Merge pull request #1164 from bradymiller/private-key-passphrase-fix

fix for passphrase with private key
thephpleague · Nov 30, 2020 · 010d664 · 010d664
2 parents 284c2b5 + 80352b8
commit 010d664
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 8 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 
+## [8.2.2] - released 2020-11-30
+- Fix issue where the private key passphrase isn't correctly passed to JWT library (PR #1164)
+
 ## [8.2.1] - released 2020-11-26
 ### Fixed
 - If you have a password on your private key, it is now passed correctly to the JWT configuration object. (PR #1159)

diff --git a/src/Entities/Traits/AccessTokenTrait.php b/src/Entities/Traits/AccessTokenTrait.php
@@ -44,16 +44,10 @@ public function setPrivateKey(CryptKey $privateKey)
      */
     public function initJwtConfiguration()
     {
-        $privateKeyPassPhrase = $this->privateKey->getPassPhrase();
-
-        $verificationKey = empty($privateKeyPassPhrase) ?
-            InMemory::plainText('') :
-            InMemory::plainText($this->privateKey->getPassPhrase());
-
         $this->jwtConfiguration = Configuration::forAsymmetricSigner(
             new Sha256(),
-            LocalFileReference::file($this->privateKey->getKeyPath()),
-            $verificationKey
+            LocalFileReference::file($this->privateKey->getKeyPath(), $this->privateKey->getPassPhrase() ?? ''),
+            InMemory::plainText('')
         );
     }