Signer factory deleted !

[absolux]

From a closed issue, the Signer Factory was deleted, for security reasons of course, but i think it still useful for signer creation, so instead of

$signer = new Sha256();
$builder = (new Builder())->sign($signer, 'some key');

we can use a factory

$builder->sign(Factory::create('HS256'), "some key");

for example, it can be helpful when we use a configuration variable to store the signer id, like

$signer = Factory::create(config('jwt.algo'));
...
$builder->sign($signer, "key");

[lcobucci]

Yeap, I deleted this factory because it turned to be useless (and just increase the complexity of this library). The main idea is that you're able to use any IoC technique to create the objects to build your token.

Of course we can provide easier ways to help this configuration process but I just think that it should be in another package. In this way we might have a ServiceProvider for Pimple/Silex, a bundle for Symfony, a module for Zend Framework, etc.

I personally use the Symfony dependency injection component (apart from the fullstack framework) and map my signer in a service using a configuration file. So is really simple to change from HS256 to RS256.

With that we keep this project following the package design principles, in this case the cohesion ones.

[absolux]

I am using your package, in a laravel project, and i'll create a ServiceProvider to handle that.

Thank you.