
 <?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
+declare(strict_types=1);
 
 
 namespace Lcobucci\JWT\Signer;
 namespace Lcobucci\JWT\Signer;
 
 
 use const OPENSSL_KEYTYPE_RSA;
 use const OPENSSL_KEYTYPE_RSA;
 
 
-/**
- * Base class for RSASSA-PKCS1 signers
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 2.1.0
- */
 abstract class Rsa extends OpenSSL
 abstract class Rsa extends OpenSSL
 {
 {
-    final public function getKeyType()
+    final public function sign(string $payload, Key $key): string
+    {
+        return $this->createSignature($key->contents(), $key->passphrase(), $payload);
+    }
+
+    final public function verify(string $expected, string $payload, Key $key): bool
+    {
+        return $this->verifySignature($expected, $payload, $key->contents());
+    }
+
+    final public function keyType(): int
     {
     {
         return OPENSSL_KEYTYPE_RSA;
         return OPENSSL_KEYTYPE_RSA;
     }
     }

+ 6 - 20
api/vendor/lcobucci/jwt/src/Signer/Rsa/Sha256.php

@@ -1,34 +1,20 @@
 <?php
 <?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
+declare(strict_types=1);
 
 
 namespace Lcobucci\JWT\Signer\Rsa;
 namespace Lcobucci\JWT\Signer\Rsa;
 
 
 use Lcobucci\JWT\Signer\Rsa;
 use Lcobucci\JWT\Signer\Rsa;
 
 
-/**
- * Signer for RSA SHA-256
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 2.1.0
- */
-class Sha256 extends Rsa
+use const OPENSSL_ALGO_SHA256;
+
+final class Sha256 extends Rsa
 {
 {
-    /**
-     * {@inheritdoc}
-     */
-    public function getAlgorithmId()
+    public function algorithmId(): string
     {
     {
         return 'RS256';
         return 'RS256';
     }
     }
 
 
-    /**
-     * {@inheritdoc}
-     */
-    public function getAlgorithm()
+    public function algorithm(): int
     {
     {
         return OPENSSL_ALGO_SHA256;
         return OPENSSL_ALGO_SHA256;
     }
     }

+ 6 - 20
api/vendor/lcobucci/jwt/src/Signer/Rsa/Sha384.php

@@ -1,34 +1,20 @@
 <?php
 <?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
+declare(strict_types=1);
 
 
 namespace Lcobucci\JWT\Signer\Rsa;
 namespace Lcobucci\JWT\Signer\Rsa;
 
 
 use Lcobucci\JWT\Signer\Rsa;
 use Lcobucci\JWT\Signer\Rsa;
 
 
-/**
- * Signer for RSA SHA-384
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 2.1.0
- */
-class Sha384 extends Rsa
+use const OPENSSL_ALGO_SHA384;
+
+final class Sha384 extends Rsa
 {
 {
-    /**
-     * {@inheritdoc}
-     */
-    public function getAlgorithmId()
+    public function algorithmId(): string
     {
     {
         return 'RS384';
         return 'RS384';
     }
     }
 
 
-    /**
-     * {@inheritdoc}
-     */
-    public function getAlgorithm()
+    public function algorithm(): int
     {
     {
         return OPENSSL_ALGO_SHA384;
         return OPENSSL_ALGO_SHA384;
     }
     }

+ 6 - 20
api/vendor/lcobucci/jwt/src/Signer/Rsa/Sha512.php

@@ -1,34 +1,20 @@
 <?php
 <?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
+declare(strict_types=1);
 
 
 namespace Lcobucci\JWT\Signer\Rsa;
 namespace Lcobucci\JWT\Signer\Rsa;
 
 
 use Lcobucci\JWT\Signer\Rsa;
 use Lcobucci\JWT\Signer\Rsa;
 
 
-/**
- * Signer for RSA SHA-512
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 2.1.0
- */
-class Sha512 extends Rsa
+use const OPENSSL_ALGO_SHA512;
+
+final class Sha512 extends Rsa
 {
 {
-    /**
-     * {@inheritdoc}
-     */
-    public function getAlgorithmId()
+    public function algorithmId(): string
     {
     {
         return 'RS512';
         return 'RS512';
     }
     }
 
 
-    /**
-     * {@inheritdoc}
-     */
-    public function getAlgorithm()
+    public function algorithm(): int
     {
     {
         return OPENSSL_ALGO_SHA512;
         return OPENSSL_ALGO_SHA512;
     }
     }

+ 88 - 0
api/vendor/lcobucci/jwt/src/SodiumBase64Polyfill.php

@@ -0,0 +1,88 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT;
+
+use Lcobucci\JWT\Encoding\CannotDecodeContent;
+use SodiumException;
+
+use function base64_decode;
+use function base64_encode;
+use function function_exists;
+use function is_string;
+use function rtrim;
+use function sodium_base642bin;
+use function sodium_bin2base64;
+use function strtr;
+
+/** @internal */
+final class SodiumBase64Polyfill
+{
+    public const SODIUM_BASE64_VARIANT_ORIGINAL            = 1;
+    public const SODIUM_BASE64_VARIANT_ORIGINAL_NO_PADDING = 3;
+    public const SODIUM_BASE64_VARIANT_URLSAFE             = 5;
+    public const SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING  = 7;
+
+    public static function bin2base64(string $decoded, int $variant): string
+    {
+        if (! function_exists('sodium_bin2base64')) {
+            return self::bin2base64Fallback($decoded, $variant); // @codeCoverageIgnore
+        }
+
+        return sodium_bin2base64($decoded, $variant);
+    }
+
+    public static function bin2base64Fallback(string $decoded, int $variant): string
+    {
+        $encoded = base64_encode($decoded);
+
+        if (
+            $variant === self::SODIUM_BASE64_VARIANT_URLSAFE
+            || $variant === self::SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING
+        ) {
+            $encoded = strtr($encoded, '+/', '-_');
+        }
+
+        if (
+            $variant === self::SODIUM_BASE64_VARIANT_ORIGINAL_NO_PADDING
+            || $variant === self::SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING
+        ) {
+            $encoded = rtrim($encoded, '=');
+        }
+
+        return $encoded;
+    }
+
+    /** @throws CannotDecodeContent */
+    public static function base642bin(string $encoded, int $variant): string
+    {
+        if (! function_exists('sodium_base642bin')) {
+            return self::base642binFallback($encoded, $variant); // @codeCoverageIgnore
+        }
+
+        try {
+            return sodium_base642bin($encoded, $variant, '');
+        } catch (SodiumException $sodiumException) {
+            throw CannotDecodeContent::invalidBase64String();
+        }
+    }
+
+    /** @throws CannotDecodeContent */
+    public static function base642binFallback(string $encoded, int $variant): string
+    {
+        if (
+            $variant === self::SODIUM_BASE64_VARIANT_URLSAFE
+            || $variant === self::SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING
+        ) {
+            $encoded = strtr($encoded, '-_', '+/');
+        }
+
+        $decoded = base64_decode($encoded, true);
+
+        if (! is_string($decoded)) {
+            throw CannotDecodeContent::invalidBase64String();
+        }
+
+        return $decoded;
+    }
+}

