Esempio n. 1
0
 public static function decode($jwt, $key, $algo = 'HS256')
 {
     $tks = explode('.', $jwt);
     if (count($tks) != 3) {
         throw new Exception('Wrong number of segments');
     }
     list($headb64, $payloadb64, $cryptob64) = $tks;
     if (null === ($header = json_decode(JWT::urlsafeB64Decode($headb64), true))) {
         throw new Exception('Invalid segment encoding');
     }
     if (null === ($payload = json_decode(JWT::urlsafeB64Decode($payloadb64), true))) {
         throw new Exception('Invalid segment encoding');
     }
     $sig = JWT::urlsafeB64Decode($cryptob64);
     if (isset($key)) {
         if (empty($header['alg'])) {
             throw new DomainException('Empty algorithm');
         }
         if (!JWT::verifySignature($sig, "{$headb64}.{$payloadb64}", $key, $algo)) {
             throw new UnexpectedValueException('Signature verification failed');
         }
     }
     return $payload;
 }