sop / jwx

lib/JWX/JWK/JWKSet.php

Spacing +2 added lines, -2 removed lines

@@ -65,7 +65,7 @@ 
                 "JWK Set must have a 'keys' member.");
         }
         $jwks = array_map(
-            function ($jwkdata) {
+            function($jwkdata) {
                 return JWK::fromArray($jwkdata);
             }, $members["keys"]);
         unset($members["keys"]);
@@ -198,7 +198,7 @@ 
     {
         $data = $this->_additional;
         $data["keys"] = array_map(
-            function (JWK $jwk) {
+            function(JWK $jwk) {
                 return $jwk->toArray();
             }, $this->_jwks);
         return $data;

Indentation +223 added lines, -223 removed lines

@@ -13,227 +13,227 @@
  */
 class JWKSet implements \Countable, \IteratorAggregate
 {
-    /**
-     * JWK objects.
-     *
-     * @var JWK[] $_jwks
-     */
-    protected $_jwks;
-    
-    /**
-     * Additional members.
-     *
-     * @var array $_additional
-     */
-    protected $_additional;
-    
-    /**
-     * JWK mappings.
-     *
-     * @var array
-     */
-    private $_mappings = array();
-    
-    /**
-     * Constructor.
-     *
-     * @param JWK ...$jwks
-     */
-    public function __construct(JWK ...$jwks)
-    {
-        $this->_jwks = $jwks;
-        $this->_additional = array();
-    }
-    
-    /**
-     * Reset internal cache variables on clone.
-     */
-    public function __clone()
-    {
-        $this->_mappings = array();
-    }
-    
-    /**
-     * Initialize from an array representing a JSON object.
-     *
-     * @param array $members
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    public static function fromArray(array $members): self
-    {
-        if (!isset($members["keys"]) || !is_array($members["keys"])) {
-            throw new \UnexpectedValueException(
-                "JWK Set must have a 'keys' member.");
-        }
-        $jwks = array_map(
-            function ($jwkdata) {
-                return JWK::fromArray($jwkdata);
-            }, $members["keys"]);
-        unset($members["keys"]);
-        $obj = new self(...$jwks);
-        $obj->_additional = $members;
-        return $obj;
-    }
-    
-    /**
-     * Initialize from a JSON string.
-     *
-     * @param string $json
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    public static function fromJSON(string $json): self
-    {
-        $members = json_decode($json, true, 32, JSON_BIGINT_AS_STRING);
-        if (!is_array($members)) {
-            throw new \UnexpectedValueException("Invalid JSON.");
-        }
-        return self::fromArray($members);
-    }
-    
-    /**
-     * Get self with keys added.
-     *
-     * @param JWK ...$keys JWK objects
-     * @return self
-     */
-    public function withKeys(JWK ...$keys): self
-    {
-        $obj = clone $this;
-        $obj->_jwks = array_merge($obj->_jwks, $keys);
-        return $obj;
-    }
-    
-    /**
-     * Get all JWK's in a set.
-     *
-     * @return JWK[]
-     */
-    public function keys(): array
-    {
-        return $this->_jwks;
-    }
-    
-    /**
-     * Get the first JWK in the set.
-     *
-     * @throws \LogicException
-     * @return JWK
-     */
-    public function first(): JWK
-    {
-        if (!count($this->_jwks)) {
-            throw new \LogicException("No keys.");
-        }
-        return $this->_jwks[0];
-    }
-    
-    /**
-     * Get JWK by key ID.
-     *
-     * @param string $id
-     * @return JWK|null Null if not found
-     */
-    protected function _getKeyByID(string $id)
-    {
-        $map = $this->_getMapping(JWKParameter::PARAM_KEY_ID);
-        return isset($map[$id]) ? $map[$id] : null;
-    }
-    
-    /**
-     * Check whether set has a JWK with a given key ID.
-     *
-     * @param string $id
-     * @return bool
-     */
-    public function hasKeyID(string $id): bool
-    {
-        return $this->_getKeyByID($id) !== null;
-    }
-    
-    /**
-     * Get a JWK by a key ID.
-     *
-     * @param string $id
-     * @throws \LogicException
-     * @return JWK
-     */
-    public function keyByID(string $id): JWK
-    {
-        $jwk = $this->_getKeyByID($id);
-        if (!$jwk) {
-            throw new \LogicException("No key ID $id.");
-        }
-        return $jwk;
-    }
-    
-    /**
-     * Get mapping from parameter values of given parameter name to JWK.
-     *
-     * Later duplicate value shall override earlier JWK.
-     *
-     * @param string $name Parameter name
-     * @return array
-     */
-    protected function _getMapping(string $name): array
-    {
-        if (!isset($this->_mappings[$name])) {
-            $mapping = array();
-            foreach ($this->_jwks as $jwk) {
-                if ($jwk->has($name)) {
-                    $key = (string) $jwk->get($name)->value();
-                    $mapping[$key] = $jwk;
-                }
-            }
-            $this->_mappings[$name] = $mapping;
-        }
-        return $this->_mappings[$name];
-    }
-    
-    /**
-     * Convert to array.
-     *
-     * @return array
-     */
-    public function toArray(): array
-    {
-        $data = $this->_additional;
-        $data["keys"] = array_map(
-            function (JWK $jwk) {
-                return $jwk->toArray();
-            }, $this->_jwks);
-        return $data;
-    }
-    
-    /**
-     * Convert to JSON.
-     *
-     * @return string
-     */
-    public function toJSON(): string
-    {
-        return json_encode((object) $this->toArray(), JSON_UNESCAPED_SLASHES);
-    }
-    
-    /**
-     * Get the number of keys.
-     *
-     * @see \Countable::count()
-     */
-    public function count(): int
-    {
-        return count($this->_jwks);
-    }
-    
-    /**
-     * Get iterator for JWK objects.
-     *
-     * @see \IteratorAggregate::getIterator()
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_jwks);
-    }
+	/**
+	 * JWK objects.
+	 *
+	 * @var JWK[] $_jwks
+	 */
+	protected $_jwks;
+    
+	/**
+	 * Additional members.
+	 *
+	 * @var array $_additional
+	 */
+	protected $_additional;
+    
+	/**
+	 * JWK mappings.
+	 *
+	 * @var array
+	 */
+	private $_mappings = array();
+    
+	/**
+	 * Constructor.
+	 *
+	 * @param JWK ...$jwks
+	 */
+	public function __construct(JWK ...$jwks)
+	{
+		$this->_jwks = $jwks;
+		$this->_additional = array();
+	}
+    
+	/**
+	 * Reset internal cache variables on clone.
+	 */
+	public function __clone()
+	{
+		$this->_mappings = array();
+	}
+    
+	/**
+	 * Initialize from an array representing a JSON object.
+	 *
+	 * @param array $members
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	public static function fromArray(array $members): self
+	{
+		if (!isset($members["keys"]) || !is_array($members["keys"])) {
+			throw new \UnexpectedValueException(
+				"JWK Set must have a 'keys' member.");
+		}
+		$jwks = array_map(
+			function ($jwkdata) {
+				return JWK::fromArray($jwkdata);
+			}, $members["keys"]);
+		unset($members["keys"]);
+		$obj = new self(...$jwks);
+		$obj->_additional = $members;
+		return $obj;
+	}
+    
+	/**
+	 * Initialize from a JSON string.
+	 *
+	 * @param string $json
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	public static function fromJSON(string $json): self
+	{
+		$members = json_decode($json, true, 32, JSON_BIGINT_AS_STRING);
+		if (!is_array($members)) {
+			throw new \UnexpectedValueException("Invalid JSON.");
+		}
+		return self::fromArray($members);
+	}
+    
+	/**
+	 * Get self with keys added.
+	 *
+	 * @param JWK ...$keys JWK objects
+	 * @return self
+	 */
+	public function withKeys(JWK ...$keys): self
+	{
+		$obj = clone $this;
+		$obj->_jwks = array_merge($obj->_jwks, $keys);
+		return $obj;
+	}
+    
+	/**
+	 * Get all JWK's in a set.
+	 *
+	 * @return JWK[]
+	 */
+	public function keys(): array
+	{
+		return $this->_jwks;
+	}
+    
+	/**
+	 * Get the first JWK in the set.
+	 *
+	 * @throws \LogicException
+	 * @return JWK
+	 */
+	public function first(): JWK
+	{
+		if (!count($this->_jwks)) {
+			throw new \LogicException("No keys.");
+		}
+		return $this->_jwks[0];
+	}
+    
+	/**
+	 * Get JWK by key ID.
+	 *
+	 * @param string $id
+	 * @return JWK|null Null if not found
+	 */
+	protected function _getKeyByID(string $id)
+	{
+		$map = $this->_getMapping(JWKParameter::PARAM_KEY_ID);
+		return isset($map[$id]) ? $map[$id] : null;
+	}
+    
+	/**
+	 * Check whether set has a JWK with a given key ID.
+	 *
+	 * @param string $id
+	 * @return bool
+	 */
+	public function hasKeyID(string $id): bool
+	{
+		return $this->_getKeyByID($id) !== null;
+	}
+    
+	/**
+	 * Get a JWK by a key ID.
+	 *
+	 * @param string $id
+	 * @throws \LogicException
+	 * @return JWK
+	 */
+	public function keyByID(string $id): JWK
+	{
+		$jwk = $this->_getKeyByID($id);
+		if (!$jwk) {
+			throw new \LogicException("No key ID $id.");
+		}
+		return $jwk;
+	}
+    
+	/**
+	 * Get mapping from parameter values of given parameter name to JWK.
+	 *
+	 * Later duplicate value shall override earlier JWK.
+	 *
+	 * @param string $name Parameter name
+	 * @return array
+	 */
+	protected function _getMapping(string $name): array
+	{
+		if (!isset($this->_mappings[$name])) {
+			$mapping = array();
+			foreach ($this->_jwks as $jwk) {
+				if ($jwk->has($name)) {
+					$key = (string) $jwk->get($name)->value();
+					$mapping[$key] = $jwk;
+				}
+			}
+			$this->_mappings[$name] = $mapping;
+		}
+		return $this->_mappings[$name];
+	}
+    
+	/**
+	 * Convert to array.
+	 *
+	 * @return array
+	 */
+	public function toArray(): array
+	{
+		$data = $this->_additional;
+		$data["keys"] = array_map(
+			function (JWK $jwk) {
+				return $jwk->toArray();
+			}, $this->_jwks);
+		return $data;
+	}
+    
+	/**
+	 * Convert to JSON.
+	 *
+	 * @return string
+	 */
+	public function toJSON(): string
+	{
+		return json_encode((object) $this->toArray(), JSON_UNESCAPED_SLASHES);
+	}
+    
+	/**
+	 * Get the number of keys.
+	 *
+	 * @see \Countable::count()
+	 */
+	public function count(): int
+	{
+		return count($this->_jwks);
+	}
+    
+	/**
+	 * Get iterator for JWK objects.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_jwks);
+	}
 }

