public static function decode($jwt, $key, $algo = 'HS256')
{
$tks = explode('.', $jwt);
if (count($tks) != 3) {
throw new Exception('Wrong number of segments');
}
list($headb64, $payloadb64, $cryptob64) = $tks;
if (null === ($header = json_decode(JWT::urlsafeB64Decode($headb64), true))) {
throw new Exception('Invalid segment encoding');
}
if (null === ($payload = json_decode(JWT::urlsafeB64Decode($payloadb64), true))) {
throw new Exception('Invalid segment encoding');
}
$sig = JWT::urlsafeB64Decode($cryptob64);
if (isset($key)) {
if (empty($header['alg'])) {
throw new DomainException('Empty algorithm');
}
if (!JWT::verifySignature($sig, "{$headb64}.{$payloadb64}", $key, $algo)) {
throw new UnexpectedValueException('Signature verification failed');
}
}
return $payload;
}
