示例#1
0
 /**
  * @param \Cyh\Jose\Signing\Signer\SignerInterface $signer
  * @param string $jwt_strings
  * @param resource|string $key default null
  * @param ValidateInterface[] $validators
  * @return array
  * @throws MalformedException
  * @throws InvalidSignatureException
  * @throws ValidateException
  */
 public static function verify(SignerInterface $signer, $jwt_strings, $key = null, array $validators = array())
 {
     $jwt_arr = explode('.', $jwt_strings);
     if (3 !== count($jwt_arr)) {
         throw new MalformedException('Wrong number of segments');
     }
     $header_base64 = $jwt_arr[0];
     $header = Header::fromString($header_base64);
     // Do not determine algorithm by header.
     if ($signer->getAlg() !== $header->getAlg()) {
         throw new MalformedException('Invalid alg header');
     }
     $payload_base64 = $jwt_arr[1];
     $message = $header_base64 . '.' . $payload_base64;
     $signature = Base64Url::decode($jwt_arr[2]);
     $signer->verify($message, $signature, $key);
     $payload_json = Base64Url::decode($payload_base64);
     $claims = Json::decode($payload_json);
     foreach ($validators as $validator) {
         if (!$validator instanceof ValidateInterface) {
             throw new UnexpectedValueException('validator is must implement ValidateInterface');
         }
         if (!$validator->validate($claims)) {
             throw new ValidateException('Validation failed. validator name: ' . $validator->getName());
         }
     }
     return $claims;
 }
示例#2
0
 /**
  * @expectedException \Cyh\Jose\Exception\UnexpectedValueException
  */
 public function testDecodeJsonInvalidParam()
 {
     Json::decode('{abc}');
 }
示例#3
0
 /**
  * @param string $encoded_header
  * @return Header
  */
 public static function fromString($encoded_header)
 {
     $headers = Json::decode(Base64Url::decode($encoded_header));
     return new self($headers);
 }
示例#4
0
 /**
  * @expectedException Cyh\Jose\Signing\Exception\InvalidSignatureException
  */
 public function testRS256ModifiedClaimExp()
 {
     $token_strings = Jwt::sign(new RS256(), $this->valid_claims, $this->rsa_prv_key);
     list($h, $p, $s) = explode('.', $token_strings);
     $payload = Json::decode(Base64Url::decode($p));
     $payload['exp'] = time() + 86400;
     $p = Base64Url::encode(Json::encode($payload));
     $mod_token = "{$h}.{$p}.{$s}";
     Jwt::verify(new RS256(), $mod_token, $this->rsa_pub_key);
 }