sop / jwx

lib/JWX/JWT/Parameter/CriticalParameter.php

Indentation +44 added lines, -44 removed lines

@@ -13,52 +13,52 @@
  */
 class CriticalParameter extends JWTParameter
 {
-    use ArrayParameterValue;
+	use ArrayParameterValue;
 
-    /**
-     * Constructor.
-     *
-     * @param string ...$names
-     */
-    public function __construct(string ...$names)
-    {
-        parent::__construct(self::PARAM_CRITICAL, $names);
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param string ...$names
+	 */
+	public function __construct(string ...$names)
+	{
+		parent::__construct(self::PARAM_CRITICAL, $names);
+	}
 
-    /**
-     * Get self with parameter name added.
-     *
-     * @param string $name
-     *
-     * @return self
-     */
-    public function withParamName(string $name): self
-    {
-        $obj = clone $this;
-        $obj->_value[] = $name;
-        $obj->_value = array_values(array_unique($obj->_value));
-        return $obj;
-    }
+	/**
+	 * Get self with parameter name added.
+	 *
+	 * @param string $name
+	 *
+	 * @return self
+	 */
+	public function withParamName(string $name): self
+	{
+		$obj = clone $this;
+		$obj->_value[] = $name;
+		$obj->_value = array_values(array_unique($obj->_value));
+		return $obj;
+	}
 
-    /**
-     * Check whether given parameter name is critical.
-     *
-     * @param string $name
-     *
-     * @return bool
-     */
-    public function has(string $name): bool
-    {
-        return false !== array_search($name, $this->_value);
-    }
+	/**
+	 * Check whether given parameter name is critical.
+	 *
+	 * @param string $name
+	 *
+	 * @return bool
+	 */
+	public function has(string $name): bool
+	{
+		return false !== array_search($name, $this->_value);
+	}
 
-    /**
-     * Get critical header parameter names.
-     *
-     * @return string[]
-     */
-    public function names(): array
-    {
-        return $this->_value;
-    }
+	/**
+	 * Get critical header parameter names.
+	 *
+	 * @return string[]
+	 */
+	public function names(): array
+	{
+		return $this->_value;
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 namespace Sop\JWX\JWT\Parameter;
 

lib/JWX/JWT/JWT.php

Indentation +417 added lines, -417 removed lines

@@ -26,445 +26,445 @@
  */
 class JWT
 {
-    /**
-     * Type identifier for the signed JWT.
-     *
-     * @internal
-     *
-     * @var int
-     */
-    const TYPE_JWS = 0;
+	/**
+	 * Type identifier for the signed JWT.
+	 *
+	 * @internal
+	 *
+	 * @var int
+	 */
+	const TYPE_JWS = 0;
 
-    /**
-     * Type identifier for the encrypted JWT.
-     *
-     * @internal
-     *
-     * @var int
-     */
-    const TYPE_JWE = 1;
+	/**
+	 * Type identifier for the encrypted JWT.
+	 *
+	 * @internal
+	 *
+	 * @var int
+	 */
+	const TYPE_JWE = 1;
 
-    /**
-     * JWT parts.
-     *
-     * @var string[]
-     */
-    protected $_parts;
+	/**
+	 * JWT parts.
+	 *
+	 * @var string[]
+	 */
+	protected $_parts;
 
-    /**
-     * JWT type.
-     *
-     * @var int
-     */
-    protected $_type;
+	/**
+	 * JWT type.
+	 *
+	 * @var int
+	 */
+	protected $_type;
 
-    /**
-     * Constructor.
-     *
-     * @param string $token JWT string
-     *
-     * @throws \UnexpectedValueException
-     */
-    public function __construct(string $token)
-    {
-        $this->_parts = explode('.', $token);
-        switch (count($this->_parts)) {
-            case 3:
-                $this->_type = self::TYPE_JWS;
-                break;
-            case 5:
-                $this->_type = self::TYPE_JWE;
-                break;
-            default:
-                throw new \UnexpectedValueException('Not a JWT token.');
-        }
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param string $token JWT string
+	 *
+	 * @throws \UnexpectedValueException
+	 */
+	public function __construct(string $token)
+	{
+		$this->_parts = explode('.', $token);
+		switch (count($this->_parts)) {
+			case 3:
+				$this->_type = self::TYPE_JWS;
+				break;
+			case 5:
+				$this->_type = self::TYPE_JWE;
+				break;
+			default:
+				throw new \UnexpectedValueException('Not a JWT token.');
+		}
+	}
 
-    /**
-     * Convert JWT to string.
-     *
-     * @return string
-     */
-    public function __toString(): string
-    {
-        return $this->token();
-    }
+	/**
+	 * Convert JWT to string.
+	 *
+	 * @return string
+	 */
+	public function __toString(): string
+	{
+		return $this->token();
+	}
 
-    /**
-     * Convert claims set to an unsecured JWT.
-     *
-     * Unsecured JWT is not signed nor encrypted neither integrity protected,
-     * and should thus be handled with care!
-     *
-     * @see https://tools.ietf.org/html/rfc7519#section-6
-     *
-     * @param Claims      $claims Claims set
-     * @param null|Header $header Optional header
-     *
-     * @throws \RuntimeException For generic errors
-     *
-     * @return self
-     */
-    public static function unsecuredFromClaims(Claims $claims,
-        ?Header $header = null): self
-    {
-        return self::signedFromClaims($claims, new NoneAlgorithm(), $header);
-    }
+	/**
+	 * Convert claims set to an unsecured JWT.
+	 *
+	 * Unsecured JWT is not signed nor encrypted neither integrity protected,
+	 * and should thus be handled with care!
+	 *
+	 * @see https://tools.ietf.org/html/rfc7519#section-6
+	 *
+	 * @param Claims      $claims Claims set
+	 * @param null|Header $header Optional header
+	 *
+	 * @throws \RuntimeException For generic errors
+	 *
+	 * @return self
+	 */
+	public static function unsecuredFromClaims(Claims $claims,
+		?Header $header = null): self
+	{
+		return self::signedFromClaims($claims, new NoneAlgorithm(), $header);
+	}
 
-    /**
-     * Convert claims set to a signed JWS token.
-     *
-     * @param Claims             $claims Claims set
-     * @param SignatureAlgorithm $algo   Signature algorithm
-     * @param null|Header        $header Optional header
-     *
-     * @throws \RuntimeException For generic errors
-     *
-     * @return self
-     */
-    public static function signedFromClaims(Claims $claims,
-        SignatureAlgorithm $algo, ?Header $header = null): self
-    {
-        $payload = $claims->toJSON();
-        $jws = JWS::sign($payload, $algo, $header);
-        return new self($jws->toCompact());
-    }
+	/**
+	 * Convert claims set to a signed JWS token.
+	 *
+	 * @param Claims             $claims Claims set
+	 * @param SignatureAlgorithm $algo   Signature algorithm
+	 * @param null|Header        $header Optional header
+	 *
+	 * @throws \RuntimeException For generic errors
+	 *
+	 * @return self
+	 */
+	public static function signedFromClaims(Claims $claims,
+		SignatureAlgorithm $algo, ?Header $header = null): self
+	{
+		$payload = $claims->toJSON();
+		$jws = JWS::sign($payload, $algo, $header);
+		return new self($jws->toCompact());
+	}
 
-    /**
-     * Convert claims set to an encrypted JWE token.
-     *
-     * @param Claims                     $claims   Claims set
-     * @param KeyManagementAlgorithm     $key_algo Key management algorithm
-     * @param ContentEncryptionAlgorithm $enc_algo Content encryption algorithm
-     * @param null|CompressionAlgorithm  $zip_algo Optional compression algorithm
-     * @param null|Header                $header   Optional header
-     *
-     * @throws \RuntimeException For generic errors
-     *
-     * @return self
-     */
-    public static function encryptedFromClaims(Claims $claims,
-        KeyManagementAlgorithm $key_algo, ContentEncryptionAlgorithm $enc_algo,
-        ?CompressionAlgorithm $zip_algo = null, ?Header $header = null): self
-    {
-        $payload = $claims->toJSON();
-        $jwe = JWE::encrypt($payload, $key_algo, $enc_algo, $zip_algo, $header);
-        return new self($jwe->toCompact());
-    }
+	/**
+	 * Convert claims set to an encrypted JWE token.
+	 *
+	 * @param Claims                     $claims   Claims set
+	 * @param KeyManagementAlgorithm     $key_algo Key management algorithm
+	 * @param ContentEncryptionAlgorithm $enc_algo Content encryption algorithm
+	 * @param null|CompressionAlgorithm  $zip_algo Optional compression algorithm
+	 * @param null|Header                $header   Optional header
+	 *
+	 * @throws \RuntimeException For generic errors
+	 *
+	 * @return self
+	 */
+	public static function encryptedFromClaims(Claims $claims,
+		KeyManagementAlgorithm $key_algo, ContentEncryptionAlgorithm $enc_algo,
+		?CompressionAlgorithm $zip_algo = null, ?Header $header = null): self
+	{
+		$payload = $claims->toJSON();
+		$jwe = JWE::encrypt($payload, $key_algo, $enc_algo, $zip_algo, $header);
+		return new self($jwe->toCompact());
+	}
 
-    /**
-     * Get claims from the JWT.
-     *
-     * Claims shall be validated according to given validation context.
-     * Validation context must contain all the necessary keys for the signature
-     * validation and/or content decryption.
-     *
-     * If validation context contains only one key, it shall be used explicitly.
-     * If multiple keys are provided, they must contain a JWK ID parameter for
-     * the key identification.
-     *
-     * @param ValidationContext $ctx
-     *
-     * @throws ValidationException if signature is invalid, or decryption fails,
-     *                             or claims validation fails
-     * @throws \RuntimeException   For generic errors
-     *
-     * @return Claims
-     */
-    public function claims(ValidationContext $ctx): Claims
-    {
-        // check signature or decrypt depending on the JWT type.
-        if ($this->isJWS()) {
-            $payload = self::_validatedPayloadFromJWS($this->JWS(), $ctx);
-        } else {
-            $payload = self::_validatedPayloadFromJWE($this->JWE(), $ctx);
-        }
-        // if JWT contains a nested token
-        if ($this->isNested()) {
-            return $this->_claimsFromNestedPayload($payload, $ctx);
-        }
-        // decode claims and validate
-        $claims = Claims::fromJSON($payload);
-        $ctx->validate($claims);
-        return $claims;
-    }
+	/**
+	 * Get claims from the JWT.
+	 *
+	 * Claims shall be validated according to given validation context.
+	 * Validation context must contain all the necessary keys for the signature
+	 * validation and/or content decryption.
+	 *
+	 * If validation context contains only one key, it shall be used explicitly.
+	 * If multiple keys are provided, they must contain a JWK ID parameter for
+	 * the key identification.
+	 *
+	 * @param ValidationContext $ctx
+	 *
+	 * @throws ValidationException if signature is invalid, or decryption fails,
+	 *                             or claims validation fails
+	 * @throws \RuntimeException   For generic errors
+	 *
+	 * @return Claims
+	 */
+	public function claims(ValidationContext $ctx): Claims
+	{
+		// check signature or decrypt depending on the JWT type.
+		if ($this->isJWS()) {
+			$payload = self::_validatedPayloadFromJWS($this->JWS(), $ctx);
+		} else {
+			$payload = self::_validatedPayloadFromJWE($this->JWE(), $ctx);
+		}
+		// if JWT contains a nested token
+		if ($this->isNested()) {
+			return $this->_claimsFromNestedPayload($payload, $ctx);
+		}
+		// decode claims and validate
+		$claims = Claims::fromJSON($payload);
+		$ctx->validate($claims);
+		return $claims;
+	}
 
