private static function _validateJWT($jwt) { try { $config = Factory::fromFile('config/config.php', true); $secretKey = base64_decode($config->get('JWT')->get('key')); $signingAlgorithm = $config->get('JWT')->get('algorithm'); $token = JWT::decode($jwt, $secretKey, array($signingAlgorithm)); /* perhaps checks required to see if token->data even exists*/ self::$uid = $token->data->uid; self::$tid = $token->data->tid; return $token->data->scope; } catch (Exception $e) { throw $e; } }
<?php require_once './vendor/autoload.php'; use Zend\Config\Factory; DEFINE('__ACTIVE_VERSION_DIR__', Factory::fromFile('config/config.php', true)->get('ACTIVE_VERSION_DIR')); require __ACTIVE_VERSION_DIR__ . "/Constants/debug_mode.php"; /* Debug mode */ require __ACTIVE_VERSION_DIR__ . "/Classes/SecureUser.php"; //Confirm request if (!array_key_exists('request', $_REQUEST)) { $_REQUEST['request'] = 'invalidEnpoint'; } // Requests from the same server don't have a HTTP_ORIGIN header if (!array_key_exists('HTTP_ORIGIN', $_SERVER)) { $_SERVER['HTTP_ORIGIN'] = $_SERVER['SERVER_NAME']; } try { $user = SecureUser::generate($_REQUEST['request'], $_SERVER['HTTP_ORIGIN']); echo $user->processAPI() . "\n"; } catch (Exception $e) { echo json_encode(array('error' => $e->getMessage())) . "\n"; }