Pass CryptKey instance to oauth2 with permission check disabled (#10)

Disable permission checks for private/public keys

DependencyInjection/TrikoderOAuth2Extension.php

@@ -3,6 +3,7 @@
 namespace Trikoder\Bundle\OAuth2Bundle\DependencyInjection;
 
 use DateInterval;
+use League\OAuth2\Server\CryptKey;
 use LogicException;
 use Symfony\Component\Config\FileLocator;
 use Symfony\Component\Config\Loader\LoaderInterface;
@@ -64,7 +65,11 @@ private function configureAuthorizationServer(ContainerBuilder $container, array
     {
         $authorizationServer = $container
             ->getDefinition('league.oauth2.server.authorization_server')
-            ->replaceArgument('$privateKey', $config['private_key'])
+            ->replaceArgument('$privateKey', new Definition(CryptKey::class, [
+                $config['private_key'],
+                null,
+                false,
+            ]))
             ->replaceArgument('$encryptionKey', $config['encryption_key'])
         ;
 
@@ -160,7 +165,11 @@ private function configureResourceServer(ContainerBuilder $container, array $con
     {
         $container
             ->getDefinition('league.oauth2.server.resource_server')
-            ->replaceArgument('$publicKey', $config['public_key'])
+            ->replaceArgument('$publicKey', new Definition(CryptKey::class, [
+                $config['public_key'],
+                null,
+                false,
+            ]))
         ;
     }
 

Tests/Integration/AbstractIntegrationTest.php

@@ -5,6 +5,7 @@
 use Defuse\Crypto\Crypto;
 use Defuse\Crypto\Exception\CryptoException;
 use League\OAuth2\Server\AuthorizationServer;
+use League\OAuth2\Server\CryptKey;
 use League\OAuth2\Server\Exception\OAuthServerException;
 use League\OAuth2\Server\Grant\ClientCredentialsGrant;
 use League\OAuth2\Server\Grant\PasswordGrant;
@@ -196,7 +197,7 @@ private function createAuthorizationServer(
             $clientRepository,
             $accessTokenRepository,
             $scopeRepository,
-            TestHelper::PRIVATE_KEY_PATH,
+            new CryptKey(TestHelper::PRIVATE_KEY_PATH, null, false),
             TestHelper::ENCRYPTION_KEY
         );
 
@@ -211,7 +212,7 @@ private function createResourceServer(AccessTokenRepositoryInterface $accessToke
     {
         return new ResourceServer(
             $accessTokenRepository,
-            TestHelper::PUBLIC_KEY_PATH
+            new CryptKey(TestHelper::PUBLIC_KEY_PATH, null, false)
         );
     }
 }

Tests/TestHelper.php

@@ -58,7 +58,7 @@ public static function generateJwtToken(AccessTokenModel $accessToken): string
         }
 
         return $accessTokenEntity->convertToJWT(
-            new CryptKey(self::PRIVATE_KEY_PATH)
+            new CryptKey(self::PRIVATE_KEY_PATH, null, false)
         );
     }
 

Tests/TestKernel.php

@@ -27,10 +27,6 @@ public function boot()
         putenv(sprintf('PUBLIC_KEY_PATH=%s', TestHelper::PUBLIC_KEY_PATH));
         putenv(sprintf('ENCRYPTION_KEY=%s', TestHelper::ENCRYPTION_KEY));
 
-        // The authorization server requires proper file permissions for public/private keys.
-        chmod(TestHelper::PRIVATE_KEY_PATH, 0600);
-        chmod(TestHelper::PUBLIC_KEY_PATH, 0600);
-
         parent::boot();
     }