-    /**
-     * Sign self producing a nested JWT.
-     *
-     * Note that if JWT is to be signed and encrypted, it should be done in
-     * sign-then-encrypt order. Please refer to links for security information.
-     *
-     * @see https://tools.ietf.org/html/rfc7519#section-11.2
-     *
-     * @param SignatureAlgorithm $algo   Signature algorithm
-     * @param null|Header        $header Optional header
-     *
-     * @throws \RuntimeException For generic errors
-     *
-     * @return self
-     */
-    public function signNested(SignatureAlgorithm $algo, ?Header $header = null): self
-    {
-        if (!isset($header)) {
-            $header = new Header();
-        }
-        // add JWT content type parameter
-        $header = $header->withParameters(
-            new ContentTypeParameter(ContentTypeParameter::TYPE_JWT));
-        $jws = JWS::sign($this->token(), $algo, $header);
-        return new self($jws->toCompact());
-    }
+	/**
+	 * Sign self producing a nested JWT.
+	 *
+	 * Note that if JWT is to be signed and encrypted, it should be done in
+	 * sign-then-encrypt order. Please refer to links for security information.
+	 *
+	 * @see https://tools.ietf.org/html/rfc7519#section-11.2
+	 *
+	 * @param SignatureAlgorithm $algo   Signature algorithm
+	 * @param null|Header        $header Optional header
+	 *
+	 * @throws \RuntimeException For generic errors
+	 *
+	 * @return self
+	 */
+	public function signNested(SignatureAlgorithm $algo, ?Header $header = null): self
+	{
+		if (!isset($header)) {
+			$header = new Header();
+		}
+		// add JWT content type parameter
+		$header = $header->withParameters(
+			new ContentTypeParameter(ContentTypeParameter::TYPE_JWT));
+		$jws = JWS::sign($this->token(), $algo, $header);
+		return new self($jws->toCompact());
+	}
 
-    /**
-     * Encrypt self producing a nested JWT.
-     *
-     * This JWT should be a JWS, that is, the order of nesting should be
-     * sign-then-encrypt.
-     *
-     * @see https://tools.ietf.org/html/rfc7519#section-11.2
-     *
-     * @param KeyManagementAlgorithm     $key_algo Key management algorithm
-     * @param ContentEncryptionAlgorithm $enc_algo Content encryption algorithm
-     * @param null|CompressionAlgorithm  $zip_algo Optional compression algorithm
-     * @param null|Header                $header   Optional header
-     *
-     * @throws \RuntimeException For generic errors
-     *
-     * @return self
-     */
-    public function encryptNested(KeyManagementAlgorithm $key_algo,
-        ContentEncryptionAlgorithm $enc_algo,
-        ?CompressionAlgorithm $zip_algo = null, ?Header $header = null): self
-    {
-        if (!isset($header)) {
-            $header = new Header();
-        }
-        // add JWT content type parameter
-        $header = $header->withParameters(
-            new ContentTypeParameter(ContentTypeParameter::TYPE_JWT));
-        $jwe = JWE::encrypt($this->token(), $key_algo, $enc_algo, $zip_algo,
-            $header);
-        return new self($jwe->toCompact());
-    }
+	/**
+	 * Encrypt self producing a nested JWT.
+	 *
+	 * This JWT should be a JWS, that is, the order of nesting should be
+	 * sign-then-encrypt.
+	 *
+	 * @see https://tools.ietf.org/html/rfc7519#section-11.2
+	 *
+	 * @param KeyManagementAlgorithm     $key_algo Key management algorithm
+	 * @param ContentEncryptionAlgorithm $enc_algo Content encryption algorithm
+	 * @param null|CompressionAlgorithm  $zip_algo Optional compression algorithm
+	 * @param null|Header                $header   Optional header
+	 *
+	 * @throws \RuntimeException For generic errors
+	 *
+	 * @return self
+	 */
+	public function encryptNested(KeyManagementAlgorithm $key_algo,
+		ContentEncryptionAlgorithm $enc_algo,
+		?CompressionAlgorithm $zip_algo = null, ?Header $header = null): self
+	{
+		if (!isset($header)) {
+			$header = new Header();
+		}
+		// add JWT content type parameter
+		$header = $header->withParameters(
+			new ContentTypeParameter(ContentTypeParameter::TYPE_JWT));
+		$jwe = JWE::encrypt($this->token(), $key_algo, $enc_algo, $zip_algo,
+			$header);
+		return new self($jwe->toCompact());
+	}
 
-    /**
-     * Whether JWT is a JWS.
-     *
-     * @return bool
-     */
-    public function isJWS(): bool
-    {
-        return self::TYPE_JWS === $this->_type;
-    }
+	/**
+	 * Whether JWT is a JWS.
+	 *
+	 * @return bool
+	 */
+	public function isJWS(): bool
+	{
+		return self::TYPE_JWS === $this->_type;
+	}
 
-    /**
-     * Get JWT as a JWS.
-     *
-     * @throws \LogicException
-     *
-     * @return JWS
-     */
-    public function JWS(): JWS
-    {
-        if (!$this->isJWS()) {
-            throw new \LogicException('Not a JWS.');
-        }
-        return JWS::fromParts($this->_parts);
-    }
+	/**
+	 * Get JWT as a JWS.
+	 *
+	 * @throws \LogicException
+	 *
+	 * @return JWS
+	 */
+	public function JWS(): JWS
+	{
+		if (!$this->isJWS()) {
+			throw new \LogicException('Not a JWS.');
+		}
+		return JWS::fromParts($this->_parts);
+	}
 
-    /**
-     * Whether JWT is a JWE.
-     *
-     * @return bool
-     */
-    public function isJWE(): bool
-    {
-        return self::TYPE_JWE === $this->_type;
-    }
+	/**
+	 * Whether JWT is a JWE.
+	 *
+	 * @return bool
+	 */
+	public function isJWE(): bool
+	{
+		return self::TYPE_JWE === $this->_type;
+	}
 
-    /**
-     * Get JWT as a JWE.
-     *
-     * @throws \LogicException
-     *
-     * @return JWE
-     */
-    public function JWE(): JWE
-    {
-        if (!$this->isJWE()) {
-            throw new \LogicException('Not a JWE.');
-        }
-        return JWE::fromParts($this->_parts);
-    }
+	/**
+	 * Get JWT as a JWE.
+	 *
+	 * @throws \LogicException
+	 *
+	 * @return JWE
+	 */
+	public function JWE(): JWE
+	{
+		if (!$this->isJWE()) {
+			throw new \LogicException('Not a JWE.');
+		}
+		return JWE::fromParts($this->_parts);
+	}
 
-    /**
-     * Check whether JWT contains another nested JWT.
-     *
-     * @return bool
-     */
-    public function isNested(): bool
-    {
-        $header = $this->header();
-        if (!$header->hasContentType()) {
-            return false;
-        }
-        $cty = $header->contentType()->value();
-        if (ContentTypeParameter::TYPE_JWT !== $cty) {
-            return false;
-        }
-        return true;
-    }
+	/**
+	 * Check whether JWT contains another nested JWT.
+	 *
+	 * @return bool
+	 */
+	public function isNested(): bool
+	{
+		$header = $this->header();
+		if (!$header->hasContentType()) {
+			return false;
+		}
+		$cty = $header->contentType()->value();
+		if (ContentTypeParameter::TYPE_JWT !== $cty) {
+			return false;
+		}
+		return true;
+	}
 
-    /**
-     * Check whether JWT is unsecured, that is, it's neither integrity protected
-     * nor encrypted.
-     *
-     * @return bool
-     */
-    public function isUnsecured(): bool
-    {
-        // encrypted JWT shall be considered secure
-        if ($this->isJWE()) {
-            return false;
-        }
-        // check whether JWS is unsecured
-        return $this->JWS()->isUnsecured();
-    }
+	/**
+	 * Check whether JWT is unsecured, that is, it's neither integrity protected
+	 * nor encrypted.
+	 *
+	 * @return bool
+	 */
+	public function isUnsecured(): bool
+	{
+		// encrypted JWT shall be considered secure
+		if ($this->isJWE()) {
+			return false;
+		}
+		// check whether JWS is unsecured
+		return $this->JWS()->isUnsecured();
+	}
 
-    /**
-     * Get JWT header.
-     *
-     * @return JOSE
-     */
-    public function header(): JOSE
-    {
-        $header = Header::fromJSON(Base64::urlDecode($this->_parts[0]));
-        return new JOSE($header);
-    }
+	/**
+	 * Get JWT header.
+	 *
+	 * @return JOSE
+	 */
+	public function header(): JOSE
+	{
+		$header = Header::fromJSON(Base64::urlDecode($this->_parts[0]));
+		return new JOSE($header);
+	}
 
-    /**
-     * Get JWT as a string.
-     *
-     * @return string
-     */
-    public function token(): string
-    {
-        return implode('.', $this->_parts);
-    }
+	/**
+	 * Get JWT as a string.
+	 *
+	 * @return string
+	 */
+	public function token(): string
+	{
+		return implode('.', $this->_parts);
+	}
 
-    /**
-     * Get claims from a nested payload.
-     *
-     * @param string            $payload JWT payload
-     * @param ValidationContext $ctx     Validation context
-     *
-     * @return Claims
-     */
-    private function _claimsFromNestedPayload(string $payload,
-        ValidationContext $ctx): Claims
-    {
-        $jwt = new JWT($payload);
-        // if this token secured, allow nested tokens to be unsecured.
-        if (!$this->isUnsecured()) {
-            $ctx = $ctx->withUnsecuredAllowed(true);
-        }
-        return $jwt->claims($ctx);
-    }
+	/**
+	 * Get claims from a nested payload.
+	 *
+	 * @param string            $payload JWT payload
+	 * @param ValidationContext $ctx     Validation context
+	 *
+	 * @return Claims
+	 */
+	private function _claimsFromNestedPayload(string $payload,
+		ValidationContext $ctx): Claims
+	{
+		$jwt = new JWT($payload);
+		// if this token secured, allow nested tokens to be unsecured.
+		if (!$this->isUnsecured()) {
+			$ctx = $ctx->withUnsecuredAllowed(true);
+		}
+		return $jwt->claims($ctx);
+	}
 
