/**
* Returns the resultant token
*
* @return Token
*/
public function getToken()
{
$payload = [$this->encoder->base64UrlEncode($this->encoder->jsonEncode($this->headers)), $this->encoder->base64UrlEncode($this->encoder->jsonEncode($this->claims))];
if ($this->signature !== null) {
$payload[] = $this->encoder->base64UrlEncode($this->signature);
}
return new Token($this->headers, $this->claims, $this->signature, $payload);
}
/**
* Fill the mock expectations
*/
protected function createMockExpectations($signature = null)
{
$this->encoder->expects($this->at(0))->method('jsonEncode')->with(['alg' => 'none'])->willReturn('test');
$this->encoder->expects($this->at(1))->method('base64UrlEncode')->with('test')->willReturn('test');
$this->encoder->expects($this->at(2))->method('jsonEncode')->with([])->willReturn('test');
$this->encoder->expects($this->at(3))->method('base64UrlEncode')->with('test')->willReturn('test');
if ($signature) {
$this->encoder->expects($this->at(4))->method('base64UrlEncode')->with('test')->willReturn('test');
}
}
/**
* Returns an encoded representation of the token
*
* @return string
*/
public function __toString()
{
try {
$data = $this->getPayload() . '.';
if ($this->signature) {
$data .= $this->encoder->base64UrlEncode($this->signature);
}
return $data;
} catch (BadMethodCallException $e) {
return '';
}
}
/**
* @test
*
* @uses Lcobucci\JWT\Builder::__construct
* @uses Lcobucci\JWT\Builder::set
* @uses Lcobucci\JWT\Token
*
* @covers Lcobucci\JWT\Builder::getToken
*/
public function getTokenMustReturnANewTokenWithCurrentConfiguration()
{
$signature = $this->getMock(Signature::class, [], [], '', false);
$this->encoder->expects($this->exactly(2))->method('jsonEncode')->withConsecutive([['typ' => 'JWT', 'alg' => 'none']], [['test' => $this->defaultClaim]])->willReturnOnConsecutiveCalls('1', '2');
$this->encoder->expects($this->exactly(3))->method('base64UrlEncode')->withConsecutive(['1'], ['2'], [$signature])->willReturnOnConsecutiveCalls('1', '2', '3');
$builder = $this->createBuilder()->set('test', 123);
$builderSign = new \ReflectionProperty($builder, 'signature');
$builderSign->setAccessible(true);
$builderSign->setValue($builder, $signature);
$token = $builder->getToken();
$tokenSign = new \ReflectionProperty($token, 'signature');
$tokenSign->setAccessible(true);
$this->assertAttributeEquals(['1', '2', '3'], 'payload', $token);
$this->assertAttributeEquals($token->getHeaders(), 'headers', $builder);
$this->assertAttributeEquals($token->getClaims(), 'claims', $builder);
$this->assertAttributeSame($tokenSign->getValue($token), 'signature', $builder);
}
/**
* @test
*/
public function it_can_verify_a_token_signature()
{
$this->assertTrue($this->decoderService->verifySignature($this->parser->parse($this->tokenString)));
// Change one of the claims, but keep the original header and
// signature.
$manipulatedClaims = $this->tokenClaimsAsValueObjects;
$manipulatedClaims['uid'] = new Basic('uid', '0');
$encoder = new Encoder();
$manipulatedPayload = $this->payload;
$manipulatedPayload[1] = $encoder->base64UrlEncode($encoder->jsonEncode($manipulatedClaims));
// Re-create the token string using the original header and signature,
// but with manipulated claims.
$manipulatedTokenString = implode('.', $manipulatedPayload);
$this->assertFalse($this->decoderService->verifySignature($this->parser->parse($manipulatedTokenString)));
}