lib/JWX/JWK/Parameter/OtherPrimesInfoParameter.php

Indentation +10 added lines, -10 removed lines

@@ -12,15 +12,15 @@
  */
 class OtherPrimesInfoParameter extends JWKParameter
 {
-    use ArrayParameterValue;
+	use ArrayParameterValue;
     
-    /**
-     * Constructor.
-     *
-     * @param array[] ...$primes
-     */
-    public function __construct(...$primes)
-    {
-        parent::__construct(self::PARAM_OTHER_PRIMES_INFO, $primes);
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param array[] ...$primes
+	 */
+	public function __construct(...$primes)
+	{
+		parent::__construct(self::PARAM_OTHER_PRIMES_INFO, $primes);
+	}
 }

lib/JWX/JWT/JWT.php

Switch Indentation +8 added lines, -8 removed lines

@@ -66,14 +66,14 @@
     {
         $this->_parts = explode(".", $token);
         switch (count($this->_parts)) {
-            case 3:
-                $this->_type = self::TYPE_JWS;
-                break;
-            case 5:
-                $this->_type = self::TYPE_JWE;
-                break;
-            default:
-                throw new \UnexpectedValueException("Not a JWT token.");
+        case 3:
+            $this->_type = self::TYPE_JWS;
+            break;
+        case 5:
+            $this->_type = self::TYPE_JWE;
+            break;
+        default:
+            throw new \UnexpectedValueException("Not a JWT token.");
         }
     }
     

Indentation +390 added lines, -390 removed lines

@@ -26,418 +26,418 @@
  */
 class JWT
 {
-    /**
-     * Type identifier for the signed JWT.
-     *
-     * @internal
-     *
-     * @var int
-     */
-    const TYPE_JWS = 0;
+	/**
+	 * Type identifier for the signed JWT.
+	 *
+	 * @internal
+	 *
+	 * @var int
+	 */
+	const TYPE_JWS = 0;
     
-    /**
-     * Type identifier for the encrypted JWT.
-     *
-     * @internal
-     *
-     * @var int
-     */
-    const TYPE_JWE = 1;
+	/**
+	 * Type identifier for the encrypted JWT.
+	 *
+	 * @internal
+	 *
+	 * @var int
+	 */
+	const TYPE_JWE = 1;
     
-    /**
-     * JWT parts.
-     *
-     * @var string[] $_parts
-     */
-    protected $_parts;
+	/**
+	 * JWT parts.
+	 *
+	 * @var string[] $_parts
+	 */
+	protected $_parts;
     
-    /**
-     * JWT type.
-     *
-     * @var int $_type
-     */
-    protected $_type;
+	/**
+	 * JWT type.
+	 *
+	 * @var int $_type
+	 */
+	protected $_type;
     
-    /**
-     * Constructor.
-     *
-     * @param string $token JWT string
-     * @throws \UnexpectedValueException
-     */
-    public function __construct(string $token)
-    {
-        $this->_parts = explode(".", $token);
-        switch (count($this->_parts)) {
-            case 3:
-                $this->_type = self::TYPE_JWS;
-                break;
-            case 5:
-                $this->_type = self::TYPE_JWE;
-                break;
-            default:
-                throw new \UnexpectedValueException("Not a JWT token.");
-        }
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param string $token JWT string
+	 * @throws \UnexpectedValueException
+	 */
+	public function __construct(string $token)
+	{
+		$this->_parts = explode(".", $token);
+		switch (count($this->_parts)) {
+			case 3:
+				$this->_type = self::TYPE_JWS;
+				break;
+			case 5:
+				$this->_type = self::TYPE_JWE;
+				break;
+			default:
+				throw new \UnexpectedValueException("Not a JWT token.");
+		}
+	}
     