+ 19 - 248
api/vendor/lcobucci/jwt/src/Token.php

@@ -1,284 +1,55 @@
 <?php
 <?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
+declare(strict_types=1);
 
 
 namespace Lcobucci\JWT;
 namespace Lcobucci\JWT;
 
 
-use BadMethodCallException;
-use DateTime;
 use DateTimeInterface;
 use DateTimeInterface;
-use Generator;
-use Lcobucci\JWT\Claim\Validatable;
-use OutOfBoundsException;
+use Lcobucci\JWT\Token\DataSet;
 
 
-/**
- * Basic structure of the JWT
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 0.1.0
- */
-class Token
+interface Token
 {
 {
-    /**
-     * The token headers
-     *
-     * @var array
-     */
-    private $headers;
-
-    /**
-     * The token claim set
-     *
-     * @var array
-     */
-    private $claims;
-
-    /**
-     * The token signature
-     *
-     * @var Signature
-     */
-    private $signature;
-
-    /**
-     * The encoded data
-     *
-     * @var array
-     */
-    private $payload;
-
-    /**
-     * Initializes the object
-     *
-     * @param array $headers
-     * @param array $claims
-     * @param array $payload
-     * @param Signature $signature
-     */
-    public function __construct(
-        array $headers = ['alg' => 'none'],
-        array $claims = [],
-        Signature $signature = null,
-        array $payload = ['', '']
-    ) {
-        $this->headers = $headers;
-        $this->claims = $claims;
-        $this->signature = $signature;
-        $this->payload = $payload;
-    }
-
     /**
     /**
      * Returns the token headers
      * Returns the token headers
-     *
-     * @return array
-     */
-    public function getHeaders()
-    {
-        return $this->headers;
-    }
-
-    /**
-     * Returns if the header is configured
-     *
-     * @param string $name
-     *
-     * @return boolean
-     */
-    public function hasHeader($name)
-    {
-        return array_key_exists($name, $this->headers);
-    }
-
-    /**
-     * Returns the value of a token header
-     *
-     * @param string $name
-     * @param mixed $default
-     *
-     * @return mixed
-     *
-     * @throws OutOfBoundsException
      */
      */
-    public function getHeader($name, $default = null)
-    {
-        if ($this->hasHeader($name)) {
-            return $this->getHeaderValue($name);
-        }
-
-        if ($default === null) {
-            throw new OutOfBoundsException('Requested header is not configured');
-        }
-
-        return $default;
-    }
+    public function headers(): DataSet;
 
 
     /**
     /**
-     * Returns the value stored in header
-     *
-     * @param string $name
-     *
-     * @return mixed
+     * Returns if the token is allowed to be used by the audience
      */
      */
-    private function getHeaderValue($name)
-    {
-        $header = $this->headers[$name];
-
-        if ($header instanceof Claim) {
-            return $header->getValue();
-        }
-
-        return $header;
-    }
+    public function isPermittedFor(string $audience): bool;
 
 
     /**
     /**
-     * Returns the token claim set
-     *
-     * @return array
+     * Returns if the token has the given id
      */
      */
-    public function getClaims()
-    {
-        return $this->claims;
-    }
+    public function isIdentifiedBy(string $id): bool;
 
 
     /**
     /**
-     * Returns if the claim is configured
-     *
-     * @param string $name
-     *
-     * @return boolean
+     * Returns if the token has the given subject
      */
      */
-    public function hasClaim($name)
-    {
-        return array_key_exists($name, $this->claims);
-    }
+    public function isRelatedTo(string $subject): bool;
 
 
     /**
     /**
-     * Returns the value of a token claim
-     *
-     * @param string $name
-     * @param mixed $default
-     *
-     * @return mixed
-     *
-     * @throws OutOfBoundsException
+     * Returns if the token was issued by any of given issuers
      */
      */
-    public function getClaim($name, $default = null)
-    {
-        if ($this->hasClaim($name)) {
-            return $this->claims[$name]->getValue();
-        }
-
-        if ($default === null) {
-            throw new OutOfBoundsException('Requested claim is not configured');
-        }
-
-        return $default;
-    }
+    public function hasBeenIssuedBy(string ...$issuers): bool;
 
 
     /**
     /**
-     * Verify if the key matches with the one that created the signature
-     *
-     * @param Signer $signer
-     * @param string $key
-     *
-     * @return boolean
-     *
-     * @throws BadMethodCallException When token is not signed
+     * Returns if the token was issued before of given time
      */
      */
-    public function verify(Signer $signer, $key)
-    {
-        if ($this->signature === null) {
-            throw new BadMethodCallException('This token is not signed');
-        }
-
-        if ($this->headers['alg'] !== $signer->getAlgorithmId()) {
-            return false;
-        }
-
-        return $this->signature->verify($signer, $this->getPayload(), $key);
-    }
+    public function hasBeenIssuedBefore(DateTimeInterface $now): bool;
 
 
     /**
     /**
-     * Validates if the token is valid
-     *
-     * @param ValidationData $data
-     *
-     * @return boolean
+     * Returns if the token minimum time is before than given time
      */
      */
-    public function validate(ValidationData $data)
-    {
-        foreach ($this->getValidatableClaims() as $claim) {
-            if (!$claim->validate($data)) {
-                return false;
-            }
-        }
-
-        return true;
-    }
+    public function isMinimumTimeBefore(DateTimeInterface $now): bool;
 
