francis94c /
ci-jwt
@@ -11,7 +11,9 @@ |
||
| 11 | 11 | */ |
| 12 | 12 | function base64url_encode(string $data) { |
| 13 | 13 | $b64 = base64_encode($data); |
| 14 | - if ($b64 === false) return false; |
|
| 14 | + if ($b64 === false) { |
|
| 15 | + return false; |
|
| 16 | + } |
|
| 15 | 17 | $url = strtr($b64, '+/', '-_'); |
| 16 | 18 | return rtrim($url, '='); |
| 17 | 19 | } |
@@ -71,7 +71,9 @@ discard block |
||
| 71 | 71 | */ |
| 72 | 72 | public function __construct(?array $params=null) |
| 73 | 73 | { |
| 74 | - if ($params != null) $this->init($params); |
|
| 74 | + if ($params != null) { |
|
| 75 | + $this->init($params); |
|
| 76 | + } |
|
| 75 | 77 | get_instance()->load->splint("francis94c/ci-jwt", "%base64"); |
| 76 | 78 | } |
| 77 | 79 | |
@@ -106,7 +108,9 @@ discard block |
||
| 106 | 108 | */ |
| 107 | 109 | public function header(string $key, $value=null) |
| 108 | 110 | { |
| 109 | - if ($value === null) return $this->header[$key]; |
|
| 111 | + if ($value === null) { |
|
| 112 | + return $this->header[$key]; |
|
| 113 | + } |
|
| 110 | 114 | $this->header[$key] = $value; |
| 111 | 115 | return $this; |
| 112 | 116 | } |
@@ -129,7 +133,9 @@ discard block |
||
| 129 | 133 | */ |
| 130 | 134 | public function payload(string $key, $value=null) |
| 131 | 135 | { |
| 132 | - if ($value === null) return $this->payload[$key]; |
|
| 136 | + if ($value === null) { |
|
| 137 | + return $this->payload[$key]; |
|
| 138 | + } |
|
| 133 | 139 | $this->payload[$key] = $value; |
| 134 | 140 | return $this; |
| 135 | 141 | } |
@@ -143,7 +149,9 @@ discard block |
||
| 143 | 149 | */ |
| 144 | 150 | public function __call(string $method, array $args) |
| 145 | 151 | { |
| 146 | - if (count($args) == 0) return $this->payload[$method]; |
|
| 152 | + if (count($args) == 0) { |
|
| 153 | + return $this->payload[$method]; |
|
| 154 | + } |
|
| 147 | 155 | $this->payload[$method] = $args[0]; |
| 148 | 156 | return $this; |
| 149 | 157 | } |
@@ -156,7 +164,9 @@ discard block |
||
| 156 | 164 | */ |
| 157 | 165 | public function iss(string $iss=null) |
| 158 | 166 | { |
| 159 | - if ($iss === null) return $this->payload['iss']; |
|
| 167 | + if ($iss === null) { |
|
| 168 | + return $this->payload['iss']; |
|
| 169 | + } |
|
| 160 | 170 | $this->payload['iss'] = $iss; |
| 161 | 171 | return $this; |
| 162 | 172 | } |
@@ -188,21 +198,33 @@ discard block |
||
| 188 | 198 | */ |
| 189 | 199 | public function sign(string $secret=null):?string { |
| 190 | 200 | // Checks. |
| 191 | - if (count($this->payload) == 0) return null; |
|
| 201 | + if (count($this->payload) == 0) { |
|
| 202 | + return null; |
|
| 203 | + } |
|
| 192 | 204 | // $key is $secret. |
| 193 | 205 | $key = $secret ?? $this->secret; |
| 194 | 206 | $this->header["alg"] = $this->header["alg"] ?? ($this->algorithm ?? self::HS512); |
| 195 | 207 | $this->header["typ"] = $this->header["typ"] ?? self::JWT; |
| 196 | 208 | // Generate Issued At Time. |
| 197 | - if ($this->set_iat) $this->payload["iat"] = $this->payload['iat'] ?? time(); |
|
| 209 | + if ($this->set_iat) { |
|
| 210 | + $this->payload["iat"] = $this->payload['iat'] ?? time(); |
|
| 211 | + } |
|
| 198 | 212 | // Auto Expire. |
| 199 | - if ($this->auto_expire != null && !isset($this->payload['exp'])) $this->payload['exp'] = strtotime($this->auto_expire); |
|
| 213 | + if ($this->auto_expire != null && !isset($this->payload['exp'])) { |
|
| 214 | + $this->payload['exp'] = strtotime($this->auto_expire); |
|
| 215 | + } |
|
| 200 | 216 | $jwt = base64url_encode(json_encode($this->header)); |
| 201 | - if ($jwt === false) return null; |
|
| 202 | - if ($jwt != "") $jwt .= "."; |
|
| 217 | + if ($jwt === false) { |
|