-    /**
-     * Convert claims set to an unsecured JWT.
-     *
-     * Unsecured JWT is not signed nor encrypted neither integrity protected,
-     * and should thus be handled with care!
-     *
-     * @link https://tools.ietf.org/html/rfc7519#section-6
-     * @param Claims $claims Claims set
-     * @param Header|null $header Optional header
-     * @throws \RuntimeException For generic errors
-     * @return self
-     */
-    public static function unsecuredFromClaims(Claims $claims,
-        Header $header = null): self
-    {
-        return self::signedFromClaims($claims, new NoneAlgorithm(), $header);
-    }
+	/**
+	 * Convert claims set to an unsecured JWT.
+	 *
+	 * Unsecured JWT is not signed nor encrypted neither integrity protected,
+	 * and should thus be handled with care!
+	 *
+	 * @link https://tools.ietf.org/html/rfc7519#section-6
+	 * @param Claims $claims Claims set
+	 * @param Header|null $header Optional header
+	 * @throws \RuntimeException For generic errors
+	 * @return self
+	 */
+	public static function unsecuredFromClaims(Claims $claims,
+		Header $header = null): self
+	{
+		return self::signedFromClaims($claims, new NoneAlgorithm(), $header);
+	}
     
-    /**
-     * Convert claims set to a signed JWS token.
-     *
-     * @param Claims $claims Claims set
-     * @param SignatureAlgorithm $algo Signature algorithm
-     * @param Header|null $header Optional header
-     * @throws \RuntimeException For generic errors
-     * @return self
-     */
-    public static function signedFromClaims(Claims $claims,
-        SignatureAlgorithm $algo, Header $header = null): self
-    {
-        $payload = $claims->toJSON();
-        $jws = JWS::sign($payload, $algo, $header);
-        return new self($jws->toCompact());
-    }
+	/**
+	 * Convert claims set to a signed JWS token.
+	 *
+	 * @param Claims $claims Claims set
+	 * @param SignatureAlgorithm $algo Signature algorithm
+	 * @param Header|null $header Optional header
+	 * @throws \RuntimeException For generic errors
+	 * @return self
+	 */
+	public static function signedFromClaims(Claims $claims,
+		SignatureAlgorithm $algo, Header $header = null): self
+	{
+		$payload = $claims->toJSON();
+		$jws = JWS::sign($payload, $algo, $header);
+		return new self($jws->toCompact());
+	}
     
-    /**
-     * Convert claims set to an encrypted JWE token.
-     *
-     * @param Claims $claims Claims set
-     * @param KeyManagementAlgorithm $key_algo Key management algorithm
-     * @param ContentEncryptionAlgorithm $enc_algo Content encryption algorithm
-     * @param CompressionAlgorithm|null $zip_algo Optional compression algorithm
-     * @param Header|null $header Optional header
-     * @throws \RuntimeException For generic errors
-     * @return self
-     */
-    public static function encryptedFromClaims(Claims $claims,
-        KeyManagementAlgorithm $key_algo, ContentEncryptionAlgorithm $enc_algo,
-        CompressionAlgorithm $zip_algo = null, Header $header = null): self
-    {
-        $payload = $claims->toJSON();
-        $jwe = JWE::encrypt($payload, $key_algo, $enc_algo, $zip_algo, $header);
-        return new self($jwe->toCompact());
-    }
+	/**
+	 * Convert claims set to an encrypted JWE token.
+	 *
+	 * @param Claims $claims Claims set
+	 * @param KeyManagementAlgorithm $key_algo Key management algorithm
+	 * @param ContentEncryptionAlgorithm $enc_algo Content encryption algorithm
+	 * @param CompressionAlgorithm|null $zip_algo Optional compression algorithm
+	 * @param Header|null $header Optional header
+	 * @throws \RuntimeException For generic errors
+	 * @return self
+	 */
+	public static function encryptedFromClaims(Claims $claims,
+		KeyManagementAlgorithm $key_algo, ContentEncryptionAlgorithm $enc_algo,
+		CompressionAlgorithm $zip_algo = null, Header $header = null): self
+	{
+		$payload = $claims->toJSON();
+		$jwe = JWE::encrypt($payload, $key_algo, $enc_algo, $zip_algo, $header);
+		return new self($jwe->toCompact());
+	}
     
-    /**
-     * Get claims from the JWT.
-     *
-     * Claims shall be validated according to given validation context.
-     * Validation context must contain all the necessary keys for the signature
-     * validation and/or content decryption.
-     *
-     * If validation context contains only one key, it shall be used explicitly.
-     * If multiple keys are provided, they must contain a JWK ID parameter for
-     * the key identification.
-     *
-     * @param ValidationContext $ctx
-     * @throws ValidationException If signature is invalid, or decryption fails,
-     *         or claims validation fails.
-     * @throws \RuntimeException For generic errors
-     * @return Claims
-     */
-    public function claims(ValidationContext $ctx): Claims
-    {
-        // check signature or decrypt depending on the JWT type.
-        if ($this->isJWS()) {
-            $payload = self::_validatedPayloadFromJWS($this->JWS(), $ctx);
-        } else {
-            $payload = self::_validatedPayloadFromJWE($this->JWE(), $ctx);
-        }
-        // if JWT contains a nested token
-        if ($this->isNested()) {
-            return $this->_claimsFromNestedPayload($payload, $ctx);
-        }
-        // decode claims and validate
-        $claims = Claims::fromJSON($payload);
-        $ctx->validate($claims);
-        return $claims;
-    }
+	/**
+	 * Get claims from the JWT.
+	 *
+	 * Claims shall be validated according to given validation context.
+	 * Validation context must contain all the necessary keys for the signature
+	 * validation and/or content decryption.
+	 *
+	 * If validation context contains only one key, it shall be used explicitly.
+	 * If multiple keys are provided, they must contain a JWK ID parameter for
+	 * the key identification.
+	 *
+	 * @param ValidationContext $ctx
+	 * @throws ValidationException If signature is invalid, or decryption fails,
+	 *         or claims validation fails.
+	 * @throws \RuntimeException For generic errors
+	 * @return Claims
+	 */
+	public function claims(ValidationContext $ctx): Claims
+	{
+		// check signature or decrypt depending on the JWT type.
+		if ($this->isJWS()) {
+			$payload = self::_validatedPayloadFromJWS($this->JWS(), $ctx);
+		} else {
+			$payload = self::_validatedPayloadFromJWE($this->JWE(), $ctx);
+		}
+		// if JWT contains a nested token
+		if ($this->isNested()) {
+			return $this->_claimsFromNestedPayload($payload, $ctx);
+		}
+		// decode claims and validate
+		$claims = Claims::fromJSON($payload);
+		$ctx->validate($claims);
+		return $claims;
+	}
     