-    /**
-     * Get validated payload from JWS.
-     *
-     * @param JWS               $jws JWS
-     * @param ValidationContext $ctx Validation context
-     *
-     * @throws ValidationException If signature validation fails
-     *
-     * @return string
-     */
-    private static function _validatedPayloadFromJWS(JWS $jws,
-        ValidationContext $ctx): string
-    {
-        // if JWS is unsecured
-        if ($jws->isUnsecured()) {
-            return self::_validatedPayloadFromUnsecuredJWS($jws, $ctx);
-        }
-        return self::_validatedPayloadFromSignedJWS($jws, $ctx->keys());
-    }
+	/**
+	 * Get validated payload from JWS.
+	 *
+	 * @param JWS               $jws JWS
+	 * @param ValidationContext $ctx Validation context
+	 *
+	 * @throws ValidationException If signature validation fails
+	 *
+	 * @return string
+	 */
+	private static function _validatedPayloadFromJWS(JWS $jws,
+		ValidationContext $ctx): string
+	{
+		// if JWS is unsecured
+		if ($jws->isUnsecured()) {
+			return self::_validatedPayloadFromUnsecuredJWS($jws, $ctx);
+		}
+		return self::_validatedPayloadFromSignedJWS($jws, $ctx->keys());
+	}
 
-    /**
-     * Get validated payload from an unsecured JWS.
-     *
-     * @param JWS               $jws JWS
-     * @param ValidationContext $ctx Validation context
-     *
-     * @throws ValidationException If unsecured JWT's are not allowed, or JWS
-     *                             token is malformed
-     *
-     * @return string
-     */
-    private static function _validatedPayloadFromUnsecuredJWS(JWS $jws,
-        ValidationContext $ctx): string
-    {
-        if (!$ctx->isUnsecuredAllowed()) {
-            throw new ValidationException('Unsecured JWS not allowed.');
-        }
-        if (!$jws->validate(new NoneAlgorithm())) {
-            throw new ValidationException('Malformed unsecured token.');
-        }
-        return $jws->payload();
-    }
+	/**
+	 * Get validated payload from an unsecured JWS.
+	 *
+	 * @param JWS               $jws JWS
+	 * @param ValidationContext $ctx Validation context
+	 *
+	 * @throws ValidationException If unsecured JWT's are not allowed, or JWS
+	 *                             token is malformed
+	 *
+	 * @return string
+	 */
+	private static function _validatedPayloadFromUnsecuredJWS(JWS $jws,
+		ValidationContext $ctx): string
+	{
+		if (!$ctx->isUnsecuredAllowed()) {
+			throw new ValidationException('Unsecured JWS not allowed.');
+		}
+		if (!$jws->validate(new NoneAlgorithm())) {
+			throw new ValidationException('Malformed unsecured token.');
+		}
+		return $jws->payload();
+	}
 
-    /**
-     * Get validated payload from a signed JWS.
-     *
-     * @param JWS    $jws  JWS
-     * @param JWKSet $keys Set of allowed keys for the signature validation
-     *
-     * @throws ValidationException If validation fails
-     *
-     * @return string
-     */
-    private static function _validatedPayloadFromSignedJWS(JWS $jws, JWKSet $keys): string
-    {
-        try {
-            // explicitly defined key
-            if (1 === count($keys)) {
-                $valid = $jws->validateWithJWK($keys->first());
-            } else {
-                $valid = $jws->validateWithJWKSet($keys);
-            }
-        } catch (\RuntimeException $e) {
-            throw new ValidationException('JWS validation failed.', 0, $e);
-        }
-        if (!$valid) {
-            throw new ValidationException('JWS signature is invalid.');
-        }
-        return $jws->payload();
-    }
+	/**
+	 * Get validated payload from a signed JWS.
+	 *
+	 * @param JWS    $jws  JWS
+	 * @param JWKSet $keys Set of allowed keys for the signature validation
+	 *
+	 * @throws ValidationException If validation fails
+	 *
+	 * @return string
+	 */
+	private static function _validatedPayloadFromSignedJWS(JWS $jws, JWKSet $keys): string
+	{
+		try {
+			// explicitly defined key
+			if (1 === count($keys)) {
+				$valid = $jws->validateWithJWK($keys->first());
+			} else {
+				$valid = $jws->validateWithJWKSet($keys);
+			}
+		} catch (\RuntimeException $e) {
+			throw new ValidationException('JWS validation failed.', 0, $e);
+		}
+		if (!$valid) {
+			throw new ValidationException('JWS signature is invalid.');
+		}
+		return $jws->payload();
+	}
 
-    /**
-     * Get validated payload from an encrypted JWE.
-     *
-     * @param JWE               $jwe JWE
-     * @param ValidationContext $ctx Validation context
-     *
-     * @throws ValidationException If decryption fails
-     *
-     * @return string
-     */
-    private static function _validatedPayloadFromJWE(JWE $jwe,
-        ValidationContext $ctx): string
-    {
-        try {
-            $keys = $ctx->keys();
-            // explicitly defined key
-            if (1 === count($keys)) {
-                return $jwe->decryptWithJWK($keys->first());
-            }
-            return $jwe->decryptWithJWKSet($keys);
-        } catch (\RuntimeException $e) {
-            throw new ValidationException('JWE validation failed.', 0, $e);
-        }
-    }
+	/**
+	 * Get validated payload from an encrypted JWE.
+	 *
+	 * @param JWE               $jwe JWE
+	 * @param ValidationContext $ctx Validation context
+	 *
+	 * @throws ValidationException If decryption fails
+	 *
+	 * @return string
+	 */
+	private static function _validatedPayloadFromJWE(JWE $jwe,
+		ValidationContext $ctx): string
+	{
+		try {
+			$keys = $ctx->keys();
+			// explicitly defined key
+			if (1 === count($keys)) {
+				return $jwe->decryptWithJWK($keys->first());
+			}
+			return $jwe->decryptWithJWKSet($keys);
+		} catch (\RuntimeException $e) {
+			throw new ValidationException('JWE validation failed.', 0, $e);
+		}
+	}
 }

Switch Indentation +8 added lines, -8 removed lines

@@ -69,14 +69,14 @@
     {
         $this->_parts = explode('.', $token);
         switch (count($this->_parts)) {
-            case 3:
-                $this->_type = self::TYPE_JWS;
-                break;
-            case 5:
-                $this->_type = self::TYPE_JWE;
-                break;
-            default:
-                throw new \UnexpectedValueException('Not a JWT token.');
+        case 3:
+            $this->_type = self::TYPE_JWS;
+            break;
+        case 5:
+            $this->_type = self::TYPE_JWE;
+            break;
+        default:
+            throw new \UnexpectedValueException('Not a JWT token.');
         }
     }
 

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 namespace Sop\JWX\JWT;
 

lib/JWX/JWT/Header/JOSE.php

Indentation +47 added lines, -47 removed lines

@@ -15,54 +15,54 @@
  */
 class JOSE extends Header
 {
-    /**
-     * Constructor.
-     *
-     * @param Header ...$headers One or more headers to merge
-     */
-    public function __construct(Header ...$headers)
-    {
-        $params = [];
-        foreach ($headers as $header) {
-            foreach ($header->parameters() as $param) {
-                if (isset($params[$param->name()])) {
-                    throw new \UnexpectedValueException('Duplicate parameter.');
-                }
-                $params[$param->name()] = $param;
-            }
-        }
-        parent::__construct(...array_values($params));
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Header ...$headers One or more headers to merge
+	 */
+	public function __construct(Header ...$headers)
+	{
+		$params = [];
+		foreach ($headers as $header) {
+			foreach ($header->parameters() as $param) {
+				if (isset($params[$param->name()])) {
+					throw new \UnexpectedValueException('Duplicate parameter.');
+				}
+				$params[$param->name()] = $param;
+			}
+		}
+		parent::__construct(...array_values($params));
+	}
 
-    /**
-     * Get self merged with another Header.
-     *
-     * @param Header $header
-     *
-     * @return self
-     */
-    public function withHeader(Header $header): self
-    {
-        return new self($this, $header);
-    }
+	/**
+	 * Get self merged with another Header.
+	 *
+	 * @param Header $header
+	 *
+	 * @return self
+	 */
+	public function withHeader(Header $header): self
+	{
+		return new self($this, $header);
+	}
 
-    /**
-     * Whether JOSE is for a JWS.
-     *
-     * @return bool
-     */
-    public function isJWS(): bool
-    {
-        return $this->hasAlgorithm() && !$this->hasEncryptionAlgorithm();
-    }
+	/**
+	 * Whether JOSE is for a JWS.
+	 *
+	 * @return bool
+	 */
+	public function isJWS(): bool
+	{
+		return $this->hasAlgorithm() && !$this->hasEncryptionAlgorithm();
+	}
 
-    /**
-     * Whether JOSE is for a JWE.
-     *
-     * @return bool
-     */
-    public function isJWE(): bool
-    {
-        return $this->hasEncryptionAlgorithm();
-    }
+	/**
+	 * Whether JOSE is for a JWE.
+	 *
+	 * @return bool
+	 */
+	public function isJWE(): bool
+	{
+		return $this->hasEncryptionAlgorithm();
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 namespace Sop\JWX\JWT\Header;
 

lib/JWX/JWT/Header/Header.php

Indentation +147 added lines, -147 removed lines

@@ -11,162 +11,162 @@
  */
 class Header implements \Countable, \IteratorAggregate
 {
-    use TypedHeader;
+	use TypedHeader;
 
-    /**
-     * Parameters.
-     *
-     * @var JWTParameter[]
-     */
-    protected $_parameters;
+	/**
+	 * Parameters.
+	 *
+	 * @var JWTParameter[]
+	 */
+	protected $_parameters;
 
-    /**
-     * Constructor.
-     *
-     * @param JWTParameter ...$params Parameters
-     */
-    public function __construct(JWTParameter ...$params)
-    {
-        $this->_parameters = [];
-        foreach ($params as $param) {
-            $this->_parameters[$param->name()] = $param;
-        }
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param JWTParameter ...$params Parameters
+	 */
+	public function __construct(JWTParameter ...$params)
+	{
+		$this->_parameters = [];
+		foreach ($params as $param) {
+			$this->_parameters[$param->name()] = $param;
+		}
+	}
 
