Beispiel #1
0
 /**
  * @param \Jose\Object\JWEInterface    $jwe
  * @param \Jose\Object\JWKSetInterface $encryption_key_set
  *
  * @return \Jose\Object\JWSInterface
  */
 private function decryptAssertion(Object\JWEInterface $jwe, Object\JWKSetInterface $encryption_key_set)
 {
     $this->decrypter->decryptUsingKeySet($jwe, $encryption_key_set);
     $jws = $this->loader->load($jwe->getPayload());
     Assertion::isInstanceOf($jws, Object\JWSInterface::class, 'The encrypted assertion does not contain a JWS.');
     return $jws;
 }
 /**
  * @param \Jose\Object\JWEInterface $jwe
  *
  * @throws \OAuth2\Exception\BaseExceptionInterface
  *
  * @return \Jose\Object\JWSInterface
  */
 protected function decryptAssertion(JWEInterface $jwe)
 {
     if (!in_array($jwe->getHeader('alg'), $this->allowed_encryption_algorithms) || !in_array($jwe->getHeader('enc'), $this->allowed_encryption_algorithms)) {
         throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::INVALID_REQUEST, sprintf('Algorithm not allowed. Authorized algorithms: %s.', json_encode($this->allowed_encryption_algorithms)));
     }
     $this->decrypter->decrypt($jwe, $this->key_set);
     if (null === $jwe->getPayload()) {
         throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::INVALID_REQUEST, 'Unable to decrypt the payload. Please verify keys used for encryption.');
     }
     $jws = $this->loader->load($jwe->getPayload());
     if (!$jws instanceof JWSInterface) {
         throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::INVALID_REQUEST, 'The encrypted assertion does not contain a single JWS.');
     }
     return $jws;
 }