Merge pull request #175 from oojacoboo/php8.4

PHP 8.4 Support
paragonie · Jan 29, 2025 · 2a69032 · 2a69032
2 parents abecd5a + af4247a
commit 2a69032
Show file tree

Hide file tree

Showing 27 changed files with 208 additions and 145 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -13,7 +13,7 @@ jobs:
     strategy:
       matrix:
         operating-system: ['ubuntu-latest']
-        php-versions: ['8.1', '8.2', '8.3']
+        php-versions: ['8.1', '8.2', '8.3', '8.4']
         phpunit-versions: ['latest']
     steps:
       - name: Checkout

diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,4 @@
 /.idea
+/.phpunit.result.cache
 /composer.lock
 /vendor
diff --git a/composer.json b/composer.json
@@ -30,8 +30,8 @@
     "paragonie/sodium_compat": "^1|^2"
   },
   "require-dev": {
-    "phpunit/phpunit": "^9",
-    "vimeo/psalm": "^4|^5"
+    "phpunit/phpunit": "^10",
+    "vimeo/psalm": "dev-master"
   },
   "scripts": {
     "full-test": [

diff --git a/docs/Features.md b/docs/Features.md
@@ -42,7 +42,7 @@ the fact that the header is always authenticated, and the suffix exists in the h
 
 ## Specifying Version and Purpose
 
-In PASETO, the Version and Purpose are a part of the cryptographic material's identity 
+In PASETO, the Version and Purpose are a part of the cryptographic material's identity
 (not just its raw bytes). That means that each key can be used with at most one of the
 8 combinations of version and purpose.
 
@@ -65,7 +65,7 @@ PASETO tokens typically have this format:
 
     [version].[purpose].[data]
 
-However, it's possible to append optional data to the end of a PASETO, which will also be 
+However, it's possible to append optional data to the end of a PASETO, which will also be
 authenticated. This yields the following format:
 
     [version].[purpose].[data].[footer]
@@ -98,7 +98,7 @@ use ParagonIE\Paseto\Keys\Base\SymmetricKey;use ParagonIE\Paseto\Parser;use Para
 /** @var SymmetricKey $key */
 $parser = Parser::getLocal($key)
     ->addRule(
-        (new FooterJSON())
+        new FooterJSON
             ->setMaxLength(1024) // Maximum length of JSON payload in footer
             ->setMaxKeys(16)     // Maximum number of object keys
             ->setMaxDepth(3)     // Recursive depth to JSON structure
@@ -117,7 +117,8 @@ You can set the implicit assertions in the Builder...
 
 ```php
 <?php
-use ParagonIE\Paseto\Builder;use ParagonIE\Paseto\Keys\Base\SymmetricKey;
+use ParagonIE\Paseto\Builder;
+use ParagonIE\Paseto\Keys\Base\SymmetricKey;
 
 /** @var SymmetricKey $key */
 $builder = Builder::getLocal($key)

diff --git a/docs/README.md b/docs/README.md
@@ -2,9 +2,9 @@
 
 If you're not already familiar with PASETO, you can learn more about its features
 [here](Features.md). If you were using an older version of PASETO, the
-[migration guide](Migration.md) is worth a read. 
+[migration guide](Migration.md) is worth a read.
 
-Most of the supporting documentation has been moved to the 
+Most of the supporting documentation has been moved to the
 [PASETO specification](https://github.com/paseto-standard/paseto-spec) repository.
 
 ## How to use the PHP library
@@ -69,7 +69,7 @@ use ParagonIE\Paseto\Keys\Base\SymmetricKey;use ParagonIE\Paseto\Protocol\Versio
  * We assume the same key $sharedKey was used from above.
  * @var SymmetricKey $sharedKey
  */
- 
+
 $token = Version4::sign('some arbitrary data', $sharedKey);
 ```
 
@@ -129,7 +129,7 @@ $parser = Parser::getLocal($sharedKey, ProtocolCollection::v4())
     ->addRule(new IssuedBy('issuer defined during creation'));
 
