🔐 JSON Web Token Authentication for Laravel & Lumen

Description

Adds octane compatibility for Laravel. Has breaking changes in the LaravelServiceProvider:

• Removed protected function config
• Added $app arg to protected function getConfigInstance($app, $key)

Main part is resetting the facades on RequestReceived, TaskReceived and TickReceived

Checklist:

• [x] I've added tests for my changes or tests are not applicable
• [x] I've changed documentations or changes are not required

Subject of the issue

Right now library is not Octane compatible, (e.g. places like [this](src/Providers/LaravelServiceProvider.php#48 are not allowed use $this->app, config(...) function call inside providers should be replaced by $this->app->make('config') or similiar). It also caches authenticated user in JWTGuard, which causes user to be not updated between requests

Your environment

| Q | A | ----------------- | --- | Bug? | yes | Framework | Laravel | Framework version | 8.73.0 | Package version | 1.2.0 | PHP version | 8.0.11

Steps to reproduce

Add Octane, add JWT Auth

Expected behaviour

First authenticated user is saved for all subsequent requests

Actual behaviour

Library should work with Octane without extra hacks

As we forked this package from Tumondesigns we need to give him the credits in the default readme.MD and remove the wiki that he created and create on our own (it's not fair we use his stuff to our benefit).

Suggestion from my side:

1 - let's create a new readme. MD. 2 - create a new wiki of documentation (might be will be necessary 1 - 2 people working on that to keep it up as maximum posted). 3 - take all the issues from the original repository and post them here. 4 - get all the opened (relevant) PR and reopen here.

And by the end, remove the direct dependency of the fork of his repository (otherwise will be like another contributor).

We need also to register the package on packist and change the namespaces.

There's a lot of work to do just for the beginning before we proceed with the evolve of the package.

If JWT_SECRET is null, you will get the message Lcobucci\JWT\Signer\Key\InMemory::plainText()

Description

Lcobucci\JWT\Signer\Key\InMemory::plainText() just accepts strings, but if JWT_SECRET is not set, it will be null. Therefore as default value an empty string was added.

Error occurs in:

• https://github.com/PHP-Open-Source-Saver/jwt-auth/issues/116
• https://github.com/PHP-Open-Source-Saver/jwt-auth/issues/111

Checklist:

• [x] I've added tests for my changes or tests are not applicable
• [ ] I've changed documentations or changes are not required

Description

Feel free to not do this but I think this is a better solution than requesting contributors to update the CHANGELOG in their PRs.

• Automatically updates CHANGELOG whenever a release is published using GitHub Actions
• It copies the release notes you enter when a release is created.
• Recommended to use the new auto-generate release notes button.
• See it in action here https://github.com/spatie/laravel-ignition/commits/main/CHANGELOG.md
• Further reading https://stefanzweifel.io/posts/2021/11/13/introducing-the-changelog-updater-action

Checklist:

• [x] I've added tests for my changes or tests are not applicable
• [x] I've changed documentations or changes are not required
• [x] ~I've added my changes to CHANGELOG.md~ No longer needed removed this from PR template

Video of process

https://user-images.githubusercontent.com/20278756/150563964-30cbe3ea-44f1-4f9b-9b4f-57b9e59d6c20.mov

Subject of the issue

Method logout not working in PHP 8.1.5 | Laravel 9.17.0

Your environment:

| Q | A | ----------------- | --- | Bug? | yes | New Feature? | no | Framework | Laravel | Framework version | 9.17.0 | Package version | 1.4 | PHP version | 8.1.5

Steps to reproduce

public function logout()
    {
        auth('api')->logout();
        return response()->json('Logout efetuado', 200);
    }

My Class LoginAuthController

namespace App\Http\Controllers\Api\Auth;

use App\Api\ApiMessages;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use PHPOpenSourceSaver\JWTAuth\JWTAuth;

class LoginJwtController extends Controller
{
    public function login(Request $request)
    {
        $credentials = $request->all(['email', 'password']);
        if(!$token = auth('api')->attempt($credentials)) {// attempt metodo para logar
            $message = new ApiMessages('Email ou/e Senha inválido(s)');
            return response()->json($message->getMessage(), 401);
        }

        return response()->json([
            'token' => $token,
            'tokenType' => 'jwt'
        ]);
    }

    public function logout()
    {

        auth('api')->logout();
        return response()->json('Logout efetuado', 200);
    }
}

auth.php

'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],

        'api' => [
            'driver' => 'jwt',
            'provider' => 'users',
            'hash' => false,
        ],
    ],

