Incorrect version constraint for firebase/php-jwt

[alexandrewavelet]

Hello,

The version constraint for the firebase/php-jwt package is incorrect starting from v5.3.4 and onwards: "firebase/php-jwt": "^5.5|^6.0" should be "firebase/php-jwt": "^6.6"

Because starting from v5.3.4 an stdClass is used as third param of JWT::decode(): https://github.com/packbackbooks/lti-1-3-php-library/blob/v5.3.4/src/LtiMessageLaunch.php#L454-L455

In firebase/php-jwt the third argument is an stdClass as of v6.6.0 (and is either an array in v5.5.X, or does not exists from v6.0.0 to v6.5.0 : https://github.com/firebase/php-jwt/blob/v6.6.0/src/JWT.php

Currently, since the package allows firebase/php-jwt v5.X, we get this error if we upgrade the package without upgrading php-jwt to v6.6.0 at the same time:

TypeError
Firebase\JWT\JWT::decode(): Argument #3 ($allowed_algs) must be of type array, stdClass given, called in /var/task/vendor/packbackbooks/lti-1p3-tool/src/LtiMessageLaunch.php on line 455

Let me know if you need more details! I'm not sure on how to proceed from here, but I can do a PR for the change if you like.

Thanks!

[dbhynds]

Yes, we've also run into issues with the various versions of JWT. I'm planning to put together a major release of this package. As a part of that, I'll make sure change the requirements to "firebase/php-jwt": "^6.6".

[dbhynds]

This will be fixed in v6.0: https://github.com/packbackbooks/lti-1-3-php-library/pull/127