Doc updated

README.md

@@ -35,16 +35,11 @@ This library supports JSON Web Key Thumbprint ([RFC 7638](https://tools.ietf.org
 > Note 2: if you use Symfony, [a bundle](https://github.com/Spomky-Labs/JoseBundle) is in development.
 
 This library provides all objects and components to perform signature, verification, encryption and decryption according to the RFCs listed above.
-
-Some of classes provided are abstract and you must implement the missing methods.
-In addition, you will have to instantiate, initialize and inject all objects and components to the signer, encrypter and loader services.
+You will have to create a `Signer`, `Verifier`, `Encrypter` `Decrypter` or `Loader` object to execute all these operation.
 
 You will be afraid of all of this and you will think that this library is very complicated to use. AND YOU ARE RIGHT!
 
-That is why we created to other projects to ease the use of this library:
-
-* [Jose Service](https://github.com/Spomky-Labs/jose-service): this project uses Pimple to provide only one service to rule them all.
-* [Jose Bundle](https://github.com/Spomky-Labs/JoseBundle): a Symfony 2.7+ bundle that provides easy to use services
+Fortunately, we created factories to ease your life and we highly recommend to use them.
 
 Finally, this library and all these projects are still in active development. Do not hesitate to send us your feedback!
 

doc/Status.md

@@ -66,4 +66,5 @@ Status of the implementation
 
 # JWK and JWKSet #
 
-JWK and JWKSet are fully supported
+JWK and JWKSet are fully supported.
+JWK (keys) supports JSON Web Key Thumbprint ([RFC 7638](https://tools.ietf.org/html/rfc7638)).

doc/component/checker_manager.md → doc/component/checkers.md

@@ -18,31 +18,12 @@ This library provides the following checkers:
 * 'Not Before' Checker: verifies if the JWT can be used (`nbf` parameter)
 * 'Subject' Checker: verifies the subject (`sub` parameter)
 
-# The manager
-
-You just have to create an instance of `Jose\Checker\CheckerManager` and add each checker you want to use.
-
-```php
-<?php
-
-use Jose\Checker\CheckerManager;
-use Jose\CheckerManager\AudienceChecker;
-use Jose\CheckerManager\ExpirationChecker;
-
-$checker_manager = new CheckerManager();
-
-$checker_manager->addChecker(new AudienceChecker('My server'));
-$checker_manager->addChecker(new ExpirationChecker());
-```
-
-This manager is called when you call the method `verify` from the `virifier` or  `decrypt` from the `decrypter`.
-
 # Create my own checker
 
 If you need to verify a custom claim, you can create your own checker and add it to the manager.
 Your checker must implements `Jose\Checker\CheckerInterface`.
 
-Hereafter an example. Our animal checker will verify if the protected header contains the key `animal`.
+Hereafter a stupid example. Our custom checker will verify if the protected header contains the key `animal`.
 If this key exists, it verifies the claim `animal` is in the provided list.
 
 ```php

doc/component/compression_methods.md

@@ -0,0 +1,22 @@
+The Compression Manager
+=======================
+
+When you encrypt data or load a JWE, the payload may have been compressed.
+This library supports compression.
+
+# Supported compression methods
+
+This library supports the following algorithms:
+
+* Signature:
+    * DEF: `Jose\Compression\Deflate`,
+    * GZ: `Jose\Compression\GZip`,
+    * ZLIB: `Jose\Compression\ZLib`
+
+*Note: only `DEF` is described in the [RFC 7516](http://tools.ietf.org/html/rfc7516).*
+*Others method should only used if both issuer and audience know how to use them*
+
+# Custom compression method
+
+If you need to use a custom compression method, you just have to create a class that implements `Jose\Compression\CompressionInterface`
+and inject it onto the encrypter or decrypter objects.

doc/component/decrypter.md

@@ -0,0 +1,2 @@
+The Decrypter
+=============

doc/component/encrypter.md

@@ -1,15 +1,2 @@
 The Encrypter
 =============
-
-The Encrypter will perform encryption. You can encrypt an input using one or more keys.
-
-To use our `Encrypter` object, you need to inject:
-* a [JWA Manager](jwa_manager.md),
-* a [Compression Manager](compression_manager.md),
-* a [Payload Converter Manager](payload_converter_manager.md).
-
-```php
-use Jose\Encrypter;
-
-$encrypter = new Encrypter($my_jwa_manager, $my_compression_manager, $my_payload_converter_manager);
-```

doc/component/loader.md

@@ -2,3 +2,23 @@ The Loader
 ==========
 
 The Loader will try to load data and return you a `JWS`, `JWE` or a list of these objects. 
+
+We recommend you to use our factory to create such object:
+
+```php
+use Jose\Factory\LoaderFactory;
+use Jose\Payload\JWKConverter;
+use Jose\Payload\JWKSetConverter;
+
+$payload_converters = [
+    new JWKConverter(),
+    new JWKSetConverter(),
+];
+
+$loader = LoaderFactory::createLoader($payload_converters);
+
+$jwt = $loader->load('eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqvhJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrBp0igcN_IoypGlUPQGe77Rw');
+```
+
+Please note that at this moment variable `$jwt` is a `JWS` object **but the signature and claims have not been verified**.
+You must use the verifier to perform these verifications.

doc/component/payload_converter_manager.md → doc/component/payload_converters.md

@@ -1,9 +1,9 @@
-The Payload Converter Manager
-=============================
+Payload Converters
+==================
 
 # Payload types
 
-This library is able to use any kind of input:
+By default, this library is able to use types of inputs that can be encoded and decoded in JSON:
 * a number: 3.14159265359
 * a string: "Live long and prosper"
 * an array: `["iss"=>"my.example.com","sub"=>"me@example.com","is_admin"=>true]`
@@ -12,7 +12,15 @@ This library is able to use any kind of input:
 * objects supported by `json_encode` and `json_decode` methods or that implement `JsonSerializable`
 * objects supported by a custom payload converter.
 
-# Payload converters
+# Official converters
+
+This library provides two converters you may need:
+* JWK: `Jose\Payload\JWKConverter`
+* JWKSet: `Jose\Payload\JWKSetConverter`
+
+These converters will convert the payload into JWK or JWKSet and add the associated header.
+
+# Custom Payload converters
 
 If you want to use classes as payload of a JWE or JWS, you have to options:
 * Your class implements `JsonSerializable`
@@ -26,9 +34,7 @@ But you may need a custom payload converter because
 
 This page will show you how to create a custom converter.
 
-## A custom payload converter
-
-### Our class
+## Our class
 
 We create a small class that represents a user.
 
@@ -68,7 +74,7 @@ class User
 }
 ```
 