 
     /**
     /**
-     * Determine if the token is expired.
-     *
-     * @param DateTimeInterface $now Defaults to the current time.
-     *
-     * @return bool
+     * Returns if the token is expired
      */
      */
-    public function isExpired(DateTimeInterface $now = null)
-    {
-        $exp = $this->getClaim('exp', false);
-
-        if ($exp === false) {
-            return false;
-        }
-
-        $now = $now ?: new DateTime();
-
-        $expiresAt = new DateTime();
-        $expiresAt->setTimestamp($exp);
-
-        return $now > $expiresAt;
-    }
-
-    /**
-     * Yields the validatable claims
-     *
-     * @return Generator
-     */
-    private function getValidatableClaims()
-    {
-        foreach ($this->claims as $claim) {
-            if ($claim instanceof Validatable) {
-                yield $claim;
-            }
-        }
-    }
-
-    /**
-     * Returns the token payload
-     *
-     * @return string
-     */
-    public function getPayload()
-    {
-        return $this->payload[0] . '.' . $this->payload[1];
-    }
+    public function isExpired(DateTimeInterface $now): bool;
 
 
     /**
     /**
      * Returns an encoded representation of the token
      * Returns an encoded representation of the token
-     *
-     * @return string
      */
      */
-    public function __toString()
-    {
-        $data = implode('.', $this->payload);
-
-        if ($this->signature === null) {
-            $data .= '.';
-        }
-
-        return $data;
-    }
+    public function toString(): string;
 }
 }

+ 128 - 0
api/vendor/lcobucci/jwt/src/Token/Builder.php

@@ -0,0 +1,128 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Token;
+
+use DateTimeImmutable;
+use Lcobucci\JWT\Builder as BuilderInterface;
+use Lcobucci\JWT\ClaimsFormatter;
+use Lcobucci\JWT\Encoder;
+use Lcobucci\JWT\Encoding\CannotEncodeContent;
+use Lcobucci\JWT\Signer;
+use Lcobucci\JWT\Signer\Key;
+
+use function array_diff;
+use function array_merge;
+use function in_array;
+
+final class Builder implements BuilderInterface
+{
+    /** @var array<string, mixed> */
+    private array $headers = ['typ' => 'JWT', 'alg' => null];
+
+    /** @var array<string, mixed> */
+    private array $claims = [];
+
+    private Encoder $encoder;
+    private ClaimsFormatter $claimFormatter;
+
+    public function __construct(Encoder $encoder, ClaimsFormatter $claimFormatter)
+    {
+        $this->encoder        = $encoder;
+        $this->claimFormatter = $claimFormatter;
+    }
+
+    public function permittedFor(string ...$audiences): BuilderInterface
+    {
+        $configured = $this->claims[RegisteredClaims::AUDIENCE] ?? [];
+        $toAppend   = array_diff($audiences, $configured);
+
+        return $this->setClaim(RegisteredClaims::AUDIENCE, array_merge($configured, $toAppend));
+    }
+
+    public function expiresAt(DateTimeImmutable $expiration): BuilderInterface
+    {
+        return $this->setClaim(RegisteredClaims::EXPIRATION_TIME, $expiration);
+    }
+
+    public function identifiedBy(string $id): BuilderInterface
+    {
+        return $this->setClaim(RegisteredClaims::ID, $id);
+    }
+
+    public function issuedAt(DateTimeImmutable $issuedAt): BuilderInterface
+    {
+        return $this->setClaim(RegisteredClaims::ISSUED_AT, $issuedAt);
+    }
+
+    public function issuedBy(string $issuer): BuilderInterface
+    {
+        return $this->setClaim(RegisteredClaims::ISSUER, $issuer);
+    }
+
+    public function canOnlyBeUsedAfter(DateTimeImmutable $notBefore): BuilderInterface
+    {
+        return $this->setClaim(RegisteredClaims::NOT_BEFORE, $notBefore);
+    }
+
+    public function relatedTo(string $subject): BuilderInterface
+    {
+        return $this->setClaim(RegisteredClaims::SUBJECT, $subject);
+    }
+
+    /** @inheritdoc */
+    public function withHeader(string $name, $value): BuilderInterface
+    {
+        $this->headers[$name] = $value;
+
+        return $this;
+    }
+
+    /** @inheritdoc */
+    public function withClaim(string $name, $value): BuilderInterface
+    {
+        if (in_array($name, RegisteredClaims::ALL, true)) {
+            throw RegisteredClaimGiven::forClaim($name);
+        }
+
+        return $this->setClaim($name, $value);
+    }
+
+    /** @param mixed $value */
+    private function setClaim(string $name, $value): BuilderInterface
+    {
+        $this->claims[$name] = $value;
+
+        return $this;
+    }
+
+    /**
+     * @param array<string, mixed> $items
+     *
+     * @throws CannotEncodeContent When data cannot be converted to JSON.
+     */
+    private function encode(array $items): string
+    {
+        return $this->encoder->base64UrlEncode(
+            $this->encoder->jsonEncode($items)
+        );
+    }
+
+    public function getToken(Signer $signer, Key $key): Plain
+    {
+        $headers        = $this->headers;
+        $headers['alg'] = $signer->algorithmId();
+
+        $encodedHeaders = $this->encode($headers);
+        $encodedClaims  = $this->encode($this->claimFormatter->formatClaims($this->claims));
+
+        $signature        = $signer->sign($encodedHeaders . '.' . $encodedClaims, $key);
+        $encodedSignature = $this->encoder->base64UrlEncode($signature);
+
+        return new Plain(
+            new DataSet($headers, $encodedHeaders),
+            new DataSet($this->claims, $encodedClaims),
+            new Signature($signature, $encodedSignature)
+        );
+    }
+}

