264,11 → 264,13 |
\Firebase\JWT\JWT::$leeway = 60; // leeway in seconds |
if (OIDplus::getPkiStatus()) { |
$pubKey = OIDplus::config()->getValue('oidplus_public_key'); |
$this->content = (array) \Firebase\JWT\JWT::decode($jwt, $pubKey, array('RS256', 'RS384', 'RS512')); |
$k = new \Firebase\JWT\Key($pubKey, 'RS256'); // RSA+SHA256 ist hardcoded in getPkiStatus() generation |
$this->content = (array) \Firebase\JWT\JWT::decode($jwt, $k); |
} else { |
$key = OIDplus::baseConfig()->getValue('SERVER_SECRET', '').'/OIDplusAuthContentStoreJWT'; |
$key = hash_pbkdf2('sha512', $key, '', 10000, 64/*256bit*/, false); |
$this->content = (array) \Firebase\JWT\JWT::decode($jwt, $key, array('HS256', 'HS384', 'HS512')); |
$k = new \Firebase\JWT\Key($key, 'HS512'); // HMAC+SHA512 is hardcoded here |
$this->content = (array) \Firebase\JWT\JWT::decode($jwt, $k); |
} |
} |
|
281,11 → 283,11 |
|
if (OIDplus::getPkiStatus()) { |
$privKey = OIDplus::config()->getValue('oidplus_private_key'); |
return \Firebase\JWT\JWT::encode($payload, $privKey, 'RS512'); |
return \Firebase\JWT\JWT::encode($payload, $privKey, 'RS256'); // RSA+SHA256 ist hardcoded in getPkiStatus() generation |
} else { |
$key = OIDplus::baseConfig()->getValue('SERVER_SECRET', '').'/OIDplusAuthContentStoreJWT'; |
$key = hash_pbkdf2('sha512', $key, '', 10000, 64/*256bit*/, false); |
return \Firebase\JWT\JWT::encode($payload, $key, 'HS512'); |
return \Firebase\JWT\JWT::encode($payload, $key, 'HS512'); // HMAC+SHA512 is hardcoded here |
} |
} |
|