WebSVN – oidplus – Diff – /trunk/includes/classes/OIDplusAuthContentStoreJWT.class.php



        // Individual functions
 
        public function loadJWT($jwt) {
                \Firebase\JWT\JWT::$leeway = 60; // leeway in seconds
                if (OIDplus::getPkiStatus()) {
                        $pubKey = OIDplus::getSystemPublicKey();
                        $k = new \Firebase\JWT\Key($pubKey, 'RS256'); // RSA+SHA256 ist hardcoded in getPkiStatus() generation
                        $this->content = (array) \Firebase\JWT\JWT::decode($jwt, $k);
                } else {
                        $key = OIDplus::baseConfig()->getValue('SERVER_SECRET', '').'/OIDplusAuthContentStoreJWT';
                        $key = hash_pbkdf2('sha512', $key, '', 10000, 32/*256bit*/, false);

                $payload["aud"] = OIDplus::getEditionInfo()['jwtaud'];
                $payload["jti"] = gen_uuid();
                $payload["iat"] = time();
 
                if (OIDplus::getPkiStatus()) {
                        $privKey = OIDplus::getSystemPrivateKey();
                        return \Firebase\JWT\JWT::encode($payload, $privKey, 'RS256'); // RSA+SHA256 ist hardcoded in getPkiStatus() generation
                } else {
                        $key = OIDplus::baseConfig()->getValue('SERVER_SECRET', '').'/OIDplusAuthContentStoreJWT';
                        $key = hash_pbkdf2('sha512', $key, '', 10000, 32/*256bit*/, false);
                        return \Firebase\JWT\JWT::encode($payload, $key, 'HS512'); // HMAC+SHA512 is hardcoded here

Rev 826	Rev 830
Line 261...	Line 261...
261	// Individual functions	261	// Individual functions
262		262
263	public function loadJWT($jwt) {	263	public function loadJWT($jwt) {
264	\Firebase\JWT\JWT::$leeway = 60; // leeway in seconds	264	\Firebase\JWT\JWT::$leeway = 60; // leeway in seconds
265	if (OIDplus::getPkiStatus()) {	265	if (OIDplus::getPkiStatus()) {
266	$pubKey = OIDplus::config()->getValue('oidplus_public_key');	266	$pubKey = OIDplus::getSystemPublicKey();
267	$k = new \Firebase\JWT\Key($pubKey, 'RS256'); // RSA+SHA256 ist hardcoded in getPkiStatus() generation	267	$k = new \Firebase\JWT\Key($pubKey, 'RS256'); // RSA+SHA256 ist hardcoded in getPkiStatus() generation
268	$this->content = (array) \Firebase\JWT\JWT::decode($jwt, $k);	268	$this->content = (array) \Firebase\JWT\JWT::decode($jwt, $k);
269	} else {	269	} else {
270	$key = OIDplus::baseConfig()->getValue('SERVER_SECRET', '').'/OIDplusAuthContentStoreJWT';	270	$key = OIDplus::baseConfig()->getValue('SERVER_SECRET', '').'/OIDplusAuthContentStoreJWT';
271	$key = hash_pbkdf2('sha512', $key, '', 10000, 32/256bit/, false);	271	$key = hash_pbkdf2('sha512', $key, '', 10000, 32/256bit/, false);
Line 280...	Line 280...
280	$payload["aud"] = OIDplus::getEditionInfo()['jwtaud'];	280	$payload["aud"] = OIDplus::getEditionInfo()['jwtaud'];
281	$payload["jti"] = gen_uuid();	281	$payload["jti"] = gen_uuid();
282	$payload["iat"] = time();	282	$payload["iat"] = time();
283		283
284	if (OIDplus::getPkiStatus()) {	284	if (OIDplus::getPkiStatus()) {
285	$privKey = OIDplus::config()->getValue('oidplus_private_key');	285	$privKey = OIDplus::getSystemPrivateKey();
286	return \Firebase\JWT\JWT::encode($payload, $privKey, 'RS256'); // RSA+SHA256 ist hardcoded in getPkiStatus() generation	286	return \Firebase\JWT\JWT::encode($payload, $privKey, 'RS256'); // RSA+SHA256 ist hardcoded in getPkiStatus() generation
287	} else {	287	} else {
288	$key = OIDplus::baseConfig()->getValue('SERVER_SECRET', '').'/OIDplusAuthContentStoreJWT';	288	$key = OIDplus::baseConfig()->getValue('SERVER_SECRET', '').'/OIDplusAuthContentStoreJWT';
289	$key = hash_pbkdf2('sha512', $key, '', 10000, 32/256bit/, false);	289	$key = hash_pbkdf2('sha512', $key, '', 10000, 32/256bit/, false);
290	return \Firebase\JWT\JWT::encode($payload, $key, 'HS512'); // HMAC+SHA512 is hardcoded here	290	return \Firebase\JWT\JWT::encode($payload, $key, 'HS512'); // HMAC+SHA512 is hardcoded here

Subversion Repositories oidplus

oidplus/trunk/includes/classes/OIDplusAuthContentStoreJWT.class.php @ 1301 – Rev 826 → 830