+ 46 - 0
api/vendor/lcobucci/jwt/src/Token/DataSet.php

@@ -0,0 +1,46 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Token;
+
+use function array_key_exists;
+
+final class DataSet
+{
+    /** @var array<string, mixed> */
+    private array $data;
+    private string $encoded;
+
+    /** @param mixed[] $data */
+    public function __construct(array $data, string $encoded)
+    {
+        $this->data    = $data;
+        $this->encoded = $encoded;
+    }
+
+    /**
+     * @param mixed|null $default
+     *
+     * @return mixed|null
+     */
+    public function get(string $name, $default = null)
+    {
+        return $this->data[$name] ?? $default;
+    }
+
+    public function has(string $name): bool
+    {
+        return array_key_exists($name, $this->data);
+    }
+
+    /** @return mixed[] */
+    public function all(): array
+    {
+        return $this->data;
+    }
+
+    public function toString(): string
+    {
+        return $this->encoded;
+    }
+}

+ 25 - 0
api/vendor/lcobucci/jwt/src/Token/InvalidTokenStructure.php

@@ -0,0 +1,25 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Token;
+
+use InvalidArgumentException;
+use Lcobucci\JWT\Exception;
+
+final class InvalidTokenStructure extends InvalidArgumentException implements Exception
+{
+    public static function missingOrNotEnoughSeparators(): self
+    {
+        return new self('The JWT string must have two dots');
+    }
+
+    public static function arrayExpected(string $part): self
+    {
+        return new self($part . ' must be an array');
+    }
+
+    public static function dateIsNotParseable(string $value): self
+    {
+        return new self('Value is not in the allowed date format: ' . $value);
+    }
+}

+ 154 - 0
api/vendor/lcobucci/jwt/src/Token/Parser.php

@@ -0,0 +1,154 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Token;
+
+use DateTimeImmutable;
+use Lcobucci\JWT\Decoder;
+use Lcobucci\JWT\Parser as ParserInterface;
+use Lcobucci\JWT\Token as TokenInterface;
+
+use function array_key_exists;
+use function count;
+use function explode;
+use function is_array;
+use function is_numeric;
+use function number_format;
+
+final class Parser implements ParserInterface
+{
+    private const MICROSECOND_PRECISION = 6;
+
+    private Decoder $decoder;
+
+    public function __construct(Decoder $decoder)
+    {
+        $this->decoder = $decoder;
+    }
+
+    public function parse(string $jwt): TokenInterface
+    {
+        [$encodedHeaders, $encodedClaims, $encodedSignature] = $this->splitJwt($jwt);
+
+        $header = $this->parseHeader($encodedHeaders);
+
+        return new Plain(
+            new DataSet($header, $encodedHeaders),
+            new DataSet($this->parseClaims($encodedClaims), $encodedClaims),
+            $this->parseSignature($header, $encodedSignature)
+        );
+    }
+
+    /**
+     * Splits the JWT string into an array
+     *
+     * @return string[]
+     *
+     * @throws InvalidTokenStructure When JWT doesn't have all parts.
+     */
+    private function splitJwt(string $jwt): array
+    {
+        $data = explode('.', $jwt);
+
+        if (count($data) !== 3) {
+            throw InvalidTokenStructure::missingOrNotEnoughSeparators();
+        }
+
+        return $data;
+    }
+
+    /**
+     * Parses the header from a string
+     *
+     * @return mixed[]
+     *
+     * @throws UnsupportedHeaderFound When an invalid header is informed.
+     * @throws InvalidTokenStructure  When parsed content isn't an array.
+     */
+    private function parseHeader(string $data): array
+    {
+        $header = $this->decoder->jsonDecode($this->decoder->base64UrlDecode($data));
+
+        if (! is_array($header)) {
+            throw InvalidTokenStructure::arrayExpected('headers');
+        }
+
+        if (array_key_exists('enc', $header)) {
+            throw UnsupportedHeaderFound::encryption();
+        }
+
+        if (! array_key_exists('typ', $header)) {
+            $header['typ'] = 'JWT';
+        }
+
+        return $header;
+    }
+
+    /**
+     * Parses the claim set from a string
+     *
+     * @return mixed[]
+     *
+     * @throws InvalidTokenStructure When parsed content isn't an array or contains non-parseable dates.
+     */
+    private function parseClaims(string $data): array
+    {
+        $claims = $this->decoder->jsonDecode($this->decoder->base64UrlDecode($data));
+
+        if (! is_array($claims)) {
+            throw InvalidTokenStructure::arrayExpected('claims');
+        }
+
+        if (array_key_exists(RegisteredClaims::AUDIENCE, $claims)) {
+            $claims[RegisteredClaims::AUDIENCE] = (array) $claims[RegisteredClaims::AUDIENCE];
+        }
+
+        foreach (RegisteredClaims::DATE_CLAIMS as $claim) {
+            if (! array_key_exists($claim, $claims)) {
+                continue;
+            }
+
+            $claims[$claim] = $this->convertDate($claims[$claim]);
+        }
+
+        return $claims;
+    }
+
+    /**
+     * @param int|float|string $timestamp
+     *
+     * @throws InvalidTokenStructure
+     */
+    private function convertDate($timestamp): DateTimeImmutable
+    {
+        if (! is_numeric($timestamp)) {
+            throw InvalidTokenStructure::dateIsNotParseable($timestamp);
+        }
+
+        $normalizedTimestamp = number_format((float) $timestamp, self::MICROSECOND_PRECISION, '.', '');
+
+        $date = DateTimeImmutable::createFromFormat('U.u', $normalizedTimestamp);
+
+        if ($date === false) {
+            throw InvalidTokenStructure::dateIsNotParseable($normalizedTimestamp);
+        }
+
+        return $date;
+    }
+
+    /**
+     * Returns the signature from given data
+     *
+     * @param mixed[] $header
+     */
+    private function parseSignature(array $header, string $data): Signature
+    {
+        if ($data === '' || ! array_key_exists('alg', $header) || $header['alg'] === 'none') {
+            return Signature::fromEmptyData();
+        }
+
+        $hash = $this->decoder->base64UrlDecode($data);
+
+        return new Signature($hash, $data);
+    }
+}

