Rev 1413 | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 1413 | Rev 1444 | ||
|---|---|---|---|
| Line 87... | Line 87... | ||
| 87 | if ($certs === false) { |
87 | if ($certs === false) { |
| 88 | throw new OIDplusException(_L('Communication with %1 server failed', 'Google')); |
88 | throw new OIDplusException(_L('Communication with %1 server failed', 'Google')); |
| 89 | } |
89 | } |
| 90 | $verification_certs = json_decode($certs, true); |
90 | $verification_certs = json_decode($certs, true); |
| 91 | \Firebase\JWT\JWT::$leeway = 60; // leeway in seconds |
91 | \Firebase\JWT\JWT::$leeway = 60; // leeway in seconds |
| 92 | $data = (array) \Firebase\JWT\JWT::decode($id_token, $verification_certs, array('ES256', 'ES384', 'RS256', 'RS384', 'RS512')); |
92 | $cls_data = \Firebase\JWT\JWT::decode($id_token, $verification_certs, array('ES256', 'ES384', 'RS256', 'RS384', 'RS512')); |
| - | 93 | $data = json_decode(json_encode($cls_data), true); // convert stdClass to array |
|
| 93 | if (!isset($data['iss']) || ($data['iss'] !== 'https://accounts.google.com')) { |
94 | if (!isset($data['iss']) || ($data['iss'] !== 'https://accounts.google.com')) { |
| 94 | throw new OIDplusException(_L('JWT token could not be decoded')); |
95 | throw new OIDplusException(_L('JWT token could not be decoded')); |
| 95 | } |
96 | } |
| 96 | 97 | ||
| 97 | // Check if the email was verified |
98 | // Check if the email was verified |