Rev 679 | Rev 826 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 679 | Rev 699 | ||
---|---|---|---|
Line 50... | Line 50... | ||
50 | return OIDplus::config()->getValue($cfg,0); |
50 | return OIDplus::config()->getValue($cfg,0); |
51 | } |
51 | } |
52 | 52 | ||
53 | private static function jwtSecurityCheck($contentProvider) { |
53 | private static function jwtSecurityCheck($contentProvider) { |
54 | // Check if the token is intended for us |
54 | // Check if the token is intended for us |
55 | if ($contentProvider->getValue('aud','') !== "http://oidplus.com") { |
55 | if ($contentProvider->getValue('aud','') !== OIDplus::getEditionInfo()['jwtaud']) { |
56 | throw new OIDplusException(_L('Token has wrong audience')); |
56 | throw new OIDplusException(_L('Token has wrong audience')); |
57 | } |
57 | } |
58 | $gen = $contentProvider->getValue('oidplus_generator', -1); |
58 | $gen = $contentProvider->getValue('oidplus_generator', -1); |
59 | 59 | ||
60 | $has_admin = $contentProvider->isAdminLoggedIn(); |
60 | $has_admin = $contentProvider->isAdminLoggedIn(); |
Line 274... | Line 274... | ||
274 | } |
274 | } |
275 | } |
275 | } |
276 | 276 | ||
277 | public function getJWTToken() { |
277 | public function getJWTToken() { |
278 | $payload = $this->content; |
278 | $payload = $this->content; |
279 | $payload["iss"] = "http://oidplus.com"; |
279 | $payload["iss"] = OIDplus::getEditionInfo()['jwtaud']; |
280 | $payload["aud"] = "http://oidplus.com"; |
280 | $payload["aud"] = OIDplus::getEditionInfo()['jwtaud']; |
281 | $payload["jti"] = gen_uuid(); |
281 | $payload["jti"] = gen_uuid(); |
282 | $payload["iat"] = time(); |
282 | $payload["iat"] = time(); |
283 | 283 | ||
284 | if (OIDplus::getPkiStatus()) { |
284 | if (OIDplus::getPkiStatus()) { |
285 | $privKey = OIDplus::config()->getValue('oidplus_private_key'); |
285 | $privKey = OIDplus::config()->getValue('oidplus_private_key'); |