+ 92 - 0
api/vendor/lcobucci/jwt/src/Token/Plain.php

@@ -0,0 +1,92 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Token;
+
+use DateTimeInterface;
+use Lcobucci\JWT\UnencryptedToken;
+
+use function in_array;
+
+final class Plain implements UnencryptedToken
+{
+    private DataSet $headers;
+    private DataSet $claims;
+    private Signature $signature;
+
+    public function __construct(
+        DataSet $headers,
+        DataSet $claims,
+        Signature $signature
+    ) {
+        $this->headers   = $headers;
+        $this->claims    = $claims;
+        $this->signature = $signature;
+    }
+
+    public function headers(): DataSet
+    {
+        return $this->headers;
+    }
+
+    public function claims(): DataSet
+    {
+        return $this->claims;
+    }
+
+    public function signature(): Signature
+    {
+        return $this->signature;
+    }
+
+    public function payload(): string
+    {
+        return $this->headers->toString() . '.' . $this->claims->toString();
+    }
+
+    public function isPermittedFor(string $audience): bool
+    {
+        return in_array($audience, $this->claims->get(RegisteredClaims::AUDIENCE, []), true);
+    }
+
+    public function isIdentifiedBy(string $id): bool
+    {
+        return $this->claims->get(RegisteredClaims::ID) === $id;
+    }
+
+    public function isRelatedTo(string $subject): bool
+    {
+        return $this->claims->get(RegisteredClaims::SUBJECT) === $subject;
+    }
+
+    public function hasBeenIssuedBy(string ...$issuers): bool
+    {
+        return in_array($this->claims->get(RegisteredClaims::ISSUER), $issuers, true);
+    }
+
+    public function hasBeenIssuedBefore(DateTimeInterface $now): bool
+    {
+        return $now >= $this->claims->get(RegisteredClaims::ISSUED_AT);
+    }
+
+    public function isMinimumTimeBefore(DateTimeInterface $now): bool
+    {
+        return $now >= $this->claims->get(RegisteredClaims::NOT_BEFORE);
+    }
+
+    public function isExpired(DateTimeInterface $now): bool
+    {
+        if (! $this->claims->has(RegisteredClaims::EXPIRATION_TIME)) {
+            return false;
+        }
+
+        return $now >= $this->claims->get(RegisteredClaims::EXPIRATION_TIME);
+    }
+
+    public function toString(): string
+    {
+        return $this->headers->toString() . '.'
+             . $this->claims->toString() . '.'
+             . $this->signature->toString();
+    }
+}

+ 20 - 0
api/vendor/lcobucci/jwt/src/Token/RegisteredClaimGiven.php

@@ -0,0 +1,20 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Token;
+
+use InvalidArgumentException;
+use Lcobucci\JWT\Exception;
+
+use function sprintf;
+
+final class RegisteredClaimGiven extends InvalidArgumentException implements Exception
+{
+    private const DEFAULT_MESSAGE = 'Builder#withClaim() is meant to be used for non-registered claims, '
+                                  . 'check the documentation on how to set claim "%s"';
+
+    public static function forClaim(string $name): self
+    {
+        return new self(sprintf(self::DEFAULT_MESSAGE, $name));
+    }
+}

+ 77 - 0
api/vendor/lcobucci/jwt/src/Token/RegisteredClaims.php

@@ -0,0 +1,77 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Token;
+
+/**
+ * Defines the list of claims that are registered in the IANA "JSON Web Token Claims" registry
+ *
+ * @see https://tools.ietf.org/html/rfc7519#section-4.1
+ */
+interface RegisteredClaims
+{
+    public const ALL = [
+        self::AUDIENCE,
+        self::EXPIRATION_TIME,
+        self::ID,
+        self::ISSUED_AT,
+        self::ISSUER,
+        self::NOT_BEFORE,
+        self::SUBJECT,
+    ];
+
+    public const DATE_CLAIMS = [
+        self::ISSUED_AT,
+        self::NOT_BEFORE,
+        self::EXPIRATION_TIME,
+    ];
+
+    /**
+     * Identifies the recipients that the JWT is intended for
+     *
+     * @see https://tools.ietf.org/html/rfc7519#section-4.1.3
+     */
+    public const AUDIENCE = 'aud';
+
+    /**
+     * Identifies the expiration time on or after which the JWT MUST NOT be accepted for processing
+     *
+     * @see https://tools.ietf.org/html/rfc7519#section-4.1.4
+     */
+    public const EXPIRATION_TIME = 'exp';
+
+    /**
+     * Provides a unique identifier for the JWT
+     *
+     * @see https://tools.ietf.org/html/rfc7519#section-4.1.7
+     */
+    public const ID = 'jti';
+
+    /**
+     * Identifies the time at which the JWT was issued
+     *
+     * @see https://tools.ietf.org/html/rfc7519#section-4.1.6
+     */
+    public const ISSUED_AT = 'iat';
+
+    /**
+     * Identifies the principal that issued the JWT
+     *
+     * @see https://tools.ietf.org/html/rfc7519#section-4.1.1
+     */
+    public const ISSUER = 'iss';
+
+    /**
+     * Identifies the time before which the JWT MUST NOT be accepted for processing
+     *
+     * https://tools.ietf.org/html/rfc7519#section-4.1.5
+     */
+    public const NOT_BEFORE = 'nbf';
+
+    /**
+     * Identifies the principal that is the subject of the JWT.
+     *
+     * https://tools.ietf.org/html/rfc7519#section-4.1.2
+     */
+    public const SUBJECT = 'sub';
+}

+ 34 - 0
api/vendor/lcobucci/jwt/src/Token/Signature.php

@@ -0,0 +1,34 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Token;
+
+final class Signature
+{
+    private string $hash;
+    private string $encoded;
+
+    public function __construct(string $hash, string $encoded)
+    {
+        $this->hash    = $hash;
+        $this->encoded = $encoded;
+    }
+
+    public static function fromEmptyData(): self
+    {
+        return new self('', '');
+    }
+
+    public function hash(): string
+    {
+        return $this->hash;
+    }
+
+    /**
+     * Returns the encoded version of the signature
+     */
+    public function toString(): string
+    {
+        return $this->encoded;
+    }
+}

