Rev 604 | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 604 | Rev 1469 | ||
---|---|---|---|
Line 56... | Line 56... | ||
56 | if (!openssl_verify($msg, $signature, $key, $php_algo)) return false; |
56 | if (!openssl_verify($msg, $signature, $key, $php_algo)) return false; |
57 | break; |
57 | break; |
58 | case 'HS': |
58 | case 'HS': |
59 | $hash = @hash_hmac($php_algo, $msg, $key, true); |
59 | $hash = @hash_hmac($php_algo, $msg, $key, true); |
60 | if (!$hash) break; // if the hash algo is not available, we just accept the JWT |
60 | if (!$hash) break; // if the hash algo is not available, we just accept the JWT |
61 | if (!hash_equals($signature, $hash)) return false; |
61 | if (!hash_equals($hash, $signature)) return false; |
62 | break; |
62 | break; |
63 | case 'PS': |
63 | case 'PS': |
64 | // This feature is new and not yet available in php-jwt |
64 | // This feature is new and not yet available in php-jwt |
65 | file_put_contents($msg_file = tempnam("/tmp", ""), $msg); |
65 | file_put_contents($msg_file = tempnam("/tmp", ""), $msg); |
66 | file_put_contents($sig_file = tempnam("/tmp", ""), $signature); |
66 | file_put_contents($sig_file = tempnam("/tmp", ""), $signature); |