Abstract CryptKey public methods to the CryptKeyInterface

CHANGELOG.md

@@ -6,6 +6,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 
+### Added (v9)
+- A CryptKeyInterface to allow developers to change the CryptKey implementation with greater ease (PR #1044)
+
 ### Fixed
 - Clients are now explicitly prevented from using the Client Credentials grant unless they are confidential to conform
  with the OAuth2 spec (PR #1035)

src/AuthorizationServer.php

@@ -40,12 +40,12 @@ class AuthorizationServer implements EmitterAwareInterface
     protected $grantTypeAccessTokenTTL = [];
 
     /**
-     * @var CryptKey
+     * @var CryptKeyInterface
      */
     protected $privateKey;
 
     /**
-     * @var CryptKey
+     * @var CryptKeyInterface
      */
     protected $publicKey;
 
@@ -85,7 +85,7 @@ class AuthorizationServer implements EmitterAwareInterface
      * @param ClientRepositoryInterface      $clientRepository
      * @param AccessTokenRepositoryInterface $accessTokenRepository
      * @param ScopeRepositoryInterface       $scopeRepository
-     * @param CryptKey|string                $privateKey
+     * @param CryptKeyInterface|string       $privateKey
      * @param string|Key                     $encryptionKey
      * @param null|ResponseTypeInterface     $responseType
      */
@@ -101,7 +101,7 @@ public function __construct(
         $this->accessTokenRepository = $accessTokenRepository;
         $this->scopeRepository = $scopeRepository;
 
-        if ($privateKey instanceof CryptKey === false) {
+        if ($privateKey instanceof CryptKeyInterface === false) {
             $privateKey = new CryptKey($privateKey);
         }
 

src/AuthorizationValidators/BearerTokenValidator.php

@@ -14,7 +14,7 @@
 use Lcobucci\JWT\Parser;
 use Lcobucci\JWT\Signer\Rsa\Sha256;
 use Lcobucci\JWT\ValidationData;
-use League\OAuth2\Server\CryptKey;
+use League\OAuth2\Server\CryptKeyInterface;
 use League\OAuth2\Server\CryptTrait;
 use League\OAuth2\Server\Exception\OAuthServerException;
 use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
@@ -31,7 +31,7 @@ class BearerTokenValidator implements AuthorizationValidatorInterface
     private $accessTokenRepository;
 
     /**
-     * @var CryptKey
+     * @var CryptKeyInterface
      */
     protected $publicKey;
 
@@ -46,9 +46,9 @@ public function __construct(AccessTokenRepositoryInterface $accessTokenRepositor
     /**
      * Set the public key
      *
-     * @param CryptKey $key
+     * @param CryptKeyInterface $key
      */
-    public function setPublicKey(CryptKey $key)
+    public function setPublicKey(CryptKeyInterface $key)
     {
         $this->publicKey = $key;
     }

src/CryptKey.php

@@ -14,7 +14,7 @@
 use LogicException;
 use RuntimeException;
 
-class CryptKey
+class CryptKey implements CryptKeyInterface
 {
     const RSA_KEY_PATTERN =
         '/^(-----BEGIN (RSA )?(PUBLIC|PRIVATE) KEY-----)\R.*(-----END (RSA )?(PUBLIC|PRIVATE) KEY-----)\R?$/s';
@@ -102,19 +102,15 @@ private function saveKeyToFile($key)
     }
 
     /**
-     * Retrieve key path.
-     *
-     * @return string
+     * {@inheritdoc}
      */
     public function getKeyPath()
     {
         return $this->keyPath;
     }
 
     /**
-     * Retrieve key pass phrase.
-     *
-     * @return null|string
+     * {@inheritdoc}
      */
     public function getPassPhrase()
     {

src/CryptKeyInterface.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace League\OAuth2\Server;
+
+interface CryptKeyInterface
+{
+    /**
+     * Retrieve key path.
+     *
+     * @return string
+     */
+    public function getKeyPath();
+
+    /**
+     * Retrieve key pass phrase.
+     *
+     * @return null|string
+     */
+    public function getPassPhrase();
+}

src/Entities/AccessTokenEntityInterface.php

@@ -9,14 +9,14 @@
 
 namespace League\OAuth2\Server\Entities;
 
-use League\OAuth2\Server\CryptKey;
+use League\OAuth2\Server\CryptKeyInterface;
 
 interface AccessTokenEntityInterface extends TokenInterface
 {
     /**
      * Set a private key used to encrypt the access token.
      */
-    public function setPrivateKey(CryptKey $privateKey);
+    public function setPrivateKey(CryptKeyInterface $privateKey);
 
     /**
      * Generate a string representation of the access token.

src/Entities/Traits/AccessTokenTrait.php

@@ -14,33 +14,33 @@
 use Lcobucci\JWT\Signer\Key;
 use Lcobucci\JWT\Signer\Rsa\Sha256;
 use Lcobucci\JWT\Token;
-use League\OAuth2\Server\CryptKey;
+use League\OAuth2\Server\CryptKeyInterface;
 use League\OAuth2\Server\Entities\ClientEntityInterface;
 use League\OAuth2\Server\Entities\ScopeEntityInterface;
 
 trait AccessTokenTrait
 {
     /**
-     * @var CryptKey
+     * @var CryptKeyInterface
      */
     private $privateKey;
 