-    /**
-     * Initialize from an array representing a JSON object.
-     *
-     * @param array $members
-     *
-     * @return self
-     */
-    public static function fromArray(array $members): self
-    {
-        $params = [];
-        foreach ($members as $name => $value) {
-            $params[] = JWTParameter::fromNameAndValue($name, $value);
-        }
-        return new self(...$params);
-    }
+	/**
+	 * Initialize from an array representing a JSON object.
+	 *
+	 * @param array $members
+	 *
+	 * @return self
+	 */
+	public static function fromArray(array $members): self
+	{
+		$params = [];
+		foreach ($members as $name => $value) {
+			$params[] = JWTParameter::fromNameAndValue($name, $value);
+		}
+		return new self(...$params);
+	}
 
-    /**
-     * Initialize from a JSON.
-     *
-     * @param string $json
-     *
-     * @throws \UnexpectedValueException
-     *
-     * @return self
-     */
-    public static function fromJSON(string $json): self
-    {
-        $members = json_decode($json, true, 32, JSON_BIGINT_AS_STRING);
-        if (!is_array($members)) {
-            throw new \UnexpectedValueException('Invalid JSON.');
-        }
-        return self::fromArray($members);
-    }
+	/**
+	 * Initialize from a JSON.
+	 *
+	 * @param string $json
+	 *
+	 * @throws \UnexpectedValueException
+	 *
+	 * @return self
+	 */
+	public static function fromJSON(string $json): self
+	{
+		$members = json_decode($json, true, 32, JSON_BIGINT_AS_STRING);
+		if (!is_array($members)) {
+			throw new \UnexpectedValueException('Invalid JSON.');
+		}
+		return self::fromArray($members);
+	}
 
-    /**
-     * Get self with parameters added.
-     *
-     * @param JWTParameter ...$param
-     *
-     * @return self
-     */
-    public function withParameters(JWTParameter ...$params): self
-    {
-        $obj = clone $this;
-        foreach ($params as $param) {
-            $obj->_parameters[$param->name()] = $param;
-        }
-        return $obj;
-    }
+	/**
+	 * Get self with parameters added.
+	 *
+	 * @param JWTParameter ...$param
+	 *
+	 * @return self
+	 */
+	public function withParameters(JWTParameter ...$params): self
+	{
+		$obj = clone $this;
+		foreach ($params as $param) {
+			$obj->_parameters[$param->name()] = $param;
+		}
+		return $obj;
+	}
 
-    /**
-     * Get all parameters.
-     *
-     * @return JWTParameter[]
-     */
-    public function parameters(): array
-    {
-        return $this->_parameters;
-    }
+	/**
+	 * Get all parameters.
+	 *
+	 * @return JWTParameter[]
+	 */
+	public function parameters(): array
+	{
+		return $this->_parameters;
+	}
 
-    /**
-     * Whether parameters are present.
-     *
-     * Returns false if any of the given parameters is not set.
-     *
-     * @param string ...$names Parameter names
-     *
-     * @return bool
-     */
-    public function has(string ...$names): bool
-    {
-        foreach ($names as $name) {
-            if (!isset($this->_parameters[$name])) {
-                return false;
-            }
-        }
-        return true;
-    }
+	/**
+	 * Whether parameters are present.
+	 *
+	 * Returns false if any of the given parameters is not set.
+	 *
+	 * @param string ...$names Parameter names
+	 *
+	 * @return bool
+	 */
+	public function has(string ...$names): bool
+	{
+		foreach ($names as $name) {
+			if (!isset($this->_parameters[$name])) {
+				return false;
+			}
+		}
+		return true;
+	}
 
-    /**
-     * Get a parameter.
-     *
-     * @param string $name Parameter name
-     *
-     * @throws \LogicException
-     *
-     * @return JWTParameter
-     */
-    public function get(string $name): JWTParameter
-    {
-        if (!$this->has($name)) {
-            throw new \LogicException("Parameter {$name} doesn't exists.");
-        }
-        return $this->_parameters[$name];
-    }
+	/**
+	 * Get a parameter.
+	 *
+	 * @param string $name Parameter name
+	 *
+	 * @throws \LogicException
+	 *
+	 * @return JWTParameter
+	 */
+	public function get(string $name): JWTParameter
+	{
+		if (!$this->has($name)) {
+			throw new \LogicException("Parameter {$name} doesn't exists.");
+		}
+		return $this->_parameters[$name];
+	}
 
-    /**
-     * Convert to a JSON.
-     *
-     * @return string
-     */
-    public function toJSON(): string
-    {
-        if (empty($this->_parameters)) {
-            return '';
-        }
-        $data = [];
-        foreach ($this->_parameters as $param) {
-            $data[$param->name()] = $param->value();
-        }
-        return json_encode((object) $data, JSON_UNESCAPED_SLASHES);
-    }
+	/**
+	 * Convert to a JSON.
+	 *
+	 * @return string
+	 */
+	public function toJSON(): string
+	{
+		if (empty($this->_parameters)) {
+			return '';
+		}
+		$data = [];
+		foreach ($this->_parameters as $param) {
+			$data[$param->name()] = $param->value();
+		}
+		return json_encode((object) $data, JSON_UNESCAPED_SLASHES);
+	}
 
-    /**
-     * Get the number of parameters.
-     *
-     * @see \Countable::count()
-     *
-     * @return int
-     */
-    public function count(): int
-    {
-        return count($this->_parameters);
-    }
+	/**
+	 * Get the number of parameters.
+	 *
+	 * @see \Countable::count()
+	 *
+	 * @return int
+	 */
+	public function count(): int
+	{
+		return count($this->_parameters);
+	}
 
-    /**
-     * Get iterator for the parameters.
-     *
-     * @see \IteratorAggregate::getIterator()
-     *
-     * @return \ArrayIterator
-     */
-    public function getIterator(): \ArrayIterator
-    {
-        return new \ArrayIterator($this->_parameters);
-    }
+	/**
+	 * Get iterator for the parameters.
+	 *
+	 * @see \IteratorAggregate::getIterator()
+	 *
+	 * @return \ArrayIterator
+	 */
+	public function getIterator(): \ArrayIterator
+	{
+		return new \ArrayIterator($this->_parameters);
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 namespace Sop\JWX\JWT\Header;
 

lib/JWX/JWT/Header/HeaderParameters.php

Indentation +6 added lines, -6 removed lines

@@ -11,10 +11,10 @@
  */
 interface HeaderParameters
 {
-    /**
-     * Get an array of JOSE header parameters representing this object.
-     *
-     * @return JWTParameter[]
-     */
-    public function headerParameters(): array;
+	/**
+	 * Get an array of JOSE header parameters representing this object.
+	 *
+	 * @return JWTParameter[]
+	 */
+	public function headerParameters(): array;
 }

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 namespace Sop\JWX\JWT\Header;
 

