From bf25fa933d3d6a9848e99d6d451d15ee0458b6d3 Mon Sep 17 00:00:00 2001
From: Tim Otten <totten@civicrm.org>
Date: Thu, 8 Feb 2024 14:21:31 -0800
Subject: [PATCH] CryptoJwt - Fix detection of firebase/php-jwt APIs

---
 Civi/Crypto/CryptoJwt.php | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/Civi/Crypto/CryptoJwt.php b/Civi/Crypto/CryptoJwt.php
index 0d5455d58e..823bd37b4e 100644
--- a/Civi/Crypto/CryptoJwt.php
+++ b/Civi/Crypto/CryptoJwt.php
@@ -60,12 +60,9 @@ class CryptoJwt {
    * @throws CryptoException
    */
   public function decode($token, $keyTag = 'SIGN') {
-    // Version 6.x+ has 2 parameters, earlier versions had 3
-    $reflection = new \ReflectionMethod('Firebase\JWT\JWT::decode');
-    $useKeyObj = ($reflection->getNumberOfParameters() === 2) ?? FALSE;
-
-    // Composer\InstalledVersions returns 0 if the library has been replaced using "replace" in composer.json
-    // $useKeyObj = version_compare(\Composer\InstalledVersions::getVersion('firebase/php-jwt'), '6', '>=');
+    // TODO: Circa mid-2024, make a hard-requirement on firebase/php-jwt v5.5+.
+    // Then we can remove this guard and simplify the `$keysByAlg` stuff.
+    $useKeyObj = class_exists(Key::class);
     if (!$useKeyObj) {
       \CRM_Core_Error::deprecatedWarning('Using deprecated version of firebase/php-jwt. Upgrade to 6.x+.');
     }
-- 
2.25.1