-    /**
-     * Sign self producing a nested JWT.
-     *
-     * Note that if JWT is to be signed and encrypted, it should be done in
-     * sign-then-encrypt order. Please refer to links for security information.
-     *
-     * @link https://tools.ietf.org/html/rfc7519#section-11.2
-     * @param SignatureAlgorithm $algo Signature algorithm
-     * @param Header|null $header Optional header
-     * @throws \RuntimeException For generic errors
-     * @return self
-     */
-    public function signNested(SignatureAlgorithm $algo, Header $header = null): self
-    {
-        if (!isset($header)) {
-            $header = new Header();
-        }
-        // add JWT content type parameter
-        $header = $header->withParameters(
-            new ContentTypeParameter(ContentTypeParameter::TYPE_JWT));
-        $jws = JWS::sign($this->token(), $algo, $header);
-        return new self($jws->toCompact());
-    }
+	/**
+	 * Sign self producing a nested JWT.
+	 *
+	 * Note that if JWT is to be signed and encrypted, it should be done in
+	 * sign-then-encrypt order. Please refer to links for security information.
+	 *
+	 * @link https://tools.ietf.org/html/rfc7519#section-11.2
+	 * @param SignatureAlgorithm $algo Signature algorithm
+	 * @param Header|null $header Optional header
+	 * @throws \RuntimeException For generic errors
+	 * @return self
+	 */
+	public function signNested(SignatureAlgorithm $algo, Header $header = null): self
+	{
+		if (!isset($header)) {
+			$header = new Header();
+		}
+		// add JWT content type parameter
+		$header = $header->withParameters(
+			new ContentTypeParameter(ContentTypeParameter::TYPE_JWT));
+		$jws = JWS::sign($this->token(), $algo, $header);
+		return new self($jws->toCompact());
+	}
     
-    /**
-     * Encrypt self producing a nested JWT.
-     *
-     * This JWT should be a JWS, that is, the order of nesting should be
-     * sign-then-encrypt.
-     *
-     * @link https://tools.ietf.org/html/rfc7519#section-11.2
-     * @param KeyManagementAlgorithm $key_algo Key management algorithm
-     * @param ContentEncryptionAlgorithm $enc_algo Content encryption algorithm
-     * @param CompressionAlgorithm|null $zip_algo Optional compression algorithm
-     * @param Header|null $header Optional header
-     * @throws \RuntimeException For generic errors
-     * @return self
-     */
-    public function encryptNested(KeyManagementAlgorithm $key_algo,
-        ContentEncryptionAlgorithm $enc_algo,
-        CompressionAlgorithm $zip_algo = null, Header $header = null): self
-    {
-        if (!isset($header)) {
-            $header = new Header();
-        }
-        // add JWT content type parameter
-        $header = $header->withParameters(
-            new ContentTypeParameter(ContentTypeParameter::TYPE_JWT));
-        $jwe = JWE::encrypt($this->token(), $key_algo, $enc_algo, $zip_algo,
-            $header);
-        return new self($jwe->toCompact());
-    }
+	/**
+	 * Encrypt self producing a nested JWT.
+	 *
+	 * This JWT should be a JWS, that is, the order of nesting should be
+	 * sign-then-encrypt.
+	 *
+	 * @link https://tools.ietf.org/html/rfc7519#section-11.2
+	 * @param KeyManagementAlgorithm $key_algo Key management algorithm
+	 * @param ContentEncryptionAlgorithm $enc_algo Content encryption algorithm
+	 * @param CompressionAlgorithm|null $zip_algo Optional compression algorithm
+	 * @param Header|null $header Optional header
+	 * @throws \RuntimeException For generic errors
+	 * @return self
+	 */
+	public function encryptNested(KeyManagementAlgorithm $key_algo,
+		ContentEncryptionAlgorithm $enc_algo,
+		CompressionAlgorithm $zip_algo = null, Header $header = null): self
+	{
+		if (!isset($header)) {
+			$header = new Header();
+		}
+		// add JWT content type parameter
+		$header = $header->withParameters(
+			new ContentTypeParameter(ContentTypeParameter::TYPE_JWT));
+		$jwe = JWE::encrypt($this->token(), $key_algo, $enc_algo, $zip_algo,
+			$header);
+		return new self($jwe->toCompact());
+	}
     
-    /**
-     * Whether JWT is a JWS.
-     *
-     * @return bool
-     */
-    public function isJWS(): bool
-    {
-        return $this->_type == self::TYPE_JWS;
-    }
+	/**
+	 * Whether JWT is a JWS.
+	 *
+	 * @return bool
+	 */
+	public function isJWS(): bool
+	{
+		return $this->_type == self::TYPE_JWS;
+	}
     
-    /**
-     * Get JWT as a JWS.
-     *
-     * @throws \LogicException
-     * @return JWS
-     */
-    public function JWS(): JWS
-    {
-        if (!$this->isJWS()) {
-            throw new \LogicException("Not a JWS.");
-        }
-        return JWS::fromParts($this->_parts);
-    }
+	/**
+	 * Get JWT as a JWS.
+	 *
+	 * @throws \LogicException
+	 * @return JWS
+	 */
+	public function JWS(): JWS
+	{
+		if (!$this->isJWS()) {
+			throw new \LogicException("Not a JWS.");
+		}
+		return JWS::fromParts($this->_parts);
+	}
     
-    /**
-     * Whether JWT is a JWE.
-     *
-     * @return bool
-     */
-    public function isJWE(): bool
-    {
-        return $this->_type == self::TYPE_JWE;
-    }
+	/**
+	 * Whether JWT is a JWE.
+	 *
+	 * @return bool
+	 */
+	public function isJWE(): bool
+	{
+		return $this->_type == self::TYPE_JWE;
+	}
     
-    /**
-     * Get JWT as a JWE.
-     *
-     * @throws \LogicException
-     * @return JWE
-     */
-    public function JWE(): JWE
-    {
-        if (!$this->isJWE()) {
-            throw new \LogicException("Not a JWE.");
-        }
-        return JWE::fromParts($this->_parts);
-    }
+	/**
+	 * Get JWT as a JWE.
+	 *
+	 * @throws \LogicException
+	 * @return JWE
+	 */
+	public function JWE(): JWE
+	{
+		if (!$this->isJWE()) {
+			throw new \LogicException("Not a JWE.");
+		}
+		return JWE::fromParts($this->_parts);
+	}
     
-    /**
-     * Check whether JWT contains another nested JWT.
-     *
-     * @return bool
-     */
-    public function isNested(): bool
-    {
-        $header = $this->header();
-        if (!$header->hasContentType()) {
-            return false;
-        }
-        $cty = $header->contentType()->value();
-        if ($cty != ContentTypeParameter::TYPE_JWT) {
-            return false;
-        }
-        return true;
-    }
+	/**
+	 * Check whether JWT contains another nested JWT.
+	 *
+	 * @return bool
+	 */
+	public function isNested(): bool
+	{
+		$header = $this->header();
+		if (!$header->hasContentType()) {
+			return false;
+		}
+		$cty = $header->contentType()->value();
+		if ($cty != ContentTypeParameter::TYPE_JWT) {
+			return false;
+		}
+		return true;
+	}
     