+ 15 - 0
api/vendor/lcobucci/jwt/src/Token/UnsupportedHeaderFound.php

@@ -0,0 +1,15 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Token;
+
+use InvalidArgumentException;
+use Lcobucci\JWT\Exception;
+
+final class UnsupportedHeaderFound extends InvalidArgumentException implements Exception
+{
+    public static function encryption(): self
+    {
+        return new self('Encryption is not supported yet');
+    }
+}

+ 25 - 0
api/vendor/lcobucci/jwt/src/UnencryptedToken.php

@@ -0,0 +1,25 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT;
+
+use Lcobucci\JWT\Token\DataSet;
+use Lcobucci\JWT\Token\Signature;
+
+interface UnencryptedToken extends Token
+{
+    /**
+     * Returns the token claims
+     */
+    public function claims(): DataSet;
+
+    /**
+     * Returns the token signature
+     */
+    public function signature(): Signature;
+
+    /**
+     * Returns the token payload
+     */
+    public function payload(): string;
+}

+ 12 - 0
api/vendor/lcobucci/jwt/src/Validation/Constraint.php

@@ -0,0 +1,12 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Validation;
+
+use Lcobucci\JWT\Token;
+
+interface Constraint
+{
+    /** @throws ConstraintViolation */
+    public function assert(Token $token): void;
+}

+ 27 - 0
api/vendor/lcobucci/jwt/src/Validation/Constraint/IdentifiedBy.php

@@ -0,0 +1,27 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Validation\Constraint;
+
+use Lcobucci\JWT\Token;
+use Lcobucci\JWT\Validation\Constraint;
+use Lcobucci\JWT\Validation\ConstraintViolation;
+
+final class IdentifiedBy implements Constraint
+{
+    private string $id;
+
+    public function __construct(string $id)
+    {
+        $this->id = $id;
+    }
+
+    public function assert(Token $token): void
+    {
+        if (! $token->isIdentifiedBy($this->id)) {
+            throw new ConstraintViolation(
+                'The token is not identified with the expected ID'
+            );
+        }
+    }
+}

+ 28 - 0
api/vendor/lcobucci/jwt/src/Validation/Constraint/IssuedBy.php

@@ -0,0 +1,28 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Validation\Constraint;
+
+use Lcobucci\JWT\Token;
+use Lcobucci\JWT\Validation\Constraint;
+use Lcobucci\JWT\Validation\ConstraintViolation;
+
+final class IssuedBy implements Constraint
+{
+    /** @var string[] */
+    private array $issuers;
+
+    public function __construct(string ...$issuers)
+    {
+        $this->issuers = $issuers;
+    }
+
+    public function assert(Token $token): void
+    {
+        if (! $token->hasBeenIssuedBy(...$this->issuers)) {
+            throw new ConstraintViolation(
+                'The token was not issued by the given issuers'
+            );
+        }
+    }
+}

+ 15 - 0
api/vendor/lcobucci/jwt/src/Validation/Constraint/LeewayCannotBeNegative.php

@@ -0,0 +1,15 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Validation\Constraint;
+
+use InvalidArgumentException;
+use Lcobucci\JWT\Exception;
+
+final class LeewayCannotBeNegative extends InvalidArgumentException implements Exception
+{
+    public static function create(): self
+    {
+        return new self('Leeway cannot be negative');
+    }
+}

+ 69 - 0
api/vendor/lcobucci/jwt/src/Validation/Constraint/LooseValidAt.php

@@ -0,0 +1,69 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Validation\Constraint;
+
+use DateInterval;
+use DateTimeInterface;
+use Lcobucci\Clock\Clock;
+use Lcobucci\JWT\Token;
+use Lcobucci\JWT\Validation\Constraint;
+use Lcobucci\JWT\Validation\ConstraintViolation;
+
+final class LooseValidAt implements Constraint
+{
+    private Clock $clock;
+    private DateInterval $leeway;
+
+    public function __construct(Clock $clock, ?DateInterval $leeway = null)
+    {
+        $this->clock  = $clock;
+        $this->leeway = $this->guardLeeway($leeway);
+    }
+
+    private function guardLeeway(?DateInterval $leeway): DateInterval
+    {
+        if ($leeway === null) {
+            return new DateInterval('PT0S');
+        }
+
+        if ($leeway->invert === 1) {
+            throw LeewayCannotBeNegative::create();
+        }
+
+        return $leeway;
+    }
+
+    public function assert(Token $token): void
+    {
+        $now = $this->clock->now();
+
+        $this->assertIssueTime($token, $now->add($this->leeway));
+        $this->assertMinimumTime($token, $now->add($this->leeway));
+        $this->assertExpiration($token, $now->sub($this->leeway));
+    }
+
+    /** @throws ConstraintViolation */
+    private function assertExpiration(Token $token, DateTimeInterface $now): void
+    {
+        if ($token->isExpired($now)) {
+            throw new ConstraintViolation('The token is expired');
+        }
+    }
+
+    /** @throws ConstraintViolation */
+    private function assertMinimumTime(Token $token, DateTimeInterface $now): void
+    {
+        if (! $token->isMinimumTimeBefore($now)) {
+            throw new ConstraintViolation('The token cannot be used yet');
+        }
+    }
+
+    /** @throws ConstraintViolation */
+    private function assertIssueTime(Token $token, DateTimeInterface $now): void
+    {
+        if (! $token->hasBeenIssuedBefore($now)) {
+            throw new ConstraintViolation('The token was issued in the future');
+        }
+    }
+}

+ 27 - 0
api/vendor/lcobucci/jwt/src/Validation/Constraint/PermittedFor.php

@@ -0,0 +1,27 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Validation\Constraint;
+
+use Lcobucci\JWT\Token;
+use Lcobucci\JWT\Validation\Constraint;
+use Lcobucci\JWT\Validation\ConstraintViolation;
+
+final class PermittedFor implements Constraint
+{
+    private string $audience;
+
+    public function __construct(string $audience)
+    {
+        $this->audience = $audience;
+    }
+
+    public function assert(Token $token): void
+    {
+        if (! $token->isPermittedFor($this->audience)) {
+            throw new ConstraintViolation(
+                'The token is not allowed to be used by this audience'
+            );
+        }
+    }
+}

