update jwt encode/decode

Signed-off-by: envoyr <hello@envoyr.com>

src/Accounts/ApiTokenCookieFactory.php

@@ -77,6 +77,6 @@ class ApiTokenCookieFactory
             'sub' => $userId,
             'csrf' => $csrfToken,
             'expiry' => $expiration->getTimestamp(),
-        ], $this->encrypter->getKey());
+        ], $this->encrypter->getKey(), 'RS256');
     }
 }

src/Accounts/Auth/TokenGuard.php

@@ -7,6 +7,7 @@ use Bitinflow\Accounts\Helpers\JwtParser;
 use Bitinflow\Accounts\Traits\HasBitinflowTokens;
 use Exception;
 use Firebase\JWT\JWT;
+use Firebase\JWT\Key;
 use Illuminate\Auth\AuthenticationException;
 use Illuminate\Auth\GuardHelpers;
 use Illuminate\Container\Container;
@@ -181,8 +182,10 @@ class TokenGuard
     {
         return (array)JWT::decode(
             CookieValuePrefix::remove($this->encrypter->decrypt($request->cookie(BitinflowAccounts::cookie()), BitinflowAccounts::$unserializesCookies)),
-            $this->encrypter->getKey(),
-            ['HS256']
+            new Key(
+                $this->encrypter->getKey(),
+                'RS256'
+            )
         );
     }
 

src/Accounts/Helpers/JwtParser.php

@@ -5,6 +5,7 @@ namespace Bitinflow\Accounts\Helpers;
 
 
 use Firebase\JWT\JWT;
+use Firebase\JWT\Key;
 use Illuminate\Auth\AuthenticationException;
 use Illuminate\Http\Request;
 use stdClass;
@@ -12,8 +13,6 @@ use Throwable;
 
 class JwtParser
 {
-    public const ALLOWED_ALGORITHMS = ['RS256'];
-
     /**
      * @param Request $request
      * @return stdClass
@@ -26,8 +25,7 @@ class JwtParser
         try {
             return JWT::decode(
                 $request->bearerToken(),
-                $this->getOauthPublicKey(),
-                self::ALLOWED_ALGORITHMS
+                new Key($this->getOauthPublicKey(),'RS256')
             );
         } catch (Throwable $exception) {
             throw (new AuthenticationException());