Closed cnizzardini closed 2 years ago
Docs currently don't specify ^5.5:
You need to add the lib firebase/php-jwt v5.5 or above to your app to use the JwtAuthenticator.
I also see that there is an open PR to bump firebase/php-jwt to 6.0 and it will be a breaking change...
PR welcome to update the docs for the current version of the plugin.
@ADmad I can do that, what about the conditionally on $keyMaterial
? Too hacky?
As commented in #507 call to JWT::decode()
needs to be updated too for v6 of php-jwt
.
When a user installs firebase via
composer req firebase/php-jwt
they will get 6.0 or higher. This is not compatible with JwtAuthenticator when using JWKS.Reproduce:
composer req --dev firebase/php-jwt:^6.0
composer test
Problem lies here: https://github.com/cakephp/authentication/blob/2.x/src/Authenticator/JwtAuthenticator.php#L181
Solution is simply this:
But that is not compatible with ^5.5
Something like this works but IDK how to test this or if its a good practice...
I guess at the least documentation can get updated, but that is easy to miss...