PSR Clock "null" used!

[fiSCIENCES]

Version(s) affected

11.3.0

Description

Hello,

Can this be fixed soon? PHP Deprecated: Since spomky-labs/otphp 11.3.0: The parameter "$clock" will become mandatory in 12.0.0. Please set a valid PSR Clock implementation instead of "null". in /app/vendor/symfony/deprecation-contracts/function.php on line 25

Thank you.

How to reproduce

$otp = TOTP::createFromSecret($secret)

Possible Solution

No response

Additional Context

No response

[Spomky]

Hi @fiSCIENCES,

It is up to you to decide the clock implementation you want to use ant pass it as an argument. There is nothing to fix right now.

[fiSCIENCES]

OK, can't find doc on how to use it for both call (create and verify).

Thank you.

[Spomky]

Indeed, I missed it.

$clock = ... // Object that implements ClockInterface
$otp = TOTP::createFromSecret($secret, clock: $clock)

[fiSCIENCES]

Doesn't help me enough. Could you provide working exemple? Why null was ok and in release 12 it will not be ok? Default value? Thank you

[Spomky]

The clock object is a simple class that implements the PSR interface. It has a unique method now that returns a DateTime object. See the one used for the tests. https://github.com/Spomky-Labs/otphp/blob/11.4.x/tests/ClockMock.php

null is still valid and is the default value to prevent unwanted behaviors. It just triggers a deprecation notice to warn users that it will be mandatory for the next major release 12 (not tagged at that time).

[Spomky]

Basic clock implementation:

<?php

declare(strict_types=1);

namespace App;

use DateTimeImmutable;
use Psr\Clock\ClockInterface;

final readonly class Clock implements ClockInterface
{
    public function now(): DateTimeImmutable
    {
        return new DateTimeImmutable();
    }
} 

[fiSCIENCES]

Wow, I will wait until release 12.x is out.

Thank you.