Initial commit

.editorconfig

@@ -0,0 +1,21 @@
+# EditorConfig helps developers define and maintain consistent
+# coding styles between different editors and IDEs
+# editorconfig.org
+
+root = true
+
+[*]
+charset = utf-8
+indent_size = 4
+indent_style = space
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[*.md]
+trim_trailing_whitespace = false
+
+[**.{neon,neon.dist}]
+indent_style = tab
+
+[**.{yml,yaml}]
+indent_size = 2

.gitattributes

@@ -0,0 +1,13 @@
+*.php diff=php
+
+/.build                         export-ignore
+/.github                        export-ignore
+/.readthedocs                   export-ignore
+/tests                          export-ignore
+/.editorconfig                  export-ignore
+/.gitattributes                 export-ignore
+/.gitignore                     export-ignore
+/.php-cs-fixer.dist.php         export-ignore
+/mkdocs.yml                     export-ignore
+/phpstan.neon.dist              export-ignore
+/phpunit.dist.xml               export-ignore

.github/CODE_OF_CONDUCT.md

@@ -0,0 +1,46 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at [email protected]. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

.github/dependabot.yml

@@ -0,0 +1,9 @@
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"

.github/settings.yml

@@ -0,0 +1,14 @@
+# https://probot.github.io/apps/settings/
+
+repository:
+  allow_squash_merge: true
+  allow_merge_commit: false
+  allow_rebase_merge: true
+  default_branch: main
+  delete_branch_on_merge: true
+  enable_automated_security_fixes: true
+  enable_vulnerability_alerts: true
+  has_downloads: false
+  has_projects: true
+  has_wiki: false
+  use_squash_pr_title_as_default: true

.github/workflows/tests.yml

@@ -0,0 +1,79 @@
+name: Tests
+
+on:
+  pull_request:
+    paths:
+      - '.github/workflows/tests.yml'
+      - 'src/**'
+      - 'tests/**'
+      - 'composer.json'
+      - 'phpstan.neon.dist'
+  push:
+    branches: ['main']
+    paths:
+      - '.github/workflows/tests.yml'
+      - 'src/**'
+      - 'tests/**'
+      - 'composer.json'
+      - 'phpstan.neon.dist'
+  workflow_dispatch:
+
+jobs:
+  test:
+    name: PHP ${{ matrix.php }}
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: true
+      matrix:
+        php:
+          - "8.2"
+          - "8.3"
+
+    env:
+      extensions: ctype, dom, intl, json, mbstring, openssl, xml, zip, zlib
+      key: cache-v1 # can be any string, change to clear the extension cache.
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Setup cache environment
+        id: extcache
+        uses: shivammathur/cache-extensions@v1
+        with:
+          php-version: ${{ matrix.php }}
+          extensions: ${{ env.extensions }}
+          key: ${{ env.key }}
+
+      - name: Cache extensions
+        uses: actions/cache@v3
+        with:
+          path: ${{ steps.extcache.outputs.dir }}
+          key: ${{ steps.extcache.outputs.key }}
+          restore-keys: ${{ steps.extcache.outputs.key }}
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php }}
+          extensions: ${{ env.extensions }}
+          tools: composer, pecl
+          coverage: xdebug
+        env:
+          COMPOSER_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - uses: ramsey/composer-install@v2
+        with:
+          composer-options: "${{ matrix.composer-options }}"
+
+      - name: Setup Problem Matchers
+        run: |
+          echo "::add-matcher::${{ runner.tool_cache }}/php.json"
+          echo "::add-matcher::${{ runner.tool_cache }}/phpunit.json"
+
+      - name: Run PHPStan
+        run: vendor/bin/phpstan
+
+      - name: Run PHPUnit
+        run: vendor/bin/phpunit --testdox --coverage-text

.gitignore

@@ -0,0 +1,11 @@
+/.build
+/tests/.env
+/vendor
+
+/.php-cs-fixer.cache
+/.phpunit.result.cache
+/.phpunit.xml
+
+/composer.lock
+/phpstan.neon
+/phpunit.xml

.php-cs-fixer.dist.php

@@ -0,0 +1,24 @@
+<?php
+
+declare(strict_types=1);
+
+$finder = PhpCsFixer\Finder::create()->in(__DIR__);
+
+return (new PhpCsFixer\Config())
+    ->setRiskyAllowed(true)
+    ->setRules([
+        '@PER-CS2.0' => true,
+        'final_class' => true,
+        'no_unused_imports' => true,
+        'ordered_imports' => [
+            'imports_order' => [
+                'class',
+                'function',
+                'const',
+            ],
+            'sort_algorithm' => 'alpha',
+        ],
+        'php_unit_internal_class' => true,
+        'php_unit_test_class_requires_covers' => true,
+    ])
+    ->setFinder($finder);

.readthedocs.yml

@@ -0,0 +1,9 @@
+version: 2
+
+build:
+  os: ubuntu-22.04
+  tools:
+    python: "3"
+
+mkdocs:
+  configuration: mkdocs.yml

CHANGELOG.md

@@ -0,0 +1,8 @@
+# CHANGELOG
+
+## [Unreleased]
+
+<!--
+[Unreleased]: https://github.com/beste/firebase-jwt/compare/1.0.0...main
+[1.0.0]: https://github.com/beste/firebase-jwt/tree/1.0.0
+-->

