Allow to set a default expiration value on the generated token

Author: dunglas

src/Authorization.php

@@ -23,10 +23,15 @@ final class Authorization
     private const MERCURE_AUTHORIZATION_COOKIE_NAME = 'mercureAuthorization';
 
     private $registry;
+    private $jwtLifetime;
 
-    public function __construct(HubRegistry $registry)
+    /**
+     * @param int|null $jwtLifetime If not null, an "exp" claim is always set to now + $jwtLifetime (in seconds)
+     */
+    public function __construct(HubRegistry $registry, int $jwtLifetime = null)
     {
         $this->registry = $registry;
+        $this->jwtLifetime = $jwtLifetime;
     }
 
     /**
@@ -45,6 +50,10 @@ public function createCookie(Request $request, array $subscribe = [], array $pub
             throw new InvalidArgumentException(sprintf('The %s hub does not contain a token factory.', $hub ? '"'.$hub.'"' : 'default'));
         }
 
+        if (null !== $this->jwtLifetime && !isset($additionalClaims['exp'])) {
+            $additionalClaims['exp'] = new \DateTimeImmutable("+{$this->jwtLifetime} seconds");
+        }
+
         $token = $tokenFactory->create($subscribe, $publish, $additionalClaims);
         $url = $hubInstance->getPublicUrl();
         /** @var array $urlComponents */

src/HubRegistry.php

@@ -23,7 +23,7 @@ final class HubRegistry
     /**
      * @param array<string, HubInterface> $hubs An array of hub instances, where the keys are the names
      */
-    public function __construct(HubInterface $defaultHub, array $hubs)
+    public function __construct(HubInterface $defaultHub, array $hubs = [])
     {
         $this->defaultHub = $defaultHub;
         $this->hubs = $hubs;

src/Publisher.php

@@ -37,6 +37,7 @@ final class Publisher implements PublisherInterface
 
     /**
      * @param TokenProviderInterface|callable(Update $update):string $jwtProvider
+     * @param mixed                                  $jwtProvider
      */
     public function __construct(string $hubUrl, $jwtProvider, HttpClientInterface $httpClient = null)
     {

tests/AuthorizationTest.php

@@ -0,0 +1,46 @@
+<?php
+
+/*
+ * This file is part of the Mercure Component project.
+ *
+ * (c) Kévin Dunglas <[email protected]>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+declare(strict_types=1);
+
+namespace Symfony\Component\Mercure\Tests;
+
+use PHPUnit\Framework\TestCase;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Mercure\Authorization;
+use Symfony\Component\Mercure\HubRegistry;
+use Symfony\Component\Mercure\Jwt\LcobucciFactory;
+use Symfony\Component\Mercure\Jwt\StaticTokenProvider;
+use Symfony\Component\Mercure\MockHub;
+use Symfony\Component\Mercure\Update;
+
+/**
+ * @author Kévin Dunglas <[email protected]>
+ */
+class AuthorizationTest extends TestCase
+{
+    public function testJwtLifetime(): void
+    {
+        $registry = new HubRegistry(new MockHub(
+            'https://example.com/.well-known/mercure',
+            new StaticTokenProvider('foo.bar.baz'),
+            function (Update $u): string { return 'dummy'; },
+            new LcobucciFactory('secret')
+        ), []);
+
+        $authorization = new Authorization($registry, 3600);
+        $cookie = $authorization->createCookie(Request::create('https://example.com'));
+
+        $payload = json_decode(base64_decode(explode('.', $cookie->getValue())[1], true), true);
+        $this->assertArrayHasKey('exp', $payload);
+        $this->assertIsFloat($payload['exp']);
+    }
+}