sop /
jwx
@@ -11,51 +11,51 @@ |
||
| 11 | 11 | */ |
| 12 | 12 | trait Base64URLValue |
| 13 | 13 | { |
| 14 | - use StringParameterValue; |
|
| 14 | + use StringParameterValue; |
|
| 15 | 15 | |
| 16 | - /** |
|
| 17 | - * Get the parameter value. |
|
| 18 | - * |
|
| 19 | - * @return string |
|
| 20 | - */ |
|
| 21 | - abstract public function value(); |
|
| 16 | + /** |
|
| 17 | + * Get the parameter value. |
|
| 18 | + * |
|
| 19 | + * @return string |
|
| 20 | + */ |
|
| 21 | + abstract public function value(); |
|
| 22 | 22 | |
| 23 | - /** |
|
| 24 | - * Initialize from native value. |
|
| 25 | - * |
|
| 26 | - * Value shall be encoded using Base64url encoding. |
|
| 27 | - * |
|
| 28 | - * @param string $value |
|
| 29 | - * @return self |
|
| 30 | - */ |
|
| 31 | - public static function fromString(string $value) |
|
| 32 | - { |
|
| 33 | - return new static(Base64::urlEncode($value)); |
|
| 34 | - } |
|
| 23 | + /** |
|
| 24 | + * Initialize from native value. |
|
| 25 | + * |
|
| 26 | + * Value shall be encoded using Base64url encoding. |
|
| 27 | + * |
|
| 28 | + * @param string $value |
|
| 29 | + * @return self |
|
| 30 | + */ |
|
| 31 | + public static function fromString(string $value) |
|
| 32 | + { |
|
| 33 | + return new static(Base64::urlEncode($value)); |
|
| 34 | + } |
|
| 35 | 35 | |
| 36 | - /** |
|
| 37 | - * Validate that value is validly base64url encoded. |
|
| 38 | - * |
|
| 39 | - * @param string $value |
|
| 40 | - * @throws \UnexpectedValueException |
|
| 41 | - * @return self |
|
| 42 | - */ |
|
| 43 | - protected function _validateEncoding(string $value) |
|
| 44 | - { |
|
| 45 | - if (!Base64::isValidURLEncoding($value)) { |
|
| 46 | - throw new \UnexpectedValueException( |
|
| 47 | - "Value must be base64url encoded."); |
|
| 48 | - } |
|
| 49 | - return $this; |
|
| 50 | - } |
|
| 36 | + /** |
|
| 37 | + * Validate that value is validly base64url encoded. |
|
| 38 | + * |
|
| 39 | + * @param string $value |
|
| 40 | + * @throws \UnexpectedValueException |
|
| 41 | + * @return self |
|
| 42 | + */ |
|
| 43 | + protected function _validateEncoding(string $value) |
|
| 44 | + { |
|
| 45 | + if (!Base64::isValidURLEncoding($value)) { |
|
| 46 | + throw new \UnexpectedValueException( |
|
| 47 | + "Value must be base64url encoded."); |
|
| 48 | + } |
|
| 49 | + return $this; |
|
| 50 | + } |
|
| 51 | 51 | |
| 52 | - /** |
|
| 53 | - * Get the parameter value as a decoded string. |
|
| 54 | - * |
|
| 55 | - * @return string |
|
| 56 | - */ |
|
| 57 | - public function string(): string |
|
| 58 | - { |
|
| 59 | - return Base64::urlDecode($this->value()); |
|
| 60 | - } |
|
| 52 | + /** |
|
| 53 | + * Get the parameter value as a decoded string. |
|
| 54 | + * |
|
| 55 | + * @return string |
|
| 56 | + */ |
|
| 57 | + public function string(): string |
|
| 58 | + { |
|
| 59 | + return Base64::urlDecode($this->value()); |
|
| 60 | + } |