+ 27 - 0
api/vendor/lcobucci/jwt/src/Validation/Constraint/RelatedTo.php

@@ -0,0 +1,27 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Validation\Constraint;
+
+use Lcobucci\JWT\Token;
+use Lcobucci\JWT\Validation\Constraint;
+use Lcobucci\JWT\Validation\ConstraintViolation;
+
+final class RelatedTo implements Constraint
+{
+    private string $subject;
+
+    public function __construct(string $subject)
+    {
+        $this->subject = $subject;
+    }
+
+    public function assert(Token $token): void
+    {
+        if (! $token->isRelatedTo($this->subject)) {
+            throw new ConstraintViolation(
+                'The token is not related to the expected subject'
+            );
+        }
+    }
+}

+ 37 - 0
api/vendor/lcobucci/jwt/src/Validation/Constraint/SignedWith.php

@@ -0,0 +1,37 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Validation\Constraint;
+
+use Lcobucci\JWT\Signer;
+use Lcobucci\JWT\Token;
+use Lcobucci\JWT\UnencryptedToken;
+use Lcobucci\JWT\Validation\Constraint;
+use Lcobucci\JWT\Validation\ConstraintViolation;
+
+final class SignedWith implements Constraint
+{
+    private Signer $signer;
+    private Signer\Key $key;
+
+    public function __construct(Signer $signer, Signer\Key $key)
+    {
+        $this->signer = $signer;
+        $this->key    = $key;
+    }
+
+    public function assert(Token $token): void
+    {
+        if (! $token instanceof UnencryptedToken) {
+            throw new ConstraintViolation('You should pass a plain token');
+        }
+
+        if ($token->headers()->get('alg') !== $this->signer->algorithmId()) {
+            throw new ConstraintViolation('Token signer mismatch');
+        }
+
+        if (! $this->signer->verify($token->signature()->hash(), $token->payload(), $this->key)) {
+            throw new ConstraintViolation('Token signature mismatch');
+        }
+    }
+}

+ 86 - 0
api/vendor/lcobucci/jwt/src/Validation/Constraint/StrictValidAt.php

@@ -0,0 +1,86 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Validation\Constraint;
+
+use DateInterval;
+use DateTimeInterface;
+use Lcobucci\Clock\Clock;
+use Lcobucci\JWT\Token;
+use Lcobucci\JWT\UnencryptedToken;
+use Lcobucci\JWT\Validation\Constraint;
+use Lcobucci\JWT\Validation\ConstraintViolation;
+
+final class StrictValidAt implements Constraint
+{
+    private Clock $clock;
+    private DateInterval $leeway;
+
+    public function __construct(Clock $clock, ?DateInterval $leeway = null)
+    {
+        $this->clock  = $clock;
+        $this->leeway = $this->guardLeeway($leeway);
+    }
+
+    private function guardLeeway(?DateInterval $leeway): DateInterval
+    {
+        if ($leeway === null) {
+            return new DateInterval('PT0S');
+        }
+
+        if ($leeway->invert === 1) {
+            throw LeewayCannotBeNegative::create();
+        }
+
+        return $leeway;
+    }
+
+    public function assert(Token $token): void
+    {
+        if (! $token instanceof UnencryptedToken) {
+            throw new ConstraintViolation('You should pass a plain token');
+        }
+
+        $now = $this->clock->now();
+
+        $this->assertIssueTime($token, $now->add($this->leeway));
+        $this->assertMinimumTime($token, $now->add($this->leeway));
+        $this->assertExpiration($token, $now->sub($this->leeway));
+    }
+
+    /** @throws ConstraintViolation */
+    private function assertExpiration(UnencryptedToken $token, DateTimeInterface $now): void
+    {
+        if (! $token->claims()->has(Token\RegisteredClaims::EXPIRATION_TIME)) {
+            throw new ConstraintViolation('"Expiration Time" claim missing');
+        }
+
+        if ($token->isExpired($now)) {
+            throw new ConstraintViolation('The token is expired');
+        }
+    }
+
+    /** @throws ConstraintViolation */
+    private function assertMinimumTime(UnencryptedToken $token, DateTimeInterface $now): void
+    {
+        if (! $token->claims()->has(Token\RegisteredClaims::NOT_BEFORE)) {
+            throw new ConstraintViolation('"Not Before" claim missing');
+        }
+
+        if (! $token->isMinimumTimeBefore($now)) {
+            throw new ConstraintViolation('The token cannot be used yet');
+        }
+    }
+
+    /** @throws ConstraintViolation */
+    private function assertIssueTime(UnencryptedToken $token, DateTimeInterface $now): void
+    {
+        if (! $token->claims()->has(Token\RegisteredClaims::ISSUED_AT)) {
+            throw new ConstraintViolation('"Issued At" claim missing');
+        }
+
+        if (! $token->hasBeenIssuedBefore($now)) {
+            throw new ConstraintViolation('The token was issued in the future');
+        }
+    }
+}

+ 25 - 0
api/vendor/lcobucci/jwt/src/Validation/Constraint/ValidAt.php

@@ -0,0 +1,25 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Validation\Constraint;
+
+use DateInterval;
+use Lcobucci\Clock\Clock;
+use Lcobucci\JWT\Token;
+use Lcobucci\JWT\Validation\Constraint;
+
+/** @deprecated Use \Lcobucci\JWT\Validation\Constraint\LooseValidAt */
+final class ValidAt implements Constraint
+{
+    private LooseValidAt $constraint;
+
+    public function __construct(Clock $clock, ?DateInterval $leeway = null)
+    {
+        $this->constraint = new LooseValidAt($clock, $leeway);
+    }
+
+    public function assert(Token $token): void
+    {
+        $this->constraint->assert($token);
+    }
+}

+ 11 - 0
api/vendor/lcobucci/jwt/src/Validation/ConstraintViolation.php

@@ -0,0 +1,11 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Validation;
+
+use Lcobucci\JWT\Exception;
+use RuntimeException;
+
+final class ConstraintViolation extends RuntimeException implements Exception
+{
+}

+ 11 - 0
api/vendor/lcobucci/jwt/src/Validation/NoConstraintsGiven.php

@@ -0,0 +1,11 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Validation;
+
+use Lcobucci\JWT\Exception;
+use RuntimeException;
+
+final class NoConstraintsGiven extends RuntimeException implements Exception
+{
+}