lib/JWX/JWT/Header/TypedHeader.php

Indentation +472 added lines, -472 removed lines

@@ -13,476 +13,476 @@
  */
 trait TypedHeader
 {
-    /**
-     * Whether parameters are present.
-     *
-     * @param string ...$names Parameter names
-     *
-     * @return bool
-     */
-    abstract public function has(string ...$names): bool;
-
-    /**
-     * Get a parameter.
-     *
-     * @param string $name Parameter name
-     *
-     * @throws \LogicException If the parameter is not present
-     *
-     * @return JWTParameter
-     */
-    abstract public function get(string $name): JWTParameter;
-
-    /**
-     * Check whether the algorithm parameter is present.
-     *
-     * @return bool
-     */
-    public function hasAlgorithm(): bool
-    {
-        return $this->has(Parameter\JWTParameter::P_ALG);
-    }
-
-    /**
-     * Get the algorithm parameter.
-     *
-     * @throws \UnexpectedValueException If the parameter has a wrong class
-     * @throws \LogicException           If the parameter is not present
-     *
-     * @return \Sop\JWX\JWT\Parameter\AlgorithmParameter
-     */
-    public function algorithm(): Parameter\AlgorithmParameter
-    {
-        return self::_checkType($this->get(Parameter\JWTParameter::P_ALG),
-            Parameter\AlgorithmParameter::class);
-    }
-
-    /**
-     * Check whether the authentication tag parameter is present.
-     *
-     * @return bool
-     */
-    public function hasAuthenticationTag(): bool
-    {
-        return $this->has(Parameter\JWTParameter::P_TAG);
-    }
-
-    /**
-     * Get the authentication tag parameter.
-     *
-     * @throws \UnexpectedValueException If the parameter has a wrong class
-     * @throws \LogicException           If the parameter is not present
-     *
-     * @return \Sop\JWX\JWT\Parameter\AuthenticationTagParameter
-     */
-    public function authenticationTag(): Parameter\AuthenticationTagParameter
-    {
-        return self::_checkType($this->get(Parameter\JWTParameter::P_TAG),
-            Parameter\AuthenticationTagParameter::class);
-    }
-
-    /**
-     * Check whether the 'base64url-encode payload' parameter is present.
-     *
-     * @return bool
-     */
-    public function hasB64Payload(): bool
-    {
-        return $this->has(Parameter\JWTParameter::P_B64);
-    }
-
-    /**
-     * Get the 'base64url-encode payload' parameter.
-     *
-     * @throws \UnexpectedValueException If the parameter has a wrong class
-     * @throws \LogicException           If the parameter is not present
-     *
-     * @return \Sop\JWX\JWT\Parameter\B64PayloadParameter
-     */
-    public function B64Payload(): Parameter\B64PayloadParameter
-    {
-        return self::_checkType($this->get(Parameter\JWTParameter::P_B64),
-            Parameter\B64PayloadParameter::class);
-    }
-
-    /**
-     * Check whether the compression algorithm parameter is present.
-     *
-     * @return bool
-     */
-    public function hasCompressionAlgorithm(): bool
-    {
-        return $this->has(Parameter\JWTParameter::P_ZIP);
-    }
-
-    /**
-     * Get the compression algorithm parameter.
-     *
-     * @throws \UnexpectedValueException If the parameter has a wrong class
-     * @throws \LogicException           If the parameter is not present
-     *
-     * @return \Sop\JWX\JWT\Parameter\CompressionAlgorithmParameter
-     */
-    public function compressionAlgorithm(): Parameter\CompressionAlgorithmParameter
-    {
-        return self::_checkType($this->get(Parameter\JWTParameter::P_ZIP),
-            Parameter\CompressionAlgorithmParameter::class);
-    }
-
-    /**
-     * Check whether the content type parameter is present.
-     *
-     * @return bool
-     */
-    public function hasContentType(): bool
-    {
-        return $this->has(Parameter\JWTParameter::P_CTY);
-    }
-
-    /**
-     * Get the content type parameter.
-     *
-     * @throws \UnexpectedValueException If the parameter has a wrong class
-     * @throws \LogicException           If the parameter is not present
-     *
-     * @return \Sop\JWX\JWT\Parameter\ContentTypeParameter
-     */
-    public function contentType(): Parameter\ContentTypeParameter
-    {
-        return self::_checkType($this->get(Parameter\JWTParameter::P_CTY),
-            Parameter\ContentTypeParameter::class);
-    }
-
-    /**
-     * Check whether the critical parameter is present.
-     *
-     * @return bool
-     */
-    public function hasCritical(): bool
-    {
-        return $this->has(Parameter\JWTParameter::P_CRIT);
-    }
-
-    /**
-     * Get the critical parameter.
-     *
-     * @throws \UnexpectedValueException If the parameter has a wrong class
-     * @throws \LogicException           If the parameter is not present
-     *
-     * @return \Sop\JWX\JWT\Parameter\CriticalParameter
-     */
-    public function critical(): Parameter\CriticalParameter
-    {
-        return self::_checkType($this->get(Parameter\JWTParameter::P_CRIT),
-            Parameter\CriticalParameter::class);
-    }
-
-    /**
-     * Check whether the encryption algorithm parameter is present.
-     *
-     * @return bool
-     */
-    public function hasEncryptionAlgorithm(): bool
-    {
-        return $this->has(Parameter\JWTParameter::P_ENC);
-    }
-
-    /**
-     * Get the encryption algorithm parameter.
-     *
-     * @throws \UnexpectedValueException If the parameter has a wrong class
-     * @throws \LogicException           If the parameter is not present
-     *
-     * @return \Sop\JWX\JWT\Parameter\EncryptionAlgorithmParameter
-     */
-    public function encryptionAlgorithm(): Parameter\EncryptionAlgorithmParameter
-    {
-        return self::_checkType($this->get(Parameter\JWTParameter::P_ENC),
-            Parameter\EncryptionAlgorithmParameter::class);
-    }
-
-    /**
-     * Check whether the initialization vector parameter is present.
-     *
-     * @return bool
-     */
-    public function hasInitializationVector(): bool
-    {
-        return $this->has(Parameter\JWTParameter::P_IV);
-    }
-
-    /**
-     * Get the initialization vector parameter.
-     *
-     * @throws \UnexpectedValueException If the parameter has a wrong class
-     * @throws \LogicException           If the parameter is not present
-     *
-     * @return \Sop\JWX\JWT\Parameter\InitializationVectorParameter
-     */
-    public function initializationVector(): Parameter\InitializationVectorParameter
-    {
-        return self::_checkType($this->get(Parameter\JWTParameter::P_IV),
-            Parameter\InitializationVectorParameter::class);
-    }
-
-    /**
-     * Check whether the JSON web key parameter is present.
-     *
-     * @return bool
-     */
-    public function hasJSONWebKey(): bool
-    {
-        return $this->has(Parameter\JWTParameter::P_JWK);
-    }
-
-    /**
-     * Get the JSON web key parameter.
-     *
-     * @throws \UnexpectedValueException If the parameter has a wrong class
-     * @throws \LogicException           If the parameter is not present
-     *
-     * @return \Sop\JWX\JWT\Parameter\JSONWebKeyParameter
-     */
-    public function JSONWebKey(): Parameter\JSONWebKeyParameter
-    {
-        return self::_checkType($this->get(Parameter\JWTParameter::P_JWK),
-            Parameter\JSONWebKeyParameter::class);
-    }
-
-    /**
-     * Check whether the JWK set URL parameter is present.
-     *
-     * @return bool
-     */
-    public function hasJWKSetURL(): bool
-    {
-        return $this->has(Parameter\JWTParameter::P_JKU);
-    }
-
-    /**
-     * Get the JWK set URL parameter.
-     *
-     * @throws \UnexpectedValueException If the parameter has a wrong class
-     * @throws \LogicException           If the parameter is not present
-     *
-     * @return \Sop\JWX\JWT\Parameter\JWKSetURLParameter
-     */
-    public function JWKSetURL(): Parameter\JWKSetURLParameter
-    {
-        return self::_checkType($this->get(Parameter\JWTParameter::P_JKU),
-            Parameter\JWKSetURLParameter::class);
-    }
-
-    /**
-     * Check whether the key ID parameter is present.
-     *
-     * @return bool
-     */
-    public function hasKeyID(): bool
-    {
-        return $this->has(Parameter\JWTParameter::P_KID);
-    }
-
-    /**
-     * Get the key ID parameter.
-     *
-     * @throws \UnexpectedValueException If the parameter has a wrong class
-     * @throws \LogicException           If the parameter is not present
-     *
-     * @return \Sop\JWX\JWT\Parameter\KeyIDParameter
-     */
-    public function keyID(): Parameter\KeyIDParameter
-    {
-        return self::_checkType($this->get(Parameter\JWTParameter::P_KID),
-            Parameter\KeyIDParameter::class);
-    }
-
-    /**
-     * Check whether the PBES2 count parameter is present.
-     *
-     * @return bool
-     */
-    public function hasPBES2Count(): bool
-    {
-        return $this->has(Parameter\JWTParameter::P_P2C);
-    }
-
-    /**
-     * Get the PBES2 count parameter.
-     *
-     * @throws \UnexpectedValueException If the parameter has a wrong class
-     * @throws \LogicException           If the parameter is not present
-     *
-     * @return \Sop\JWX\JWT\Parameter\PBES2CountParameter
-     */
-    public function PBES2Count(): Parameter\PBES2CountParameter
-    {
-        return self::_checkType($this->get(Parameter\JWTParameter::P_P2C),
-            Parameter\PBES2CountParameter::class);
-    }
-
-    /**
-     * Check whether the PBES2 salt input parameter is present.
-     *
-     * @return bool
-     */
-    public function hasPBES2SaltInput(): bool
-    {
-        return $this->has(Parameter\JWTParameter::P_P2S);
-    }
-
-    /**
-     * Get the PBES2 salt input parameter.
-     *
-     * @throws \UnexpectedValueException If the parameter has a wrong class
-     * @throws \LogicException           If the parameter is not present
-     *
-     * @return \Sop\JWX\JWT\Parameter\PBES2SaltInputParameter
-     */
-    public function PBES2SaltInput(): Parameter\PBES2SaltInputParameter
-    {
-        return self::_checkType($this->get(Parameter\JWTParameter::P_P2S),
-            Parameter\PBES2SaltInputParameter::class);
-    }
-
-    /**
-     * Check whether the type parameter is present.
-     *
-     * @return bool
-     */
-    public function hasType(): bool
-    {
-        return $this->has(Parameter\JWTParameter::P_TYP);
-    }
-
-    /**
-     * Get the type parameter.
-     *
-     * @throws \UnexpectedValueException If the parameter has a wrong class
-     * @throws \LogicException           If the parameter is not present
-     *
-     * @return \Sop\JWX\JWT\Parameter\TypeParameter
-     */
-    public function type(): Parameter\TypeParameter
-    {
-        return self::_checkType($this->get(Parameter\JWTParameter::P_TYP),
-            Parameter\TypeParameter::class);
-    }
-
-    /**
-     * Check whether the X.509 certificate chain parameter is present.
-     *
-     * @return bool
-     */
-    public function hasX509CertificateChain(): bool
-    {
-        return $this->has(Parameter\JWTParameter::P_X5C);
-    }
-
-    /**
-     * Get the X.509 certificate chain parameter.
-     *
-     * @throws \UnexpectedValueException If the parameter has a wrong class
-     * @throws \LogicException           If the parameter is not present
-     *
-     * @return \Sop\JWX\JWT\Parameter\X509CertificateChainParameter
-     */
-    public function X509CertificateChain(): Parameter\X509CertificateChainParameter
-    {
-        return self::_checkType($this->get(Parameter\JWTParameter::P_X5C),
-            Parameter\X509CertificateChainParameter::class);
-    }
-
-    /**
-     * Check whether the X.509 certificate SHA-1 thumbprint parameter is
-     * present.
-     *
-     * @return bool
-     */
-    public function hasX509CertificateSHA1Thumbprint(): bool
-    {
-        return $this->has(Parameter\JWTParameter::P_X5T);
-    }
-
-    /**
-     * Get the X.509 certificate SHA-1 thumbprint parameter.
-     *
-     * @throws \UnexpectedValueException If the parameter has a wrong class
-     * @throws \LogicException           If the parameter is not present
-     *
-     * @return \Sop\JWX\JWT\Parameter\X509CertificateSHA1ThumbprintParameter
-     */
-    public function X509CertificateSHA1Thumbprint(): Parameter\X509CertificateSHA1ThumbprintParameter
-    {
-        return self::_checkType($this->get(Parameter\JWTParameter::P_X5T),
-            Parameter\X509CertificateSHA1ThumbprintParameter::class);
-    }
-
-    /**
-     * Check whether the X.509 certificate SHA-256 thumbprint parameter is
-     * present.
-     *
-     * @return bool
-     */
-    public function hasX509CertificateSHA256Thumbprint(): bool
-    {
-        return $this->has(Parameter\JWTParameter::P_X5TS256);
-    }
-
-    /**
-     * Get the X.509 certificate SHA-256 thumbprint parameter.
-     *
-     * @throws \UnexpectedValueException If the parameter has a wrong class
-     * @throws \LogicException           If the parameter is not present
-     *
-     * @return \Sop\JWX\JWT\Parameter\X509CertificateSHA256ThumbprintParameter
-     */
-    public function X509CertificateSHA256Thumbprint(): Parameter\X509CertificateSHA256ThumbprintParameter
-    {
-        return self::_checkType($this->get(Parameter\JWTParameter::P_X5TS256),
-            Parameter\X509CertificateSHA256ThumbprintParameter::class);
-    }
-
-    /**
-     * Check whether the X.509 URL parameter is present.
-     *
-     * @return bool
-     */
-    public function hasX509URL(): bool
-    {
-        return $this->has(Parameter\JWTParameter::P_X5U);
-    }
-
-    /**
-     * Get the X.509 URL parameter.
-     *
-     * @throws \UnexpectedValueException If the parameter has a wrong class
-     * @throws \LogicException           If the parameter is not present
-     *
-     * @return \Sop\JWX\JWT\Parameter\X509URLParameter
-     */
-    public function X509URL(): Parameter\X509URLParameter
-    {
-        return self::_checkType($this->get(Parameter\JWTParameter::P_X5U),
-            Parameter\X509URLParameter::class);
