/** * Creates an instance of a JWS from a JWT. * * @param string $jwsTokenString * @return JWS * @throws \InvalidArgumentException */ public static function load($jwsTokenString, $allowUnsecure = false, Encoder $encoder = null) { if ($encoder === null) { $encoder = strpbrk($jwsTokenString, '+/=') ? new Base64Encoder() : new Base64UrlSafeEncoder(); } $parts = explode('.', $jwsTokenString); if (count($parts) === 3) { $header = json_decode($encoder->decode($parts[0]), true); $payload = json_decode($encoder->decode($parts[1]), true); if (is_array($header) && is_array($payload)) { if ($header['alg'] === 'None' && !$allowUnsecure) { throw new InvalidArgumentException(sprintf('The token "%s" cannot be validated in a secure context, as it uses the unallowed "none" algorithm', $jwsTokenString)); } $jws = new self($header['alg'], isset($header['typ']) ? $header['typ'] : null); $jws->setEncoder($encoder)->setHeader($header)->setPayload($payload)->setEncodedSignature($parts[2]); return $jws; } } throw new InvalidArgumentException(sprintf('The token "%s" is an invalid JWS', $jwsTokenString)); }