+ 46 - 0
api/vendor/lcobucci/jwt/src/Validation/RequiredConstraintsViolated.php

@@ -0,0 +1,46 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Validation;
+
+use Lcobucci\JWT\Exception;
+use RuntimeException;
+
+use function array_map;
+use function implode;
+
+final class RequiredConstraintsViolated extends RuntimeException implements Exception
+{
+    /** @var ConstraintViolation[] */
+    private array $violations = [];
+
+    public static function fromViolations(ConstraintViolation ...$violations): self
+    {
+        $exception             = new self(self::buildMessage($violations));
+        $exception->violations = $violations;
+
+        return $exception;
+    }
+
+    /** @param ConstraintViolation[] $violations */
+    private static function buildMessage(array $violations): string
+    {
+        $violations = array_map(
+            static function (ConstraintViolation $violation): string {
+                return '- ' . $violation->getMessage();
+            },
+            $violations
+        );
+
+        $message  = "The token violates some mandatory constraints, details:\n";
+        $message .= implode("\n", $violations);
+
+        return $message;
+    }
+
+    /** @return ConstraintViolation[] */
+    public function violations(): array
+    {
+        return $this->violations;
+    }
+}

+ 56 - 0
api/vendor/lcobucci/jwt/src/Validation/Validator.php

@@ -0,0 +1,56 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Validation;
+
+use Lcobucci\JWT\Token;
+
+final class Validator implements \Lcobucci\JWT\Validator
+{
+    public function assert(Token $token, Constraint ...$constraints): void
+    {
+        if ($constraints === []) {
+            throw new NoConstraintsGiven('No constraint given.');
+        }
+
+        $violations = [];
+
+        foreach ($constraints as $constraint) {
+            $this->checkConstraint($constraint, $token, $violations);
+        }
+
+        if ($violations) {
+            throw RequiredConstraintsViolated::fromViolations(...$violations);
+        }
+    }
+
+    /** @param ConstraintViolation[] $violations */
+    private function checkConstraint(
+        Constraint $constraint,
+        Token $token,
+        array &$violations
+    ): void {
+        try {
+            $constraint->assert($token);
+        } catch (ConstraintViolation $e) {
+            $violations[] = $e;
+        }
+    }
+
+    public function validate(Token $token, Constraint ...$constraints): bool
+    {
+        if ($constraints === []) {
+            throw new NoConstraintsGiven('No constraint given.');
+        }
+
+        try {
+            foreach ($constraints as $constraint) {
+                $constraint->assert($token);
+            }
+
+            return true;
+        } catch (ConstraintViolation $e) {
+            return false;
+        }
+    }
+}

+ 0 - 129
api/vendor/lcobucci/jwt/src/ValidationData.php

@@ -1,129 +0,0 @@
-<?php
-/**
- * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
- *
- * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
- */
-
-namespace Lcobucci\JWT;
-
-/**
- * Class that wraps validation values
- *
- * @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
- * @since 2.0.0
- */
-class ValidationData
-{
-    /**
-     * The list of things to be validated
-     *
-     * @var array
-     */
-    private $items;
-
-    /**
-     * The leeway (in seconds) to use when validating time claims
-     * @var int
-     */
-    private $leeway;
-
-    /**
-     * Initializes the object
-     *
-     * @param int $currentTime
-     * @param int $leeway
-     */
-    public function __construct($currentTime = null, $leeway = 0)
-    {
-        $currentTime  = $currentTime ?: time();
-        $this->leeway = (int) $leeway;
-
-        $this->items = [
-            'jti' => null,
-            'iss' => null,
-            'aud' => null,
-            'sub' => null
-        ];
-
-        $this->setCurrentTime($currentTime);
-    }
-
-    /**
-     * Configures the id
-     *
-     * @param string $id
-     */
-    public function setId($id)
-    {
-        $this->items['jti'] = (string) $id;
-    }
-
-    /**
-     * Configures the issuer
-     *
-     * @param string $issuer
-     */
-    public function setIssuer($issuer)
-    {
-        $this->items['iss'] = (string) $issuer;
-    }
-
-    /**
-     * Configures the audience
-     *
-     * @param string $audience
-     */
-    public function setAudience($audience)
-    {
-        $this->items['aud'] = (string) $audience;
-    }
-
-    /**
-     * Configures the subject
-     *
-     * @param string $subject
-     */
-    public function setSubject($subject)
-    {
-        $this->items['sub'] = (string) $subject;
-    }
-
-    /**
-     * Configures the time that "iat", "nbf" and "exp" should be based on
-     *
-     * @param int $currentTime
-     */
-    public function setCurrentTime($currentTime)
-    {
-        $currentTime  = (int) $currentTime;
-
-        $this->items['iat'] = $currentTime + $this->leeway;
-        $this->items['nbf'] = $currentTime + $this->leeway;
-        $this->items['exp'] = $currentTime - $this->leeway;
-    }
-
-    /**
-     * Returns the requested item
-     *
-     * @param string $name
-     *
-     * @return mixed
-     */
-    public function get($name)
-    {
-        return isset($this->items[$name]) ? $this->items[$name] : null;
-    }
-
-    /**
-     * Returns if the item is present
-     *
-     * @param string $name
-     *
-     * @return boolean
-     */
-    public function has($name)
-    {
-        return !empty($this->items[$name]);
-    }
-}

+ 20 - 0
api/vendor/lcobucci/jwt/src/Validator.php

@@ -0,0 +1,20 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT;
+
+use Lcobucci\JWT\Validation\Constraint;
+use Lcobucci\JWT\Validation\NoConstraintsGiven;
+use Lcobucci\JWT\Validation\RequiredConstraintsViolated;
+
+interface Validator
+{
+    /**
+     * @throws RequiredConstraintsViolated
+     * @throws NoConstraintsGiven
+     */
+    public function assert(Token $token, Constraint ...$constraints): void;
+
+    /** @throws NoConstraintsGiven */
+    public function validate(Token $token, Constraint ...$constraints): bool;
+}

Някои файлове не бяха показани, защото твърде много файлове са промени