Viewing file:  Token.php (9.97 KB) -rw-r--r--
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
<?php
/**
* This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
*
* @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
*/
namespace Lcobucci\JWT;
use DateTimeImmutable;
use DateTimeInterface;
use Generator;
use Lcobucci\JWT\Claim\Factory;
use Lcobucci\JWT\Claim\Validatable;
use Lcobucci\JWT\Signer\Key;
use Lcobucci\JWT\Token\DataSet;
use Lcobucci\JWT\Token\RegisteredClaims;
use OutOfBoundsException;
use function current;
use function func_num_args;
use function in_array;
use function is_array;
use function sprintf;
use function trigger_error;
use const E_USER_DEPRECATED;
/**
* Basic structure of the JWT
*
* @author Luís Otávio Cobucci Oblonczyk <lcobucci@gmail.com>
* @since 0.1.0
*/
class Token
{
/**
* The token headers
*
* @var DataSet
*/
private $headers;
/**
* The token claim set
*
* @var DataSet
*/
private $claims;
/**
* The token signature
*
* @var Signature
*/
private $signature;
/**
* @internal This serves just as compatibility layer
*
* @var Factory
*/
private $claimFactory;
/**
* Initializes the object
*
* @param array|DataSet $headers
* @param array|DataSet $claims
* @param Signature|null $signature
* @param array $payload
* @param Factory|null $claimFactory
*/
public function __construct(
$headers = ['alg' => 'none'],
$claims = [],
Signature $signature = null,
array $payload = ['', ''],
Factory $claimFactory = null
) {
$this->headers = $this->convertToDataSet($headers, $payload[0]);
$this->claims = $this->convertToDataSet($claims, $payload[1]);
$this->signature = $signature ?: Signature::fromEmptyData();
$this->claimFactory = $claimFactory ?: new Factory();
}
/**
* @param array|DataSet $data
* @param string $payload
*/
private function convertToDataSet($data, $payload)
{
if ($data instanceof DataSet) {
return $data;
}
return new DataSet($data, $payload);
}
/** @return DataSet */
public function headers()
{
return $this->headers;
}
/**
* Returns the token headers
*
* @deprecated This method has been removed from the interface in v4.0
* @see Token::headers()
*
* @return array
*/
public function getHeaders()
{
$items = [];
foreach ($this->headers->all() as $name => $value) {
if (! in_array($name, RegisteredClaims::ALL, true) || ! $this->claims->has($name)) {
$items[$name] = $value;
continue;
}
$items[$name] = $this->claimFactory->create($name, $value);
}
return $items;
}
/**
* Returns if the header is configured
*
* @deprecated This method has been removed from the interface in v4.0
* @see Token::headers()
* @see DataSet::has()
*
* @param string $name
*
* @return boolean
*/
public function hasHeader($name)
{
return $this->headers->has($name);
}
/**
* Returns the value of a token header
*
* @deprecated This method has been removed from the interface in v4.0
* @see Token::headers()
* @see DataSet::has()
*
* @param string $name
* @param mixed $default
*
* @return mixed
*
* @throws OutOfBoundsException
*/
public function getHeader($name, $default = null)
{
if (func_num_args() === 1 && ! $this->headers->has($name)) {
throw new OutOfBoundsException(sprintf('Requested header "%s" is not configured', $name));
}
return $this->headers->get($name, $default);
}
/** @return DataSet */
public function claims()
{
return $this->claims;
}
/**
* Returns the token claim set
*
* @deprecated This method has been removed from the interface in v4.0
* @see Token::claims()
*
* @return array
*/
public function getClaims()
{
$items = [];
foreach ($this->claims->all() as $name => $value) {
$items[$name] = $this->claimFactory->create($name, $value);
}
return $items;
}
/**
* Returns if the claim is configured
*
* @deprecated This method has been removed from the interface in v4.0
* @see Token::claims()
* @see DataSet::has()
*
* @param string $name
*
* @return boolean
*/
public function hasClaim($name)
{
return $this->claims->has($name);
}
/**
* Returns the value of a token claim
*
* @deprecated This method has been removed from the interface in v4.0
* @see Token::claims()
* @see DataSet::get()
*
* @param string $name
* @param mixed $default
