public function sign(Token $token)
{
$token->addHeader(new Algorithm($this->encryption->getAlgorithmName()));
$rawSignature = $this->getUnsignedValue($token);
$signature = $this->encryption->encrypt($rawSignature);
$token->setSignature($signature);
}
public function testValidSignature()
{
$algorithmParameter = $this->getMockBuilder('Emarref\\Jwt\\HeaderParameter\\Algorithm')->getMock();
$algorithmParameter->expects($this->once())->method('getValue')->will($this->returnValue('foo'));
$this->header->expects($this->once())->method('findParameterByName')->with(HeaderParameter\Algorithm::NAME)->will($this->returnValue($algorithmParameter));
$this->encryption->expects($this->once())->method('getAlgorithmName')->will($this->returnValue('foo'));
$this->encryption->expects($this->once())->method('verify')->will($this->returnValue(true));
$this->signer->expects($this->once())->method('getUnsignedValue')->will($this->returnValue('bar'));
$this->token->expects($this->once())->method('getSignature')->will($this->returnValue('bar'));
$verifier = new EncryptionVerifierStub($this->encryption, $this->encoder, $this->signer);
$verifier->verify($this->token);
}
/**
* @param Token $token
* @throws InvalidSignatureException
*/
public function verify(Token $token)
{
/** @var HeaderParameter\Algorithm $algorithmParameter */
$algorithmParameter = $token->getHeader()->findParameterByName(HeaderParameter\Algorithm::NAME);
if (null === $algorithmParameter) {
throw new \RuntimeException('Algorithm parameter not found in token header.');
}
if ($algorithmParameter->getValue() !== $this->encryption->getAlgorithmName()) {
throw new \RuntimeException(sprintf('Cannot use "%s" algorithm to decrypt token encrypted with algorithm "%s".', $this->encryption->getAlgorithmName(), $algorithmParameter->getValue()));
}
if (!$this->encryption->verify($this->signer->getUnsignedValue($token), $token->getSignature())) {
throw new InvalidSignatureException();
}
}