My routes

Route::post('login', [LoginJwtController::class, 'login']);
Route::get('logout', [LoginJwtController::class, 'logout']);

Obs: method invalidate() doesn't work either Using postman

Expected behaviour

add it to the blacklist

Actual behaviour

token not add blacklist

Updates the requirements on illuminate/database to permit the latest version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Subject of the issue

Auth guard [tymon.jwt] is not defined. I got this error after upgrading to L9 and changing from tymon/jwt-auth, any idea why this is happening? When I rollback to old package and previous version everything is working. I can fix the problem by adding this to the auth.php config file, but this is not what I want. 'tymon' => [ 'jwt' => [ 'driver' => 'jwt', 'provider' => 'users', ] ]

Your environment:

| Q | A | ----------------- | --- | Bug? | yes | New Feature? | no | Framework | Laravel | Framework version | 9.0.1 | Package version | 1.4.y1 | PHP version | 8.1.2

Right now we have documentation in docs/ folder. Having it only there is inconvenient, since there is no navigation, and pages order of pages is broken (it cannot be used as some kind of "tutorial"). So we need to build it to HTML and deploy somewhere

Build tools

| Tool | Ease of documenting | Extra tooling needed | Versioning support | | :--- | :---| :---| :---| | MKDocs | Very easy | No | using Read the Docs | | VuePress | Very easy | Yes | does not support referencing buy git tags, needs to keep previous documentation in the repo |

Deployment tools

| Tool | Pros | Cons | | :--- | :--- | :--- | | GitHub Pages | No extra service setup required, easier to maintain | We will need to find a way to deploy versioned docs ourselves | | Read the Docs | Easy versioning | Extra service, that we need to maintain. Domain jwt-auth is claimed by original package repository |

Hi there

Thanks for your great work in getting this package modernized, do you have a tagged release coming out as I can't really use dev-develop as a security policy, I've forked for now but would like to stay current with they work you are doing in the future.

Many thanks!

Subject of the issue

There is an issue running an app after updating to "lcobucci/jwt"@4.2.0 It is working fine with "lcobucci/jwt"@4.1.5

Your environment:

| Q | A | -------------------- | --- | Bug? | yes | New Feature? | no | Framework | Laravel | Framework version | 9.25.1 | Package version | 1.4.2 | PHP version | 8.1.x

Steps to reproduce

• update dependencies with composer update
• run php artisan jwt:secret to set JWT Key
• the JWT key is set successfully

Expected behaviour

No errors

Actual behaviour

An error showed:

Lcobucci\JWT\Signer\InvalidKeyProvided 

  Key cannot be empty

  at vendor/lcobucci/jwt/src/Signer/InvalidKeyProvided.php:34
     30▕     }
     31▕ 
     32▕     public static function cannotBeEmpty(): self
     33▕     {
  ➜  34▕         return new self('Key cannot be empty');
     35▕     }

Remove iat(IssuedAt) from persistant claim to resolve refresh token expiration issue

Description

Checklist:

• [ ] I've added tests for my changes or tests are not applicable
• [ ] I've changed documentations or changes are not required
• [ ] I've added my changes to CHANGELOG.md

Description

I've Added arabic translation for mose important docs in package and I'll try to translate all docs available soon.

Checklist:

• [x] I've added tests for my changes or tests are not applicable
• [x] I've changed documentations or changes are not required
• [x] I've added my changes to CHANGELOG.md

Subject of the issue

When you call the logout api ( post request for logout with bearer token which does an Auth::logout() ) for the 2nd time, the API should ideally respond with a 400 or 404 instead of the below exception with status code 405 Method not allowed.

In production:

Oops! An Error Occurred
The server returned a "405 Method Not Allowed".
Something is broken. Please let us know what you were doing when this error occurred. We will fix it as soon as possible. Sorry for any inconvenience caused.

