francis94c /
ci-jwt
@@ -11,7 +11,9 @@ |
||
| 11 | 11 | */ |
| 12 | 12 | function base64url_encode(string $data) { |
| 13 | 13 | $b64 = base64_encode($data); |
| 14 | - if ($b64 === false) return false; |
|
| 14 | + if ($b64 === false) { |
|
| 15 | + return false; |
|
| 16 | + } |
|
| 15 | 17 | $url = strtr($b64, '+/', '-_'); |
| 16 | 18 | return rtrim($url, '='); |
| 17 | 19 | } |
@@ -56,7 +56,9 @@ discard block |
||
| 56 | 56 | private $algorithm; |
| 57 | 57 | |
| 58 | 58 | function __construct($params=null) { |
| 59 | - if ($params != null) $this->init($params); |
|
| 59 | + if ($params != null) { |
|
| 60 | + $this->init($params); |
|
| 61 | + } |
|
| 60 | 62 | get_instance()->load->splint("francis94c/ci-jwt", "%base64"); |
| 61 | 63 | } |
| 62 | 64 | /** |
@@ -114,21 +116,33 @@ discard block |
||
| 114 | 116 | */ |
| 115 | 117 | public function sign(string $secret=null):?string { |
| 116 | 118 | // Checks. |
| 117 | - if (count($this->payload) == 0) return null; |
|
| 119 | + if (count($this->payload) == 0) { |
|
| 120 | + return null; |
|
| 121 | + } |
|
| 118 | 122 | // $key is $secret. |
| 119 | 123 | $key = $secret ?? $this->secret; |
| 120 | 124 | $this->header["alg"] = $this->header["alg"] ?? ($this->algorithm ?? self::HS512); |
| 121 | 125 | $this->header["typ"] = $this->header["typ"] ?? self::JWT; |
| 122 | 126 | // Generate Issued At Time. |
| 123 | - if ($this->set_iat) $this->payload["iat"] = $this->payload["iat"] ?? time(); |
|
| 127 | + if ($this->set_iat) { |
|
| 128 | + $this->payload["iat"] = $this->payload["iat"] ?? time(); |
|
| 129 | + } |
|
| 124 | 130 | // Auto Expire. |
| 125 | - if ($this->auto_expire != null && !isset($this->payload["exp"])) $this->payload["exp"] = strtotime($this->auto_expire); |
|
| 131 | + if ($this->auto_expire != null && !isset($this->payload["exp"])) { |
|
| 132 | + $this->payload["exp"] = strtotime($this->auto_expire); |
|
| 133 | + } |
|
| 126 | 134 | $jwt = base64url_encode(json_encode($this->header)); |
| 127 | - if ($jwt === false) return null; |
|
| 128 | - if ($jwt != "") $jwt .= "."; |
|
| 135 | + if ($jwt === false) { |
|
| 136 | + return null; |
|
| 137 | + } |
|
| 138 | + if ($jwt != "") { |
|
| 139 | + $jwt .= "."; |
|
| 140 | + } |
|
| 129 | 141 | $payload = base64url_encode(json_encode($this->payload)); |
| 130 | 142 | $jwt .= $payload; |
| 131 | - if ($key != "") return $this->sign_token($jwt, $key, $this->header["alg"]); |
|
| 143 | + if ($key != "") { |
|
| 144 | + return $this->sign_token($jwt, $key, $this->header["alg"]); |
|
| 145 | + } |
|
| 132 | 146 | return $jwt . "."; |
| 133 | 147 | } |
| 134 | 148 | /** |
@@ -137,11 +151,17 @@ discard block |
||
| 137 | 151 | */ |
| 138 | 152 | public function token():?string { |
| 139 | 153 | // Checks. |
| 140 | - if (count($this->payload) == 0) return null; |
|
| 154 | + if (count($this->payload) == 0) { |
|
| 155 | + return null; |
|
| 156 | + } |
|
| 141 | 157 | // Begin. |
| 142 | 158 | $this->header["alg"] = self::NONE; |
| 143 | - if ($this->set_iat) $this->payload["iat"] = $this->payload["iat"] ?? time(); |
|
| 144 | - if ($this->auto_expire != null) $this->payload["exp"] = strtotime($this->auto_expire); |
|
| 159 | + if ($this->set_iat) { |
|
| 160 | + $this->payload["iat"] = $this->payload["iat"] ?? time(); |
|
| 161 | + } |
|
| 162 | + if ($this->auto_expire != null) { |
|
| 163 | + $this->payload["exp"] = strtotime($this->auto_expire); |
|
| 164 | + } |
|
| 145 | 165 | return base64url_encode(json_encode($this->header)) . "." . base64url_encode(json_encode($this->payload)) . "."; |
| 146 | 166 | } |
| 147 | 167 | /** |
@@ -151,14 +171,21 @@ discard block |
||
| 151 | 171 | * @return bool [description] |
| 152 | 172 | */ |
| 153 | 173 | public function verify(string $jwt, string $secret=null):bool { |
| 154 | - if (substr_count($jwt, ".") != 2) return false; // Invalid JWT. |
|
| 174 | + if (substr_count($jwt, ".") != 2) { |
|
| 175 | + return false; |
|
| 176 | + } |
|
| 177 | + // Invalid JWT. |
|
| 155 | 178 | $key = $secret ?? $this->secret; |
| 156 | 179 | $parts = explode(".", $jwt); |
| 157 | 180 | $header = json_decode(base64url_decode($parts[0]) ,true); |
| 158 | - if ($header == null) return false; |
|
| 181 | + if ($header == null) { |
|
| 182 | + return false; |
|
| 183 | + } |
|
| 159 | 184 | $alg = $header["alg"] ?? self::HS256; |
| 160 | 185 | $payload = json_decode(base64url_decode($parts[1]) ,true); |
| 161 | - if ($payload == null) return false; |
|
| 186 | + if ($payload == null) { |
|
| 187 | + return false; |
|
| 188 | + } |
|
| 162 | 189 | if ($parts[2] == "") { |
| 163 | 190 | return $this->allow_unsigned; |
| 164 | 191 | } |
@@ -182,9 +209,13 @@ discard block |
||
| 182 | 209 | public function decode(string $jwt):bool { |
| 183 | 210 | $parts = explode(".", $jwt); |
| 184 | 211 | $header = json_decode(base64url_decode($parts[0]), true); |
| 185 | - if ($header === false) return false; |
|
| 212 | + if ($header === false) { |
|
| 213 | + return false; |
|
| 214 | + } |
|
| 186 | 215 | $payload = json_decode(base64url_decode($parts[1]), true); |
| 187 | - if ($payload === false) return false; |
|
| 216 | + if ($payload === false) { |
|
| 217 | + return false; |
|
| 218 | + } |
|
| 188 | 219 | $this->header = $header; |
| 189 | 220 | $this->payload = $payload; |
| 190 | 221 | return true; |
@@ -226,7 +257,9 @@ discard block |
||
| 226 | 257 | * @return string Complete JWT. |
| 227 | 258 | */ |
| 228 | 259 | private function sign_token(string $token, string $key, string $alg):string { |
| 229 | - if ($alg == self::NONE) return $token . "."; |
|
| 260 | + if ($alg == self::NONE) { |
|
| 261 | + return $token . "."; |
|
| 262 | + } |
|
| 230 | 263 | $token = rtrim($token, "."); |
| 231 | 264 | $signature = hash_hmac(self::ALGOS[$alg], $token, $key); |
| 232 | 265 | return $token . "." . $signature; |
