From ae6b8cba1965524cce81beb59bd86221dbff89b8 Mon Sep 17 00:00:00 2001
From: Matthew Penner <me@matthewp.io>
Date: Wed, 6 Jan 2021 08:54:50 -0700
Subject: [PATCH] service(NodeJWTService): fix usage of deprecated parameters

---
 .../Servers/DownloadBackupController.php      |  2 +-
 .../Api/Client/Servers/FileController.php     |  2 +-
 .../Client/Servers/FileUploadController.php   |  2 +-
 .../Client/Servers/WebsocketController.php    |  4 ++--
 .../Servers/ServerTransferController.php      |  4 ++--
 app/Services/Nodes/NodeJWTService.php         | 24 +++++++++++--------
 6 files changed, 21 insertions(+), 17 deletions(-)

diff --git a/app/Http/Controllers/Api/Client/Servers/DownloadBackupController.php b/app/Http/Controllers/Api/Client/Servers/DownloadBackupController.php
index 4c8b16a2..52f18ec4 100644
--- a/app/Http/Controllers/Api/Client/Servers/DownloadBackupController.php
+++ b/app/Http/Controllers/Api/Client/Servers/DownloadBackupController.php
@@ -128,7 +128,7 @@ class DownloadBackupController extends ClientApiController
     protected function getLocalBackupUrl(Backup $backup, Server $server, User $user)
     {
         $token = $this->jwtService
-            ->setExpiresAt(CarbonImmutable::now()->addMinutes(15))
+            ->setExpiresAt(CarbonImmutable::now()->addMinutes(15)->toDateTimeImmutable())
             ->setClaims([
                 'backup_uuid' => $backup->uuid,
                 'server_uuid' => $server->uuid,
diff --git a/app/Http/Controllers/Api/Client/Servers/FileController.php b/app/Http/Controllers/Api/Client/Servers/FileController.php
index 317115b2..6174ebf9 100644
--- a/app/Http/Controllers/Api/Client/Servers/FileController.php
+++ b/app/Http/Controllers/Api/Client/Servers/FileController.php
@@ -114,7 +114,7 @@ class FileController extends ClientApiController
     public function download(GetFileContentsRequest $request, Server $server)
     {
         $token = $this->jwtService
-            ->setExpiresAt(CarbonImmutable::now()->addMinutes(15))
+            ->setExpiresAt(CarbonImmutable::now()->addMinutes(15)->toDateTimeImmutable())
             ->setClaims([
                 'file_path' => rawurldecode($request->get('file')),
                 'server_uuid' => $server->uuid,
diff --git a/app/Http/Controllers/Api/Client/Servers/FileUploadController.php b/app/Http/Controllers/Api/Client/Servers/FileUploadController.php
index e8f5ad08..aa06f22f 100644
--- a/app/Http/Controllers/Api/Client/Servers/FileUploadController.php
+++ b/app/Http/Controllers/Api/Client/Servers/FileUploadController.php
@@ -58,7 +58,7 @@ class FileUploadController extends ClientApiController
     protected function getUploadUrl(Server $server, User $user)
     {
         $token = $this->jwtService
-            ->setExpiresAt(CarbonImmutable::now()->addMinutes(15))
+            ->setExpiresAt(CarbonImmutable::now()->addMinutes(15)->toDateTimeImmutable())
             ->setClaims([
                 'server_uuid' => $server->uuid,
             ])
diff --git a/app/Http/Controllers/Api/Client/Servers/WebsocketController.php b/app/Http/Controllers/Api/Client/Servers/WebsocketController.php
index 1de41b08..9003463b 100644
--- a/app/Http/Controllers/Api/Client/Servers/WebsocketController.php
+++ b/app/Http/Controllers/Api/Client/Servers/WebsocketController.php
@@ -73,7 +73,7 @@ class WebsocketController extends ClientApiController
         }
 