-    }
-
-    /**
-     * Check that the parameter is an instance of the given class.
-     *
-     * @param \Sop\JWX\JWT\Parameter\JWTParameter $param Parameter
-     * @param string                              $cls   Class name
-     *
-     * @throws \UnexpectedValueException
-     *
-     * @return \Sop\JWX\JWT\Parameter\JWTParameter
-     */
-    private static function _checkType(Parameter\JWTParameter $param, string $cls): Parameter\JWTParameter
-    {
-        if (!$param instanceof $cls) {
-            throw new \UnexpectedValueException(
-                "{$cls} expected, got " . get_class($param));
-        }
-        return $param;
-    }
+	/**
+	 * Whether parameters are present.
+	 *
+	 * @param string ...$names Parameter names
+	 *
+	 * @return bool
+	 */
+	abstract public function has(string ...$names): bool;
+
+	/**
+	 * Get a parameter.
+	 *
+	 * @param string $name Parameter name
+	 *
+	 * @throws \LogicException If the parameter is not present
+	 *
+	 * @return JWTParameter
+	 */
+	abstract public function get(string $name): JWTParameter;
+
+	/**
+	 * Check whether the algorithm parameter is present.
+	 *
+	 * @return bool
+	 */
+	public function hasAlgorithm(): bool
+	{
+		return $this->has(Parameter\JWTParameter::P_ALG);
+	}
+
+	/**
+	 * Get the algorithm parameter.
+	 *
+	 * @throws \UnexpectedValueException If the parameter has a wrong class
+	 * @throws \LogicException           If the parameter is not present
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\AlgorithmParameter
+	 */
+	public function algorithm(): Parameter\AlgorithmParameter
+	{
+		return self::_checkType($this->get(Parameter\JWTParameter::P_ALG),
+			Parameter\AlgorithmParameter::class);
+	}
+
+	/**
+	 * Check whether the authentication tag parameter is present.
+	 *
+	 * @return bool
+	 */
+	public function hasAuthenticationTag(): bool
+	{
+		return $this->has(Parameter\JWTParameter::P_TAG);
+	}
+
+	/**
+	 * Get the authentication tag parameter.
+	 *
+	 * @throws \UnexpectedValueException If the parameter has a wrong class
+	 * @throws \LogicException           If the parameter is not present
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\AuthenticationTagParameter
+	 */
+	public function authenticationTag(): Parameter\AuthenticationTagParameter
+	{
+		return self::_checkType($this->get(Parameter\JWTParameter::P_TAG),
+			Parameter\AuthenticationTagParameter::class);
+	}
+
+	/**
+	 * Check whether the 'base64url-encode payload' parameter is present.
+	 *
+	 * @return bool
+	 */
+	public function hasB64Payload(): bool
+	{
+		return $this->has(Parameter\JWTParameter::P_B64);
+	}
+
+	/**
+	 * Get the 'base64url-encode payload' parameter.
+	 *
+	 * @throws \UnexpectedValueException If the parameter has a wrong class
+	 * @throws \LogicException           If the parameter is not present
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\B64PayloadParameter
+	 */
+	public function B64Payload(): Parameter\B64PayloadParameter
+	{
+		return self::_checkType($this->get(Parameter\JWTParameter::P_B64),
+			Parameter\B64PayloadParameter::class);
+	}
+
+	/**
+	 * Check whether the compression algorithm parameter is present.
+	 *
+	 * @return bool
+	 */
+	public function hasCompressionAlgorithm(): bool
+	{
+		return $this->has(Parameter\JWTParameter::P_ZIP);
+	}
+
+	/**
+	 * Get the compression algorithm parameter.
+	 *
+	 * @throws \UnexpectedValueException If the parameter has a wrong class
+	 * @throws \LogicException           If the parameter is not present
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\CompressionAlgorithmParameter
+	 */
+	public function compressionAlgorithm(): Parameter\CompressionAlgorithmParameter
+	{
+		return self::_checkType($this->get(Parameter\JWTParameter::P_ZIP),
+			Parameter\CompressionAlgorithmParameter::class);
+	}
+
+	/**
+	 * Check whether the content type parameter is present.
+	 *
+	 * @return bool
+	 */
+	public function hasContentType(): bool
+	{
+		return $this->has(Parameter\JWTParameter::P_CTY);
+	}
+
+	/**
+	 * Get the content type parameter.
+	 *
+	 * @throws \UnexpectedValueException If the parameter has a wrong class
+	 * @throws \LogicException           If the parameter is not present
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\ContentTypeParameter
+	 */
+	public function contentType(): Parameter\ContentTypeParameter
+	{
+		return self::_checkType($this->get(Parameter\JWTParameter::P_CTY),
+			Parameter\ContentTypeParameter::class);
+	}
+
+	/**
+	 * Check whether the critical parameter is present.
+	 *
+	 * @return bool
+	 */
+	public function hasCritical(): bool
+	{
+		return $this->has(Parameter\JWTParameter::P_CRIT);
+	}
+
+	/**
+	 * Get the critical parameter.
+	 *
+	 * @throws \UnexpectedValueException If the parameter has a wrong class
+	 * @throws \LogicException           If the parameter is not present
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\CriticalParameter
+	 */
+	public function critical(): Parameter\CriticalParameter
+	{
+		return self::_checkType($this->get(Parameter\JWTParameter::P_CRIT),
+			Parameter\CriticalParameter::class);
+	}
+
+	/**
+	 * Check whether the encryption algorithm parameter is present.
+	 *
+	 * @return bool
+	 */
+	public function hasEncryptionAlgorithm(): bool
+	{
+		return $this->has(Parameter\JWTParameter::P_ENC);
+	}
+
+	/**
+	 * Get the encryption algorithm parameter.
+	 *
+	 * @throws \UnexpectedValueException If the parameter has a wrong class
+	 * @throws \LogicException           If the parameter is not present
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\EncryptionAlgorithmParameter
+	 */
+	public function encryptionAlgorithm(): Parameter\EncryptionAlgorithmParameter
+	{
+		return self::_checkType($this->get(Parameter\JWTParameter::P_ENC),
+			Parameter\EncryptionAlgorithmParameter::class);
+	}
+
+	/**
+	 * Check whether the initialization vector parameter is present.
+	 *
+	 * @return bool
+	 */
+	public function hasInitializationVector(): bool
+	{
+		return $this->has(Parameter\JWTParameter::P_IV);
+	}
+
+	/**
+	 * Get the initialization vector parameter.
+	 *
+	 * @throws \UnexpectedValueException If the parameter has a wrong class
+	 * @throws \LogicException           If the parameter is not present
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\InitializationVectorParameter
+	 */
+	public function initializationVector(): Parameter\InitializationVectorParameter
+	{
+		return self::_checkType($this->get(Parameter\JWTParameter::P_IV),
+			Parameter\InitializationVectorParameter::class);
+	}
+
+	/**
+	 * Check whether the JSON web key parameter is present.
+	 *
+	 * @return bool
+	 */
+	public function hasJSONWebKey(): bool
+	{
+		return $this->has(Parameter\JWTParameter::P_JWK);
+	}
+
+	/**
+	 * Get the JSON web key parameter.
+	 *
+	 * @throws \UnexpectedValueException If the parameter has a wrong class
+	 * @throws \LogicException           If the parameter is not present
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\JSONWebKeyParameter
+	 */
+	public function JSONWebKey(): Parameter\JSONWebKeyParameter
+	{
+		return self::_checkType($this->get(Parameter\JWTParameter::P_JWK),
+			Parameter\JSONWebKeyParameter::class);
+	}
+
+	/**
+	 * Check whether the JWK set URL parameter is present.
+	 *
+	 * @return bool
+	 */
+	public function hasJWKSetURL(): bool
+	{
+		return $this->has(Parameter\JWTParameter::P_JKU);
+	}
+
+	/**
+	 * Get the JWK set URL parameter.
+	 *
+	 * @throws \UnexpectedValueException If the parameter has a wrong class
+	 * @throws \LogicException           If the parameter is not present
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\JWKSetURLParameter
+	 */
+	public function JWKSetURL(): Parameter\JWKSetURLParameter
+	{
+		return self::_checkType($this->get(Parameter\JWTParameter::P_JKU),
+			Parameter\JWKSetURLParameter::class);
+	}
+
+	/**
+	 * Check whether the key ID parameter is present.
+	 *
+	 * @return bool
+	 */
+	public function hasKeyID(): bool
+	{
+		return $this->has(Parameter\JWTParameter::P_KID);
+	}
+
+	/**
+	 * Get the key ID parameter.
+	 *
+	 * @throws \UnexpectedValueException If the parameter has a wrong class
+	 * @throws \LogicException           If the parameter is not present
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\KeyIDParameter
+	 */
+	public function keyID(): Parameter\KeyIDParameter
+	{
+		return self::_checkType($this->get(Parameter\JWTParameter::P_KID),
+			Parameter\KeyIDParameter::class);
+	}
+
+	/**
+	 * Check whether the PBES2 count parameter is present.
+	 *
+	 * @return bool
+	 */
+	public function hasPBES2Count(): bool
+	{
+		return $this->has(Parameter\JWTParameter::P_P2C);
+	}
+
+	/**
+	 * Get the PBES2 count parameter.
+	 *
+	 * @throws \UnexpectedValueException If the parameter has a wrong class
+	 * @throws \LogicException           If the parameter is not present
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\PBES2CountParameter
+	 */
+	public function PBES2Count(): Parameter\PBES2CountParameter
+	{
+		return self::_checkType($this->get(Parameter\JWTParameter::P_P2C),
+			Parameter\PBES2CountParameter::class);
+	}
+
+	/**
+	 * Check whether the PBES2 salt input parameter is present.
+	 *
+	 * @return bool
+	 */
+	public function hasPBES2SaltInput(): bool
+	{
+		return $this->has(Parameter\JWTParameter::P_P2S);
+	}
+
+	/**
+	 * Get the PBES2 salt input parameter.
+	 *
+	 * @throws \UnexpectedValueException If the parameter has a wrong class
+	 * @throws \LogicException           If the parameter is not present
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\PBES2SaltInputParameter
+	 */
+	public function PBES2SaltInput(): Parameter\PBES2SaltInputParameter
+	{
+		return self::_checkType($this->get(Parameter\JWTParameter::P_P2S),
+			Parameter\PBES2SaltInputParameter::class);
+	}
+
+	/**
+	 * Check whether the type parameter is present.
+	 *
+	 * @return bool
+	 */
+	public function hasType(): bool
+	{
+		return $this->has(Parameter\JWTParameter::P_TYP);
+	}
+
+	/**
+	 * Get the type parameter.
+	 *
+	 * @throws \UnexpectedValueException If the parameter has a wrong class
+	 * @throws \LogicException           If the parameter is not present
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\TypeParameter
+	 */
+	public function type(): Parameter\TypeParameter
+	{
+		return self::_checkType($this->get(Parameter\JWTParameter::P_TYP),
+			Parameter\TypeParameter::class);
+	}
+
+	/**
+	 * Check whether the X.509 certificate chain parameter is present.
+	 *
+	 * @return bool
+	 */
+	public function hasX509CertificateChain(): bool
+	{
+		return $this->has(Parameter\JWTParameter::P_X5C);
+	}
+
+	/**
+	 * Get the X.509 certificate chain parameter.
+	 *
+	 * @throws \UnexpectedValueException If the parameter has a wrong class
+	 * @throws \LogicException           If the parameter is not present
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\X509CertificateChainParameter
+	 */
+	public function X509CertificateChain(): Parameter\X509CertificateChainParameter
+	{
+		return self::_checkType($this->get(Parameter\JWTParameter::P_X5C),
+			Parameter\X509CertificateChainParameter::class);
+	}
+
+	/**
+	 * Check whether the X.509 certificate SHA-1 thumbprint parameter is
+	 * present.
+	 *
+	 * @return bool
+	 */
+	public function hasX509CertificateSHA1Thumbprint(): bool
+	{
+		return $this->has(Parameter\JWTParameter::P_X5T);
+	}
+
+	/**
+	 * Get the X.509 certificate SHA-1 thumbprint parameter.
+	 *
+	 * @throws \UnexpectedValueException If the parameter has a wrong class
+	 * @throws \LogicException           If the parameter is not present
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\X509CertificateSHA1ThumbprintParameter
+	 */
+	public function X509CertificateSHA1Thumbprint(): Parameter\X509CertificateSHA1ThumbprintParameter
+	{
+		return self::_checkType($this->get(Parameter\JWTParameter::P_X5T),
+			Parameter\X509CertificateSHA1ThumbprintParameter::class);
+	}
+
+	/**
+	 * Check whether the X.509 certificate SHA-256 thumbprint parameter is
+	 * present.
+	 *
+	 * @return bool
+	 */
+	public function hasX509CertificateSHA256Thumbprint(): bool
+	{
+		return $this->has(Parameter\JWTParameter::P_X5TS256);
+	}
+
+	/**
+	 * Get the X.509 certificate SHA-256 thumbprint parameter.
+	 *
+	 * @throws \UnexpectedValueException If the parameter has a wrong class
+	 * @throws \LogicException           If the parameter is not present
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\X509CertificateSHA256ThumbprintParameter
+	 */
+	public function X509CertificateSHA256Thumbprint(): Parameter\X509CertificateSHA256ThumbprintParameter
+	{
+		return self::_checkType($this->get(Parameter\JWTParameter::P_X5TS256),
+			Parameter\X509CertificateSHA256ThumbprintParameter::class);
+	}
+
+	/**
+	 * Check whether the X.509 URL parameter is present.
+	 *
+	 * @return bool
+	 */
+	public function hasX509URL(): bool
+	{
+		return $this->has(Parameter\JWTParameter::P_X5U);
+	}
+
+	/**
+	 * Get the X.509 URL parameter.
+	 *
+	 * @throws \UnexpectedValueException If the parameter has a wrong class
+	 * @throws \LogicException           If the parameter is not present
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\X509URLParameter
+	 */
+	public function X509URL(): Parameter\X509URLParameter
+	{
+		return self::_checkType($this->get(Parameter\JWTParameter::P_X5U),
+			Parameter\X509URLParameter::class);
+	}
+
+	/**
+	 * Check that the parameter is an instance of the given class.
+	 *
+	 * @param \Sop\JWX\JWT\Parameter\JWTParameter $param Parameter
+	 * @param string                              $cls   Class name
+	 *
+	 * @throws \UnexpectedValueException
+	 *
+	 * @return \Sop\JWX\JWT\Parameter\JWTParameter
+	 */
+	private static function _checkType(Parameter\JWTParameter $param, string $cls): Parameter\JWTParameter
+	{
+		if (!$param instanceof $cls) {
+			throw new \UnexpectedValueException(
+				"{$cls} expected, got " . get_class($param));
+		}
+		return $param;
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 namespace Sop\JWX\JWT\Header;
 

