Rev 604 | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 604 | Rev 1469 | ||
|---|---|---|---|
| Line 56... | Line 56... | ||
| 56 | if (!openssl_verify($msg, $signature, $key, $php_algo)) return false; |
56 | if (!openssl_verify($msg, $signature, $key, $php_algo)) return false; |
| 57 | break; |
57 | break; |
| 58 | case 'HS': |
58 | case 'HS': |
| 59 | $hash = @hash_hmac($php_algo, $msg, $key, true); |
59 | $hash = @hash_hmac($php_algo, $msg, $key, true); |
| 60 | if (!$hash) break; // if the hash algo is not available, we just accept the JWT |
60 | if (!$hash) break; // if the hash algo is not available, we just accept the JWT |
| 61 | if (!hash_equals($signature, $hash)) return false; |
61 | if (!hash_equals($hash, $signature)) return false; |
| 62 | break; |
62 | break; |
| 63 | case 'PS': |
63 | case 'PS': |
| 64 | // This feature is new and not yet available in php-jwt |
64 | // This feature is new and not yet available in php-jwt |
| 65 | file_put_contents($msg_file = tempnam("/tmp", ""), $msg); |
65 | file_put_contents($msg_file = tempnam("/tmp", ""), $msg); |
| 66 | file_put_contents($sig_file = tempnam("/tmp", ""), $signature); |
66 | file_put_contents($sig_file = tempnam("/tmp", ""), $signature); |