-    /**
-     * Check whether JWT is unsecured, that is, it's neither integrity protected
-     * nor encrypted.
-     *
-     * @return bool
-     */
-    public function isUnsecured(): bool
-    {
-        // encrypted JWT shall be considered secure
-        if ($this->isJWE()) {
-            return false;
-        }
-        // check whether JWS is unsecured
-        return $this->JWS()->isUnsecured();
-    }
+	/**
+	 * Check whether JWT is unsecured, that is, it's neither integrity protected
+	 * nor encrypted.
+	 *
+	 * @return bool
+	 */
+	public function isUnsecured(): bool
+	{
+		// encrypted JWT shall be considered secure
+		if ($this->isJWE()) {
+			return false;
+		}
+		// check whether JWS is unsecured
+		return $this->JWS()->isUnsecured();
+	}
     
-    /**
-     * Get JWT header.
-     *
-     * @return JOSE
-     */
-    public function header(): JOSE
-    {
-        $header = Header::fromJSON(Base64::urlDecode($this->_parts[0]));
-        return new JOSE($header);
-    }
+	/**
+	 * Get JWT header.
+	 *
+	 * @return JOSE
+	 */
+	public function header(): JOSE
+	{
+		$header = Header::fromJSON(Base64::urlDecode($this->_parts[0]));
+		return new JOSE($header);
+	}
     
-    /**
-     * Get JWT as a string.
-     *
-     * @return string
-     */
-    public function token(): string
-    {
-        return implode(".", $this->_parts);
-    }
+	/**
+	 * Get JWT as a string.
+	 *
+	 * @return string
+	 */
+	public function token(): string
+	{
+		return implode(".", $this->_parts);
+	}
     
-    /**
-     * Get claims from a nested payload.
-     *
-     * @param string $payload JWT payload
-     * @param ValidationContext $ctx Validation context
-     * @return Claims
-     */
-    private function _claimsFromNestedPayload(string $payload,
-        ValidationContext $ctx): Claims
-    {
-        $jwt = new JWT($payload);
-        // if this token secured, allow nested tokens to be unsecured.
-        if (!$this->isUnsecured()) {
-            $ctx = $ctx->withUnsecuredAllowed(true);
-        }
-        return $jwt->claims($ctx);
-    }
+	/**
+	 * Get claims from a nested payload.
+	 *
+	 * @param string $payload JWT payload
+	 * @param ValidationContext $ctx Validation context
+	 * @return Claims
+	 */
+	private function _claimsFromNestedPayload(string $payload,
+		ValidationContext $ctx): Claims
+	{
+		$jwt = new JWT($payload);
+		// if this token secured, allow nested tokens to be unsecured.
+		if (!$this->isUnsecured()) {
+			$ctx = $ctx->withUnsecuredAllowed(true);
+		}
+		return $jwt->claims($ctx);
+	}
     
-    /**
-     * Get validated payload from JWS.
-     *
-     * @param JWS $jws JWS
-     * @param ValidationContext $ctx Validation context
-     * @throws ValidationException If signature validation fails
-     * @return string
-     */
-    private static function _validatedPayloadFromJWS(JWS $jws,
-        ValidationContext $ctx): string
-    {
-        // if JWS is unsecured
-        if ($jws->isUnsecured()) {
-            return self::_validatedPayloadFromUnsecuredJWS($jws, $ctx);
-        }
-        return self::_validatedPayloadFromSignedJWS($jws, $ctx->keys());
-    }
+	/**
+	 * Get validated payload from JWS.
+	 *
+	 * @param JWS $jws JWS
+	 * @param ValidationContext $ctx Validation context
+	 * @throws ValidationException If signature validation fails
+	 * @return string
+	 */
+	private static function _validatedPayloadFromJWS(JWS $jws,
+		ValidationContext $ctx): string
+	{
+		// if JWS is unsecured
+		if ($jws->isUnsecured()) {
+			return self::_validatedPayloadFromUnsecuredJWS($jws, $ctx);
+		}
+		return self::_validatedPayloadFromSignedJWS($jws, $ctx->keys());
+	}
     
-    /**
-     * Get validated payload from an unsecured JWS.
-     *
-     * @param JWS $jws JWS
-     * @param ValidationContext $ctx Validation context
-     * @throws ValidationException If unsecured JWT's are not allowed, or JWS
-     *         token is malformed
-     * @return string
-     */
-    private static function _validatedPayloadFromUnsecuredJWS(JWS $jws,
-        ValidationContext $ctx): string
-    {
-        if (!$ctx->isUnsecuredAllowed()) {
-            throw new ValidationException("Unsecured JWS not allowed.");
-        }
-        if (!$jws->validate(new NoneAlgorithm())) {
-            throw new ValidationException("Malformed unsecured token.");
-        }
-        return $jws->payload();
-    }
+	/**
+	 * Get validated payload from an unsecured JWS.
+	 *
+	 * @param JWS $jws JWS
+	 * @param ValidationContext $ctx Validation context
+	 * @throws ValidationException If unsecured JWT's are not allowed, or JWS
+	 *         token is malformed
+	 * @return string
+	 */
+	private static function _validatedPayloadFromUnsecuredJWS(JWS $jws,
+		ValidationContext $ctx): string
+	{
+		if (!$ctx->isUnsecuredAllowed()) {
+			throw new ValidationException("Unsecured JWS not allowed.");
+		}
+		if (!$jws->validate(new NoneAlgorithm())) {
+			throw new ValidationException("Malformed unsecured token.");
+		}
+		return $jws->payload();
+	}
     
-    /**
-     * Get validated payload from a signed JWS.
-     *
-     * @param JWS $jws JWS
-     * @param JWKSet $keys Set of allowed keys for the signature validation
-     * @throws ValidationException If validation fails
-     * @return string
-     */
-    private static function _validatedPayloadFromSignedJWS(JWS $jws, JWKSet $keys): string
-    {
-        try {
-            // explicitly defined key
-            if (1 == count($keys)) {
-                $valid = $jws->validateWithJWK($keys->first());
-            } else {
-                $valid = $jws->validateWithJWKSet($keys);
-            }
-        } catch (\RuntimeException $e) {
-            throw new ValidationException("JWS validation failed.", 0, $e);
-        }
-        if (!$valid) {
-            throw new ValidationException("JWS signature is invalid.");
-        }
-        return $jws->payload();
-    }
+	/**
+	 * Get validated payload from a signed JWS.
+	 *
+	 * @param JWS $jws JWS
+	 * @param JWKSet $keys Set of allowed keys for the signature validation
+	 * @throws ValidationException If validation fails
+	 * @return string
+	 */
+	private static function _validatedPayloadFromSignedJWS(JWS $jws, JWKSet $keys): string
+	{
+		try {
+			// explicitly defined key
+			if (1 == count($keys)) {
+				$valid = $jws->validateWithJWK($keys->first());
+			} else {
+				$valid = $jws->validateWithJWKSet($keys);
+			}
+		} catch (\RuntimeException $e) {
+			throw new ValidationException("JWS validation failed.", 0, $e);
+		}
+		if (!$valid) {
+			throw new ValidationException("JWS signature is invalid.");
+		}
+		return $jws->payload();
+	}
     
