search

simplesamlphp / simplesamlphp-module-oidc

A SimpleSAMLphp module for OIDC OP support.
Other
45 stars 22 forks source link

Use InMemory::empty #186

Closed pkoenig10 closed 2 years ago

pkoenig10 commented 2 years ago

The change in https://github.com/lcobucci/jwt/pull/833 is causing failures in the UserInfo endpoint. On versions of lcobucci/jwt 4.2.0 and above it is no longer valid to call InMemory::plainText with an empty string.

Here is an example of the errors this causes:

Lcobucci\\JWT\\Signer\\InvalidKeyProvided: Key cannot be empty
Backtrace:
12 /var/simplesamlphp/vendor/lcobucci/jwt/src/Signer/InvalidKeyProvided.php:34 (Lcobucci\\JWT\\Signer\\InvalidKeyProvided::cannotBeEmpty)
11 /var/simplesamlphp/vendor/lcobucci/jwt/src/Signer/Key/InMemory.php:25 (Lcobucci\\JWT\\Signer\\Key\\InMemory::__construct)
10 /var/simplesamlphp/vendor/lcobucci/jwt/src/Signer/Key/InMemory.php:44 (Lcobucci\\JWT\\Signer\\Key\\InMemory::plainText)
9 /var/simplesamlphp/modules/oidc/lib/Server/Validators/BearerTokenValidator.php:66 (SimpleSAML\\Module\\oidc\\Server\\Validators\\BearerTokenValidator::initJwtConfiguration)
8 /var/simplesamlphp/modules/oidc/lib/Server/Validators/BearerTokenValidator.php:56 (SimpleSAML\\Module\\oidc\\Server\\Validators\\BearerTokenValidator::setPublicKey)
7 /var/simplesamlphp/vendor/league/oauth2-server/src/ResourceServer.php:67 (League\\OAuth2\\Server\\ResourceServer::getAuthorizationValidator)
6 /var/simplesamlphp/vendor/league/oauth2-server/src/ResourceServer.php:84 (League\\OAuth2\\Server\\ResourceServer::validateAuthenticatedRequest)
5 /var/simplesamlphp/modules/oidc/lib/Controller/OpenIdConnectUserInfoController.php:80 (SimpleSAML\\Module\\oidc\\Controller\\OpenIdConnectUserInfoController::__invoke)
4 /var/simplesamlphp/modules/oidc/lib/Services/RoutingService.php:76 (SimpleSAML\\Module\\oidc\\Services\\RoutingService::callController)
3 /var/simplesamlphp/modules/oidc/lib/Services/RoutingService.php:50 (SimpleSAML\\Module\\oidc\\Services\\RoutingService::call)
2 /var/simplesamlphp/modules/oidc/www/userinfo.php:18 (require)
1 /var/simplesamlphp/lib/SimpleSAML/Module.php:266 (SimpleSAML\\Module::process)
0 /var/simplesamlphp/www/module.php:10 (N/A)
codecov[bot] commented 2 years ago

Codecov Report

Merging #186 (9967caf) into master (7cba72f) will not change coverage. The diff coverage is 100.00%.

@@            Coverage Diff            @@
##             master     #186   +/-   ##
=========================================
  Coverage     38.83%   38.83%           
  Complexity      855      855           
=========================================
  Files           105      105           
  Lines          2951     2951           
=========================================
  Hits           1146     1146           
  Misses         1805     1805
Impacted Files Coverage Δ
lib/Server/Validators/BearerTokenValidator.php 100.00% <100.00%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

cicnavi commented 2 years ago

Thanks @pkoenig10 !