Home Explore Help
Sign In
idleman
/
kiss
2
1
Fork 0
Files Issues 1 Pull Requests 0 Wiki
Branch: master
Branches Tags
kiss
/
class
/
JWToken.class.php

JWToken.class.php 2.5 KB
Permalink History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * JWToken utilities.
    4. 

  4.  * @author Kiss Team
    5. 

  5.  * @category Plugin
    6. 

  6.  * @license MIT
    7. 

  7.  */
    8. 

  8. class JWToken {
    9. 

  9. 	
    10. 

  10. 	/* Décrypte une JWT Token avec la clé secrete fournie 
    11. 

  11. 	*/
    12. 

  12. 	public static function parse($encodedString,$key){
    13. 

  13. 		
    14. 

  14. 		$infos = explode('.', $encodedString);
    15. 

  15. 

  16. 

  17. 	    if(count($infos)!=3) throw new Exception("JWT error : incorrect format", 401);
    18. 

  18. 

  19. 	    list($header64, $payloadb64, $signatureb64) = $infos;
    20. 

  20. 	    $header = $header64;
    21. 

  21. 	    $payload = $payloadb64;
    22. 

  22. 	    //header
    23. 

  23. 	    $remainder = strlen($header) % 4;
    24. 

  24. 	    if ($remainder) {
    25. 

  25. 	        $padlen = 4 - $remainder;
    26. 

  26. 	        $header .= str_repeat('=', $padlen);
    27. 

  27. 	    }
    28. 

  28. 	    $header = base64_decode(strtr($header, '-_', '+/'));
    29. 

  29. 	    $header = json_decode($header,true);
    30. 

  30. 	    //payload
    31. 

  31. 	    $remainder = strlen($payload) % 4;
    32. 

  32. 	    if ($remainder) {
    33. 

  33. 	        $padlen = 4 - $remainder;
    34. 

  34. 	        $payload .= str_repeat('=', $padlen);
    35. 

  35. 	    }
    36. 

  36. 	    $payload = base64_decode(strtr($payload, '-_', '+/'));
    37. 

  37. 	    $payload = json_decode($payload,true);
    38. 

  38. 	    //signature
    39. 

  39. 	    $remainder = strlen($signatureb64) % 4;
    40. 

  40. 	    if ($remainder) {
    41. 

  41. 	        $padlen = 4 - $remainder;
    42. 

  42. 	        $signatureb64 .= str_repeat('=', $padlen);
    43. 

  43. 	    }
    44. 

  44. 	    $signature = base64_decode(strtr($signatureb64, '-_', '+/'));
    45. 

  45. 	    $hash = hash_hmac('SHA256', "$header64.$payloadb64", $key, true);
    46. 

  46. 	    $len = min(mb_strlen($signature, '8bit'),mb_strlen($hash, '8bit')  );
    47. 

  47. 	    $status = 0;
    48. 

  48. 	    for ($i = 0; $i < $len; $i++) {
    49. 

  49. 	        $status |= (ord($signature[$i]) ^ ord($hash[$i]));
    50. 

  50. 	    }
    51. 

  51. 	    $status |= (mb_strlen($signature, '8bit') ^ mb_strlen($hash, '8bit'));
    52. 

  52. 	    $verify = ($status === 0);
    53. 

  53. 	    if(!$verify) throw new Exception("JWT error : bad signature or encryption key", 401);
    54. 

  54. 	  
    55. 

  55. 	    if($payload['exp']<time()) throw new Exception("JWT error : token is expired since ".date('d/m/Y H:i:s',$payload['exp']), 498);
    56. 

  56. 	    
    57. 

  57. 	    return $payload;
    58. 

  58. 	}
    59. 

  59. 

  60. 	//Créé un token crypté en HS256 à partir du payload / clé privée fournis
    61. 

  61. 	public static function createFromJson($payload, $key)
    62. 

  62. 	{
    63. 

  63. 

  64. 	    $header = json_encode(array('typ' => 'JWT', 'alg' => 'HS256'));
    65. 

  65. 	    $payload = json_encode($payload);
    66. 

  66. 	   	$segments = array();
    67. 

  67. 	 	$segments[] = str_replace('=', '', strtr(base64_encode($header), '+/', '-_'));
    68. 

  68. 	 	$segments[] = str_replace('=', '', strtr(base64_encode($payload), '+/', '-_'));
    69. 

  69. 	    $signing_input = implode('.', $segments);
    70. 

  70. 	    $signature =  hash_hmac('SHA256', $signing_input, $key, true);
    71. 

  71. 	    $segments[] = str_replace('=', '', strtr(base64_encode($signature), '+/', '-_'));
    72. 

  72. 	    return implode('.', $segments);
    73. 

  73. 	}
    74. 

  74. 		
    75. 

  75. }
    76. 

  76. ?>
    77.