/** * Encrypt data with a private key. * * @param string $unencryptedData * * @return string */ protected function encrypt($unencryptedData) { $privateKey = openssl_pkey_get_private($this->privateKey->getKeyPath(), $this->privateKey->getPassPhrase()); $privateKeyDetails = @openssl_pkey_get_details($privateKey); if ($privateKeyDetails === null) { throw new \LogicException(sprintf('Could not get details of private key: %s', $this->privateKey->getKeyPath())); } $chunkSize = ceil($privateKeyDetails['bits'] / 8) - 11; $output = ''; while ($unencryptedData) { $chunk = substr($unencryptedData, 0, $chunkSize); $unencryptedData = substr($unencryptedData, $chunkSize); if (openssl_private_encrypt($chunk, $encrypted, $privateKey) === false) { // @codeCoverageIgnoreStart throw new \LogicException('Failed to encrypt data'); // @codeCoverageIgnoreEnd } $output .= $encrypted; } openssl_pkey_free($privateKey); return base64_encode($output); }
/** * Generate a JWT from the access token * * @param CryptKey $privateKey * * @return string */ public function convertToJWT(CryptKey $privateKey) { return (new Builder())->setAudience($this->getClient()->getIdentifier())->setId($this->getIdentifier(), true)->setIssuedAt(time())->setNotBefore(time())->setExpiration($this->getExpiryDateTime()->getTimestamp())->setSubject($this->getUserIdentifier())->set('scopes', $this->getScopes())->sign(new Sha256(), new Key($privateKey->getKeyPath(), $privateKey->getPassPhrase()))->getToken(); }