lib/JWX/JWT/ValidationContext.php

Indentation +297 added lines, -297 removed lines

@@ -26,326 +26,326 @@
  */
 class ValidationContext
 {
-    /**
-     * Reference time.
-     *
-     * @var int
-     */
-    protected $_refTime;
+	/**
+	 * Reference time.
+	 *
+	 * @var int
+	 */
+	protected $_refTime;
 
-    /**
-     * Leeway in seconds for the reference time constraints.
-     *
-     * @var int
-     */
-    protected $_leeway;
+	/**
+	 * Leeway in seconds for the reference time constraints.
+	 *
+	 * @var int
+	 */
+	protected $_leeway;
 
-    /**
-     * Validation constraints.
-     *
-     * @var array
-     */
-    protected $_constraints;
+	/**
+	 * Validation constraints.
+	 *
+	 * @var array
+	 */
+	protected $_constraints;
 
-    /**
-     * Explicitly defined validators for named claims.
-     *
-     * @var Validator[]
-     */
-    protected $_validators;
+	/**
+	 * Explicitly defined validators for named claims.
+	 *
+	 * @var Validator[]
+	 */
+	protected $_validators;
 
-    /**
-     * Set of JSON Web Keys usable for the validation.
-     *
-     * @var JWKSet
-     */
-    protected $_keys;
+	/**
+	 * Set of JSON Web Keys usable for the validation.
+	 *
+	 * @var JWKSet
+	 */
+	protected $_keys;
 
-    /**
-     * Whether to allow unsecured JWT's, that is, claims without integrity
-     * protection nor encryption.
-     *
-     * @var bool
-     */
-    protected $_allowUnsecured;
+	/**
+	 * Whether to allow unsecured JWT's, that is, claims without integrity
+	 * protection nor encryption.
+	 *
+	 * @var bool
+	 */
+	protected $_allowUnsecured;
 
-    /**
-     * Constructor.
-     *
-     * @param null|array  $constraints Optional array of constraints for the
-     *                                 registered claims
-     * @param null|JWKSet $keys        Optional set of JSON Web Keys used for
-     *                                 signature validation and/or decryption
-     */
-    public function __construct(?array $constraints = null, ?JWKSet $keys = null)
-    {
-        $this->_refTime = time();
-        $this->_leeway = 60;
-        $this->_constraints = $constraints ? $constraints : [];
-        $this->_validators = [];
-        $this->_keys = $keys ? $keys : new JWKSet();
-        $this->_allowUnsecured = false;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param null|array  $constraints Optional array of constraints for the
+	 *                                 registered claims
+	 * @param null|JWKSet $keys        Optional set of JSON Web Keys used for
+	 *                                 signature validation and/or decryption
+	 */
+	public function __construct(?array $constraints = null, ?JWKSet $keys = null)
+	{
+		$this->_refTime = time();
+		$this->_leeway = 60;
+		$this->_constraints = $constraints ? $constraints : [];
+		$this->_validators = [];
+		$this->_keys = $keys ? $keys : new JWKSet();
+		$this->_allowUnsecured = false;
+	}
 
-    /**
-     * Initialize with a single JSON Web Key.
-     *
-     * @param JWK        $key         JSON Web Key
-     * @param null|array $constraints Optional constraints
-     *
-     * @return self
-     */
-    public static function fromJWK(JWK $key, ?array $constraints = null): self
-    {
-        return new self($constraints, new JWKSet($key));
-    }
+	/**
+	 * Initialize with a single JSON Web Key.
+	 *
+	 * @param JWK        $key         JSON Web Key
+	 * @param null|array $constraints Optional constraints
+	 *
+	 * @return self
+	 */
+	public static function fromJWK(JWK $key, ?array $constraints = null): self
+	{
+		return new self($constraints, new JWKSet($key));
+	}
 
-    /**
-     * Get self with the reference time.
-     *
-     * @param null|int $ts Unix timestamp
-     *
-     * @return self
-     */
-    public function withReferenceTime(?int $ts): self
-    {
-        $obj = clone $this;
-        $obj->_refTime = $ts;
-        return $obj;
-    }
+	/**
+	 * Get self with the reference time.
+	 *
+	 * @param null|int $ts Unix timestamp
+	 *
+	 * @return self
+	 */
+	public function withReferenceTime(?int $ts): self
+	{
+		$obj = clone $this;
+		$obj->_refTime = $ts;
+		return $obj;
+	}
 
-    /**
-     * Check whether the reference time is set.
-     *
-     * @return bool
-     */
-    public function hasReferenceTime(): bool
-    {
-        return isset($this->_refTime);
-    }
+	/**
+	 * Check whether the reference time is set.
+	 *
+	 * @return bool
+	 */
+	public function hasReferenceTime(): bool
+	{
+		return isset($this->_refTime);
+	}
 
-    /**
-     * Get the reference time.
-     *
-     * @throws \LogicException
-     *
-     * @return int
-     */
-    public function referenceTime(): int
-    {
-        if (!$this->hasReferenceTime()) {
-            throw new \LogicException('Reference time not set.');
-        }
-        return $this->_refTime;
-    }
+	/**
+	 * Get the reference time.
+	 *
+	 * @throws \LogicException
+	 *
+	 * @return int
+	 */
+	public function referenceTime(): int
+	{
+		if (!$this->hasReferenceTime()) {
+			throw new \LogicException('Reference time not set.');
+		}
+		return $this->_refTime;
+	}
 
-    /**
-     * Get self with the reference time leeway.
-     *
-     * @param int $seconds
-     *
-     * @return self
-     */
-    public function withLeeway(int $seconds): self
-    {
-        $obj = clone $this;
-        $obj->_leeway = $seconds;
-        return $obj;
-    }
+	/**
+	 * Get self with the reference time leeway.
+	 *
+	 * @param int $seconds
+	 *
+	 * @return self
+	 */
+	public function withLeeway(int $seconds): self
+	{
+		$obj = clone $this;
+		$obj->_leeway = $seconds;
+		return $obj;
+	}
 
-    /**
-     * Get the reference time leeway.
-     *
-     * @return int
-     */
-    public function leeway(): int
-    {
-        return $this->_leeway;
-    }
+	/**
+	 * Get the reference time leeway.
+	 *
+	 * @return int
+	 */
+	public function leeway(): int
+	{
+		return $this->_leeway;
+	}
 
-    /**
-     * Get self with a validation constraint.
-     *
-     * If the claim does not provide its own validator, an explicit validator
-     * must be given.
-     *
-     * @param string         $name       Claim name
-     * @param mixed          $constraint Value to check claim against
-     * @param null|Validator $validator  Optional explicit validator
-     *
-     * @return self
-     */
-    public function withConstraint(string $name, $constraint,
-        ?Validator $validator = null): self
-    {
-        $obj = clone $this;
-        $obj->_constraints[$name] = $constraint;
-        if ($validator) {
-            $obj->_validators[$name] = $validator;
-        }
-        return $obj;
-    }
+	/**
+	 * Get self with a validation constraint.
+	 *
+	 * If the claim does not provide its own validator, an explicit validator
+	 * must be given.
+	 *
+	 * @param string         $name       Claim name
+	 * @param mixed          $constraint Value to check claim against
+	 * @param null|Validator $validator  Optional explicit validator
+	 *
+	 * @return self
+	 */
+	public function withConstraint(string $name, $constraint,
+		?Validator $validator = null): self
+	{
+		$obj = clone $this;
+		$obj->_constraints[$name] = $constraint;
+		if ($validator) {
+			$obj->_validators[$name] = $validator;
+		}
+		return $obj;
+	}
 