LICENSE

@@ -0,0 +1,30 @@
+The MIT License (MIT)
+
+Copyright (c) 2024, Jérôme Gamez
+
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+* Redistributions of source code must retain the above copyright notice, this
+  list of conditions and the following disclaimer.
+
+* Redistributions in binary form must reproduce the above copyright notice,
+  this list of conditions and the following disclaimer in the documentation
+  and/or other materials provided with the distribution.
+
+* Neither the name of the {organization} nor the names of its
+  contributors may be used to endorse or promote products derived from
+  this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

README.md

@@ -0,0 +1,30 @@
+# Firebase JWT
+
+A framework-agnostic PHP library that allows you to issue Firebase [Custom Tokens], parse and verify [ID Tokens], and
+manage [Session Cookies].
+
+[![Current version](https://img.shields.io/packagist/v/beste/firebase-jwt.svg?logo=composer)](https://packagist.org/packages/beste/firebase-jwt)
+[![Packagist PHP Version Support](https://img.shields.io/packagist/php-v/beste/firebase-jwt)](https://packagist.org/packages/beste/firebase-jwt)
+[![Monthly Downloads](https://img.shields.io/packagist/dm/beste/firebase-jwt.svg)](https://packagist.org/packages/beste/firebase-jwt/stats)
+[![Total Downloads](https://img.shields.io/packagist/dt/beste/firebase-jwt.svg)](https://packagist.org/packages/beste/firebase-jwt/stats)
+[![Tests](https://github.com/beste/firebase-jwt/actions/workflows/tests.yml/badge.svg)](https://github.com/beste/firebase-jwt/actions/workflows/tests.yml)
+
+## Installation
+
+This package is available on [Packagist], and you can install it using [Composer].
+
+By running the following command you'll add `beste/firebase-jwt` as a dependency to your project:
+
+```shell
+composer require beste/firebase-jwt
+```
+
+## Documentation
+
+The documentation is available at <https://beste-firebase-jwt.readthedocs.io/en/latest/>.
+
+[Custom Tokens]: https://firebase.google.com/docs/auth/admin/create-custom-tokens
+[ID Tokens]: https://firebase.google.com/docs/auth/admin/verify-id-tokens
+[Session Cookies]: https://firebase.google.com/docs/auth/admin/manage-cookies
+[Packagist]: https://packagist.org/packages/beste/firebase-jwt
+[Composer]: https://getcomposer.org

composer.json

@@ -0,0 +1,76 @@
+{
+    "name": "beste/firebase-jwt",
+    "description": "A library to work with Firebase tokens",
+    "license": "ISC",
+    "type": "library",
+    "authors": [
+        {
+            "name": "Jérôme Gamez",
+            "email": "[email protected]"
+        }
+    ],
+    "require": {
+        "php": "~8.1.0 || ~8.2.0 || ~8.3.0",
+        "azjezz/psl": "^2.9",
+        "beste/in-memory-cache": "^1.0",
+        "lcobucci/jwt": "^5.2",
+        "php-http/discovery": "^1.19.2",
+        "psr/cache": "^2.0 || ^3.0",
+        "psr/http-client": "^1.0.3",
+        "psr/http-client-implementation": "*",
+        "psr/http-factory": "^1.0.2",
+        "psr/http-message": "^2.0"
+    },
+    "require-dev": {
+        "beste/clock": "^3.0",
+        "friendsofphp/php-cs-fixer": "^3.43.1",
+        "google/auth": "^1.33",
+        "nyholm/psr7": "^1.8.1",
+        "php-standard-library/phpstan-extension": "^1.0",
+        "phpstan/extension-installer": "^1.3.1",
+        "phpstan/phpstan": "^1.10.50",
+        "phpstan/phpstan-deprecation-rules": "^1.1.4",
+        "phpstan/phpstan-phpunit": "^1.3.15",
+        "phpstan/phpstan-strict-rules": "^1.5.2",
+        "phpunit/phpunit": "^10.5.5",
+        "symfony/http-client": "^7.0",
+        "symfony/var-dumper": "^7.0",
+        "vlucas/phpdotenv": "^5.6"
+    },
+    "suggest": {
+        "psr/clock-implementation": "Allows using an existing clock, for example a frozen clock for tests",
+        "psr/cache-implementation": "Allows caching of certificates fetched from Google to verify tokens"
+    },
+    "autoload": {
+        "psr-4": {
+            "Beste\\Firebase\\JWT\\": "src"
+        }
+    },
+    "autoload-dev": {
+        "psr-4": {
+            "Beste\\Firebase\\JWT\\Tests\\": "tests"
+        }
+    },
+    "config": {
+        "allow-plugins": {
+            "phpstan/extension-installer": true,
+            "php-http/discovery": true
+        },
+        "sort-packages": true
+    },
+    "scripts": {
+        "analyse": "vendor/bin/phpstan analyse",
+        "analyze": "@analyse",
+        "cs-fix": "vendor/bin/php-cs-fixer fix --diff --verbose",
+        "test": "vendor/bin/phpunit --testdox",
+        "test-coverage": [
+            "Composer\\Config::disableProcessTimeout",
+            "XDEBUG_MODE=coverage vendor/bin/phpunit --testdox --coverage-html=.build/coverage"
+        ],
+        "check": [
+            "@cs-fix",
+            "@analyse",
+            "@test"
+        ]
+    }
+}