feat: add support for encrypted signers ( passphrase ) (#65)

Signed-off-by: azjezz <[email protected]>

Author: azjezz

composer.json

@@ -21,7 +21,7 @@
         "symfony/config": "^4.4|^5.0|^6.0",
         "symfony/dependency-injection": "^4.4|^5.0|^6.0",
         "symfony/http-kernel": "^4.4|^5.0|^6.0",
-        "symfony/mercure": "^0.5.3|^0.6",
+        "symfony/mercure": "^0.6.1",
         "symfony/web-link": "^4.4|^5.0|^6.0"
     },
     "autoload": {

src/DataCollector/MercureDataCollector.php

@@ -21,10 +21,13 @@
 
 final class MercureDataCollector extends DataCollector
 {
+    /**
+     * @var iterable<TraceablePublisher|TraceableHub>
+     */
     private $hubs;
 
     /**
-     * @var TraceablePublisher[]|TraceableHub[]
+     * @param iterable<TraceablePublisher|TraceableHub> $hubs
      */
     public function __construct(iterable $hubs)
     {

src/DependencyInjection/Configuration.php

@@ -65,6 +65,7 @@ public function getConfigTreeBuilder(): TreeBuilder
                                                 ->info('A list of topics to allow subscribing to when using the given factory to generate the JWT.')
                                             ->end()
                                             ->scalarNode('secret')->info('The JWT Secret to use.')->example('!ChangeMe!')->end()
+                                            ->scalarNode('passphrase')->info('The JWT secret passphrase.')->defaultValue('')->end()
                                             ->scalarNode('algorithm')->info('The algorithm to use to sign the JWT')->defaultValue('hmac.sha256')->end()
                                         ->end()
                                 ->end()

src/DependencyInjection/MercureExtension.php

@@ -107,6 +107,8 @@ public function load(array $configs, ContainerBuilder $container)
                         $container->register($tokenFactory, LcobucciFactory::class)
                             ->addArgument($hub['jwt']['secret'])
                             ->addArgument($hub['jwt']['algorithm'])
+                            ->addArgument(null)
+                            ->addArgument($hub['jwt']['passphrase'])
                             ->addTag('mercure.jwt.factory')
                         ;
                     }
@@ -286,6 +288,7 @@ private function deprecate($definition, string $message): void
         if (class_exists(AliasDeprecatedPublicServicesPass::class)) {
             $definition->setDeprecated('symfony/mercure-bundle', '0.2', $message);
         } else {
+            /* @phpstan-ignore-next-line */
             $definition->setDeprecated(true, $message);
         }
     }

tests/DependencyInjection/MercureExtensionTest.php

@@ -80,6 +80,16 @@ public function testExtension(): void
                             'subscribe' => 'https://example.com/book/1.jsonld',
                         ],
                     ],
+                    'managed2' => [
+                        'url' => 'https://demo.mercure.rocks/managed',
+                        'jwt' => [
+                            'secret' => '!ChangeMe!',
+                            'algorithm' => 'rsa.sha512',
+                            'passphrase' => 'test',
+                            'publish' => ['*'],
+                            'subscribe' => 'https://example.com/book/1.jsonld',
+                        ],
+                    ],
                 ],
             ],
         ];
@@ -110,6 +120,31 @@ public function testExtension(): void
         $this->assertArrayHasKey('Symfony\Component\Mercure\Jwt\TokenProviderInterface $managedTokenProvider', $container->getAliases());
         $this->assertArrayHasKey('Symfony\Component\Mercure\Jwt\TokenFactoryInterface $managedTokenFactory', $container->getAliases());
 
+        $this->assertTrue($container->hasDefinition('mercure.hub.managed2')); // Hub instance
+        $this->assertTrue($container->hasDefinition('mercure.hub.managed2.publisher')); // Publisher
+        $this->assertTrue($container->hasDefinition('mercure.hub.managed2.jwt.provider'));
+        $this->assertTrue($container->hasDefinition('mercure.hub.managed2.jwt.factory'));
+        $this->assertArrayHasKey('mercure.publisher', $container->getDefinition('mercure.hub.managed2.publisher')->getTags());
+        $this->assertSame($config['mercure']['hubs']['managed2']['url'], $container->getDefinition('mercure.hub.managed2')->getArgument(0));
+        $this->assertSame($config['mercure']['hubs']['managed2']['jwt']['secret'], $container->getDefinition('mercure.hub.managed2.jwt.factory')->getArgument(0));
+        $this->assertSame($config['mercure']['hubs']['managed2']['jwt']['algorithm'], $container->getDefinition('mercure.hub.managed2.jwt.factory')->getArgument(1));
+        $this->assertSame($config['mercure']['hubs']['managed2']['jwt']['passphrase'], $container->getDefinition('mercure.hub.managed2.jwt.factory')->getArgument(3));
+        $this->assertSame([$config['mercure']['hubs']['managed2']['jwt']['subscribe']], $container->getDefinition('mercure.hub.managed2.jwt.provider')->getArgument(1));
+        $this->assertSame($config['mercure']['hubs']['managed2']['jwt']['publish'], $container->getDefinition('mercure.hub.managed2.jwt.provider')->getArgument(2));
+
+        $this->assertArrayHasKey('Symfony\Component\Mercure\HubInterface $managed2', $container->getAliases());
+        $this->assertArrayHasKey('Symfony\Component\Mercure\PublisherInterface $managed2', $container->getAliases());
+        $this->assertArrayHasKey('Symfony\Component\Mercure\Jwt\TokenProviderInterface $managed2', $container->getAliases());
+        $this->assertArrayHasKey('Symfony\Component\Mercure\Jwt\TokenFactoryInterface $managed2', $container->getAliases());
+
+        $this->assertArrayHasKey('Symfony\Component\Mercure\HubInterface $managed2Hub', $container->getAliases());
+        $this->assertArrayHasKey('Symfony\Component\Mercure\PublisherInterface $managed2Publisher', $container->getAliases());
+        $this->assertArrayHasKey('Symfony\Component\Mercure\Jwt\TokenProviderInterface $managed2Provider', $container->getAliases());
+        $this->assertArrayHasKey('Symfony\Component\Mercure\Jwt\TokenFactoryInterface $managed2Factory', $container->getAliases());
+
+        $this->assertArrayHasKey('Symfony\Component\Mercure\Jwt\TokenProviderInterface $managed2TokenProvider', $container->getAliases());
+        $this->assertArrayHasKey('Symfony\Component\Mercure\Jwt\TokenFactoryInterface $managed2TokenFactory', $container->getAliases());
+
         $this->assertTrue($container->hasDefinition('mercure.hub.demo')); // Hub instance
         $this->assertTrue($container->hasDefinition('mercure.hub.demo.publisher')); // Publisher
         $this->assertTrue($container->hasDefinition('mercure.hub.demo.jwt.provider'));