public function getUnsignedValue(Token $token) { $jsonHeader = $token->getHeader()->getParameters()->jsonSerialize(); $encodedHeader = $this->encoder->encode($jsonHeader); $jsonPayload = $token->getPayload()->getClaims()->jsonSerialize(); $encodedPayload = $this->encoder->encode($jsonPayload); return sprintf('%s.%s', $encodedHeader, $encodedPayload); }
/** * @param Token $token * @throws InvalidSubjectException */ public function verify(Token $token) { /** @var Claim\Subject $subjectClaim */ $subjectClaim = $token->getPayload()->findClaimByName(Claim\Subject::NAME); $subject = null === $subjectClaim ? null : $subjectClaim->getValue(); if ($this->subject !== $subject) { throw new InvalidSubjectException(); } }
/** * @param Token $token * @throws VerificationException */ public function verify(Token $token) { /** @var Claim\Issuer $issuerClaim */ $issuerClaim = $token->getPayload()->findClaimByName(Claim\Issuer::NAME); $issuer = null === $issuerClaim ? null : $issuerClaim->getValue(); if ($this->issuer !== $issuer) { throw new VerificationException('Issuer is invalid.'); } }
/** * @param Token $token * @throws VerificationException */ public function verify(Token $token) { /** @var Claim\Audience $audienceClaim */ $audienceClaim = $token->getPayload()->findClaimByName(Claim\Audience::NAME); $audience = null === $audienceClaim ? null : $audienceClaim->getValue(); if (!is_array($audience)) { $audience = [$audience]; } if (!in_array($this->audience, $audience, true)) { throw new VerificationException('Audience is invalid.'); } }
public function verify(Token $token) { /** @var Claim\Expiration $expirationClaim */ $expirationClaim = $token->getPayload()->findClaimByName(Claim\Expiration::NAME); if (null === $expirationClaim) { return null; } $now = new \DateTime('now', new \DateTimeZone('UTC')); if ($now->getTimestamp() > $expirationClaim->getValue()) { $expiration = $this->getDateTimeFromClaim($expirationClaim); throw new ExpiredException($expiration); } }
public function verify(Token $token) { /** @var Claim\NotBefore $notBeforeClaim */ $notBeforeClaim = $token->getPayload()->findClaimByName(Claim\NotBefore::NAME); if (null === $notBeforeClaim) { return null; } $now = new \DateTime('now', new \DateTimeZone('UTC')); if (!is_long($notBeforeClaim->getValue())) { throw new \InvalidArgumentException(sprintf('Invalid not before timestamp "%s"', $notBeforeClaim->getValue())); } if ($now->getTimestamp() < $notBeforeClaim->getValue()) { $notBefore = new \DateTime(); $notBefore->setTimestamp($notBeforeClaim->getValue()); throw new VerificationException(sprintf('Token must not be processed before "%s"', $notBefore->format('r'))); } }
/** * Get a claim if we have one or return null * @param string $claim the name of the claim * @return mixed */ private function getClaimOrNull($claim) { $claim = $this->token->getPayload()->findClaimByName($claim); return $claim ? $claim->getValue() : null; }
/** * @param Token $token * @return string */ public function serialize(Token $token) { $serializedHeader = $token->getHeader()->getParameters()->jsonSerialize(); $serializedPayload = $token->getPayload()->getClaims()->jsonSerialize(); $signature = $token->getSignature(); return sprintf('%s.%s.%s', $this->encoding->encode($serializedHeader), $this->encoding->encode($serializedPayload), $this->encoding->encode($signature)); }