-    /**
-     * Get validated payload from an encrypted JWE.
-     *
-     * @param JWE $jwe JWE
-     * @param ValidationContext $ctx Validation context
-     * @throws ValidationException If decryption fails
-     * @return string
-     */
-    private static function _validatedPayloadFromJWE(JWE $jwe,
-        ValidationContext $ctx): string
-    {
-        try {
-            $keys = $ctx->keys();
-            // explicitly defined key
-            if (1 == count($keys)) {
-                return $jwe->decryptWithJWK($keys->first());
-            }
-            return $jwe->decryptWithJWKSet($keys);
-        } catch (\RuntimeException $e) {
-            throw new ValidationException("JWE validation failed.", 0, $e);
-        }
-    }
+	/**
+	 * Get validated payload from an encrypted JWE.
+	 *
+	 * @param JWE $jwe JWE
+	 * @param ValidationContext $ctx Validation context
+	 * @throws ValidationException If decryption fails
+	 * @return string
+	 */
+	private static function _validatedPayloadFromJWE(JWE $jwe,
+		ValidationContext $ctx): string
+	{
+		try {
+			$keys = $ctx->keys();
+			// explicitly defined key
+			if (1 == count($keys)) {
+				return $jwe->decryptWithJWK($keys->first());
+			}
+			return $jwe->decryptWithJWKSet($keys);
+		} catch (\RuntimeException $e) {
+			throw new ValidationException("JWE validation failed.", 0, $e);
+		}
+	}
     
-    /**
-     * Convert JWT to string.
-     *
-     * @return string
-     */
-    public function __toString()
-    {
-        return $this->token();
-    }
+	/**
+	 * Convert JWT to string.
+	 *
+	 * @return string
+	 */
+	public function __toString()
+	{
+		return $this->token();
+	}
 }

lib/JWX/JWT/Claim/ExpirationTimeClaim.php

Indentation +13 added lines, -13 removed lines

@@ -13,18 +13,18 @@
  */
 class ExpirationTimeClaim extends RegisteredClaim
 {
-    use NumericDateClaim;
-    use ReferenceTimeValidation;
+	use NumericDateClaim;
+	use ReferenceTimeValidation;
     
-    /**
-     * Constructor.
-     *
-     * @param int $exp_time Expiration time
-     */
-    public function __construct($exp_time)
-    {
-        // validate that claim is after the constraint (reference time)
-        parent::__construct(self::NAME_EXPIRATION_TIME, intval($exp_time),
-            new GreaterValidator());
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param int $exp_time Expiration time
+	 */
+	public function __construct($exp_time)
+	{
+		// validate that claim is after the constraint (reference time)
+		parent::__construct(self::NAME_EXPIRATION_TIME, intval($exp_time),
+			new GreaterValidator());
+	}
 }

lib/JWX/JWT/Claim/RegisteredClaim.php

Indentation +77 added lines, -77 removed lines

@@ -9,85 +9,85 @@
  */
 abstract class RegisteredClaim extends Claim
 {
-    // JWT claims
-    const NAME_ISSUER = "iss";
-    const NAME_SUBJECT = "sub";
-    const NAME_AUDIENCE = "aud";
-    const NAME_EXPIRATION_TIME = "exp";
-    const NAME_NOT_BEFORE = "nbf";
-    const NAME_ISSUED_AT = "iat";
-    const NAME_JWT_ID = "jti";
+	// JWT claims
+	const NAME_ISSUER = "iss";
+	const NAME_SUBJECT = "sub";
+	const NAME_AUDIENCE = "aud";
+	const NAME_EXPIRATION_TIME = "exp";
+	const NAME_NOT_BEFORE = "nbf";
+	const NAME_ISSUED_AT = "iat";
+	const NAME_JWT_ID = "jti";
     
-    // OpenID claims
-    const NAME_FULL_NAME = "name";
-    const NAME_GIVEN_NAME = "given_name";
-    const NAME_FAMILY_NAME = "family_name";
-    const NAME_MIDDLE_NAME = "middle_name";
-    const NAME_NICKNAME = "nickname";
-    const NAME_PREFERRED_USERNAME = "preferred_username";
-    const NAME_PROFILE_URL = "profile";
-    const NAME_PICTURE_URL = "picture";
-    const NAME_WEBSITE_URL = "website";
-    const NAME_EMAIL = "email";
-    const NAME_EMAIL_VERIFIED = "email_verified";
-    const NAME_GENDER = "gender";
-    const NAME_BIRTHDATE = "birthdate";
-    const NAME_TIMEZONE = "zoneinfo";
-    const NAME_LOCALE = "locale";
-    const NAME_PHONE_NUMBER = "phone_number";
-    const NAME_PHONE_NUMBER_VERIFIED = "phone_number_verified";
-    const NAME_ADDRESS = "address";
-    const NAME_UPDATED_AT = "updated_at";
-    const NAME_AUTHORIZED_PARTY = "azp";
-    const NAME_NONCE = "nonce";
-    const NAME_AUTH_TIME = "auth_time";
-    const NAME_ACCESS_TOKEN_HASH = "at_hash";
-    const NAME_CODE_HASH = "c_hash";
-    const NAME_ACR = "acr";
-    const NAME_AMR = "amr";
-    const NAME_SUB_JWK = "sub_jwk";
+	// OpenID claims
+	const NAME_FULL_NAME = "name";
+	const NAME_GIVEN_NAME = "given_name";
+	const NAME_FAMILY_NAME = "family_name";
+	const NAME_MIDDLE_NAME = "middle_name";
+	const NAME_NICKNAME = "nickname";
+	const NAME_PREFERRED_USERNAME = "preferred_username";
+	const NAME_PROFILE_URL = "profile";
+	const NAME_PICTURE_URL = "picture";
+	const NAME_WEBSITE_URL = "website";
+	const NAME_EMAIL = "email";
+	const NAME_EMAIL_VERIFIED = "email_verified";
+	const NAME_GENDER = "gender";
+	const NAME_BIRTHDATE = "birthdate";
+	const NAME_TIMEZONE = "zoneinfo";
+	const NAME_LOCALE = "locale";
+	const NAME_PHONE_NUMBER = "phone_number";
+	const NAME_PHONE_NUMBER_VERIFIED = "phone_number_verified";
+	const NAME_ADDRESS = "address";
+	const NAME_UPDATED_AT = "updated_at";
+	const NAME_AUTHORIZED_PARTY = "azp";
+	const NAME_NONCE = "nonce";
+	const NAME_AUTH_TIME = "auth_time";
+	const NAME_ACCESS_TOKEN_HASH = "at_hash";
+	const NAME_CODE_HASH = "c_hash";
+	const NAME_ACR = "acr";
+	const NAME_AMR = "amr";
+	const NAME_SUB_JWK = "sub_jwk";
     
