|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
declare(strict_types=1); |
|
4
|
|
|
|
|
5
|
|
|
/* |
|
6
|
|
|
* The MIT License (MIT) |
|
7
|
|
|
* |
|
8
|
|
|
* Copyright (c) 2014-2017 Spomky-Labs |
|
9
|
|
|
* |
|
10
|
|
|
* This software may be modified and distributed under the terms |
|
11
|
|
|
* of the MIT license. See the LICENSE file for details. |
|
12
|
|
|
*/ |
|
13
|
|
|
|
|
14
|
|
|
namespace Jose\Component\Signature\Serializer; |
|
15
|
|
|
|
|
16
|
|
|
use Base64Url\Base64Url; |
|
17
|
|
|
use Jose\Component\Signature\JWS; |
|
18
|
|
|
|
|
19
|
|
|
/** |
|
20
|
|
|
* Class JSONFlattenedSerializer. |
|
21
|
|
|
*/ |
|
22
|
|
|
final class JSONFlattenedSerializer extends AbstractSerializer |
|
23
|
|
|
{ |
|
24
|
|
|
public const NAME = 'jws_json_flattened'; |
|
25
|
|
|
|
|
26
|
|
|
/** |
|
27
|
|
|
* {@inheritdoc} |
|
28
|
|
|
*/ |
|
29
|
|
|
public function name(): string |
|
30
|
|
|
{ |
|
31
|
|
|
return self::NAME; |
|
32
|
|
|
} |
|
33
|
|
|
|
|
34
|
|
|
/** |
|
35
|
|
|
* {@inheritdoc} |
|
36
|
|
|
*/ |
|
37
|
|
|
public function serialize(JWS $jws, ?int $signatureIndex = null): string |
|
38
|
|
|
{ |
|
39
|
|
|
if (null === $signatureIndex) { |
|
40
|
|
|
$signatureIndex = 0; |
|
41
|
|
|
} |
|
42
|
|
|
$signature = $jws->getSignature($signatureIndex); |
|
43
|
|
|
|
|
44
|
|
|
$data = []; |
|
45
|
|
|
$values = [ |
|
46
|
|
|
'payload' => $jws->getEncodedPayload(), |
|
47
|
|
|
'protected' => $signature->getEncodedProtectedHeaders(), |
|
48
|
|
|
'header' => $signature->getHeaders(), |
|
49
|
|
|
]; |
|
50
|
|
|
|
|
51
|
|
|
foreach ($values as $key => $value) { |
|
52
|
|
|
if (!empty($value)) { |
|
53
|
|
|
$data[$key] = $value; |
|
54
|
|
|
} |
|
55
|
|
|
} |
|
56
|
|
|
$data['signature'] = Base64Url::encode($signature->getSignature()); |
|
57
|
|
|
|
|
58
|
|
|
return json_encode($data); |
|
59
|
|
|
} |
|
60
|
|
|
|
|
61
|
|
|
/** |
|
62
|
|
|
* {@inheritdoc} |
|
63
|
|
|
*/ |
|
64
|
|
|
public function unserialize(string $input): JWS |
|
65
|
|
|
{ |
|
66
|
|
|
$data = json_decode($input, true); |
|
67
|
|
|
if (!is_array($data) || !array_key_exists('signature', $data)) { |
|
68
|
|
|
throw new \InvalidArgumentException('Unsupported input.'); |
|
69
|
|
|
} |
|
70
|
|
|
|
|
71
|
|
|
$signature = Base64Url::decode($data['signature']); |
|
72
|
|
|
|
|
73
|
|
|
if (array_key_exists('protected', $data)) { |
|
74
|
|
|
$encodedProtectedHeaders = $data['protected']; |
|
75
|
|
|
$protectedHeaders = json_decode(Base64Url::decode($data['protected']), true); |
|
76
|
|
|
} else { |
|
77
|
|
|
$encodedProtectedHeaders = null; |
|
78
|
|
|
$protectedHeaders = []; |
|
79
|
|
|
} |
|
80
|
|
|
if (array_key_exists('header', $data)) { |
|
81
|
|
|
if (!is_array($data['header'])) { |
|
82
|
|
|
throw new \InvalidArgumentException('Bad header.'); |
|
83
|
|
|
} |
|
84
|
|
|
$headers = $data['header']; |
|
85
|
|
|
} else { |
|
86
|
|
|
$headers = []; |
|
87
|
|
|
} |
|
88
|
|
|
|
|
89
|
|
|
if (array_key_exists('payload', $data)) { |
|
90
|
|
|
$encodedPayload = $data['payload']; |
|
91
|
|
|
$payload = $this->isPayloadEncoded($protectedHeaders) ? Base64Url::decode($encodedPayload) : $encodedPayload; |
|
92
|
|
|
} else { |
|
93
|
|
|
$payload = null; |
|
94
|
|
|
$encodedPayload = null; |
|
95
|
|
|
} |
|
96
|
|
|
|
|
97
|
|
|
$jws = JWS::create($payload, $encodedPayload, empty($parts[1])); |
|
|
|
|
|
|
98
|
|
|
$jws = $jws->addSignature($signature, $protectedHeaders, $encodedProtectedHeaders, $headers); |
|
99
|
|
|
|
|
100
|
|
|
return $jws; |
|
101
|
|
|
} |
|
102
|
|
|
} |
|
103
|
|
|
|
Spomky-Labs /
jose
This check looks for calls to
isset(...)orempty()on variables that are yet undefined. These calls will always produce the same result and can be removed.This is most likely caused by the renaming of a variable or the removal of a function/method parameter.