public function getUnsignedValue(Token $token)
{
$jsonHeader = $token->getHeader()->getParameters()->jsonSerialize();
$encodedHeader = $this->encoder->encode($jsonHeader);
$jsonPayload = $token->getPayload()->getClaims()->jsonSerialize();
$encodedPayload = $this->encoder->encode($jsonPayload);
return sprintf('%s.%s', $encodedHeader, $encodedPayload);
}
/**
* @param Token $token
* @throws InvalidSignatureException
*/
public function verify(Token $token)
{
/** @var HeaderParameter\Algorithm $algorithmParameter */
$algorithmParameter = $token->getHeader()->findParameterByName(HeaderParameter\Algorithm::NAME);
if (null === $algorithmParameter) {
throw new \RuntimeException('Algorithm parameter not found in token header.');
}
if ($algorithmParameter->getValue() !== $this->encryption->getAlgorithmName()) {
throw new \RuntimeException(sprintf('Cannot use "%s" algorithm to decrypt token encrypted with algorithm "%s".', $this->encryption->getAlgorithmName(), $algorithmParameter->getValue()));
}
if (!$this->encryption->verify($this->signer->getUnsignedValue($token), $token->getSignature())) {
throw new InvalidSignatureException();
}
}
/**
* @param Token $token
* @return string
*/
public function serialize(Token $token)
{
$serializedHeader = $token->getHeader()->getParameters()->jsonSerialize();
$serializedPayload = $token->getPayload()->getClaims()->jsonSerialize();
$signature = $token->getSignature();
return sprintf('%s.%s.%s', $this->encoding->encode($serializedHeader), $this->encoding->encode($serializedPayload), $this->encoding->encode($signature));
}