예제 #1
0
 /**
  * {@inheritdoc}
  */
 public function verify(Object\JWSInterface $jws, Object\JWKSetInterface $signature_key_set, $detached_payload = null)
 {
     Assertion::inArray($jws->getSignature(0)->getProtectedHeader('alg'), $this->getSupportedSignatureAlgorithms(), sprintf('The signature algorithm "%s" is not supported or not allowed.', $jws->getSignature(0)->getProtectedHeader('alg')));
     $index = null;
     $this->verifier->verifyWithKeySet($jws, $signature_key_set, $detached_payload, $index);
     Assertion::notNull($index, 'JWS signature(s) verification failed.');
     $this->checker_manager->checkJWS($jws, $index);
     return $index;
 }
 /**
  * @param \Jose\Object\JWSInterface         $jws
  * @param \OAuth2\Client\JWTClientInterface $client
  *
  * @throws \OAuth2\Exception\BaseExceptionInterface
  */
 public function verifySignature(JWSInterface $jws, JWTClientInterface $client)
 {
     if (!in_array($jws->getHeader('alg'), $client->getAllowedSignatureAlgorithms())) {
         throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::INVALID_REQUEST, sprintf('Algorithm not allowed. Authorized algorithms: %s.', json_encode($client->getAllowedSignatureAlgorithms())));
     }
     try {
         if (false === $this->verifier->verify($jws, $this->key_set)) {
             throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::INVALID_REQUEST, 'Invalid signature.');
         }
     } catch (\Exception $e) {
         throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::INVALID_REQUEST, $e->getMessage());
     }
 }