diff --git a/src/Encoders/EncodeHS256Strong.php b/src/Encoders/EncodeHS256Strong.php index 8616901..09eb0e5 100644 --- a/src/Encoders/EncodeHS256Strong.php +++ b/src/Encoders/EncodeHS256Strong.php @@ -15,9 +15,9 @@ class EncodeHS256Strong extends EncodeHS256 /** * This class only instantiates if the secret provided is strong enough. */ - public function __construct(string $secret) + public function __construct(string $secret, array $options) { - if (!$this->validSecret($secret)) { + if (!$this->validSecret($secret, !!$options['fixed_secret_length_enabled'])) { throw new EncodeException('Invalid secret.', 9); } @@ -28,9 +28,14 @@ public function __construct(string $secret) * The secret should contain a number, a upper and a lowercase letter, and a * special character *&!@%^#$. It should be at least 12 characters in * length. The regex here uses lookahead assertions. + * nonEmptyOnlyValidation is an option to only validate secret is empty or not. */ - private function validSecret(string $secret): bool + private function validSecret(string $secret, bool $fixedSecretLengthEnabled = true): bool { + if (!$fixedSecretLengthEnabled) { + return !empty($secret); + } + if ( !preg_match( '/^.*(?=.{12,}+)(?=.*\d+)(?=.*[A-Z]+)(?=.*[a-z]+)(?=.*[\*&!@%\^#\$]+).*$/', diff --git a/src/Token.php b/src/Token.php index f7dcd15..df78633 100644 --- a/src/Token.php +++ b/src/Token.php @@ -25,7 +25,7 @@ class Token * * @see Tokens::create() */ - public static function create(string|int $userId, string $secret, int $expiration, string $issuer): string + public static function create(string|int $userId, string $secret, int $expiration, string $issuer, array $options = []): string { $tokens = new Tokens(); return $tokens->create( @@ -33,7 +33,8 @@ public static function create(string|int $userId, string $secret, int $expiratio $userId, $secret, $expiration, - $issuer + $issuer, + $options )->getToken(); } diff --git a/src/Tokens.php b/src/Tokens.php index 456ce66..36c6501 100644 --- a/src/Tokens.php +++ b/src/Tokens.php @@ -21,12 +21,12 @@ class Tokens * Factory method to return an instance of the Build class for creating new * JSON Web Tokens. */ - public function builder(string $secret): Build + public function builder(string $secret, array $options): Build { return new Build( 'JWT', new Validator(), - new EncodeHS256Strong($secret) + new EncodeHS256Strong($secret, $options) ); } @@ -91,9 +91,9 @@ public function getPayload(string $token): array * * @param string|int $userId */ - public function create(string $userKey, string|int $userId, string $secret, int $expiration, string $issuer): Jwt + public function create(string $userKey, string|int $userId, string $secret, int $expiration, string $issuer, array $options): Jwt { - $builder = $this->builder($secret); + $builder = $this->builder($secret, $options); return $builder->setPayloadClaim($userKey, $userId) ->setExpiration($expiration)