 // This is the same as:
-$parser = (new Parser())
+$parser = new Parser
     ->setKey($sharedKey)
     // Adding rules to be checked against the token
     ->addRule(new ValidAt)
@@ -168,13 +168,13 @@ use ParagonIE\Paseto\Keys\Base\AsymmetricPublicKey;use ParagonIE\Paseto\Keys\Bas
  * @var AsymmetricPublicKey $pk1
  * @var AsymmetricPublicKey $pk2
  */
-$keyring = (new ReceivingKeyRing())
+$keyring = new ReceivingKeyRing
     ->setVersion(new Version4)
     ->setPurpose(Purpose::public())
     ->addKey('gandalf0', $pk1)
     ->addKey('legolas1', $pk2);
 
-$otherKeyring = (new ReceivingKeyRing())
+$otherKeyring = new ReceivingKeyRing
     ->setVersion(new Version4)
     ->setPurpose(Purpose::local())
     ->addKey('boromir2', $localKey);

diff --git a/src/Builder.php b/src/Builder.php
@@ -50,9 +50,9 @@ class Builder extends PasetoBase
      * @throws PasetoException
      */
     public function __construct(
-        JsonToken $baseToken = null,
-        ProtocolInterface $protocol = null,
-        SendingKey $key = null
+        ?JsonToken $baseToken = null,
+        ?ProtocolInterface $protocol = null,
+        ?SendingKey $key = null
     ) {
         if (!$baseToken) {
             $baseToken = new JsonToken();
@@ -176,8 +176,8 @@ public function getImplicitAssertions(): array
      */
     public static function getLocal(
         SymmetricKey $key,
-        ProtocolInterface $version = null,
-        JsonToken $baseToken = null
+        ?ProtocolInterface $version = null,
+        ?JsonToken $baseToken = null
     ): self {
         if (!$version) {
             $version = $key->getProtocol();
@@ -202,8 +202,8 @@ public static function getLocal(
      */
     public static function getLocalWithKeyRing(
         SendingKeyRing    $key,
-        ProtocolInterface $version = null,
-        JsonToken         $baseToken = null
+        ?ProtocolInterface $version = null,
+        ?JsonToken         $baseToken = null
     ): self {
         if (!$version) {
             $version = $key->getProtocol();
@@ -228,8 +228,8 @@ public static function getLocalWithKeyRing(
      */
     public static function getPublic(
         AsymmetricSecretKey $key,
-        ProtocolInterface $version = null,
-        JsonToken $baseToken = null
+        ?ProtocolInterface $version = null,
+        ?JsonToken $baseToken = null
     ): self {
         if (!$version) {
             $version = $key->getProtocol();
@@ -254,8 +254,8 @@ public static function getPublic(
      */
     public static function getPublicWithKeyRing(
         SendingKeyRing    $key,
-        ProtocolInterface $version = null,
-        JsonToken         $baseToken = null
+        ?ProtocolInterface $version = null,
+        ?JsonToken         $baseToken = null
     ): self {
         if (!$version) {
             $version = $key->getProtocol();
@@ -308,7 +308,7 @@ public function setAudience(string $aud): self
      * @param DateTimeInterface|null $time
      * @return self
      */
-    public function setExpiration(DateTimeInterface $time = null): self
+    public function setExpiration(?DateTimeInterface $time = null): self
     {
         if (!$time) {
             $time = new DateTime('NOW');
@@ -348,7 +348,7 @@ public function setImplicitAssertions(array $assertions): self
      * @param DateTimeInterface|null $time
      * @return self
      */
-    public function setIssuedAt(DateTimeInterface $time = null): self
+    public function setIssuedAt(?DateTimeInterface $time = null): self
     {
         if (!$time) {
             $time = new DateTime('NOW');
@@ -384,7 +384,7 @@ public function setJti(string $id): self
      * @param DateTimeInterface|null $time
      * @return self
      */
-    public function setNotBefore(DateTimeInterface $time = null): self
+    public function setNotBefore(?DateTimeInterface $time = null): self
     {
         if (!$time) {
             $time = new DateTime('NOW');
@@ -569,7 +569,7 @@ public function setJsonToken(JsonToken $token): self
      *
      * @return self
      */
-    public function setVersion(ProtocolInterface $version = null): self
+    public function setVersion(?ProtocolInterface $version = null): self
     {
         if (!$version) {
             $version = new Version4();
@@ -615,6 +615,7 @@ public function toString(): string
                 ->format(DateTime::ATOM);
         }
         $claims = json_encode($claimsArray, JSON_FORCE_OBJECT);
+        assert(is_string($claims));
         $protocol = $this->version;
         ProtocolCollection::throwIfUnsupported($protocol);
 
