public function getDecodedToken($jwt) { try { $decodedToken = JWT::decode($jwt); $tenant = $this->findTenant($decodedToken->iss); JWT::decode($jwt, $tenant->getSharedSecret(), ['HS256'], 600); return $decodedToken; } catch (\Exception $e) { throw new AuthenticationException($e->getMessage()); } }
public static function encode($payload, $key, $alg = 'HS256', $keyId = null) { $header = array('typ' => 'JWT', 'alg' => $alg); if ($keyId !== null) { $header['kid'] = $keyId; } $segments = array(); $segments[] = JWT::urlsafeB64Encode(json_encode($header)); $segments[] = JWT::urlsafeB64Encode(json_encode($payload)); $signing_input = implode('.', $segments); $signature = JWT::sign($signing_input, $key, $alg); $segments[] = JWT::urlsafeB64Encode($signature); return implode('.', $segments); }
public function createToken(Request $request, $providerKey) { $jwt = $request->query->get('jwt'); if (!$jwt && $this->kernel->getEnvironment() == 'dev') { $tenant = $this->em->getRepository('AtlassianConnectBundle:Tenant')->find(1); $clientKey = $tenant->getClientKey(); $sharedSecret = $tenant->getSharedSecret(); $qshHelper = new QSH(); $qsh = $qshHelper->create('GET', $request->getRequestUri()); $payload = ['iss' => $clientKey, 'iat' => time(), 'exp' => time() + 86400, 'qsh' => $qsh, 'sub' => 'admin']; $jwt = JWT::encode($payload, $sharedSecret); } if (!$jwt) { throw new BadCredentialsException('No JWT token found'); } return new PreAuthenticatedToken('anon.', $jwt, $providerKey); }
private function buildAuthHeader($method, $restUrl) { $token = $this->buildPayload($method, $restUrl); $jwt = JWT::encode($token, $this->tenant->getSharedSecret()); return ['Authorization' => 'JWT ' . $jwt]; }