OR when debug is enabled:

Symfony\Component\HttpKernel\Exception\MethodNotAllowedHttpException: The GET method is not supported for this route. Supported methods: POST. in file /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Routing/AbstractRouteCollection.php on line 118

#0 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Routing/AbstractRouteCollection.php(104): Illuminate\Routing\AbstractRouteCollection->methodNotAllowed()
#1 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Routing/AbstractRouteCollection.php(41): Illuminate\Routing\AbstractRouteCollection->getRouteForMethods()
#2 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Routing/RouteCollection.php(162): Illuminate\Routing\AbstractRouteCollection->handleMatchedRoute()
#3 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Routing/Router.php(753): Illuminate\Routing\RouteCollection->match()
#4 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Routing/Router.php(740): Illuminate\Routing\Router->findRoute()
#5 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Routing/Router.php(729): Illuminate\Routing\Router->dispatchToRoute()
#6 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(190): Illuminate\Routing\Router->dispatch()
#7 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(141): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http\{closure}()
#8 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#9 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ConvertEmptyStringsToNull.php(31): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle()
#10 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull->handle()
#11 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#12 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TrimStrings.php(40): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle()
#13 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Foundation\Http\Middleware\TrimStrings->handle()
#14 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#15 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Foundation\Http\Middleware\ValidatePostSize->handle()
#16 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/PreventRequestsDuringMaintenance.php(86): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#17 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance->handle()
#18 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Http/Middleware/HandleCors.php(62): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#19 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Http\Middleware\HandleCors->handle()
#20 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Http/Middleware/TrustProxies.php(39): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#21 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Http\Middleware\TrustProxies->handle()
#22 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(116): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#23 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(165): Illuminate\Pipeline\Pipeline->then()
#24 /home/user/projects/octane-starter/octane-api/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(134): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter()
#25 /home/user/projects/octane-starter/octane-api/vendor/laravel/octane/src/ApplicationGateway.php(37): Illuminate\Foundation\Http\Kernel->handle()
#26 /home/user/projects/octane-starter/octane-api/vendor/laravel/octane/src/Worker.php(92): Laravel\Octane\ApplicationGateway->handle()
#27 /home/user/projects/octane-starter/octane-api/vendor/laravel/octane/bin/swoole-server(118): Laravel\Octane\Worker->handle()
#28 [internal function]: {closure}()
#29 /home/user/projects/octane-starter/octane-api/vendor/laravel/octane/bin/swoole-server(164): Swoole\Server->start()
#30 {main}

Your environment:

| Q | A | ----------------- | --- | Bug? | yes | New Feature? | no | Framework | Laravel (using laravel octane) | Framework version | 9.31 | Package version | 2.0.0 | PHP version | 8.1.2-1ubuntu2.9

Steps to reproduce

Generate a bearer token for the user / login. Trigger a POST request for logout with token. The logout is successful. Now, trigger the post request for logout with token again. You get the above error.

Expected behaviour

A more graceful exit and an error message instead of an error from somewhere within the framework / symfony.

Actual behaviour

As described above

Subject of the issue

User failed to transfer to token

Your environment:

| Q | A | ----------------- | --- | Bug? | yes | New Feature? | no | Framework | Laravel
| Framework version | 9.33.0 | Package version | 2.0.0 | PHP version | 8.1.9

Steps to reproduce

 auth()->login($user);

The user failed to transfer to token. The specific error is reported

Lcobucci\JWT\Token\Builder::relatedTo(): Argument #1 ($subject) must be of type string, null given, called in vendor/php-open-source-saver/jwt-auth/src/Providers/JWT/Lcobucci.php on line 212 in vendor/psy/psysh/src/Exception/TypeErrorException.php on line 53.

Operation screenshot

User Model implements are also correct

Method [viaRemember] does not exist.

I am running tests in Laravel and trying access to my API. I am sending token with headers (code bellow), same as a normal API call from postman for example. Api call from the postman works without any errors.

		$response = $this->withHeaders([
			'Authorization' => 'Bearer ' . JWTAuth::fromUser($this->user),
			'Accept'        => 'application/json',
		])->getJson(route('customers.index.api'));

Your environment:

| Q | A | ----------------- | --- | Bug? | yes | New Feature? | no | Framework | Laravel | Framework version | 9.31.0 | Package version | 2.0.0 | PHP version | 8.1

Steps to reproduce

Try to send request from laravel test

		$response = $this->withHeaders([
			'Authorization' => 'Bearer ' . JWTAuth::fromUser($this->user),
			'Accept'        => 'application/json',
		])->getJson(route('customers.index.api'));

Expected behaviour

To allow access to API same as a request from the postman or mobile app for example.