@@ -716,7 +717,7 @@ public function withClaims(array $claims): self
      * @param DateTimeInterface|null $time
      * @return self
      */
-    public function withExpiration(DateTimeInterface $time = null): self
+    public function withExpiration(?DateTimeInterface $time = null): self
     {
         return (clone $this)->setExpiration($time);
     }
@@ -765,7 +766,7 @@ public function withImplicitAssertions(array $implicit): self
      * @param DateTimeInterface|null $time
      * @return self
      */
-    public function withIssuedAt(DateTimeInterface $time = null): self
+    public function withIssuedAt(?DateTimeInterface $time = null): self
     {
         return (clone $this)->setIssuedAt($time);
     }
@@ -798,7 +799,7 @@ public function withJti(string $id): self
      * @param DateTimeInterface|null $time
      * @return self
      */
-    public function withNotBefore(DateTimeInterface $time = null): self
+    public function withNotBefore(?DateTimeInterface $time = null): self
     {
         return (clone $this)->setNotBefore($time);
     }

diff --git a/src/Exception/PasetoException.php b/src/Exception/PasetoException.php
@@ -7,6 +7,7 @@
 
 /**
  * Class PasetoException
+ * 
  * @package ParagonIE\Paseto\Exception
  */
 class PasetoException extends Exception
@@ -16,7 +17,7 @@ class PasetoException extends Exception
      * @param int $code
      * @param Throwable|null $previous
      */
-    public function __construct($message = "", $code = 0, Throwable $previous = null)
+    public function __construct($message = "", $code = 0, ?Throwable $previous = null)
     {
         parent::__construct($message, $code, $previous);
         $this->setHelpfulMessage(ExceptionCode::explainErrorCode($code));

diff --git a/src/JsonToken.php b/src/JsonToken.php
@@ -197,7 +197,7 @@ public function has(string $claim): bool
     {
         return array_key_exists($claim, $this->claims);
     }
-    
+
     /**
      * Set a claim to an arbitrary value.
      *
@@ -241,7 +241,7 @@ public function setClaims(array $claims): self
      * @param DateTimeInterface|null $time
      * @return self
      */
-    public function setExpiration(DateTimeInterface $time = null): self
+    public function setExpiration(?DateTimeInterface $time = null): self
     {
         if (!$time) {
             $time = new DateTime('NOW');
@@ -287,7 +287,7 @@ public function setFooterArray(array $footer = []): self
      * @param DateTimeInterface|null $time
      * @return self
      */
-    public function setIssuedAt(DateTimeInterface $time = null): self
+    public function setIssuedAt(?DateTimeInterface $time = null): self
     {
         if (!$time) {
             $time = new DateTime('NOW');
@@ -326,7 +326,7 @@ public function setJti(string $id): self
      * @param DateTimeInterface|null $time
      * @return self
      */
-    public function setNotBefore(DateTimeInterface $time = null): self
+    public function setNotBefore(?DateTimeInterface $time = null): self
     {
         if (!$time) {
             $time = new DateTime('NOW');
@@ -387,7 +387,7 @@ public function withClaims(array $claims): self
      * @param DateTimeInterface|null $time
      * @return self
      */
-    public function withExpiration(DateTimeInterface $time = null): self
+    public function withExpiration(?DateTimeInterface $time = null): self
     {
         return (clone $this)->setExpiration($time);
     }
@@ -422,7 +422,7 @@ public function withFooterArray(array $footer = []): self
      * @param DateTimeInterface|null $time
      * @return self
      */
-    public function withIssuedAt(DateTimeInterface $time = null): self
+    public function withIssuedAt(?DateTimeInterface $time = null): self
     {
         return (clone $this)->setIssuedAt($time);
     }
@@ -455,7 +455,7 @@ public function withJti(string $id): self
      * @param DateTimeInterface|null $time
      * @return self
      */
-    public function withNotBefore(DateTimeInterface $time = null): self
+    public function withNotBefore(?DateTimeInterface $time = null): self
     {
         return (clone $this)->setNotBefore($time);
     }

