Home Explore Help
Sign In
idleman
/
kiss
2
1
Fork 0
Files Issues 1 Pull Requests 0 Wiki
Tree: 39a4fe8d31
Branches Tags
kiss
/
class
/
JWToken.class.php

JWToken.class.php 2.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * JWToken utilities.
    4. 

  4.  * @author Kiss Team
    5. 

  5.  * @category Plugin
    6. 

  6.  * @license MIT
    7. 

  7.  */
    8. 

  8. class JWToken {
    9. 

  9. 

  10. 	/* Décrypte une JWT Token avec la clé secrete fournie */
    11. 

  11. 	public static function parse($encodedString,$key){
    12. 

  12. 		$infos = explode('.', $encodedString);
    13. 

  13. 	    if(count($infos)!=3) throw new Exception("JWT error : incorrect format", 401);
    14. 

  14. 

  15. 	    list($header64, $payloadb64, $signatureb64) = $infos;
    16. 

  16. 	    $header = $header64;
    17. 

  17. 	    $payload = $payloadb64;
    18. 

  18. 

  19. 		//header
    20. 

  20. 	    $remainder = strlen($header) % 4;
    21. 

  21. 	    if ($remainder) {
    22. 

  22. 	        $padlen = 4 - $remainder;
    23. 

  23. 	        $header .= str_repeat('=', $padlen);
    24. 

  24. 	    }
    25. 

  25. 	    $header = base64_decode(strtr($header, '-_', '+/'));
    26. 

  26. 	    $header = json_decode($header,true);
    27. 

  27. 

  28. 		//payload
    29. 

  29. 	    $remainder = strlen($payload) % 4;
    30. 

  30. 	    if ($remainder) {
    31. 

  31. 	        $padlen = 4 - $remainder;
    32. 

  32. 	        $payload .= str_repeat('=', $padlen);
    33. 

  33. 	    }
    34. 

  34. 	    $payload = base64_decode(strtr($payload, '-_', '+/'));
    35. 

  35. 	    $payload = json_decode($payload,true);
    36. 

  36. 

  37. 		//signature
    38. 

  38. 	    $remainder = strlen($signatureb64) % 4;
    39. 

  39. 	    if ($remainder) {
    40. 

  40. 	        $padlen = 4 - $remainder;
    41. 

  41. 	        $signatureb64 .= str_repeat('=', $padlen);
    42. 

  42. 	    }
    43. 

  43. 	    $signature = base64_decode(strtr($signatureb64, '-_', '+/'));
    44. 

  44. 	    $hash = hash_hmac('SHA256', "$header64.$payloadb64", $key, true);
    45. 

  45. 	    $len = min(mb_strlen($signature, '8bit'),mb_strlen($hash, '8bit')  );
    46. 

  46. 	    $status = 0;
    47. 

  47. 	    for ($i = 0; $i < $len; $i++) {
    48. 

  48. 	        $status |= (ord($signature[$i]) ^ ord($hash[$i]));
    49. 

  49. 	    }
    50. 

  50. 	    $status |= (mb_strlen($signature, '8bit') ^ mb_strlen($hash, '8bit'));
    51. 

  51. 	    $verify = ($status === 0);
    52. 

  52. 	    if(!$verify) throw new Exception("JWT error : bad signature or encryption key", 401);
    53. 

  53. 

  54. 	    if($payload['exp']<time()) throw new Exception("JWT error : token is expired since ".date('d/m/Y H:i:s',$payload['exp']), 498);
    55. 

  55. 	    return $payload;
    56. 

  56. 	}
    57. 

  57. 

  58. 	//Créé un token crypté en HS256 à partir du payload / clé privée fournis
    59. 

  59. 	public static function createFromJson($payload, $key) {
    60. 

  60. 	    $header = json_encode(array('typ' => 'JWT', 'alg' => 'HS256'));
    61. 

  61. 	    $payload = json_encode($payload);
    62. 

  62. 

  63. 	   	$segments = array();
    64. 

  64. 	 	$segments[] = str_replace('=', '', strtr(base64_encode($header), '+/', '-_'));
    65. 

  65. 	 	$segments[] = str_replace('=', '', strtr(base64_encode($payload), '+/', '-_'));
    66. 

  66. 	    $signing_input = implode('.', $segments);
    67. 

  67. 	    $signature =  hash_hmac('SHA256', $signing_input, $key, true);
    68. 

  68. 	    $segments[] = str_replace('=', '', strtr(base64_encode($signature), '+/', '-_'));
    69. 

  69. 

  70. 	    return implode('.', $segments);
    71. 

  71. 	}
    72. 

  72. }
    73.