-    /**
-     * Get self with the issuer constraint.
-     *
-     * @param string $issuer Issuer name
-     *
-     * @return self
-     */
-    public function withIssuer(string $issuer): self
-    {
-        return $this->withConstraint(RegisteredClaim::NAME_ISSUER, $issuer);
-    }
+	/**
+	 * Get self with the issuer constraint.
+	 *
+	 * @param string $issuer Issuer name
+	 *
+	 * @return self
+	 */
+	public function withIssuer(string $issuer): self
+	{
+		return $this->withConstraint(RegisteredClaim::NAME_ISSUER, $issuer);
+	}
 
-    /**
-     * Get self with the subject constraint.
-     *
-     * @param string $subject Subject name
-     *
-     * @return self
-     */
-    public function withSubject(string $subject): self
-    {
-        return $this->withConstraint(RegisteredClaim::NAME_SUBJECT, $subject);
-    }
+	/**
+	 * Get self with the subject constraint.
+	 *
+	 * @param string $subject Subject name
+	 *
+	 * @return self
+	 */
+	public function withSubject(string $subject): self
+	{
+		return $this->withConstraint(RegisteredClaim::NAME_SUBJECT, $subject);
+	}
 
-    /**
-     * Get self with the audience constraint.
-     *
-     * @param string $audience Audience name
-     *
-     * @return self
-     */
-    public function withAudience(string $audience): self
-    {
-        return $this->withConstraint(RegisteredClaim::NAME_AUDIENCE, $audience);
-    }
+	/**
+	 * Get self with the audience constraint.
+	 *
+	 * @param string $audience Audience name
+	 *
+	 * @return self
+	 */
+	public function withAudience(string $audience): self
+	{
+		return $this->withConstraint(RegisteredClaim::NAME_AUDIENCE, $audience);
+	}
 
-    /**
-     * Get self with the JWT ID constraint.
-     *
-     * @param string $id JWT ID
-     *
-     * @return self
-     */
-    public function withID(string $id): self
-    {
-        return $this->withConstraint(RegisteredClaim::NAME_JWT_ID, $id);
-    }
+	/**
+	 * Get self with the JWT ID constraint.
+	 *
+	 * @param string $id JWT ID
+	 *
+	 * @return self
+	 */
+	public function withID(string $id): self
+	{
+		return $this->withConstraint(RegisteredClaim::NAME_JWT_ID, $id);
+	}
 
-    /**
-     * Check whether a named constraint is present.
-     *
-     * @param string $name Claim name
-     *
-     * @return bool
-     */
-    public function hasConstraint(string $name): bool
-    {
-        return isset($this->_constraints[$name]);
-    }
+	/**
+	 * Check whether a named constraint is present.
+	 *
+	 * @param string $name Claim name
+	 *
+	 * @return bool
+	 */
+	public function hasConstraint(string $name): bool
+	{
+		return isset($this->_constraints[$name]);
+	}
 
-    /**
-     * Get a constraint value by the claim name.
-     *
-     * @param string $name Claim name
-     *
-     * @throws \LogicException If constraint is not set
-     *
-     * @return mixed Constraint value
-     */
-    public function constraint(string $name)
-    {
-        if (!$this->hasConstraint($name)) {
-            throw new \LogicException("Constraint {$name} not set.");
-        }
-        return $this->_constraints[$name];
-    }
+	/**
+	 * Get a constraint value by the claim name.
+	 *
+	 * @param string $name Claim name
+	 *
+	 * @throws \LogicException If constraint is not set
+	 *
+	 * @return mixed Constraint value
+	 */
+	public function constraint(string $name)
+	{
+		if (!$this->hasConstraint($name)) {
+			throw new \LogicException("Constraint {$name} not set.");
+		}
+		return $this->_constraints[$name];
+	}
 
-    /**
-     * Check whether a validator is defined for the given claim name.
-     *
-     * @param string $name Claim name
-     *
-     * @return bool
-     */
-    public function hasValidator(string $name): bool
-    {
-        return isset($this->_validators[$name]);
-    }
+	/**
+	 * Check whether a validator is defined for the given claim name.
+	 *
+	 * @param string $name Claim name
+	 *
+	 * @return bool
+	 */
+	public function hasValidator(string $name): bool
+	{
+		return isset($this->_validators[$name]);
+	}
 
-    /**
-     * Get explicitly defined validator by the claim name.
-     *
-     * @param string $name Claim name
-     *
-     * @throws \LogicException If validator is not set
-     *
-     * @return Validator
-     */
-    public function validator(string $name): Validator
-    {
-        if (!$this->hasValidator($name)) {
-            throw new \LogicException("Validator {$name} not set.");
-        }
-        return $this->_validators[$name];
-    }
+	/**
+	 * Get explicitly defined validator by the claim name.
+	 *
+	 * @param string $name Claim name
+	 *
+	 * @throws \LogicException If validator is not set
+	 *
+	 * @return Validator
+	 */
+	public function validator(string $name): Validator
+	{
+		if (!$this->hasValidator($name)) {
+			throw new \LogicException("Validator {$name} not set.");
+		}
+		return $this->_validators[$name];
+	}
 
-    /**
-     * Get a set of JSON Web Keys defined in this context.
-     *
-     * @return JWKSet
-     */
-    public function keys(): JWKSet
-    {
-        return $this->_keys;
-    }
+	/**
+	 * Get a set of JSON Web Keys defined in this context.
+	 *
+	 * @return JWKSet
+	 */
+	public function keys(): JWKSet
+	{
+		return $this->_keys;
+	}
 
-    /**
-     * Get self with 'allow unsecured' flag set.
-     *
-     * If the unsecured JWT's are allowed, claims shall be considered valid even
-     * though they are not signed nor encrypted.
-     *
-     * @param bool $allow Whether to allow unsecured JWT's
-     *
-     * @return self
-     */
-    public function withUnsecuredAllowed(bool $allow): self
-    {
-        $obj = clone $this;
-        $obj->_allowUnsecured = $allow;
-        return $obj;
-    }
+	/**
+	 * Get self with 'allow unsecured' flag set.
+	 *
+	 * If the unsecured JWT's are allowed, claims shall be considered valid even
+	 * though they are not signed nor encrypted.
+	 *
+	 * @param bool $allow Whether to allow unsecured JWT's
+	 *
+	 * @return self
+	 */
+	public function withUnsecuredAllowed(bool $allow): self
+	{
+		$obj = clone $this;
+		$obj->_allowUnsecured = $allow;
+		return $obj;
+	}
 
-    /**
-     * Check whether the unsecured JWT's are allowed.
-     *
-     * @return bool
-     */
-    public function isUnsecuredAllowed(): bool
-    {
-        return $this->_allowUnsecured;
-    }
+	/**
+	 * Check whether the unsecured JWT's are allowed.
+	 *
+	 * @return bool
+	 */
+	public function isUnsecuredAllowed(): bool
+	{
+		return $this->_allowUnsecured;
+	}
 
-    /**
-     * Validate claims.
-     *
-     * @param Claims $claims
-     *
-     * @throws ValidationException If any of the claims is not valid
-     *
-     * @return self
-     */
-    public function validate(Claims $claims): self
-    {
-        foreach ($claims as $claim) {
-            if (!$claim->validateWithContext($this)) {
-                throw new ValidationException(
-                    "Validation of claim '" . $claim->name() . "' failed.");
-            }
-        }
-        return $this;
-    }
+	/**
+	 * Validate claims.
+	 *
+	 * @param Claims $claims
+	 *
+	 * @throws ValidationException If any of the claims is not valid
+	 *
+	 * @return self
+	 */
+	public function validate(Claims $claims): self
+	{
+		foreach ($claims as $claim) {
+			if (!$claim->validateWithContext($this)) {
+				throw new ValidationException(
+					"Validation of claim '" . $claim->name() . "' failed.");
+			}
+		}
+		return $this;
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 namespace Sop\JWX\JWT;
 

lib/JWX/JWT/Exception/ValidationException.php

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 namespace Sop\JWX\JWT\Exception;
 

lib/JWX/Parameter/Feature/Base64URLValue.php

Indentation +46 added lines, -46 removed lines

@@ -12,54 +12,54 @@
  */
 trait Base64URLValue
 {
-    use StringParameterValue;
+	use StringParameterValue;
 
-    /**
-     * Get the parameter value.
-     *
-     * @return string
-     */
-    abstract public function value();
+	/**
+	 * Get the parameter value.
+	 *
+	 * @return string
+	 */
+	abstract public function value();
 
-    /**
-     * Initialize from native value.
-     *
-     * Value shall be encoded using Base64url encoding.
-     *
-     * @param string $value
-     *
-     * @return self
-     */
-    public static function fromString(string $value): Parameter
-    {
-        return new static(Base64::urlEncode($value));
-    }
+	/**
+	 * Initialize from native value.
+	 *
+	 * Value shall be encoded using Base64url encoding.
+	 *
+	 * @param string $value
+	 *
+	 * @return self
+	 */
+	public static function fromString(string $value): Parameter
+	{
+		return new static(Base64::urlEncode($value));
+	}
 
-    /**
-     * Get the parameter value as a decoded string.
-     *
-     * @return string
-     */
-    public function string(): string
-    {
-        return Base64::urlDecode($this->value());
-    }
+	/**
+	 * Get the parameter value as a decoded string.
+	 *
+	 * @return string
+	 */
+	public function string(): string
+	{
+		return Base64::urlDecode($this->value());
+	}
 
-    /**
-     * Validate that value is validly base64url encoded.
-     *
-     * @param string $value
-     *
-     * @throws \UnexpectedValueException
-     *
-     * @return self
-     */
-    protected function _validateEncoding(string $value)
-    {
-        if (!Base64::isValidURLEncoding($value)) {
-            throw new \UnexpectedValueException(
-                'Value must be base64url encoded.');
-        }
-        return $this;
-    }
+	/**
+	 * Validate that value is validly base64url encoded.
+	 *
+	 * @param string $value
+	 *
+	 * @throws \UnexpectedValueException
+	 *
+	 * @return self
+	 */
+	protected function _validateEncoding(string $value)
+	{
+		if (!Base64::isValidURLEncoding($value)) {
+			throw new \UnexpectedValueException(
+				'Value must be base64url encoded.');
+		}
+		return $this;
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -1,6 +1,6 @@
 <?php
 
-declare(strict_types = 1);
+declare(strict_types=1);
 
 namespace Sop\JWX\Parameter\Feature;