-### Our converter
+## Our converter
 
 We will create a converter that accepts `User` class. This converter will add content type header (`cty`) to `acme-user+json`.
 This converter must implements `Jose\Payload\PayloadConverterInterface`.
@@ -131,33 +137,4 @@ class UserConverter implements PayloadConverterInterface
 }
 ```
 
-# The converter manager
-
-This library provides a converter manager: `Jose\Payload\PayloadConverterManager`.
-
-```php
-<?php 
-
-use Jose\Payload\PayloadConverterManager;
-
-
-$converter_manager = new PayloadConverterManager();
-```
-
-Some converters are already enabled:
-* JWK converter
-* JWKSet converter
-
-To add a converter to this manager, just instantiate your converter and call method `addConverter`:
-
-```php
-<?php 
-
-use Acme\UserConverter;
-
-$my_converter = new UserConverter($database);
-
-$converter_manager->addConverter($my_converter);
-```
-
-Now, all JWS/JWE created or loaded will support `User` object as payload.
+Then, we just need to pass this converter to factories that need it.

doc/component/signer.md

@@ -3,12 +3,37 @@ The Signer
 
 The Signer will perform all signatures. You can sign an input using one or more keys.
 
-To use our `Signer` object, you need to inject:
-* a [JWA Manager](jwa_manager.md),
-* a [Payload Converter Manager](payload_converter_manager.md).
-
 ```php
-use Jose\Signer;
+use Jose\Factory\SignerFactory;
+use Jose\Object\SignatureInstruction;
+
+$signer = SignerFactory::createSigner(
+    ['ES256', 'RS256'], // A list of algorithms we want to use
+                        // This list must contain algorithm names or are objects that implement Jose\Algorithm\JWAInterface
+    []                  // A list of payload converters (we do not need them here
+);
+
+// First signature instruction
+$instruction1 = new SignatureInstruction(
+    $key1,
+    ['alg' => 'ES256']
+);
+
+// Second signature instruction
+$instruction2 = new SignatureInstruction(
+    $key2,
+    ['alg' => 'RS256']
+);
+
+// List of instructions
+$instructions = [
+    $instruction1,
+    $instruction2,
+];
 
-$signer = new Signer($my_jwa_manager, $my_payload_converter_manager);
+$jws = $signer->sign(
+    'The message I want to sign',
+    $instructions,
+    JSONSerializationModes::JSON_SERIALIZATION
+);
 ```

doc/component/verifier.md

@@ -0,0 +1,2 @@
+The Verifier
+============

doc/object/jwk.md

@@ -160,6 +160,7 @@ A `JWK` object implements the interface `Jose\JWKInterface` and provides the fol
 * `getAll()`: all values
 * `has($key)`: returns true if the JWK object has a value identified by the key `$key`, else false.
 * `get($key)`: the value with key `$key`. Throws an exception if the key `$key` does not exist.
+* `thumbprint($hash_algorithm)`: the key thumbprint with hash algorithm `$hash_algorithm`. Throws an exception if the hash algorithm is not supported.
 
 ```php
 use Jose\JWK;
@@ -172,4 +173,5 @@ $jwk = new JWK([
 $this->has('kty'); // Return true
 $this->has('foo'); // Return false
 $this->get('kty'); // Return 'oct'
+$this->thumbprint('sha256'); // Return 'iBLRjibnjP0qSVQ2TnyD_CYLXSNz5hjwjLMdUkY-JQg'
 ```