francis94c /
ci-jwt
@@ -11,7 +11,9 @@ |
||
| 11 | 11 | */ |
| 12 | 12 | function base64url_encode(string $data) { |
| 13 | 13 | $b64 = base64_encode($data); |
| 14 | - if ($b64 === false) return false; |
|
| 14 | + if ($b64 === false) { |
|
| 15 | + return false; |
|
| 16 | + } |
|
| 15 | 17 | $url = strtr($b64, '+/', '-_'); |
| 16 | 18 | return rtrim($url, '='); |
| 17 | 19 | } |
@@ -49,7 +49,9 @@ discard block |
||
| 49 | 49 | private $auto_expire; |
| 50 | 50 | |
| 51 | 51 | function __construct($params=null) { |
| 52 | - if ($params != null) $this->init($params); |
|
| 52 | + if ($params != null) { |
|
| 53 | + $this->init($params); |
|
| 54 | + } |
|
| 53 | 55 | get_instance()->load->splint("francis94c/ci-jwt", "%base64"); |
| 54 | 56 | } |
| 55 | 57 | /** |
@@ -106,21 +108,33 @@ discard block |
||
| 106 | 108 | */ |
| 107 | 109 | public function sign(string $secret=null):?string { |
| 108 | 110 | // Checks. |
| 109 | - if (count($this->payload) == 0) return null; |
|
| 111 | + if (count($this->payload) == 0) { |
|
| 112 | + return null; |
|
| 113 | + } |
|
| 110 | 114 | // $key is $secret. |
| 111 | 115 | $key = $secret ?? $this->secret; |
| 112 | 116 | $this->header["alg"] = $this->header["alg"] ?? self::HS256; |
| 113 | 117 | $this->header["typ"] = $this->header["typ"] ?? self::JWT; |
| 114 | 118 | // Generate Issued At Time. |
| 115 | - if ($this->set_iat) $this->payload["iat"] = $this->payload["iat"] ?? time(); |
|
| 119 | + if ($this->set_iat) { |
|
| 120 | + $this->payload["iat"] = $this->payload["iat"] ?? time(); |
|
| 121 | + } |
|
| 116 | 122 | // Auto Expire. |
| 117 | - if ($this->auto_expire != null) $this->payload["exp"] = strtotime($this->auto_expire); |
|
| 123 | + if ($this->auto_expire != null) { |
|
| 124 | + $this->payload["exp"] = strtotime($this->auto_expire); |
|
| 125 | + } |
|
| 118 | 126 | $jwt = base64url_encode(json_encode($this->header)); |
| 119 | - if ($jwt === false) return null; |
|
| 120 | - if ($jwt != "") $jwt .= "."; |
|
| 127 | + if ($jwt === false) { |
|
| 128 | + return null; |
|
| 129 | + } |
|
| 130 | + if ($jwt != "") { |
|
| 131 | + $jwt .= "."; |
|
| 132 | + } |
|
| 121 | 133 | $payload = base64url_encode(json_encode($this->payload)); |
| 122 | 134 | $jwt .= $payload; |
| 123 | - if ($key != "") return $this->sign_token($jwt, $key, $this->header["alg"]); |
|
| 135 | + if ($key != "") { |
|
| 136 | + return $this->sign_token($jwt, $key, $this->header["alg"]); |
|
| 137 | + } |
|
| 124 | 138 | return $jwt . "."; |
| 125 | 139 | } |
| 126 | 140 | /** |
@@ -129,11 +143,17 @@ discard block |
||
| 129 | 143 | */ |
| 130 | 144 | public function token():?string { |
| 131 | 145 | // Checks. |
| 132 | - if (count($this->payload) == 0) return null; |
|
| 146 | + if (count($this->payload) == 0) { |
|
| 147 | + return null; |
|
| 148 | + } |
|
| 133 | 149 | // Begin. |
| 134 | 150 | $this->header["alg"] = self::NONE; |
| 135 | - if ($this->set_iat) $this->payload["iat"] = $this->payload["iat"] ?? time(); |
|
| 136 | - if ($this->auto_expire != null) $this->payload["exp"] = strtotime($this->auto_expire); |
|
| 151 | + if ($this->set_iat) { |
|
| 152 | + $this->payload["iat"] = $this->payload["iat"] ?? time(); |
|
| 153 | + } |
|
| 154 | + if ($this->auto_expire != null) { |
|
| 155 | + $this->payload["exp"] = strtotime($this->auto_expire); |
|
| 156 | + } |
|
| 137 | 157 | return base64url_encode(json_encode($this->header)) . "." . base64url_encode(json_encode($this->payload)) . "."; |
| 138 | 158 | } |
| 139 | 159 | /** |
@@ -143,14 +163,21 @@ discard block |
||
| 143 | 163 | * @return bool [description] |
| 144 | 164 | */ |
| 145 | 165 | public function verify(string $jwt, string $secret=null):bool { |
| 146 | - if (substr_count($jwt, ".") != 2) return false; // Invalid JWT. |
|
| 166 | + if (substr_count($jwt, ".") != 2) { |
|
| 167 | + return false; |
|
| 168 | + } |
|
| 169 | + // Invalid JWT. |
|
| 147 | 170 | $key = $secret ?? $this->secret; |
| 148 | 171 | $parts = explode(".", $jwt); |
| 149 | 172 | $header = json_decode(base64url_decode($parts[0]) ,true); |
| 150 | - if ($header == null) return false; |
|
| 173 | + if ($header == null) { |
|
| 174 | + return false; |
|
| 175 | + } |
|
| 151 | 176 | $alg = $header["alg"] ?? self::HS256; |
| 152 | 177 | $payload = json_decode(base64url_decode($parts[1]) ,true); |
| 153 | - if ($payload == null) return false; |
|
| 178 | + if ($payload == null) { |
|
| 179 | + return false; |
|
| 180 | + } |
|
| 154 | 181 | if ($parts[2] == "") { |
| 155 | 182 | return $this->allow_unsigned; |
| 156 | 183 | } |
@@ -174,9 +201,13 @@ discard block |
||
| 174 | 201 | public function decode(string $jwt):bool { |
| 175 | 202 | $parts = explode(".", $jwt); |
| 176 | 203 | $header = json_decode(base64url_decode($parts[0]), true); |
| 177 | - if ($header === false) return false; |
|
| 204 | + if ($header === false) { |
|
| 205 | + return false; |
|
| 206 | + } |
|
| 178 | 207 | $payload = json_decode(base64url_decode($parts[1]), true); |
| 179 | - if ($payload === false) return false; |
|
| 208 | + if ($payload === false) { |
|
| 209 | + return false; |
|
| 210 | + } |
|
| 180 | 211 | $this->header = $header; |
| 181 | 212 | $this->payload = $payload; |
| 182 | 213 | return true; |
@@ -218,7 +249,9 @@ discard block |
||
| 218 | 249 | * @return string Complete JWT. |
| 219 | 250 | */ |
| 220 | 251 | private function sign_token(string $token, string $key, string $alg):string { |
| 221 | - if ($alg == self::NONE) return $token . "."; |
|
| 252 | + if ($alg == self::NONE) { |
|
| 253 | + return $token . "."; |
|
| 254 | + } |
|
| 222 | 255 | $token = rtrim($token, "."); |
| 223 | 256 | $signature = hash_hmac(self::ALGOS[$alg], $token, $key); |
| 224 | 257 | return $token . "." . $signature; |
