vendor/lexik/jwt-authentication-bundle/Services/JWSProvider/DefaultJWSProvider.php line 5

Open in your IDE?
  1. <?php
  3. namespace Lexik\Bundle\JWTAuthenticationBundle\Services\JWSProvider;
  5. @trigger_error(sprintf('The "%s" class is deprecated since version 2.5 and will be removed in 3.0. Use "%s" or create your own "%s" implementation instead.'DefaultJWSProvider::class, LcobucciJWSProvider::class, JWSProviderInterface::class), E_USER_DEPRECATED);
  7. use Lexik\Bundle\JWTAuthenticationBundle\Services\KeyLoader\KeyLoaderInterface;
  8. use Lexik\Bundle\JWTAuthenticationBundle\Signature\CreatedJWS;
  9. use Lexik\Bundle\JWTAuthenticationBundle\Signature\LoadedJWS;
  10. use Namshi\JOSE\JWS;
  12. /**
  13.  * JWS Provider, Namshi\JOSE library integration.
  14.  * Supports OpenSSL and phpseclib crypto engines.
  15.  *
  16.  * @final
  17.  *
  18.  * @author Robin Chalas <robin.chalas@gmail.com>
  19.  *
  20.  * @deprecated since version 2.5, to be removed in 3.0
  21.  */
  22. class DefaultJWSProvider implements JWSProviderInterface
  23. {
  24.     /**
  25.      * @var KeyLoaderInterface
  26.      */
  27.     private $keyLoader;
  29.     /**
  30.      * @var string
  31.      */
  32.     private $cryptoEngine;
  34.     /**
  35.      * @var string
  36.      */
  37.     private $signatureAlgorithm;
  39.     /**
  40.      * @var int
  41.      */
  42.     private $ttl;
  44.     /**
  45.      * @var int
  46.      */
  47.     private $clockSkew;
  49.     /**
  50.      * @param KeyLoaderInterface $keyLoader
  51.      * @param string             $cryptoEngine
  52.      * @param string             $signatureAlgorithm
  53.      * @param int                $ttl
  54.      * @param int                $clockSkew
  55.      *
  56.      * @throws \InvalidArgumentException If the given algorithm is not supported
  57.      */
  58.     public function __construct(KeyLoaderInterface $keyLoader$cryptoEngine$signatureAlgorithm$ttl$clockSkew)
  59.     {
  60.         if (null !== $ttl && !is_numeric($ttl)) {
  61.             throw new \InvalidArgumentException(sprintf('The TTL should be a numeric value, got %s instead.'$ttl));
  62.         }
  64.         if (null !== $clockSkew && !is_numeric($clockSkew)) {
  65.             throw new \InvalidArgumentException(sprintf('The clock skew should be a numeric value, got %s instead.'$clockSkew));
  66.         }
  68.         $cryptoEngine 'openssl' == $cryptoEngine 'OpenSSL' 'SecLib';
  70.         if (!$this->isAlgorithmSupportedForEngine($cryptoEngine$signatureAlgorithm)) {
  71.             throw new \InvalidArgumentException(
  72.                 sprintf('The algorithm "%s" is not supported for %s'$signatureAlgorithm$cryptoEngine)
  73.             );
  74.         }
  76.         $this->keyLoader          $keyLoader;
  77.         $this->cryptoEngine       $cryptoEngine;
  78.         $this->signatureAlgorithm $signatureAlgorithm;
  79.         $this->ttl                $ttl;
  80.         $this->clockSkew          $clockSkew;
  81.     }
  83.     /**
  84.      * {@inheritdoc}
  85.      */
  86.     public function create(array $payload, array $header = [])
  87.     {
  88.         $header['alg'] = $this->signatureAlgorithm;
  89.         $jws           = new JWS($header$this->cryptoEngine);
  90.         $claims        = ['iat' => time()];
  92.         if (null !== $this->ttl && !isset($payload['exp'])) {
  93.             $claims['exp'] = time() + $this->ttl;
  94.         }
  96.         $jws->setPayload($payload $claims);
  97.         $jws->sign(
  98.             $this->keyLoader->loadKey('private'),
  99.             $this->keyLoader->getPassphrase()
  100.         );
  102.         return new CreatedJWS($jws->getTokenString(), $jws->isSigned());
  103.     }
  105.     /**
  106.      * {@inheritdoc}
  107.      */
  108.     public function load($token)
  109.     {
  110.         $jws JWS::load($tokenfalsenull$this->cryptoEngine);
  112.         return new LoadedJWS(
  113.             $jws->getPayload(),
  114.             $jws->verify($this->keyLoader->loadKey('public'), $this->signatureAlgorithm),
  115.             null !== $this->ttl,
  116.             $jws->getHeader(),
  117.             $this->clockSkew
  118.         );
  119.     }
  121.     /**
  122.      * @param string $cryptoEngine
  123.      * @param string $signatureAlgorithm
  124.      *
  125.      * @return bool
  126.      */
  127.     private function isAlgorithmSupportedForEngine($cryptoEngine$signatureAlgorithm)
  128.     {
  129.         $signerClass sprintf('Namshi\\JOSE\\Signer\\%s\\%s'$cryptoEngine$signatureAlgorithm);
  131.         return class_exists($signerClass);
  132.     }
  133. }