public getEncodedPayload ( Jose\Object\SignatureInterface $signature ) : string | null | ||
$signature | Jose\Object\SignatureInterface | |
return | string | null |
/** * {@inheritdoc} * * @throws \InvalidArgumentException */ public function verify(JWSInterface $jws, JWKSetInterface $jwk_set, $detached_payload = null) { if (null !== $detached_payload && !empty($jws->getEncodedPayload())) { throw new \InvalidArgumentException('A detached payload is set, but the JWS already has a payload'); } $input = $jws->getEncodedProtectedHeader() . '.' . (null === $detached_payload ? $jws->getEncodedPayload() : $detached_payload); if (0 === count($jwk_set)) { return false; } $verified = false; foreach ($jwk_set->getKeys() as $jwk) { $algorithm = $this->getAlgorithm($jws); if (!$this->checkKeyUsage($jwk, 'verification')) { continue; } if (!$this->checkKeyAlgorithm($jwk, $algorithm->getAlgorithmName())) { continue; } try { $verified = $algorithm->verify($jwk, $input, $jws->getSignature()); } catch (\Exception $e) { //We do nothing, we continue with other keys continue; } if (true === $verified) { $this->getCheckerManager()->checkJWT($jws); return true; } } return false; }
/** * @param \Jose\Object\JWSInterface $jws * @param \Jose\Object\SignatureInterface $signature * @param string|null $detached_payload * * @return string */ private function getInputToVerify(Object\JWSInterface $jws, Object\SignatureInterface $signature, $detached_payload) { $encoded_protected_headers = $signature->getEncodedProtectedHeaders(); if (!$signature->hasProtectedHeader('b64') || true === $signature->getProtectedHeader('b64')) { if (null !== $jws->getEncodedPayload($signature)) { return sprintf('%s.%s', $encoded_protected_headers, $jws->getEncodedPayload($signature)); } $payload = empty($jws->getPayload()) ? $detached_payload : $jws->getPayload(); $payload = is_string($payload) ? $payload : json_encode($payload); return sprintf('%s.%s', $encoded_protected_headers, Base64Url::encode($payload)); } $payload = empty($jws->getPayload()) ? $detached_payload : $jws->getPayload(); $payload = is_string($payload) ? $payload : json_encode($payload); return sprintf('%s.%s', $encoded_protected_headers, $payload); }