Added legacy transformation, currently no tests for new JWT structure

Author: SecondeJK

composer.json

@@ -33,7 +33,8 @@
         "johnstevenson/json-works": "~1.1",
         "firebase/php-jwt": "^6.0",
         "guzzlehttp/guzzle": "~6.0|~7.0",
-      "ext-json": "*"
+      "ext-json": "*",
+        "vonage/jwt": "^0.5.1"
     },
     "require-dev": {
         "phpunit/phpunit": "^7.4|^8.0",
@@ -55,5 +56,10 @@
             "OpenTok\\": "src/OpenTok",
             "OpenTokTest\\": "tests/OpenTokTest"
         }
+    },
+    "config": {
+        "allow-plugins": {
+            "php-http/discovery": true
+        }
     }
 }

sample/Archiving/README.md

@@ -56,7 +56,7 @@ $app->get('/host', function () use ($app, $sessionId) {
 
     $token = $app->opentok->generateToken($sessionId, array(
         'role' => Role::MODERATOR
-    ));
+    ), true);
 
     $app->render('host.html', array(
         'apiKey' => $app->apiKey,

src/OpenTok/OpenTok.php

@@ -6,6 +6,7 @@
 use OpenTok\Util\Validators;
 use OpenTok\Exception\InvalidArgumentException;
 use OpenTok\Exception\UnexpectedValueException;
+use Vonage\JWT\TokenGenerator;
 
 /**
 * Contains methods for creating OpenTok sessions, generating tokens, and working with archives.
@@ -19,7 +20,6 @@
 */
 class OpenTok
 {
-
     /** @internal */
     private $apiKey;
     /** @internal */
@@ -104,11 +104,37 @@ public function __construct($apiKey, $apiSecret, $options = array())
      *
      * </ul>
      *
+     * @param bool $legacy By default, OpenTok uses SHA256 JWTs for authentication. Switching
+     * legacy to true will create a deprecated T1 token for backwards compatibility.
+     *
      * @return string The token string.
      */
-    public function generateToken($sessionId, $options = array())
+    public function generateToken($sessionId, $options = array(), $legacy = false)
+    {
+        if ($legacy) {
+            return $this->returnLegacyToken($sessionId, $options);
+        }
+
+        $defaults = [
+            'sessionId' => $sessionId,
+            'role' => Role::PUBLISHER,
+            'exp' => null,
+            'data' => null,
+            'initialLayoutClassList' => [''],
+        ];
+
+        $options = array_merge($defaults, array_intersect_key($options, $defaults));
+
+        $generator = new TokenGenerator($this->apiKey, $this->apiSecret);
+        foreach ($options as $key => $value) {
+            $generator->addClaim($key, $value);
+        }
+
+        return $generator->generate();
+    }
+
+    private function returnLegacyToken(string $sessionId, array $options = []): string
     {
-        // unpack optional arguments (merging with default values) into named variables
         $defaults = array(
             'role' => Role::PUBLISHER,
             'expireTime' => null,
@@ -237,7 +263,6 @@ public function createSession($options = array())
         }
 
         if (array_key_exists('e2ee', $options) && $options['e2ee']) {
-
             if (array_key_exists('mediaMode', $options) && $options['mediaMode'] !== MediaMode::ROUTED) {
                 throw new InvalidArgumentException('MediaMode must be routed in order to enable E2EE');
             }
@@ -875,13 +900,13 @@ public function startBroadcast(string $sessionId, array $options = []): Broadcas
             Validators::validateResolution($options['resolution']);
         }
 
-	    if (isset($options['outputs']['hls'])) {
-		    Validators::validateBroadcastOutputOptions($options['outputs']['hls']);
-	    }
+        if (isset($options['outputs']['hls'])) {
+            Validators::validateBroadcastOutputOptions($options['outputs']['hls']);
+        }
 
-		if (isset($options['outputs']['rtmp'])) {
-			Validators::validateRtmpStreams($options['outputs']['rtmp']);
-		}
+        if (isset($options['outputs']['rtmp'])) {
+            Validators::validateRtmpStreams($options['outputs']['rtmp']);
+        }
 