| 218 | + return null; |
|
| 219 | + } |
|
| 220 | + if ($jwt != "") { |
|
| 221 | + $jwt .= "."; |
|
| 222 | + } |
|
| 203 | 223 | $payload = base64url_encode(json_encode($this->payload)); |
| 204 | 224 | $jwt .= $payload; |
| 205 | - if ($key != "") return $this->sign_token($jwt, $key, $this->header["alg"]); |
|
| 225 | + if ($key != "") { |
|
| 226 | + return $this->sign_token($jwt, $key, $this->header["alg"]); |
|
| 227 | + } |
|
| 206 | 228 | return $jwt . "."; |
| 207 | 229 | } |
| 208 | 230 | |
@@ -213,11 +235,17 @@ discard block |
||
| 213 | 235 | public function token():?string |
| 214 | 236 | { |
| 215 | 237 | // Checks. |
| 216 | - if (count($this->payload) == 0) return null; |
|
| 238 | + if (count($this->payload) == 0) { |
|
| 239 | + return null; |
|
| 240 | + } |
|
| 217 | 241 | // Begin. |
| 218 | 242 | $this->header["alg"] = self::NONE; |
| 219 | - if ($this->set_iat) $this->payload["iat"] = $this->payload["iat"] ?? time(); |
|
| 220 | - if ($this->auto_expire != null) $this->payload["exp"] = strtotime($this->auto_expire); |
|
| 243 | + if ($this->set_iat) { |
|
| 244 | + $this->payload["iat"] = $this->payload["iat"] ?? time(); |
|
| 245 | + } |
|
| 246 | + if ($this->auto_expire != null) { |
|
| 247 | + $this->payload["exp"] = strtotime($this->auto_expire); |
|
| 248 | + } |
|
| 221 | 249 | return base64url_encode(json_encode($this->header)) . "." . base64url_encode(json_encode($this->payload)) . "."; |
| 222 | 250 | } |
| 223 | 251 | |
@@ -228,14 +256,21 @@ discard block |
||
| 228 | 256 | * @return bool [description] |
| 229 | 257 | */ |
| 230 | 258 | public function verify(string $jwt, string $secret=null):bool { |
| 231 | - if (substr_count($jwt, ".") != 2) return false; // Invalid JWT. |
|
| 259 | + if (substr_count($jwt, ".") != 2) { |
|
| 260 | + return false; |
|
| 261 | + } |
|
| 262 | + // Invalid JWT. |
|
| 232 | 263 | $key = $secret ?? $this->secret; |
| 233 | 264 | $parts = explode(".", $jwt); |
| 234 | 265 | $header = json_decode(base64url_decode($parts[0]) ,true); |
| 235 | - if ($header == null) return false; |
|
| 266 | + if ($header == null) { |
|
| 267 | + return false; |
|
| 268 | + } |
|
| 236 | 269 | $alg = $this->algorithm ?? $header["alg"] ?? self::HS256; |
| 237 | 270 | $payload = json_decode(base64url_decode($parts[1]) ,true); |
| 238 | - if ($payload == null) return false; |
|
| 271 | + if ($payload == null) { |
|
| 272 | + return false; |
|
| 273 | + } |
|
| 239 | 274 | if ($parts[2] == "") { |
| 240 | 275 | return $this->allow_unsigned; |
| 241 | 276 | } |
@@ -262,9 +297,13 @@ discard block |
||
| 262 | 297 | public function decode(string $jwt):bool { |
| 263 | 298 | $parts = explode(".", $jwt); |
| 264 | 299 | $header = json_decode(base64url_decode($parts[0]), true); |
| 265 | - if ($header === false) return false; |
|
| 300 | + if ($header === false) { |
|
| 301 | + return false; |
|
| 302 | + } |
|
| 266 | 303 | $payload = json_decode(base64url_decode($parts[1]), true); |
| 267 | - if ($payload === false) return false; |
|
| 304 | + if ($payload === false) { |
|
| 305 | + return false; |
|
| 306 | + } |
|
| 268 | 307 | $this->header = $header; |
| 269 | 308 | $this->payload = $payload; |
| 270 | 309 | return true; |
@@ -311,7 +350,9 @@ discard block |
||
| 311 | 350 | */ |
| 312 | 351 | private function sign_token(string $token, string $key, string $alg):string |
| 313 | 352 | { |
| 314 | - if ($alg == self::NONE) return $token . "."; |
|
| 353 | + if ($alg == self::NONE) { |
|
| 354 | + return $token . "."; |
|
| 355 | + } |
|
| 315 | 356 | $token = rtrim($token, "."); |
| 316 | 357 | $signature = hash_hmac(self::ALGOS[$alg], $token, $key); |
| 317 | 358 | return $token . "." . $signature; |