     /**
      * Set the private key used to encrypt this access token.
      */
-    public function setPrivateKey(CryptKey $privateKey)
+    public function setPrivateKey(CryptKeyInterface $privateKey)
     {
         $this->privateKey = $privateKey;
     }
 
     /**
      * Generate a JWT from the access token
      *
-     * @param CryptKey $privateKey
+     * @param CryptKeyInterface $privateKey
      *
      * @return Token
      */
-    private function convertToJWT(CryptKey $privateKey)
+    private function convertToJWT(CryptKeyInterface $privateKey)
     {
         return (new Builder())
             ->setAudience($this->getClient()->getIdentifier())

src/Grant/AbstractGrant.php

@@ -15,7 +15,7 @@
 use Error;
 use Exception;
 use League\Event\EmitterAwareTrait;
-use League\OAuth2\Server\CryptKey;
+use League\OAuth2\Server\CryptKeyInterface;
 use League\OAuth2\Server\CryptTrait;
 use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
 use League\OAuth2\Server\Entities\AuthCodeEntityInterface;
@@ -83,7 +83,7 @@ abstract class AbstractGrant implements GrantTypeInterface
     protected $refreshTokenTTL;
 
     /**
-     * @var CryptKey
+     * @var CryptKeyInterface
      */
     protected $privateKey;
 
@@ -151,9 +151,9 @@ public function setRefreshTokenTTL(DateInterval $refreshTokenTTL)
     /**
      * Set the private key
      *
-     * @param CryptKey $key
+     * @param CryptKeyInterface $key
      */
-    public function setPrivateKey(CryptKey $key)
+    public function setPrivateKey(CryptKeyInterface $key)
     {
         $this->privateKey = $key;
     }

src/Grant/GrantTypeInterface.php

@@ -14,7 +14,7 @@
 use DateInterval;
 use Defuse\Crypto\Key;
 use League\Event\EmitterAwareInterface;
-use League\OAuth2\Server\CryptKey;
+use League\OAuth2\Server\CryptKeyInterface;
 use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
 use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
 use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
@@ -131,9 +131,9 @@ public function setDefaultScope($scope);
     /**
      * Set the path to the private key.
      *
-     * @param CryptKey $privateKey
+     * @param CryptKeyInterface $privateKey
      */
-    public function setPrivateKey(CryptKey $privateKey);
+    public function setPrivateKey(CryptKeyInterface $privateKey);
 
     /**
      * Set the encryption key

src/ResourceServer.php

@@ -23,7 +23,7 @@ class ResourceServer
     private $accessTokenRepository;
 
     /**
-     * @var CryptKey
+     * @var CryptKeyInterface
      */
     private $publicKey;
 
@@ -36,7 +36,7 @@ class ResourceServer
      * New server instance.
      *
      * @param AccessTokenRepositoryInterface       $accessTokenRepository
-     * @param CryptKey|string                      $publicKey
+     * @param CryptKeyInterface|string             $publicKey
      * @param null|AuthorizationValidatorInterface $authorizationValidator
      */
     public function __construct(
@@ -46,7 +46,7 @@ public function __construct(
     ) {
         $this->accessTokenRepository = $accessTokenRepository;
 
-        if ($publicKey instanceof CryptKey === false) {
+        if ($publicKey instanceof CryptKeyInterface === false) {
             $publicKey = new CryptKey($publicKey);
         }
         $this->publicKey = $publicKey;

src/ResponseTypes/AbstractResponseType.php

@@ -11,7 +11,7 @@
 
 namespace League\OAuth2\Server\ResponseTypes;
 
-use League\OAuth2\Server\CryptKey;
+use League\OAuth2\Server\CryptKeyInterface;
 use League\OAuth2\Server\CryptTrait;
 use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
 use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
@@ -31,7 +31,7 @@ abstract class AbstractResponseType implements ResponseTypeInterface
     protected $refreshToken;
 
     /**
-     * @var CryptKey
+     * @var CryptKeyInterface
      */
     protected $privateKey;
 
@@ -54,9 +54,9 @@ public function setRefreshToken(RefreshTokenEntityInterface $refreshToken)
     /**
      * Set the private key
      *
-     * @param CryptKey $key
+     * @param CryptKeyInterface $key
      */
-    public function setPrivateKey(CryptKey $key)
+    public function setPrivateKey(CryptKeyInterface $key)
     {
         $this->privateKey = $key;
     }

tests/AuthorizationServerTest.php

@@ -4,7 +4,7 @@
 
 use DateInterval;
 use League\OAuth2\Server\AuthorizationServer;
-use League\OAuth2\Server\CryptKey;
+use League\OAuth2\Server\CryptKeyInterface;
 use League\OAuth2\Server\Exception\OAuthServerException;
 use League\OAuth2\Server\Grant\AuthCodeGrant;
 use League\OAuth2\Server\Grant\ClientCredentialsGrant;
@@ -153,7 +153,7 @@ public function testMultipleRequestsGetDifferentResponseTypeInstances()
         $encryptionKey = 'file://' . __DIR__ . '/Stubs/public.key';
 
         $responseTypePrototype = new class extends BearerTokenResponse {
-            /* @return null|CryptKey */
+            /* @return null|CryptKeyInterface */
             public function getPrivateKey()
             {
                 return $this->privateKey;