From a19807624f6a0047b9109268cced353322d73129 Mon Sep 17 00:00:00 2001
From: cparent <carl.parent@gmail.com>
Date: Wed, 5 Jun 2024 23:54:09 -0400
Subject: [PATCH] Fix default values in WebToken services when encryption
 disabled

---
 Resources/config/web_token_issuance.xml     | 6 +++---
 Resources/config/web_token_verification.xml | 6 +++---
 Services/WebToken/AccessTokenLoader.php     | 2 +-
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/Resources/config/web_token_issuance.xml b/Resources/config/web_token_issuance.xml
index e2b42afb..f4b260b7 100644
--- a/Resources/config/web_token_issuance.xml
+++ b/Resources/config/web_token_issuance.xml
@@ -11,9 +11,9 @@
             <argument type="service" id="Jose\Bundle\JoseFramework\Services\JWEBuilderFactory" on-invalid="null" />
             <argument /> <!-- Signature algorithm -->
             <argument /> <!-- Signature key -->
-            <argument /> <!-- Key encryption algorithm -->
-            <argument /> <!-- Content encryption algorithm -->
-            <argument /> <!-- Encryption key -->
+            <argument>null</argument> <!-- Key encryption algorithm -->
+            <argument>null</argument> <!-- Content encryption algorithm -->
+            <argument>null</argument> <!-- Encryption key -->
         </service>
     </services>
 </container>
diff --git a/Resources/config/web_token_verification.xml b/Resources/config/web_token_verification.xml
index a84ad5b9..00df5458 100644
--- a/Resources/config/web_token_verification.xml
+++ b/Resources/config/web_token_verification.xml
@@ -10,15 +10,15 @@
             <argument type="service" id="Jose\Bundle\JoseFramework\Services\JWELoaderFactory" on-invalid="null" />
             <argument type="service" id="Jose\Bundle\JoseFramework\Services\ClaimCheckerManagerFactory" />
             <argument type="collection" /> <!-- Claim checkers -->
-            <argument type="collection"/> <!-- JWS header checkers -->
-            <argument type="collection"/> <!-- Mandatory claims -->
+            <argument type="collection" /> <!-- JWS header checkers -->
+            <argument type="collection" /> <!-- Mandatory claims -->
             <argument type="collection" /> <!-- Allowed signature algorithms -->
             <argument /> <!-- Signature keyset -->
             <argument on-invalid="null" /> <!-- Continue on decryption failure -->
             <argument type="collection" /> <!-- JWE header checkers -->
             <argument type="collection" /> <!-- Allowed key encryption algorithms -->
             <argument type="collection" /> <!-- Allowed content encryption algorithms -->
-            <argument on-invalid="null" /> <!-- Encryption keyset -->
+            <argument>null</argument> <!-- Encryption keyset -->
         </service>
         <service id="lexik_jwt_authentication.web_token.iat_validator" class="Jose\Component\Checker\IssuedAtChecker" public="false">
             <argument>%lexik_jwt_authentication.clock_skew%</argument>
diff --git a/Services/WebToken/AccessTokenLoader.php b/Services/WebToken/AccessTokenLoader.php
index 8b48a5d8..08fb4917 100644
--- a/Services/WebToken/AccessTokenLoader.php
+++ b/Services/WebToken/AccessTokenLoader.php
@@ -46,7 +46,7 @@ public function __construct(
         ?string                     $encryptionKeyset
     ) {
         $this->jwsLoader = $jwsLoaderFactory->create(['jws_compact'], $signatureAlgorithms, $jwsHeaderChecker);
-        if ($jweLoaderFactory !== null && $keyEncryptionAlgorithms !== null && $contentEncryptionAlgorithms !== null && $jweHeaderChecker !== null) {
+        if ($jweLoaderFactory !== null && $keyEncryptionAlgorithms !== [] && $contentEncryptionAlgorithms !== [] && $jweHeaderChecker !== []) {
             $this->jweLoader = $jweLoaderFactory->create(['jwe_compact'], array_merge($keyEncryptionAlgorithms, $contentEncryptionAlgorithms), null, null, $jweHeaderChecker);
             $this->continueOnDecryptionFailure = $continueOnDecryptionFailure;
         }