Rev 566 | Rev 571 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 566 | Rev 570 | ||
---|---|---|---|
Line 21... | Line 21... | ||
21 | 21 | ||
22 | class OIDplusAuthContentStoreJWT extends OIDplusAuthContentStoreDummy { |
22 | class OIDplusAuthContentStoreJWT extends OIDplusAuthContentStoreDummy { |
23 | 23 | ||
24 | // Individual functions |
24 | // Individual functions |
25 | 25 | ||
26 | public function loadJWT($jwt, $additional_secret='') { |
26 | public function loadJWT($jwt) { |
- | 27 | if (OIDplus::getPkiStatus()) { |
|
27 | $key = OIDplus::baseConfig()->getValue('SERVER_SECRET', '').$additional_secret; |
28 | $pubKey = OIDplus::config()->getValue('oidplus_public_key'); |
- | 29 | $this->content = (array) \Firebase\JWT\JWT::decode($jwt, $pubKey, array('RS256', 'RS384', 'RS512')); |
|
- | 30 | } else { |
|
28 | $algo = OIDplus::baseConfig()->getValue('JWK_ALGORITHM', 'HS256'); |
31 | $key = OIDplus::baseConfig()->getValue('SERVER_SECRET', ''); |
- | 32 | $key = hash_pbkdf2('sha512', $key, '', 10000, 64/*256bit*/, false); |
|
29 | $this->content = (array) \Firebase\JWT\JWT::decode($jwt, $key, array($algo)); |
33 | $this->content = (array) \Firebase\JWT\JWT::decode($jwt, $key, array('HS256', 'HS384', 'HS512')); |
- | 34 | } |
|
30 | } |
35 | } |
31 | 36 | ||
32 | public function getJWTToken($lifetime=100*365*24*60*60, $additional_secret='') { |
37 | public function getJWTToken($lifetime=100*365*24*60*60) { |
33 | $key = OIDplus::baseConfig()->getValue('SERVER_SECRET', '').$additional_secret; |
- | |
34 | $payload = $this->content; |
38 | $payload = $this->content; |
35 | $payload["iss"] = "http://oidplus.com"; |
39 | $payload["iss"] = "http://oidplus.com"; |
36 | $payload["aud"] = "http://oidplus.com"; |
40 | $payload["aud"] = "http://oidplus.com"; |
- | 41 | $payload["jti"] = gen_uuid(); |
|
37 | $payload["iat"] = time(); |
42 | $payload["iat"] = time(); |
38 | $payload["exp"] = time() + $lifetime; |
43 | $payload["exp"] = time() + $lifetime; |
- | 44 | ||
- | 45 | if (OIDplus::getPkiStatus()) { |
|
- | 46 | $privKey = OIDplus::config()->getValue('oidplus_private_key'); |
|
- | 47 | return \Firebase\JWT\JWT::encode($payload, $privKey, 'RS512'); |
|
- | 48 | } else { |
|
39 | $algo = OIDplus::baseConfig()->getValue('JWK_ALGORITHM', 'HS256'); |
49 | $key = OIDplus::baseConfig()->getValue('SERVER_SECRET', ''); |
- | 50 | $key = hash_pbkdf2('sha512', $key, '', 10000, 64/*256bit*/, false); |
|
40 | return \Firebase\JWT\JWT::encode($payload, $key, $algo); |
51 | return \Firebase\JWT\JWT::encode($payload, $key, 'HS512'); |
- | 52 | } |
|
41 | } |
53 | } |
42 | 54 | ||
43 | } |
55 | } |