private function getAccessToken($code) { $curlWrapper = new CurlWrapper(); $post_data = array("grant_type" => "authorization_code", "code" => $code, "redirect_uri" => $this->url_callback, "client_id" => $this->client_id, "client_secret" => $this->secret_id); $curlWrapper->setPostDataUrlEncode($post_data); $token_url = $this->getURLforService("token"); $result = $curlWrapper->get($token_url); if ($curlWrapper->getHTTPCode() != 200) { if (!$result) { throw new Exception($curlWrapper->getLastError()); } $result_array = json_decode($result, true); throw new Exception($result_array['error']); } $result_array = json_decode($result, true); $id_token = $result_array['id_token']; $all_part = explode(".", $id_token); $header = json_decode(base64_decode($all_part[0]), true); $payload = json_decode(base64_decode($all_part[1]), true); if ($payload['nonce'] != $_SESSION[self::OPENID_SESSION_NONCE]) { throw new Exception("La nonce ne correspond pas"); } require_once __DIR__ . "/../ext/Akita_JOSE/JWS.php"; $jws = Akita_JOSE_JWS::load($id_token, true); $verify = $jws->verify($this->secret_id); if (!$verify) { throw new Exception("Vérification du token : Echec"); } unset($_SESSION[self::OPENID_SESSION_NONCE]); return $result_array['access_token']; }
public function testVerify() { // none $jwttoken = "eyJhbGciOiJub25lIiwidHlwIjoiSldTIn0.."; $jws = Akita_JOSE_JWS::load($jwttoken, true); $result = $jws->verify(""); $this->assertEquals(true, $result); // HSXXX // HS256 $shared_key = 'This is shared key'; $jwstoken = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXUyJ9..BBHUQEP4sXbbXSltNsitpyhElaIOiuC0D5KyRm5U5ao"; $jws = Akita_JOSE_JWS::load($jwstoken); $result = $jws->verify($shared_key); $this->assertEquals(true, $result); $jwstoken = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXUyJ9..BBHUQEP4sXbbXSltNsitpyhElaIOiuC0D5KyRm5U5ao_invalid"; $jws = Akita_JOSE_JWS::load($jwstoken); $result = $jws->verify($shared_key); $this->assertEquals(false, $result); // HS384 $jwstoken = "eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXUyJ9..HdUTmRTs5ATJ7GbW-R2uZBOmemBr7VpH3s5Ro735mXaN7X6gBAn44Tw3kAI_alwB"; $jws = Akita_JOSE_JWS::load($jwstoken); $result = $jws->verify($shared_key); $this->assertEquals(true, $result); $jwstoken = "eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXUyJ9..HdUTmRTs5ATJ7GbW-R2uZBOmemBr7VpH3s5Ro735mXaN7X6gBAn44Tw3kAI_alwB_invalid"; $jws = Akita_JOSE_JWS::load($jwstoken); $result = $jws->verify($shared_key); $this->assertEquals(false, $result); // HS512 $jwstoken = "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXUyJ9..hoQzFqLadmYQsoszilrtl3uIpBMRzJSP3y7_NLw0UREWVBg2ya-FW36GbwY8dGzp7l3wGKgaDiMvSv7bfNB63Q"; $jws = Akita_JOSE_JWS::load($jwstoken); $result = $jws->verify($shared_key); $this->assertEquals(true, $result); $jwstoken = "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXUyJ9..hoQzFqLadmYQsoszilrtl3uIpBMRzJSP3y7_NLw0UREWVBg2ya-FW36GbwY8dGzp7l3wGKgaDiMvSv7bfNB63Q_invalid"; $jws = Akita_JOSE_JWS::load($jwstoken); $result = $jws->verify($shared_key); $this->assertEquals(false, $result); // RSXXX // command for private key generation "openssl genrsa -aes256 -out private.key 2048" $passphrase = "Akita_JOSE"; $public_key = openssl_pkey_get_public("file://" . dirname(__FILE__) . "/public.key"); // RS256 $jwstoken = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9..E2roykYfZbDJGyaeJAxPtkPses8hP--JnlFZMbuudPoLMQBs13LV1--RE_H65LPouojYf5CgRnL54FxtpLmXCB9EtY-WOI23dtiZDssTxuB308Z7rjXN0P7YULrYrlcOlwEyLpq4CMt0IjmkuC28Tr9cDf_BIGZQM8RVXorX3cGXxuFp8MNsln2TkhmWU8hKktZ6H-iZJ9FXZYF3X-Zpgd4TUUY7X9VHKJmV8sYmcV29Jg7q-ltJb_iQY7vEkU0P1KZTExzxOUbDB3HUbyga87XYDdHZMFmCQ5YsFDVa13u9AOaW5CHcrogzVujCIAiyl-droPf0RqOs4dVBP5e03A"; $jws = Akita_JOSE_JWS::load($jwstoken); $result = $jws->verify($public_key); $this->assertEquals(true, $result); $jwstoken = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9..E2roykYfZbDJGyaeJAxPtkPses8hP--JnlFZMbuudPoLMQBs13LV1--RE_H65LPouojYf5CgRnL54FxtpLmXCB9EtY-WOI23dtiZDssTxuB308Z7rjXN0P7YULrYrlcOlwEyLpq4CMt0IjmkuC28Tr9cDf_BIGZQM8RVXorX3cGXxuFp8MNsln2TkhmWU8hKktZ6H-iZJ9FXZYF3X-Zpgd4TUUY7X9VHKJmV8sYmcV29Jg7q-ltJb_iQY7vEkU0P1KZTExzxOUbDB3HUbyga87XYDdHZMFmCQ5YsFDVa13u9AOaW5CHcrogzVujCIAiyl-droPf0RqOs4dVBP5e03A_invalid"; $jws = Akita_JOSE_JWS::load($jwstoken); $result = $jws->verify($public_key); $this->assertEquals(false, $result); // RS384 $jwstoken = "eyJhbGciOiJSUzM4NCIsInR5cCI6IkpXUyJ9..aMjEWQXMBt-80W3UwA1wb9LrxHx8FzoOgGHj5AAPMwfi0kESEl9r4B0Yvkvdnpn36yE5AFp9jEQrtMu98WRBTSVAeA_hfo4gij3eL8faINgRA2Dd9qEqFpHpMywCaqrj_JXM_ghfm8ACPTw7qEIijJZ0AqMWD5bWG_dcvtVy6YVZq36pKMg1XzhKlVyypCVgNpNH2xFbqRJ8lnqgVfQu3yMmcGbdOClCDp8f_MCg-K0sAKdNpZ2Jkmo7fdc33vaubdhZ0hLMWNreySMCNtNfTJr715nCG_ByHnTLox57OiaKeNith6HIlt21jAyVQhKVYq7zMJWk-dyFectYzptSBQ"; $jws = Akita_JOSE_JWS::load($jwstoken); $result = $jws->verify($public_key); $this->assertEquals(true, $result); $jwstoken = "eyJhbGciOiJSUzM4NCIsInR5cCI6IkpXUyJ9..aMjEWQXMBt-80W3UwA1wb9LrxHx8FzoOgGHj5AAPMwfi0kESEl9r4B0Yvkvdnpn36yE5AFp9jEQrtMu98WRBTSVAeA_hfo4gij3eL8faINgRA2Dd9qEqFpHpMywCaqrj_JXM_ghfm8ACPTw7qEIijJZ0AqMWD5bWG_dcvtVy6YVZq36pKMg1XzhKlVyypCVgNpNH2xFbqRJ8lnqgVfQu3yMmcGbdOClCDp8f_MCg-K0sAKdNpZ2Jkmo7fdc33vaubdhZ0hLMWNreySMCNtNfTJr715nCG_ByHnTLox57OiaKeNith6HIlt21jAyVQhKVYq7zMJWk-dyFectYzptSBQ_invalid"; $jws = Akita_JOSE_JWS::load($jwstoken); $result = $jws->verify($public_key); $this->assertEquals(false, $result); // RS512 $jwstoken = "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXUyJ9..Jzcl50FD_uCXethMOfcQgQbeJC_ZL9taFLQXJRfigx_GGn1yUpWNP4x93fC6_K8HCND002req0RrraTXrqJDa_HCCda3jh3JK_QvUo0dKocqiw0o2lbgnEsG7oKvMjR1_Cb7BxovNAp32G3u_A-Z7Eo2QSSt0qY8qKTeiWpgQrlFtLJWqNuravQQZ_mcmK0GC1G-4z3P9IbivTx6JGoKlueQexcAIb42SDM12wYcqzuSglQtv8FRXqLelFIjhp4_U0O8f0J6Z7uaZrDHa4uXhTGy8soW7IXnohl7utdmMasiJlg2p7S6bmkovNes9hN1se5cI8SrrOlv92Qmfd6P2A"; $jws = Akita_JOSE_JWS::load($jwstoken); $result = $jws->verify($public_key); $this->assertEquals(true, $result); $jwstoken = "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXUyJ9..Jzcl50FD_uCXethMOfcQgQbeJC_ZL9taFLQXJRfigx_GGn1yUpWNP4x93fC6_K8HCND002req0RrraTXrqJDa_HCCda3jh3JK_QvUo0dKocqiw0o2lbgnEsG7oKvMjR1_Cb7BxovNAp32G3u_A-Z7Eo2QSSt0qY8qKTeiWpgQrlFtLJWqNuravQQZ_mcmK0GC1G-4z3P9IbivTx6JGoKlueQexcAIb42SDM12wYcqzuSglQtv8FRXqLelFIjhp4_U0O8f0J6Z7uaZrDHa4uXhTGy8soW7IXnohl7utdmMasiJlg2p7S6bmkovNes9hN1se5cI8SrrOlv92Qmfd6P2A_invalid"; $jws = Akita_JOSE_JWS::load($jwstoken); $result = $jws->verify($public_key); $this->assertEquals(false, $result); }