/**
* @param string $jwtString
* @param string $class
* @param string|null $key
* @throws JweException
* @throws \InvalidArgumentException
* @return Jose
*/
public function decode($jwtString, $class = '\\BWC\\Component\\Jwe\\Jwt', $key = null)
{
if (!$class) {
$class = '\\BWC\\Component\\Jwe\\Jwt';
}
if (!class_exists($class)) {
throw new \InvalidArgumentException(sprintf("Class '%s' does not exist", $class));
}
if (!strpos($jwtString, '.')) {
throw new JweException(sprintf("Not a valid JWE '%s ", $jwtString));
}
$arr = explode('.', $jwtString);
// TODO this will change with support for encryption, atm it can handle JWT only
if (count($arr) != 3) {
throw new JweException('Not a valid JWE');
}
list($headB64, $payloadB64, $cryptoB64) = $arr;
if (null === ($header = json_decode(UrlSafeB64Encoder::decode($headB64), true))) {
throw new JweException('Invalid JWE header');
}
if (null === ($payload = json_decode(UrlSafeB64Encoder::decode($payloadB64), true))) {
throw new JweException('Invalid JWE payload');
}
$signature = UrlSafeB64Encoder::decode($cryptoB64);
/** @var Jose $result */
$result = new $class($header, $payload);
if (false == $result instanceof Jose) {
throw new \InvalidArgumentException(sprintf("Specified class '%s' does not extend Jose", $class));
}
$result->setSigningInput("{$headB64}.{$payloadB64}");
$result->setSignature($signature);
if ($key) {
$this->verify($result, $key);
}
return $result;
}
/**
* @return string
*/
public function getMySigningInput()
{
$segments = array(UrlSafeB64Encoder::encode(json_encode($this->getHeader())), UrlSafeB64Encoder::encode(json_encode($this->getPayload())));
$signing_input = implode('.', $segments);
return $signing_input;
}
