Closed chalasr closed 2 years ago
Sorry for the delay on checking this. I had to work out why I'd used the assymetric signer for signing and the symmetric signer for decoding. It turns out it was to avoid a breaking change. Long term I want to modify the lib so users can pass their own config but for now, will need to stick with this. Thanks for spotting this
No worries, thanks for tweaking and merging this.
Hi @Sephster, is there a planned release with this fix?
Likely in the next 48 hours 👍
Hey, Here is a forward compatibility layer for lcobucci ^4.2 and specifically this change https://github.com/lcobucci/jwt/pull/833 which forbids creating
InMemory
keys with empty strings. Spotted in https://github.com/thephpleague/oauth2-server-bundle/runs/6077089570?check_suite_focus=true