Modernize for PHP 8.1–8.5, republish as maksimovic/oauth2-server-php#2
Merged
Conversation
- Require PHP ^8.1, CI matrix now tests 8.1-8.5 - Upgrade phpunit/phpunit ^9.6 to ^10.5 (convert @dataProvider to #[DataProvider] attributes, static data providers, update phpunit.xml) - Upgrade aws/aws-sdk-php ^2.8 to ^3.0 (rewrite DynamoDB storage for v3 API: Marshaler, Result, lazy credential handling) - Upgrade predis/predis ^1.1 to ^2.0 (fix getPayload() compat) - Upgrade firebase/php-jwt ^6.4 to ^6.4 || ^7.0 (v7 requires 2048-bit RSA keys; all test keypairs regenerated) - Replace Cassandra storage: swap abandoned thobbs/phpcassa (Thrift) for mroosz/php-cassandra ^1.2 (CQL native protocol, PHP 8.1+) - Fix CI: bump to actions/checkout@v5, drop unmaintained retry action, fix MariaDB service config, add health checks, add Cassandra service, add pdo_pgsql extension
…ocal to CI Remove Mongo.php (dead PHP 5.x MongoClient code; MongoDB.php remains). Rewrite CouchbaseDB.php for Couchbase SDK 4.x (Cluster/Collection API). Replace AWS credentials/Travis logic with DynamoDB Local in CI.
…ix DynamoDB health check Use bash /dev/tcp for DynamoDB Local health check since the image has no curl or wget. Narrow php-jwt to ^7.0 and remove the polyfills package which is unnecessary on PHPUnit 10.
Add composer test, test:coverage, and analyze scripts. Enable verbose PHPUnit output for deprecations, warnings, and skip reasons. CI now uses the composer scripts.
Move Cassandra and DynamoDB out of services block so they start in parallel with PHP setup and composer install instead of blocking the entire job. Cassandra takes ~70s to boot; this now overlaps with the ~20s of checkout + PHP setup + composer install.
Eliminates psql client/server version mismatch errors (daticulocale) and createdb failures when the database already exists from the Docker service POSTGRES_DB env var.
- Replace deprecated 'self::isNotEmpty' callable strings with
first-class callable syntax in DynamoDB storage
- Use 127.0.0.1 instead of localhost for MySQL to force TCP connection
to Docker service (localhost uses Unix socket on Linux)
- Add mongodb/mongodb to require-dev so MongoDB tests run in CI
- Check extension_loaded('mongodb') before class_exists to avoid
fatal errors when library is present but extension is not
Start couchbase:community-7.6.5 as a background container, initialize the cluster with kv service, create the oauth2test bucket, and install ext-couchbase via shivammathur/setup-php. This eliminates the last remaining test skips (Couchbase).
…eyInterface) The instanceof check used the non-existent PublicKey class instead of PublicKeyInterface, causing all storage backends to skip. Also add NullStorage guard to prevent errors from unavailable backends.
The couchbase extension has no pre-built binary in setup-php and compiling from PECL hangs indefinitely. Remove the Couchbase container, cluster setup, and extension from CI. Couchbase tests remain as skips.
DynamoDB rejects empty AttributeValue strings. The getEncryptionAlgorithm method defaulted client_id to null, causing 'S' => null which is invalid. Coalesce null to '0' (the sentinel key used for global keys) in all three public key methods.
- Add .docker/Dockerfile based on php:*-cli-alpine with mongodb, redis, couchbase, pdo_mysql, pdo_pgsql, intl extensions pre-compiled - Add docker.yml workflow to build and push images to GHCR for PHP 8.1-8.4, triggered on Dockerfile changes and weekly schedule - Update tests.yml to use container images for PHP 8.1-8.4 (with all services including Couchbase), PHP 8.5 remains on setup-php - Make all service hostnames configurable via env vars in Bootstrap (MYSQL_HOST, POSTGRES_HOST, REDIS_HOST, MONGODB_HOST, CASSANDRA_HOST)
php:8.5-cli-alpine exists, so all 5 PHP versions now use the same custom container image path. No more special-cased setup-php job.
Uses GitHub Actions cache backend (type=gha) with per-PHP-version scopes so subsequent rebuilds only recompile changed layers.
The couchbase extension's classes weren't registering because apk del removed shared libraries needed at runtime. Use scanelf to discover all shared lib dependencies of compiled extensions and install them before removing build deps.
The ext-couchbase 4.x C extension only provides low-level functions (Couchbase\Extension\*) and exception classes. The high-level classes (Cluster, ClusterOptions, Collection) come from the couchbase/couchbase composer package. - Install couchbase/couchbase:^4.4 in CI after composer install - Update Bootstrap check to look for ClusterOptions class - Add scanelf to Dockerfile to auto-detect runtime shared lib deps - Keep couchbase/couchbase out of require-dev since it needs ext-couchbase
… bug CouchbaseDB was the only storage missing unsetAccessToken. Also fix AccessTokenTest calling getMessage() on non-NullStorage objects when the method check fails.
Republish as our own package so we can ship the PHP 8.5 work without waiting on bshaffer/oauth2-server-php (upstream PR bshaffer#1088 has been open for a month with no response). The "replace" block keeps this a drop-in for any consumer still requiring bshaffer/oauth2-server-php.
The Docker CI image bakes a specific ext-couchbase build. Using ^4.4
in the on-the-fly composer require lets the resolver pull any newer
minor (e.g. 4.5.0), which expects native functions the older baked
extension doesn't export ("Call to undefined function
Couchbase\\Extension\\clusterLabels()"). Pin to the 4.4.x line so
the PHP wrapper and C extension stay compatible.
maksimovic
changed the title
maksimovic
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Republishes the library as
maksimovic/oauth2-server-phpand brings in the full PHP 8.5 modernization that has been sitting unanswered in bshaffer/oauth2-server-php#1088 for a month. Thereplacedirective keeps it a drop-in for any consumer still requiringbshaffer/oauth2-server-php.composer.json
maksimovic/oauth2-server-php, add"replace": {"bshaffer/oauth2-server-php": "*"}php: ^8.1phpunit/phpunit ^10.5,phpstan/phpstan ^2.1firebase/php-jwt ^7.0, dropyoast/phpunit-polyfillsaws/aws-sdk-php ^3.0,predis/predis ^2.0,mroosz/php-cassandra ^1.2mongodb/mongodbmoved fromrequire-devtosuggesttest,test:coverage,analyzecomposer scriptsCI
ext-couchbasepre-installed (.docker/Dockerfile+docker.ymlworkflow, weekly rebuild, GHA layer caching)Source
src/OAuth2/Storage/Mongo.php(replaced by MongoDB SDK 4.x users)CouchbaseDBstorage for Couchbase SDK 4.x; addstubs/couchbase.stubfor PHPStanCouchbaseDB::unsetAccessToken— returnfalsefor missing tokens, add missing methodDynamoDBpublic-key methods — guard against nullclient_idCassandrastorage to current driver APIsTests
PublicKeyInterfacerather than concretePublicKeyphpstan.neonStats
42 files changed, +944 / -1413 — most of the removals are the deprecated Mongo driver and legacy Cassandra code.