         $token = $this->jwtService
-            ->setExpiresAt(CarbonImmutable::now()->addMinutes(10))
+            ->setExpiresAt(CarbonImmutable::now()->addMinutes(10)->toDateTimeImmutable())
             ->setClaims([
                 'user_id' => $request->user()->id,
                 'server_uuid' => $server->uuid,
@@ -85,7 +85,7 @@ class WebsocketController extends ClientApiController
 
         return new JsonResponse([
             'data' => [
-                'token' => $token->__toString(),
+                'token' => $token->toString(),
                 'socket' => $socket . sprintf('/api/servers/%s/ws', $server->uuid),
             ],
         ]);
diff --git a/app/Http/Controllers/Api/Remote/Servers/ServerTransferController.php b/app/Http/Controllers/Api/Remote/Servers/ServerTransferController.php
index cc097a63..5e53b5da 100644
--- a/app/Http/Controllers/Api/Remote/Servers/ServerTransferController.php
+++ b/app/Http/Controllers/Api/Remote/Servers/ServerTransferController.php
@@ -2,7 +2,7 @@
 
 namespace Pterodactyl\Http\Controllers\Api\Remote\Servers;
 
-use Cake\Chronos\Chronos;
+use Carbon\CarbonImmutable;
 use Illuminate\Support\Arr;
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
@@ -114,7 +114,7 @@ class ServerTransferController extends Controller
             // that node to communicate with the old node during the process to initiate the
             // actual file transfer.
             $token = $this->jwtService
-                ->setExpiresAt(Chronos::now()->addMinutes(15))
+                ->setExpiresAt(CarbonImmutable::now()->addMinutes(15)->toDateTimeImmutable())
                 ->setSubject($server->uuid)
                 ->handle($server->node, $server->uuid, 'sha256');
 
diff --git a/app/Services/Nodes/NodeJWTService.php b/app/Services/Nodes/NodeJWTService.php
index 7c359efe..dbbf8a82 100644
--- a/app/Services/Nodes/NodeJWTService.php
+++ b/app/Services/Nodes/NodeJWTService.php
@@ -2,7 +2,7 @@
 
 namespace Pterodactyl\Services\Nodes;
 
-use DateTimeInterface;
+use DateTimeImmutable;
 use Lcobucci\JWT\Builder;
 use Carbon\CarbonImmutable;
 use Illuminate\Support\Str;
@@ -18,7 +18,7 @@ class NodeJWTService
     private $claims = [];
 
     /**
-     * @var int|null
+     * @var \DateTimeImmutable|null
      */
     private $expiresAt;
 
@@ -41,12 +41,12 @@ class NodeJWTService
     }
 
     /**
-     * @param \DateTimeInterface $date
+     * @param \DateTimeImmutable $date
      * @return $this
      */
-    public function setExpiresAt(DateTimeInterface $date)
+    public function setExpiresAt(DateTimeImmutable $date)
     {
-        $this->expiresAt = $date->getTimestamp();
+        $this->expiresAt = $date;
 
         return $this;
     }
@@ -74,18 +74,22 @@ class NodeJWTService
     {
         $signer = new Sha256;
 
+        $identifier = hash($algo, $identifiedBy);
+
         $builder = (new Builder)->issuedBy(config('app.url'))
             ->permittedFor($node->getConnectionAddress())
-            ->identifiedBy(hash($algo, $identifiedBy), true)
-            ->issuedAt(CarbonImmutable::now()->getTimestamp())
-            ->canOnlyBeUsedAfter(CarbonImmutable::now()->subMinutes(5)->getTimestamp());
+            ->identifiedBy($identifier)
+            ->withHeader('jti', $identifier)
+            ->issuedAt(CarbonImmutable::now()->toDateTimeImmutable())
+            ->canOnlyBeUsedAfter(CarbonImmutable::now()->subMinutes(5)->toDateTimeImmutable());
 
         if ($this->expiresAt) {
             $builder = $builder->expiresAt($this->expiresAt);
         }
 
-        if (!empty($this->subject)) {
-            $builder = $builder->relatedTo($this->subject, true);
+        if (! empty($this->subject)) {
+            $builder = $builder->relatedTo($this->subject)
+                ->withHeader('sub', $this->subject);
         }
 
         foreach ($this->claims as $key => $value) {