From 534acf01a0b6bde6b94605bbb1a9eed62d94cc17 Mon Sep 17 00:00:00 2001
From: Alexandre Segura <mex.zktk@gmail.com>
Date: Sat, 9 Mar 2019 20:52:19 +0100
Subject: [PATCH] Allow configuring private key passphrase.

---
 DependencyInjection/Configuration.php           | 4 ++++
 DependencyInjection/TrikoderOAuth2Extension.php | 2 +-
 README.md                                       | 7 +++++--
 3 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/DependencyInjection/Configuration.php b/DependencyInjection/Configuration.php
index ca1b6a1a..b800e551 100644
--- a/DependencyInjection/Configuration.php
+++ b/DependencyInjection/Configuration.php
@@ -38,6 +38,10 @@ private function createAuthorizationServerNode(): NodeDefinition
                     ->isRequired()
                     ->cannotBeEmpty()
                 ->end()
+                ->scalarNode('private_key_passphrase')
+                    ->info('Passphrase of the private key, if any')
+                    ->defaultValue(null)
+                ->end()
                 ->scalarNode('encryption_key')
                     ->info("The string used as an encryption key.\nHow to generate an encryption key: https://oauth2.thephpleague.com/installation/#string-password")
                     ->isRequired()
diff --git a/DependencyInjection/TrikoderOAuth2Extension.php b/DependencyInjection/TrikoderOAuth2Extension.php
index 771472cb..9e28c1c9 100644
--- a/DependencyInjection/TrikoderOAuth2Extension.php
+++ b/DependencyInjection/TrikoderOAuth2Extension.php
@@ -68,7 +68,7 @@ private function configureAuthorizationServer(ContainerBuilder $container, array
             ->getDefinition('league.oauth2.server.authorization_server')
             ->replaceArgument('$privateKey', new Definition(CryptKey::class, [
                 $config['private_key'],
-                null,
+                $config['private_key_passphrase'],
                 false,
             ]))
             ->replaceArgument('$encryptionKey', $config['encryption_key'])
diff --git a/README.md b/README.md
index 609b25d5..2886e98e 100644
--- a/README.md
+++ b/README.md
@@ -35,7 +35,7 @@ This package is currently in the active development.
     ```sh
     composer require trikoder/oauth2-bundle --no-plugins --no-scripts
     ```
-    
+
     > **NOTE:** Due to required pre-configuration, this bundle is currently not compatible with [Symfony Flex](https://github.com/symfony/flex).
 
 2. Create the bundle configuration file under `config/packages/trikoder_oauth2.yaml`. Here is a reference configuration file:
@@ -49,6 +49,9 @@ This package is currently in the active development.
             # How to generate a private key: https://oauth2.thephpleague.com/installation/#generating-public-and-private-keys
             private_key:    # Required, Example: /var/oauth/private.key
 
+            # Passphrase of the private key, if any.
+            private_key_passphrase: ~  # Optional, default null
+
             # The string used as an encryption key.
             # How to generate an encryption key: https://oauth2.thephpleague.com/installation/#string-password
             encryption_key:    # Required
@@ -79,7 +82,7 @@ This package is currently in the active development.
 
                 # Name of the entity manager that you wish to use for managing clients and tokens.
                 entity_manager: default # Required
-             
+
             in_memory: ~
     ```