Merge pull request #42 from minvws/update-oidc-config

Update OIDC config

Author: ricklambrechts

config/oidc.php

@@ -21,43 +21,54 @@
     'client_secret' => env('OIDC_CLIENT_SECRET', ''),
 
     /**
-     * Configuration for the token authentication.
+     * Configuration for client authentication.
+     *
+     * By default, the client authentication method used is either `client_secret_basic`, `client_secret_post`,
+     * `client_secret_jwt`, or no authentication, depending on provider support.
+     * To use `private_key_jwt` client authentication, configure the options below.
      */
     'client_authentication' => [
+
         /**
-         * When you want to use `private_key_jwt` client authentication then you can specify the path to the private key.
+         * The file path to the private key used for client authentication.
+         * This private key is required for signing the JWT when using `private_key_jwt` client authentication.
+         *
+         * Example: '/path/to/private.key'
          */
         'signing_private_key_path' => env('OIDC_SIGNING_PRIVATE_KEY_PATH'),
 
         /**
-         * When you want to use `private_key_jwt` client authentication then you can specify the signing algorithm.
-         * For a list of supported algorithms see https://tools.ietf.org/html/rfc7518#section-3.1
+         * The signing algorithm used for `private_key_jwt` client authentication.
+         *
+         * Default: 'RS256'
+         * Example Values: 'RS256', 'HS256', 'ES256'
+         * For a list of supported algorithms, see https://tools.ietf.org/html/rfc7518#section-3.1
          */
         'signing_algorithm' => env('OIDC_SIGNING_ALGORITHM', 'RS256'),
 
         /**
-         * When you want to use `private_key_jwt` client authentication then need
-         * to specify the available signature algorithms.
+         * A list of signature algorithms available for use.
+         * This list is used to configure the AlgorithmManager and should include class names.
          *
-         * The input is used for the AlgorithmManager and should be a list of class names.
-         * See https://web-token.spomky-labs.com/the-components/algorithm-management-jwa
+         * For more details, see https://web-token.spomky-labs.com/the-components/algorithm-management-jwa
          */
         'signature_algorithms' => [
             \Jose\Component\Signature\Algorithm\RS256::class,
         ],
 
         /**
-         * Token lifetime in seconds, used to set the expiration time of the JWT.
-         * This is used when you are using `private_key_jwt` client authentication.
+         * The duration (in seconds) for which the token remains valid.
+         * This sets the expiration time of the JWT when using `private_key_jwt` client authentication.
          */
         'token_lifetime_in_seconds' => 60,
+
     ],
 
     /**
-     * Only needed when response of user info endpoint is encrypted.
-     * This is the path to the JWE decryption key.
+     * Path to the private key used to decrypt the JWE response from the user info endpoint.
+     * This is only required when the response from the user info endpoint is encrypted.
      *
-     * You could add multiple decryption key paths comma separated.
+     * Multiple decryption key paths can be specified, separated by commas.
      */
     'decryption_key_path' => env('OIDC_DECRYPTION_KEY_PATH', ''),
 
@@ -75,6 +86,7 @@
      * Configuration Cache
      */
     'configuration_cache' => [
+
         /**
          * The cache store to use.
          */
@@ -84,12 +96,14 @@
          * The cache TTL in seconds.
          */
         'ttl' => env('OIDC_CONFIGURATION_CACHE_TTL', 60 * 60 * 24),
+
     ],
 
     /**
      * Route configuration
      */
     'route_configuration' => [
+
         /**
          * Enable or disable the login route.
          */
@@ -111,6 +125,7 @@
          * The prefix of the login route.
          */
         'prefix' => '',
+
     ],
 
     /**

phpcs.xml

@@ -2,6 +2,8 @@
 <ruleset>
     <arg name="basepath" value="."/>
 
+    <file>./config</file>
+    <file>./routes</file>
     <file>./src</file>
     <file>./tests</file>