-    /**
-     * Mapping from registered claim name to class name.
-     *
-     * @internal
-     *
-     * @var array
-     */
-    const MAP_NAME_TO_CLASS = array(
-        /* @formatter:off */
-        self::NAME_ISSUER => IssuerClaim::class,
-        self::NAME_SUBJECT => SubjectClaim::class,
-        self::NAME_AUDIENCE => AudienceClaim::class,
-        self::NAME_EXPIRATION_TIME => ExpirationTimeClaim::class,
-        self::NAME_NOT_BEFORE => NotBeforeClaim::class,
-        self::NAME_ISSUED_AT => IssuedAtClaim::class,
-        self::NAME_JWT_ID => JWTIDClaim::class
-        /* @formatter:on */
-    );
+	/**
+	 * Mapping from registered claim name to class name.
+	 *
+	 * @internal
+	 *
+	 * @var array
+	 */
+	const MAP_NAME_TO_CLASS = array(
+		/* @formatter:off */
+		self::NAME_ISSUER => IssuerClaim::class,
+		self::NAME_SUBJECT => SubjectClaim::class,
+		self::NAME_AUDIENCE => AudienceClaim::class,
+		self::NAME_EXPIRATION_TIME => ExpirationTimeClaim::class,
+		self::NAME_NOT_BEFORE => NotBeforeClaim::class,
+		self::NAME_ISSUED_AT => IssuedAtClaim::class,
+		self::NAME_JWT_ID => JWTIDClaim::class
+		/* @formatter:on */
+	);
     
-    /**
-     * Constructor.
-     *
-     * Defined here for type strictness. Parameters are passed to the
-     * superclass.
-     *
-     * @param mixed ...$args
-     */
-    public function __construct(...$args)
-    {
-        parent::__construct((string) $args[0], $args[1],
-            isset($args[2]) ? $args[2] : null);
-    }
+	/**
+	 * Constructor.
+	 *
+	 * Defined here for type strictness. Parameters are passed to the
+	 * superclass.
+	 *
+	 * @param mixed ...$args
+	 */
+	public function __construct(...$args)
+	{
+		parent::__construct((string) $args[0], $args[1],
+			isset($args[2]) ? $args[2] : null);
+	}
     
-    /**
-     * Initialize concrete claim instance from a JSON value.
-     *
-     * @param mixed $value
-     * @return RegisteredClaim
-     */
-    public static function fromJSONValue($value)
-    {
-        return new static($value);
-    }
+	/**
+	 * Initialize concrete claim instance from a JSON value.
+	 *
+	 * @param mixed $value
+	 * @return RegisteredClaim
+	 */
+	public static function fromJSONValue($value)
+	{
+		return new static($value);
+	}
 }

lib/JWX/JWT/Parameter/ReplicatedClaimParameter.php

Indentation +9 added lines, -9 removed lines

@@ -11,13 +11,13 @@
  */
 class ReplicatedClaimParameter extends JWTParameter
 {
-    /**
-     * Constructor.
-     *
-     * @param Claim $claim
-     */
-    public function __construct(Claim $claim)
-    {
-        parent::__construct($claim->name(), $claim->value());
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Claim $claim
+	 */
+	public function __construct(Claim $claim)
+	{
+		parent::__construct($claim->name(), $claim->value());
+	}
 }

lib/JWX/Util/UUIDv4.php

Spacing +2 added lines, -2 removed lines

@@ -70,9 +70,9 @@
             // time_mid
             mt_rand(0, 0xffff), 
             // time_hi_and_version
-            mt_rand(0, 0x0fff) | 0x4000, 
+            mt_rand(0, 0x0fff)|0x4000, 
             // clk_seq_hi_res
-            mt_rand(0, 0x3f) | 0x80, 
+            mt_rand(0, 0x3f)|0x80, 
             // clk_seq_low
             mt_rand(0, 0xff), 
             // node

Indentation +56 added lines, -56 removed lines

@@ -30,32 +30,32 @@ 
  */
 class UUIDv4
 {
-    /**
-     * UUID.
-     *
-     * @var string $_uuid
-     */
-    protected $_uuid;
+	/**
+	 * UUID.
+	 *
+	 * @var string $_uuid
+	 */
+	protected $_uuid;
     
-    /**
-     * Constructor.
-     *
-     * @param string $uuid UUIDv4 in canonical hexadecimal format
-     */
-    public function __construct(string $uuid)
-    {
-        // @todo Check that UUID is version 4
-        $this->_uuid = $uuid;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param string $uuid UUIDv4 in canonical hexadecimal format
+	 */
+	public function __construct(string $uuid)
+	{
+		// @todo Check that UUID is version 4
+		$this->_uuid = $uuid;
+	}
     
-    /**
-     * Create new random UUIDv4.
-     *
-     * @return self
-     */
-    public static function createRandom(): self
-    {
-        /*
+	/**
+	 * Create new random UUIDv4.
+	 *
+	 * @return self
+	 */
+	public static function createRandom(): self
+	{
+		/*
          1. Set the two most significant bits (bits 6 and 7) of
          the clock_seq_hi_and_reserved to zero and one, respectively.
          
@@ -66,38 +66,38 @@ 
          3. Set all the other bits to randomly (or pseudo-randomly)
          chosen values.
          */
-        $uuid = sprintf("%04x%04x-%04x-%04x-%02x%02x-%04x%04x%04x",
-            // time_low
-            mt_rand(0, 0xffff), mt_rand(0, 0xffff), 
-            // time_mid
-            mt_rand(0, 0xffff), 
-            // time_hi_and_version
-            mt_rand(0, 0x0fff) | 0x4000, 
-            // clk_seq_hi_res
-            mt_rand(0, 0x3f) | 0x80, 
-            // clk_seq_low
-            mt_rand(0, 0xff), 
-            // node
-            mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff));
-        return new self($uuid);
-    }
+		$uuid = sprintf("%04x%04x-%04x-%04x-%02x%02x-%04x%04x%04x",
+			// time_low
+			mt_rand(0, 0xffff), mt_rand(0, 0xffff), 
+			// time_mid
+			mt_rand(0, 0xffff), 
+			// time_hi_and_version
+			mt_rand(0, 0x0fff) | 0x4000, 
+			// clk_seq_hi_res
+			mt_rand(0, 0x3f) | 0x80, 
+			// clk_seq_low
+			mt_rand(0, 0xff), 
+			// node
+			mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff));
+		return new self($uuid);
+	}
     
-    /**
-     * Get UUIDv4 in canonical form.
-     *
-     * @return string
-     */
-    public function canonical(): string
-    {
-        return $this->_uuid;
-    }
+	/**
+	 * Get UUIDv4 in canonical form.
+	 *
+	 * @return string
+	 */
+	public function canonical(): string
+	{
+		return $this->_uuid;
+	}
     
-    /**
-     *
-     * @return string
-     */
-    public function __toString()
-    {
-        return $this->canonical();
-    }
+	/**
+	 *
+	 * @return string
+	 */
+	public function __toString()
+	{
+		return $this->canonical();
+	}
 }

lib/JWX/Util/Base64.php

Switch Indentation +11 added lines, -11 removed lines

@@ -31,17 +31,17 @@
     {
         $data = strtr($data, "-_", "+/");
         switch (strlen($data) % 4) {
-            case 0:
-                break;
-            case 2:
-                $data .= "==";
-                break;
-            case 3:
-                $data .= "=";
-                break;
-            default:
-                throw new \UnexpectedValueException(
-                    "Malformed base64url encoding.");
+        case 0:
+            break;
+        case 2:
+            $data .= "==";
+            break;
+        case 3:
+            $data .= "=";
+            break;
+        default:
+            throw new \UnexpectedValueException(
+                "Malformed base64url encoding.");
         }
         return self::decode($data);
     }

