WebSVN – oidplus – Diff – /trunk/includes/classes/OIDplusAuthContentStoreJWT.class.php



         * @return void
         * @throws OIDplusException
         */
        public function loadJWT(string $jwt) {
                \Firebase\JWT\JWT::$leeway = 60; // leeway in seconds
                $cls_content = null;
                if (OIDplus::getPkiStatus()) {
                        $pubKey = OIDplus::getSystemPublicKey();
                        $k = new \Firebase\JWT\Key($pubKey, 'RS256'); // RSA+SHA256 is hardcoded in getPkiStatus() generation
                        $cls_content = \Firebase\JWT\JWT::decode($jwt, $k);
                } else {
                        $key = OIDplus::authUtils()->makeSecret(['0be35e52-f4ef-11ed-b67e-3c4a92df8582']);
                        $key = hash_pbkdf2('sha512', $key, '', 10000, 32/*256bit*/, false);
                        $k = new \Firebase\JWT\Key($key, 'HS512'); // HMAC+SHA512 is hardcoded here
                        $cls_content = \Firebase\JWT\JWT::decode($jwt, $k);
                }
                $this->content = json_decode(json_encode($cls_content), true); // convert stdClass to array
        }
 
        /**
         * @return string
         * @throws OIDplusException

Rev 1367	Rev 1444
Line 662...	Line 662...
662	* @return void	662	* @return void
663	* @throws OIDplusException	663	* @throws OIDplusException
664	*/	664	*/
665	public function loadJWT(string $jwt) {	665	public function loadJWT(string $jwt) {
666	\Firebase\JWT\JWT::$leeway = 60; // leeway in seconds	666	\Firebase\JWT\JWT::$leeway = 60; // leeway in seconds
-		667	$cls_content = null;
667	if (OIDplus::getPkiStatus()) {	668	if (OIDplus::getPkiStatus()) {
668	$pubKey = OIDplus::getSystemPublicKey();	669	$pubKey = OIDplus::getSystemPublicKey();
669	$k = new \Firebase\JWT\Key($pubKey, 'RS256'); // RSA+SHA256 is hardcoded in getPkiStatus() generation	670	$k = new \Firebase\JWT\Key($pubKey, 'RS256'); // RSA+SHA256 is hardcoded in getPkiStatus() generation
670	$this->content = (array) \Firebase\JWT\JWT::decode($jwt, $k);	671	$cls_content = \Firebase\JWT\JWT::decode($jwt, $k);
671	} else {	672	} else {
672	$key = OIDplus::authUtils()->makeSecret(['0be35e52-f4ef-11ed-b67e-3c4a92df8582']);	673	$key = OIDplus::authUtils()->makeSecret(['0be35e52-f4ef-11ed-b67e-3c4a92df8582']);
673	$key = hash_pbkdf2('sha512', $key, '', 10000, 32/256bit/, false);	674	$key = hash_pbkdf2('sha512', $key, '', 10000, 32/256bit/, false);
674	$k = new \Firebase\JWT\Key($key, 'HS512'); // HMAC+SHA512 is hardcoded here	675	$k = new \Firebase\JWT\Key($key, 'HS512'); // HMAC+SHA512 is hardcoded here
675	$this->content = (array) \Firebase\JWT\JWT::decode($jwt, $k);	676	$cls_content = \Firebase\JWT\JWT::decode($jwt, $k);
676	}	677	}
-		678	$this->content = json_decode(json_encode($cls_content), true); // convert stdClass to array
677	}	679	}
678		680
679	/**	681	/**
680	* @return string	682	* @return string
681	* @throws OIDplusException	683	* @throws OIDplusException

Subversion Repositories oidplus

oidplus/trunk/includes/classes/OIDplusAuthContentStoreJWT.class.php @ 1301 – Rev 1367 → 1444