Actual behaviour

• Tests\Feature\Customer\CustomerTest > if user can get api response Expected response status code [200] but received 500. Failed asserting that 200 is identical to 500.

The following exception occurred during the last request:

BadMethodCallException: Method [viaRemember] does not exist. in /Users/igor/Sites/invoicequick/vendor/php-open-source-saver/jwt-auth/src/JWTGuard.php:583
Stack trace:
#0 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Auth/AuthManager.php(336): PHPOpenSourceSaver\JWTAuth\JWTGuard->__call('viaRemember', Array)
#1 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Session/Middleware/AuthenticateSession.php(43): Illuminate\Auth\AuthManager->__call('viaRemember', Array)
#2 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Session\Middleware\AuthenticateSession->handle(Object(Illuminate\Http\Request), Object(Closure))
#3 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php(44): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#4 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Auth\Middleware\Authenticate->handle(Object(Illuminate\Http\Request), Object(Closure), 'api')
#5 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(49): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#6 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\View\Middleware\ShareErrorsFromSession->handle(Object(Illuminate\Http\Request), Object(Closure))
#7 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(121): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#8 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(64): Illuminate\Session\Middleware\StartSession->handleStatefulRequest(Object(Illuminate\Http\Request), Object(Illuminate\Session\Store), Object(Closure))
#9 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Session\Middleware\StartSession->handle(Object(Illuminate\Http\Request), Object(Closure))
#10 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#11 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse->handle(Object(Illuminate\Http\Request), Object(Closure))
#12 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(67): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#13 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Cookie\Middleware\EncryptCookies->handle(Object(Illuminate\Http\Request), Object(Closure))
#14 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(116): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#15 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Routing/Router.php(726): Illuminate\Pipeline\Pipeline->then(Object(Closure))
#16 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Routing/Router.php(703): Illuminate\Routing\Router->runRouteWithinStack(Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request))
#17 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Routing/Router.php(667): Illuminate\Routing\Router->runRoute(Object(Illuminate\Http\Request), Object(Illuminate\Routing\Route))
#18 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Routing/Router.php(656): Illuminate\Routing\Router->dispatchToRoute(Object(Illuminate\Http\Request))
#19 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(190): Illuminate\Routing\Router->dispatch(Object(Illuminate\Http\Request))
#20 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(141): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http\{closure}(Object(Illuminate\Http\Request))
#21 /Users/igor/Sites/invoicequick/vendor/livewire/livewire/src/DisableBrowserCache.php(19): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#22 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Livewire\DisableBrowserCache->handle(Object(Illuminate\Http\Request), Object(Closure))
#23 /Users/igor/Sites/invoicequick/vendor/barryvdh/laravel-debugbar/src/Middleware/InjectDebugbar.php(59): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#24 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Barryvdh\Debugbar\Middleware\InjectDebugbar->handle(Object(Illuminate\Http\Request), Object(Closure))
#25 /Users/igor/Sites/invoicequick/vendor/fruitcake/laravel-cors/src/HandleCors.php(52): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#26 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Fruitcake\Cors\HandleCors->handle(Object(Illuminate\Http\Request), Object(Closure))
#27 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#28 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TrimStrings.php(40): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle(Object(Illuminate\Http\Request), Object(Closure))
#29 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Foundation\Http\Middleware\TrimStrings->handle(Object(Illuminate\Http\Request), Object(Closure))