         $defaults = [
             'layout' => Layout::getBestFit(),
@@ -890,11 +915,11 @@ public function startBroadcast(string $sessionId, array $options = []): Broadcas
             'streamMode' => 'auto',
             'resolution' => '640x480',
             'maxBitRate' => 2000000,
-	        'outputs' => [
-				'hls' => [
-	                'dvr' => false,
-					'lowLatency' => false
-				]
+            'outputs' => [
+                'hls' => [
+                    'dvr' => false,
+                    'lowLatency' => false
+                ]
             ]
         ];
 
@@ -1306,8 +1331,7 @@ public function startCaptions(
         ?int $maxDuration = null,
         ?bool $partialCaptions = null,
         ?string $statusCallbackUrl = null
-    ): array
-    {
+    ): array {
         return $this->client->startCaptions(
             $sessionId,
             $token,

src/OpenTok/Session.php

@@ -154,9 +154,9 @@ public function __toString()
      *
      * @return string The token string.
      */
-    public function generateToken($options = array())
+    public function generateToken($options = array(), bool $legacy = false)
     {
-        return $this->opentok->generateToken($this->sessionId, $options);
+        return $this->opentok->generateToken($this->sessionId, $options, $legacy);
     }
 
     /**

tests/OpenTokTest/OpenTokTest.php

@@ -582,7 +582,7 @@ public function testGeneratesToken(): void
         $opentok = new OpenTok($bogusApiKey, $bogusApiSecret);
 
         // Act
-        $token = $opentok->generateToken($sessionId);
+        $token = $opentok->generateToken($sessionId, [], true);
 
         // Assert
         $this->assertIsString($token);
@@ -613,7 +613,7 @@ public function testGeneratesTokenWithRole(): void
         $opentok = new OpenTok($bogusApiKey, $bogusApiSecret);
 
         // Act
-        $token = $opentok->generateToken($sessionId, array('role' => Role::MODERATOR));
+        $token = $opentok->generateToken($sessionId, array('role' => Role::MODERATOR), true);
 
         // Assert
         $this->assertIsString($token);
@@ -645,7 +645,7 @@ public function testGeneratesTokenWithExpireTime(): void
         // Act
         // expires in one hour (60 seconds * 60 minutes)
         $inOneHour = time() + (60 * 60);
-        $token = $opentok->generateToken($sessionId, array('expireTime' => $inOneHour ));
+        $token = $opentok->generateToken($sessionId, array('expireTime' => $inOneHour ), true);
 
         // Assert
         $this->assertIsString($token);
@@ -675,7 +675,7 @@ public function testGeneratesTokenWithData(): void
 
         // Act
         $userStatus = '{nick:"johnny",status:"hey there fellas!"}';
-        $token = $opentok->generateToken($sessionId, array('data' => $userStatus ));
+        $token = $opentok->generateToken($sessionId, array('data' => $userStatus), true);
 
         // Assert
         $this->assertIsString($token);
@@ -712,7 +712,7 @@ public function testGeneratesTokenWithInitialLayoutClassList(): void
         // Act
         $token = $opentok->generateToken($sessionId, array(
             'initialLayoutClassList' => $initialLayouClassList
-        ));
+        ), true);
 
         // Assert
         $this->assertIsString($token);
@@ -737,7 +737,7 @@ public function testFailsWhenGeneratingTokenUsingInvalidRole(): void
     {
         $this->expectException('InvalidArgumentException');
         $this->setupOT();
-        $token = $this->opentok->generateToken('SESSIONID', array('role' => 'notarole'));
+        $token = $this->opentok->generateToken('SESSIONID', array('role' => 'notarole'), true);
     }
 
     public function testStartsArchive(): void

tests/OpenTokTest/SessionTest.php

@@ -156,7 +156,7 @@ public function testGeneratesToken()
         $opentok = new OpenTok($bogusApiKey, $bogusApiSecret);
         $session = new Session($opentok, $sessionId);
 
-        $token = $session->generateToken();
+        $token = $session->generateToken([], true);
 
         $this->assertIsString($token);
         $decodedToken = TestHelpers::decodeToken($token);