Indentation +95 added lines, -95 removed lines

@@ -9,104 +9,104 @@
  */
 class Base64
 {
-    /**
-     * Encode a string using base64url variant.
-     *
-     * @link https://en.wikipedia.org/wiki/Base64#URL_applications
-     * @param string $data
-     * @return string
-     */
-    public static function urlEncode(string $data): string
-    {
-        return strtr(rtrim(self::encode($data), "="), "+/", "-_");
-    }
+	/**
+	 * Encode a string using base64url variant.
+	 *
+	 * @link https://en.wikipedia.org/wiki/Base64#URL_applications
+	 * @param string $data
+	 * @return string
+	 */
+	public static function urlEncode(string $data): string
+	{
+		return strtr(rtrim(self::encode($data), "="), "+/", "-_");
+	}
     
-    /**
-     * Decode a string using base64url variant.
-     *
-     * @link https://en.wikipedia.org/wiki/Base64#URL_applications
-     * @param string $data
-     * @throws \UnexpectedValueException
-     * @return string
-     */
-    public static function urlDecode(string $data): string
-    {
-        $data = strtr($data, "-_", "+/");
-        switch (strlen($data) % 4) {
-            case 0:
-                break;
-            case 2:
-                $data .= "==";
-                break;
-            case 3:
-                $data .= "=";
-                break;
-            default:
-                throw new \UnexpectedValueException(
-                    "Malformed base64url encoding.");
-        }
-        return self::decode($data);
-    }
+	/**
+	 * Decode a string using base64url variant.
+	 *
+	 * @link https://en.wikipedia.org/wiki/Base64#URL_applications
+	 * @param string $data
+	 * @throws \UnexpectedValueException
+	 * @return string
+	 */
+	public static function urlDecode(string $data): string
+	{
+		$data = strtr($data, "-_", "+/");
+		switch (strlen($data) % 4) {
+			case 0:
+				break;
+			case 2:
+				$data .= "==";
+				break;
+			case 3:
+				$data .= "=";
+				break;
+			default:
+				throw new \UnexpectedValueException(
+					"Malformed base64url encoding.");
+		}
+		return self::decode($data);
+	}
     
-    /**
-     * Check whether string is validly base64url encoded.
-     *
-     * @link https://en.wikipedia.org/wiki/Base64#URL_applications
-     * @param string $data
-     * @return bool
-     */
-    public static function isValidURLEncoding(string $data): bool
-    {
-        return preg_match('#^[A-Za-z0-9\-_]*$#', $data) == 1;
-    }
+	/**
+	 * Check whether string is validly base64url encoded.
+	 *
+	 * @link https://en.wikipedia.org/wiki/Base64#URL_applications
+	 * @param string $data
+	 * @return bool
+	 */
+	public static function isValidURLEncoding(string $data): bool
+	{
+		return preg_match('#^[A-Za-z0-9\-_]*$#', $data) == 1;
+	}
     
-    /**
-     * Encode a string in base64.
-     *
-     * @link https://tools.ietf.org/html/rfc4648#section-4
-     * @param string $data
-     * @throws \RuntimeException If encoding fails
-     * @return string
-     */
-    public static function encode(string $data): string
-    {
-        $ret = @base64_encode($data);
-        if (!is_string($ret)) {
-            $err = error_get_last();
-            $msg = isset($err) && __FILE__ == $err['file'] ? $err['message'] : null;
-            throw new \RuntimeException($msg ?? "base64_encode() failed.");
-        }
-        return $ret;
-    }
+	/**
+	 * Encode a string in base64.
+	 *
+	 * @link https://tools.ietf.org/html/rfc4648#section-4
+	 * @param string $data
+	 * @throws \RuntimeException If encoding fails
+	 * @return string
+	 */
+	public static function encode(string $data): string
+	{
+		$ret = @base64_encode($data);
+		if (!is_string($ret)) {
+			$err = error_get_last();
+			$msg = isset($err) && __FILE__ == $err['file'] ? $err['message'] : null;
+			throw new \RuntimeException($msg ?? "base64_encode() failed.");
+		}
+		return $ret;
+	}
     
-    /**
-     * Decode a string from base64 encoding.
-     *
-     * @link https://tools.ietf.org/html/rfc4648#section-4
-     * @param string $data
-     * @throws \RuntimeException If decoding fails
-     * @return string
-     */
-    public static function decode(string $data): string
-    {
-        $ret = base64_decode($data, true);
-        if (!is_string($ret)) {
-            $err = error_get_last();
-            $msg = isset($err) && __FILE__ == $err['file'] ? $err['message'] : null;
-            throw new \RuntimeException($msg ?? "base64_decode() failed.");
-        }
-        return $ret;
-    }
+	/**
+	 * Decode a string from base64 encoding.
+	 *
+	 * @link https://tools.ietf.org/html/rfc4648#section-4
+	 * @param string $data
+	 * @throws \RuntimeException If decoding fails
+	 * @return string
+	 */
+	public static function decode(string $data): string
+	{
+		$ret = base64_decode($data, true);
+		if (!is_string($ret)) {
+			$err = error_get_last();
+			$msg = isset($err) && __FILE__ == $err['file'] ? $err['message'] : null;
+			throw new \RuntimeException($msg ?? "base64_decode() failed.");
+		}
+		return $ret;
+	}
     
-    /**
-     * Check whether string is validly base64 encoded.
-     *
-     * @link https://tools.ietf.org/html/rfc4648#section-4
-     * @param string $data
-     * @return bool
-     */
-    public static function isValid(string $data): bool
-    {
-        return preg_match('#^[A-Za-z0-9+/]*={0,2}$#', $data) == 1;
-    }
+	/**
+	 * Check whether string is validly base64 encoded.
+	 *
+	 * @link https://tools.ietf.org/html/rfc4648#section-4
+	 * @param string $data
+	 * @return bool
+	 */
+	public static function isValid(string $data): bool
+	{
+		return preg_match('#^[A-Za-z0-9+/]*={0,2}$#', $data) == 1;
+	}
 }

lib/JWX/Parameter/Feature/ArrayParameterValue.php

Indentation +20 added lines, -20 removed lines

@@ -7,25 +7,25 @@
  */
 trait ArrayParameterValue
 {
-    /**
-     * Constructor.
-     *
-     * @param mixed ...$values
-     */
-    abstract public function __construct(...$values);
+	/**
+	 * Constructor.
+	 *
+	 * @param mixed ...$values
+	 */
+	abstract public function __construct(...$values);
     
-    /**
-     * Initialize from a JSON value.
-     *
-     * @param array $value
-     * @return static
-     */
-    public static function fromJSONValue($value)
-    {
-        if (!is_array($value)) {
-            throw new \UnexpectedValueException(
-                get_called_class() . " expects an array parameter.");
-        }
-        return new static(...$value);
-    }
+	/**
+	 * Initialize from a JSON value.
+	 *
+	 * @param array $value
+	 * @return static
+	 */
+	public static function fromJSONValue($value)
+	{
+		if (!is_array($value)) {
+			throw new \UnexpectedValueException(
+				get_called_class() . " expects an array parameter.");
+		}
+		return new static(...$value);
+	}
 }