Merge pull request #80 from google/support-both-firebase-jwt-versions

supports both firebase jwt versions
googleapis · Nov 3, 2015 · b2d0e7b · b2d0e7b
2 parents 5548ca0 + efb1ae0
commit b2d0e7b
Show file tree

Hide file tree

Showing 4 changed files with 54 additions and 10 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -8,8 +8,13 @@ php:
   - 5.6
   - hhvm
 
+env:
+  - FIREBASE_JWT_VERSION=2.0.0
+  - FIREBASE_JWT_VERSION=3.0.0
+
 before_script:
   - composer install
+  - composer require firebase/php-jwt:$FIREBASE_JWT_VERSION
 
 script:
   - vendor/bin/phpunit

diff --git a/composer.json b/composer.json
@@ -6,7 +6,7 @@
   "homepage": "http://github.com/google/google-auth-library-php",
   "license": "Apache-2.0",
   "require": {
-    "firebase/php-jwt": "3.0.0",
+    "firebase/php-jwt": "~2.0|~3.0",
     "guzzlehttp/guzzle": "5.2.*",
     "php": ">=5.4"
   },

diff --git a/src/OAuth2.php b/src/OAuth2.php
@@ -23,7 +23,6 @@
 use GuzzleHttp\Query;
 use GuzzleHttp\Message\ResponseInterface;
 use GuzzleHttp\Url;
-use Firebase\JWT\JWT;
 
 /**
  * OAuth2 supports authentication by OAuth2 2-legged flows.
@@ -306,7 +305,7 @@ public function verifyIdToken($publicKey = null, $allowed_algs = array())
       return null;
     }
 
-    $resp = JWT::decode($idToken, $publicKey, $allowed_algs);
+    $resp = $this->jwtDecode($idToken, $publicKey, $allowed_algs);
     if (!property_exists($resp, 'aud')) {
       throw new \DomainException('No audience found the id token');
     }
@@ -356,7 +355,7 @@ public function toJwt(array $config = null)
     if (!(is_null($this->getSub()))) {
       $assertion['sub'] = $this->getSub();
     }
-    return JWT::encode($assertion, $this->getSigningKey(),
+    return $this->jwtEncode($assertion, $this->getSigningKey(),
                        $this->getSigningAlgorithm());
   }
 
@@ -1072,6 +1071,25 @@ private function coerceUri($uri)
     }
   }
 
+  private function jwtDecode($idToken, $publicKey, $allowedAlgs)
+  {
+    if (class_exists('Firebase\JWT\JWT')) {
+      return \Firebase\JWT\JWT::decode($idToken, $publicKey, $allowedAlgs);
+    }
+
+    return \JWT::decode($idToken, $publicKey, $allowedAlgs);
+  }
+
+  private function jwtEncode($assertion, $signingKey, $signingAlgorithm)
+  {
+    if (class_exists('Firebase\JWT\JWT')) {
+      return \Firebase\JWT\JWT::encode($assertion, $signingKey,
+                       $signingAlgorithm);
+    }
+
+    return \JWT::encode($assertion, $signingKey, $signingAlgorithm);
+  }
+
   /**
    * Determines if the URI is absolute based on its scheme and host or path
    * (RFC 3986)

diff --git a/tests/OAuth2Test.php b/tests/OAuth2Test.php
@@ -23,7 +23,6 @@
 use GuzzleHttp\Stream\Stream;
 use GuzzleHttp\Subscriber\Mock;
 use GuzzleHttp\Url;
-use Firebase\JWT\JWT;
 
 class OAuth2AuthorizationUriTest extends \PHPUnit_Framework_TestCase
 {
@@ -425,7 +424,7 @@ public function testCanHS256EncodeAValidPayload()
     $testConfig = $this->signingMinimal;
     $o = new OAuth2($testConfig);
     $payload = $o->toJwt();
-    $roundTrip = JWT::decode($payload, $testConfig['signingKey'], array('HS256')) ;
+    $roundTrip = $this->jwtDecode($payload, $testConfig['signingKey'], array('HS256')) ;
     $this->assertEquals($roundTrip->iss, $testConfig['issuer']);
     $this->assertEquals($roundTrip->aud, $testConfig['audience']);
     $this->assertEquals($roundTrip->scope, $testConfig['scope']);
@@ -440,11 +439,22 @@ public function testCanRS256EncodeAValidPayload()
     $o->setSigningAlgorithm('RS256');
     $o->setSigningKey($privateKey);
     $payload = $o->toJwt();
-    $roundTrip = JWT::decode($payload, $publicKey, array('RS256')) ;
+    $roundTrip = $this->jwtDecode($payload, $publicKey, array('RS256')) ;
     $this->assertEquals($roundTrip->iss, $testConfig['issuer']);
     $this->assertEquals($roundTrip->aud, $testConfig['audience']);
     $this->assertEquals($roundTrip->scope, $testConfig['scope']);
   }
+
+  private function jwtDecode()
+  {
+    $args = func_get_args();
+    $class = 'JWT';
+    if (class_exists('Firebase\JWT\JWT')) {
+      $class = 'Firebase\JWT\JWT';
+    }
+
+    return call_user_func_array("$class::decode", $args);
+  }
 }
 
 class OAuth2GenerateAccessTokenRequestTest extends \PHPUnit_Framework_TestCase
@@ -757,7 +767,7 @@ public function testFailsIfAudienceIsMissing()
         'iat' => $now,
     ];
     $o = new OAuth2($testConfig);
-    $jwtIdToken = JWT::encode($origIdToken, $this->privateKey, 'RS256');
+    $jwtIdToken = $this->jwtEncode($origIdToken, $this->privateKey, 'RS256');
     $o->setIdToken($jwtIdToken);
     $o->verifyIdToken($this->publicKey);
   }
@@ -776,7 +786,7 @@ public function testFailsIfAudienceIsWrong()
         'iat' => $now,
     ];
     $o = new OAuth2($testConfig);
-    $jwtIdToken = JWT::encode($origIdToken, $this->privateKey, 'RS256');
+    $jwtIdToken = $this->jwtEncode($origIdToken, $this->privateKey, 'RS256');
     $o->setIdToken($jwtIdToken);
     $o->verifyIdToken($this->publicKey);
   }
@@ -793,9 +803,20 @@ public function testShouldReturnAValidIdToken()
     ];
     $o = new OAuth2($testConfig);
     $alg = 'RS256';
-    $jwtIdToken = JWT::encode($origIdToken, $this->privateKey, $alg);
+    $jwtIdToken = $this->jwtEncode($origIdToken, $this->privateKey, $alg);
     $o->setIdToken($jwtIdToken);
     $roundTrip = $o->verifyIdToken($this->publicKey, array($alg));
     $this->assertEquals($origIdToken['aud'], $roundTrip->aud);
   }
+
+  private function jwtEncode()
+  {
+    $args = func_get_args();
+    $class = 'JWT';
+    if (class_exists('Firebase\JWT\JWT')) {
+      $class = 'Firebase\JWT\JWT';
+    }
+
+    return call_user_func_array("$class::encode", $args);
+  }
 }