/** * @param \Cyh\Jose\Signing\Signer\SignerInterface $signer * @param string $jwt_strings * @param resource|string $key default null * @param ValidateInterface[] $validators * @return array * @throws MalformedException * @throws InvalidSignatureException * @throws ValidateException */ public static function verify(SignerInterface $signer, $jwt_strings, $key = null, array $validators = array()) { $jwt_arr = explode('.', $jwt_strings); if (3 !== count($jwt_arr)) { throw new MalformedException('Wrong number of segments'); } $header_base64 = $jwt_arr[0]; $header = Header::fromString($header_base64); // Do not determine algorithm by header. if ($signer->getAlg() !== $header->getAlg()) { throw new MalformedException('Invalid alg header'); } $payload_base64 = $jwt_arr[1]; $message = $header_base64 . '.' . $payload_base64; $signature = Base64Url::decode($jwt_arr[2]); $signer->verify($message, $signature, $key); $payload_json = Base64Url::decode($payload_base64); $claims = Json::decode($payload_json); foreach ($validators as $validator) { if (!$validator instanceof ValidateInterface) { throw new UnexpectedValueException('validator is must implement ValidateInterface'); } if (!$validator->validate($claims)) { throw new ValidateException('Validation failed. validator name: ' . $validator->getName()); } } return $claims; }
public function testEncodeJsonInvalidParam() { if (version_compare(PHP_VERSION, '5.5.0', '>=')) { $deep_array = array(); $depth = 0; $deep_array = $this->_nestArray($deep_array, $depth); $depth = 0; $deep_array = $this->_nestArray($deep_array, $depth); $depth = 0; $deep_array = $this->_nestArray($deep_array, $depth); $this->setExpectedException('Cyh\\Jose\\Exception\\UnexpectedValueException'); Json::encode($deep_array); } }
/** * @return string */ public function __toString() { return Base64Url::encode(Json::encode($this->headers)); }
/** * @expectedException Cyh\Jose\Signing\Exception\InvalidSignatureException */ public function testRS256ModifiedClaimExp() { $token_strings = Jwt::sign(new RS256(), $this->valid_claims, $this->rsa_prv_key); list($h, $p, $s) = explode('.', $token_strings); $payload = Json::decode(Base64Url::decode($p)); $payload['exp'] = time() + 86400; $p = Base64Url::encode(Json::encode($payload)); $mod_token = "{$h}.{$p}.{$s}"; Jwt::verify(new RS256(), $mod_token, $this->rsa_pub_key); }