setSecret method for custom JWT key is not working
nargalzius opened this issue · 1 comments
nargalzius commented
JWTAuth::getJWTProvider()->setSecret() doesn't seem to be working
So I have a method that will allow generation of custom JWTs for different sites (with different JWT secrets)
Here's the method, pretty simple and it used to work fine before I upgraded to Laravel 9
protected function createUserToken($user, $claims = null, $secret = null) {
// GENERATE KEY WITH DIFFERENT JWT_SECRET
if($secret) {
JWTAuth::getJWTProvider()->setSecret($secret);
}
if($claims) {
$factory = JWTFactory::customClaims($claims);
$payload = $factory->make();
return JWTAuth::encode($payload);
}
return JWTAuth::fromUser($user);
}
Your environment
| Q | A |
|---|---|
| Bug? | yes |
| New Feature? | no |
| Framework | Laravel |
| Framework version | 9 |
| Package version | 2 |
| PHP version | 8.2 |
Steps to reproduce
- Generate any token with a custom secret key
- Validate said token on jwt.io, and you'll notice that it will not be validated with the custom key you provided (will fail)
- Validate said token again, but this time use the key on the site's .env (will succeed)
Expected behaviour
The token generated should be encoded with the custom key, and should be able to validate on jwt.io when you provide said custom key.
Actual behaviour
The tokens being generated are still using the site's key instead of the custom provided key through the setSecret() method