diff --git a/src/Keys/AsymmetricSecretKey.php b/src/Keys/AsymmetricSecretKey.php
@@ -23,7 +23,7 @@ class AsymmetricSecretKey extends BaseAsymmetricSecretKey
 {
     public function __construct(
         string $keyData,
-        ProtocolInterface $protocol = null
+        ?ProtocolInterface $protocol = null
     ) {
         if (is_null($protocol)) {
             $protocol = new Version4();

diff --git a/src/Keys/Base/AsymmetricPublicKey.php b/src/Keys/Base/AsymmetricPublicKey.php
@@ -117,7 +117,10 @@ public static function v4(string $keyMaterial): V4AsymmetricPublicKey
      *
      * @throws Exception
      */
-    public static function newVersionKey(string $keyMaterial, ProtocolInterface $protocol = null): self
+    public static function newVersionKey(
+        string $keyMaterial,
+        ?ProtocolInterface $protocol = null,
+    ): self
     {
         $protocol = $protocol ?? new Version4();
 
@@ -155,7 +158,10 @@ abstract public function encodePem(): string;
      * @throws Exception
      * @throws TypeError
      */
-    public static function fromEncodedString(string $encoded, ProtocolInterface $version = null): self
+    public static function fromEncodedString(
+        string $encoded,
+        ?ProtocolInterface $version = null,
+    ): self
     {
         if (!$version) {
             $version = new Version4();
@@ -175,7 +181,7 @@ public static function fromEncodedString(string $encoded, ProtocolInterface $ver
      *
      * @throws Exception
      */
-    public static function importPem(string $pem, ProtocolInterface $protocol = null): self
+    public static function importPem(string $pem, ?ProtocolInterface $protocol = null): self
     {
         $protocol = $protocol ?? new Version4();
 

diff --git a/src/Keys/Base/AsymmetricSecretKey.php b/src/Keys/Base/AsymmetricSecretKey.php
@@ -159,7 +159,7 @@ public static function v4(string $keyMaterial): V4AsymmetricSecretKey
      * @throws Exception
      * @throws TypeError
      */
-    public static function generate(ProtocolInterface $protocol = null): self
+    public static function generate(?ProtocolInterface $protocol = null): self
     {
         $protocol = $protocol ?? new Version4;
         if (hash_equals($protocol::header(), Version3::HEADER)) {
@@ -178,7 +178,7 @@ public static function generate(ProtocolInterface $protocol = null): self
      *
      * @throws Exception
      */
-    public static function newVersionKey(string $keyMaterial, ProtocolInterface $protocol = null): self
+    public static function newVersionKey(string $keyMaterial, ?ProtocolInterface $protocol = null): self
     {
         $protocol = $protocol ?? new Version4();
 
@@ -216,7 +216,7 @@ abstract public function encodePem(): string;
      * @throws Exception
      * @throws TypeError
      */
-    public static function fromEncodedString(string $encoded, ProtocolInterface $version = null): self
+    public static function fromEncodedString(string $encoded, ?ProtocolInterface $version = null): self
     {
         if ($version && hash_equals($version::header(), Version3::HEADER)) {
             return V3AsymmetricSecretKey::fromEncodedString($encoded);
@@ -232,7 +232,7 @@ public static function fromEncodedString(string $encoded, ProtocolInterface $ver
      *
      * @throws Exception
      */
-    public static function importPem(string $pem, ProtocolInterface $protocol = null): self
+    public static function importPem(string $pem, ?ProtocolInterface $protocol = null): self
     {
         $protocol = $protocol ?? new Version4();