|
| 61 | 61 | } |
@@ -9,21 +9,21 @@ |
||
| 9 | 9 | */ |
| 10 | 10 | trait StringParameterValue |
| 11 | 11 | { |
| 12 | - /** |
|
| 13 | - * Constructor. |
|
| 14 | - * |
|
| 15 | - * @param string $value Parameter value |
|
| 16 | - */ |
|
| 17 | - abstract public function __construct(string $value); |
|
| 12 | + /** |
|
| 13 | + * Constructor. |
|
| 14 | + * |
|
| 15 | + * @param string $value Parameter value |
|
| 16 | + */ |
|
| 17 | + abstract public function __construct(string $value); |
|
| 18 | 18 | |
| 19 | - /** |
|
| 20 | - * Initialize from a JSON value. |
|
| 21 | - * |
|
| 22 | - * @param string $value |
|
| 23 | - * @return static |
|
| 24 | - */ |
|
| 25 | - public static function fromJSONValue($value) |
|
| 26 | - { |
|
| 27 | - return new static(strval($value)); |
|
| 28 | - } |
|
| 19 | + /** |
|
| 20 | + * Initialize from a JSON value. |
|
| 21 | + * |
|
| 22 | + * @param string $value |
|
| 23 | + * @return static |
|
| 24 | + */ |
|
| 25 | + public static function fromJSONValue($value) |
|
| 26 | + { |
|
| 27 | + return new static(strval($value)); |
|
| 28 | + } |
|
| 29 | 29 | } |
@@ -14,27 +14,27 @@ |
||
| 14 | 14 | */ |
| 15 | 15 | trait Base64UIntValue |
| 16 | 16 | { |
| 17 | - use Base64URLValue; |
|
| 17 | + use Base64URLValue; |
|
| 18 | 18 | |
| 19 | - /** |
|
| 20 | - * Initialize parameter from base10 number. |
|
| 21 | - * |
|
| 22 | - * @param int|string $number |
|
| 23 | - * @return self |
|
| 24 | - */ |
|
| 25 | - public static function fromNumber($number) |
|
| 26 | - { |
|
| 27 | - $data = BigInt::fromBase10($number)->base256(); |
|
| 28 | - return self::fromString($data); |
|
| 29 | - } |
|
| 19 | + /** |
|
| 20 | + * Initialize parameter from base10 number. |
|
| 21 | + * |
|
| 22 | + * @param int|string $number |
|
| 23 | + * @return self |
|
| 24 | + */ |
|
| 25 | + public static function fromNumber($number) |
|
| 26 | + { |
|
| 27 | + $data = BigInt::fromBase10($number)->base256(); |
|
| 28 | + return self::fromString($data); |
|
| 29 | + } |
|
| 30 | 30 | |
| 31 | - /** |
|
| 32 | - * Get value as a number. |
|
| 33 | - * |
|
| 34 | - * @return BigInt |
|
| 35 | - */ |
|
| 36 | - public function number(): BigInt |
|
| 37 | - { |
|
| 38 | - return BigInt::fromBase256(Base64::urlDecode($this->value())); |
|
| 39 | - } |
|
| 31 | + /** |
|
| 32 | + * Get value as a number. |
|
| 33 | + * |
|
| 34 | + * @return BigInt |
|
| 35 | + */ |
|
| 36 | + public function number(): BigInt |
|
| 37 | + { |
|
| 38 | + return BigInt::fromBase256(Base64::urlDecode($this->value())); |
|
| 39 | + } |
|
| 40 | 40 | } |
@@ -17,12 +17,12 @@ |
||
| 17 | 17 | $jwt = new JWT($argv[1]); |
| 18 | 18 | // load RSA private key |
| 19 | 19 | $jwk = RSAPrivateKeyJWK::fromPEM( |
| 20 | - PEM::fromFile(dirname(__DIR__) . "/test/assets/rsa/private_key.pem")); |
|
| 20 | + PEM::fromFile(dirname(__DIR__) . "/test/assets/rsa/private_key.pem")); |
|
