/** * @param Context $context * @param string $token * @param string|resource $key * * @return string */ public static function decode(Context $context, $token, $key) { if (empty($token) || trim($token) === '') { throw new JoseJwtException('Incoming token expected to be in compact serialization form, but is empty'); } $parts = explode('.', $token); if (count($parts) != 5) { throw new JoseJwtException('Invalid JWE token'); } $decodedParts = []; foreach ($parts as $part) { $decodedParts[] = UrlSafeB64Encoder::decode($part); } $headerString = $decodedParts[0]; $encryptedCek = $decodedParts[1]; $iv = $decodedParts[2]; $cipherText = $decodedParts[3]; $authTag = $decodedParts[4]; $header = json_decode($headerString, true); if (null === $header) { throw new JoseJwtException('Invalid header'); } $algorithm = $context->jweAlgorithms()->get($header['alg']); $encryption = $context->jweEncryptions()->get($header['enc']); $cek = $algorithm->unwrap($encryptedCek, $key, $encryption->getKeySize(), $header); $aad = $parts[0]; $plainText = $encryption->decrypt($aad, $cek, $iv, $cipherText, $authTag); return $plainText; }
/** * @param string $value * @param bool $raw * * @return RandomGeneratorMock */ public function add($value, $raw = false) { if (is_array($value)) { array_unshift($value, 'C*'); $value = call_user_func_array('pack', $value); $raw = true; } if (false === $raw) { $value = UrlSafeB64Encoder::decode($value); } $len = strlen($value); if (false === array_key_exists($len, $this->sequence)) { $this->sequence[$len] = []; } $this->sequence[$len][] = $value; return $this; }
/** * @param $token * * @return array */ public static function payload($token) { if (null === $token || trim($token) === '') { throw new JoseJwtException('Incoming token expected to be in compact serialization form, but is empty'); } $parts = explode('.', $token); if (count($parts) != 3) { throw new JoseJwtException('Invalid JWT'); } $payload = json_decode(UrlSafeB64Encoder::decode($parts[1]), true); if (null == $payload) { throw new JoseJwtException('Invalid payload'); } return $payload; }