Rev 830 | Rev 1086 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 830 | Rev 1050 | ||
---|---|---|---|
Line 15... | Line 15... | ||
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
16 | * See the License for the specific language governing permissions and |
16 | * See the License for the specific language governing permissions and |
17 | * limitations under the License. |
17 | * limitations under the License. |
18 | */ |
18 | */ |
19 | 19 | ||
20 | if (!defined('INSIDE_OIDPLUS')) die(); |
20 | namespace ViaThinkSoft\OIDplus; |
21 | 21 | ||
22 | class OIDplusAuthContentStoreJWT extends OIDplusAuthContentStoreDummy { |
22 | class OIDplusAuthContentStoreJWT extends OIDplusAuthContentStoreDummy { |
23 | 23 | ||
24 | const COOKIE_NAME = 'OIDPLUS_AUTH_JWT'; |
24 | const COOKIE_NAME = 'OIDPLUS_AUTH_JWT'; |
25 | 25 | ||
Line 188... | Line 188... | ||
188 | // Decode the JWT. In this step, the signature as well as EXP/NBF times will be checked |
188 | // Decode the JWT. In this step, the signature as well as EXP/NBF times will be checked |
189 | $tmp->loadJWT($jwt); |
189 | $tmp->loadJWT($jwt); |
190 | 190 | ||
191 | // Do various checks if the token is allowed and not blacklisted |
191 | // Do various checks if the token is allowed and not blacklisted |
192 | self::jwtSecurityCheck($tmp); |
192 | self::jwtSecurityCheck($tmp); |
193 | } catch (Exception $e) { |
193 | } catch (\Exception $e) { |
194 | if (isset($_GET[self::COOKIE_NAME]) || isset($_POST[self::COOKIE_NAME])) { |
194 | if (isset($_GET[self::COOKIE_NAME]) || isset($_POST[self::COOKIE_NAME])) { |
195 | // Most likely an AJAX request. We can throw an Exception |
195 | // Most likely an AJAX request. We can throw an Exception |
196 | throw new OIDplusException(_L('The JWT token was rejected: %1',$e->getMessage())); |
196 | throw new OIDplusException(_L('The JWT token was rejected: %1',$e->getMessage())); |
197 | } else { |
197 | } else { |
198 | // Most likely an expired Cookie/Login session. We must not throw an Exception, otherwise we will break jsTree |
198 | // Most likely an expired Cookie/Login session. We must not throw an Exception, otherwise we will break jsTree |