*
* @return mixed
*
* @throws OutOfBoundsException
*/
public function getClaim($name, $default = null)
{
if (func_num_args() === 1 && ! $this->claims->has($name)) {
throw new OutOfBoundsException(sprintf('Requested header "%s" is not configured', $name));
}
$value = $this->claims->get($name, $default);
if ($value instanceof DateTimeImmutable && in_array($name, RegisteredClaims::DATE_CLAIMS, true)) {
return $value->getTimestamp();
}
if ($name === RegisteredClaims::AUDIENCE && is_array($value)) {
if (count($value) > 1) {
trigger_error('You will only get the first array entry as a string. Use Token::claims()->get() instead.', E_USER_DEPRECATED);
}
return current($value);
}
return $value;
}
/**
* Verify if the key matches with the one that created the signature
*
* @deprecated This method has been removed from the interface in v4.0
* @see \Lcobucci\JWT\Validation\Validator
*
* @param Signer $signer
* @param Key|string $key
*
* @return boolean
*/
public function verify(Signer $signer, $key)
{
if ($this->headers->get('alg') !== $signer->getAlgorithmId()) {
return false;
}
return $this->signature->verify($signer, $this->getPayload(), $key);
}
/**
* Validates if the token is valid
*
* @deprecated This method has been removed from the interface in v4.0
* @see \Lcobucci\JWT\Validation\Validator
*
* @param ValidationData $data
*
* @return boolean
*/
public function validate(ValidationData $data)
{
foreach ($this->getValidatableClaims() as $claim) {
if (!$claim->validate($data)) {
return false;
}
}
return true;
}
/**
* Determine if the token is expired.
*
* @param DateTimeInterface|null $now Defaults to the current time.
*
* @return bool
*/
public function isExpired(DateTimeInterface $now = null)
{
if (! $this->claims->has('exp')) {
return false;
}
if ($now === null) {
trigger_error('Not providing the current time is deprecated. Please pass an instance of DateTimeInterface.', E_USER_DEPRECATED);
}
$now = $now ?: new DateTimeImmutable();
return $now >= $this->claims->get(RegisteredClaims::EXPIRATION_TIME);
}
/**
* @param string $audience
*
* @return bool
*/
public function isPermittedFor($audience)
{
return in_array($audience, $this->claims->get(RegisteredClaims::AUDIENCE, []), true);
}
/**
* @param string $id
*
* @return bool
*/
public function isIdentifiedBy($id)
{
return $this->claims->get(RegisteredClaims::ID) === $id;
}
/**
* @param string $subject
*
* @return bool
*/
public function isRelatedTo($subject)
{
return $this->claims->get(RegisteredClaims::SUBJECT) === $subject;
}
/**
* @param list<string> $issuers
*
* @return bool
*/
public function hasBeenIssuedBy(...$issuers)
{
return in_array($this->claims->get(RegisteredClaims::ISSUER), $issuers, true);
}
/**
* @param DateTimeInterface $now
*
* @return bool
*/
public function hasBeenIssuedBefore(DateTimeInterface $now)
{
return $now >= $this->claims->get(RegisteredClaims::ISSUED_AT);
}
/**
* @param DateTimeInterface $now
*
* @return bool
*/
public function isMinimumTimeBefore(DateTimeInterface $now)
{
return $now >= $this->claims->get(RegisteredClaims::NOT_BEFORE);
}
/**
* Yields the validatable claims
*
* @return Generator
*/
private function getValidatableClaims()
{
foreach ($this->getClaims() as $claim) {
if ($claim instanceof Validatable) {
yield $claim;
}
}
}
/**
* Returns the token payload
*
* @deprecated This method has been removed from the interface in v4.0
* @see Token::payload()
*
* @return string
*/
public function getPayload()
{
return $this->payload();
}
/**
* Returns the token payload
*
* @return string
*/
public function payload()
{
return $this->headers->toString() . '.' . $this->claims->toString();
}
/** @return Signature */
public function signature()
{
return $this->signature;
}
/**
* Returns an encoded representation of the token
*
* @deprecated This method has been removed from the interface in v4.0
* @see Token::toString()
*
* @return string
*/
public function __toString()
{
return $this->toString();
}
/** @return string */
public function toString()
{
return $this->headers->toString() . '.'
. $this->claims->toString() . '.'
. $this->signature->toString();
}
}
|