/** * {@inheritdoc} */ public function sign($payload, array $signature_protected_headers, Object\JWKInterface $signature_key) { $jws = Factory\JWSFactory::createJWS($payload); $jws = $jws->addSignatureInformation($signature_key, $signature_protected_headers); $this->signer->sign($jws); return $jws->toCompactJSON(0); }
/** * Create a JSON Web Token. * * @param array $payload * @return string * @throws JWTException */ public function encode(array $payload) { try { $token = JWEFactory::createJWEToCompactJSON($payload, $this->encryptionKey, ['alg' => 'dir', 'enc' => $this->encryptionKey->get('alg'), 'zip' => 'DEF']); return JWSFactory::createJWSToCompactJSON($token, $this->signatureKey, ['alg' => $this->signatureKey->get('alg'), 'zip' => 'DEF']); } catch (Exception $e) { throw new JWTException('Could not create token: ' . $e->getMessage()); } }
/** * This method takes the required VAPID parameters and returns the required * header to be added to a Web Push Protocol Request. * * @param string $audience This must be the origin of the push service * @param string $subject This should be a URL or a 'mailto:' email address * @param string $publicKey The decoded VAPID public key * @param string $privateKey The decoded VAPID private key * @param int $expiration The expiration of the VAPID JWT. (UNIX timestamp) * * @return array Returns an array with the 'Authorization' and 'Crypto-Key' values to be used as headers */ public static function getVapidHeaders($audience, $subject, $publicKey, $privateKey, $expiration = null) { $expirationLimit = time() + 43200; // equal margin of error between 0 and 24h if (!isset($expiration) || $expiration > $expirationLimit) { $expiration = $expirationLimit; } $header = array('typ' => 'JWT', 'alg' => 'ES256'); $jwtPayload = json_encode(array('aud' => $audience, 'exp' => $expiration, 'sub' => $subject), JSON_UNESCAPED_SLASHES | JSON_NUMERIC_CHECK); $generator = EccFactory::getNistCurves()->generator256(); $privateKeyObject = $generator->getPrivateKeyFrom(gmp_init(bin2hex($privateKey), 16)); $pemSerialize = new PemPrivateKeySerializer(new DerPrivateKeySerializer()); $pem = $pemSerialize->serialize($privateKeyObject); $jwk = JWKFactory::createFromKey($pem, null); $jws = JWSFactory::createJWSToCompactJSON($jwtPayload, $jwk, $header); return array('Authorization' => 'WebPush ' . $jws, 'Crypto-Key' => 'p256ecdsa=' . Base64Url::encode($publicKey)); }