#30 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#31 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Foundation\Http\Middleware\ValidatePostSize->handle(Object(Illuminate\Http\Request), Object(Closure))
#32 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/PreventRequestsDuringMaintenance.php(86): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#33 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance->handle(Object(Illuminate\Http\Request), Object(Closure))
#34 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Http/Middleware/TrustProxies.php(39): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#35 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Http\Middleware\TrustProxies->handle(Object(Illuminate\Http\Request), Object(Closure))
#36 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(116): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#37 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(165): Illuminate\Pipeline\Pipeline->then(Object(Closure))
#38 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(134): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter(Object(Illuminate\Http\Request))
#39 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Foundation/Testing/Concerns/MakesHttpRequests.php(545): Illuminate\Foundation\Http\Kernel->handle(Object(Illuminate\Http\Request))
#40 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Foundation/Testing/Concerns/MakesHttpRequests.php(511): Illuminate\Foundation\Testing\TestCase->call('GET', 'https://invoice...', Array, Array, Array, Array, '[]')
#41 /Users/igor/Sites/invoicequick/vendor/laravel/framework/src/Illuminate/Foundation/Testing/Concerns/MakesHttpRequests.php(324): Illuminate\Foundation\Testing\TestCase->json('GET', 'https://invoice...', Array, Array)
#42 /Users/igor/Sites/invoicequick/tests/Feature/Customer/CustomerTest.php(82): Illuminate\Foundation\Testing\TestCase->getJson('https://invoice...')
#43 /Users/igor/Sites/invoicequick/vendor/phpunit/phpunit/src/Framework/TestCase.php(1548): Tests\Feature\Customer\CustomerTest->test_if_user_can_get_api_response()
#44 /Users/igor/Sites/invoicequick/vendor/phpunit/phpunit/src/Framework/TestCase.php(1154): PHPUnit\Framework\TestCase->runTest()
#45 /Users/igor/Sites/invoicequick/vendor/phpunit/phpunit/src/Framework/TestResult.php(728): PHPUnit\Framework\TestCase->runBare()
#46 /Users/igor/Sites/invoicequick/vendor/phpunit/phpunit/src/Framework/TestCase.php(904): PHPUnit\Framework\TestResult->run(Object(Tests\Feature\Customer\CustomerTest))
#47 /Users/igor/Sites/invoicequick/vendor/phpunit/phpunit/src/Framework/TestSuite.php(673): PHPUnit\Framework\TestCase->run(Object(PHPUnit\Framework\TestResult))
#48 /Users/igor/Sites/invoicequick/vendor/phpunit/phpunit/src/Framework/TestSuite.php(673): PHPUnit\Framework\TestSuite->run(Object(PHPUnit\Framework\TestResult))
#49 /Users/igor/Sites/invoicequick/vendor/phpunit/phpunit/src/Framework/TestSuite.php(673): PHPUnit\Framework\TestSuite->run(Object(PHPUnit\Framework\TestResult))
#50 /Users/igor/Sites/invoicequick/vendor/phpunit/phpunit/src/TextUI/TestRunner.php(673): PHPUnit\Framework\TestSuite->run(Object(PHPUnit\Framework\TestResult))
#51 /Users/igor/Sites/invoicequick/vendor/phpunit/phpunit/src/TextUI/Command.php(144): PHPUnit\TextUI\TestRunner->run(Object(PHPUnit\Framework\TestSuite), Array, Array, true)
#52 /Users/igor/Sites/invoicequick/vendor/phpunit/phpunit/src/TextUI/Command.php(97): PHPUnit\TextUI\Command->run(Array, true)
#53 /Users/igor/Sites/invoicequick/vendor/phpunit/phpunit/phpunit(98): PHPUnit\TextUI\Command::main()
#54 {main}

Subject of the issue

Could not signed token with RS256 algo. Gets an error: Could not create token: It was not possible to parse your key, reason: error:1E08010C:DECODER routines::unsupported

Your environment:

| Q | A | ----------------- | --- | Bug? | yes | New Feature? | no | Framework | Laravel | Framework version | 9.19 | Package version | 1.4.2 | PHP version | 8.1.19 (with Laravel Sail and Octane)

Steps to reproduce

1.- Generate the rsa keys in the root folder of the project: openssl genrsa -out private.pem 1024 && openssl rsa -in private.pem -outform PEM -pubout -out public.pem

2.- Configure the .env file:

JWT_ALGO='RS256' JWT_PRIVATE_KEY='../private.pem' JWT_PUBLIC_KEY='../public.pem'

Note: if i put the sentence "file://../" it throws the error "No such file or directory", what ever i put there.

3.- Erase the config cache: sail artisan config:clear

4.- Execture the Auth API.

When i change the algo to HS256 it worked perfectly.

Expected behaviour

It should return the JWT signed in the Auth API

Actual behaviour

Throws this error with Lcobucci: Could not create token: It was not possible to parse your key, reason: error:1E08010C:DECODER routines::unsupported