Add support for multiple keys as proposed in #544

Author: mevdschee

src/Tqdev/PhpCrudApi/Middleware/JwtAuthMiddleware.php

@@ -5,7 +5,6 @@
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 use Psr\Http\Server\RequestHandlerInterface;
-use Tqdev\PhpCrudApi\Controller\Responder;
 use Tqdev\PhpCrudApi\Middleware\Base\Middleware;
 use Tqdev\PhpCrudApi\Record\ErrorCode;
 use Tqdev\PhpCrudApi\RequestUtils;
@@ -31,7 +30,7 @@ private function getVerifiedClaims(string $token, int $time, int $leeway, int $t
         if (isset($header['kid'])) {
             $kid = $header['kid'];
         }
-        if (!$secrets[$kid]) {
+        if (!isset($secrets[$kid])) {
             return array();
         }
         $secret = $secrets[$kid];
@@ -99,14 +98,14 @@ private function getClaims(string $token): array
         $leeway = (int) $this->getProperty('leeway', '5');
         $ttl = (int) $this->getProperty('ttl', '30');
         $secrets = $this->getMapProperty('secrets', '');
+        if (!$secrets) {
+            $secrets = [$this->getProperty('secret', '')];
+        }
         $requirements = array(
             'alg' => $this->getArrayProperty('algorithms', ''),
             'aud' => $this->getArrayProperty('audiences', ''),
             'iss' => $this->getArrayProperty('issuers', ''),
         );
-        if (!$secrets) {
-            return array();
-        }
         return $this->getVerifiedClaims($token, $time, $leeway, $ttl, $secrets, $requirements);
     }