| 21 | 21 | // create validation context containing only key for decryption |
| 22 | 22 | $ctx = ValidationContext::fromJWK($jwk); |
| 23 | 23 | // decrypt claims from the encrypted JWT |
| 24 | 24 | $claims = $jwt->claims($ctx); |
| 25 | 25 | // print all claims |
| 26 | 26 | foreach ($claims as $claim) { |
| 27 | - echo $claim->name() . ": " . json_encode($claim->value()) . "\n"; |
|
| 27 | + echo $claim->name() . ": " . json_encode($claim->value()) . "\n"; |
|
| 28 | 28 | } |
@@ -17,12 +17,12 @@ discard block |
||
| 17 | 17 | |
| 18 | 18 | // load EC public key |
| 19 | 19 | $ec_pub_jwk = ECPublicKeyJWK::fromPEM( |
| 20 | - PEM::fromFile(dirname(__DIR__) . "/test/assets/ec/public_key_P-256.pem")); |
|
| 20 | + PEM::fromFile(dirname(__DIR__) . "/test/assets/ec/public_key_P-256.pem")); |
|
| 21 | 21 | // initialize symmetric key for key management algorithm |
| 22 | 22 | $kek_jwk = SymmetricKeyJWK::fromKey("0123456789abcdef"); |
| 23 | 23 | // compose JWK set with identified keys |
| 24 | 24 | $keys = new JWKSet($ec_pub_jwk->withKeyID("sig-key"), |
| 25 | - $kek_jwk->withKeyID("enc-key")); |
|
| 25 | + $kek_jwk->withKeyID("enc-key")); |
|
| 26 | 26 | // read JWT token from the first argument |
| 27 | 27 | $jwt = new JWT($argv[1]); |
| 28 | 28 | // initialize validation context |
@@ -31,5 +31,5 @@ discard block |
||
| 31 | 31 | $claims = $jwt->claims($ctx); |
| 32 | 32 | // print claims |
| 33 | 33 | foreach ($claims as $claim) { |
| 34 | - printf("%s: %s\n", $claim->name(), $claim->value()); |
|
| 34 | + printf("%s: %s\n", $claim->name(), $claim->value()); |
|
| 35 | 35 | } |
@@ -23,11 +23,11 @@ |
||
| 23 | 23 | |
| 24 | 24 | // compose claims set |
| 25 | 25 | $claims = new Claims(new Claim("secret data", "for your eyes only"), |
| 26 | - IssuedAtClaim::now(), NotBeforeClaim::now(), |
|
| 27 | - ExpirationTimeClaim::fromString("now + 30 minutes")); |
|
| 26 | + IssuedAtClaim::now(), NotBeforeClaim::now(), |
|
| 27 | + ExpirationTimeClaim::fromString("now + 30 minutes")); |
|
| 28 | 28 | // load RSA public key |
| 29 | 29 | $jwk = RSAPublicKeyJWK::fromPEM( |
| 30 | - PEM::fromFile(dirname(__DIR__) . "/test/assets/rsa/public_key.pem")); |
|
| 30 | + PEM::fromFile(dirname(__DIR__) . "/test/assets/rsa/public_key.pem")); |
|
| 31 | 31 | $key_algo = RSAESPKCS1Algorithm::fromPublicKey($jwk); |
| 32 | 32 | $enc_algo = new A128CBCHS256Algorithm(); |
| 33 | 33 | // create an encrypted JWT token |
@@ -22,10 +22,10 @@ |
||
| 22 | 22 | |
| 23 | 23 | // compose claims set |
| 24 | 24 | $claims = new Claims(new IssuerClaim("John Doe"), new SubjectClaim("Jane Doe"), |
| 25 | - new AudienceClaim("acme-client"), IssuedAtClaim::now(), NotBeforeClaim::now(), |
|
| 26 | - ExpirationTimeClaim::fromString("now + 30 minutes"), |
|
| 27 | - new JWTIDClaim(UUIDv4::createRandom()), |
|
| 28 | - new Claim("custom claim", ["any", "values"])); |
|
| 25 | + new AudienceClaim("acme-client"), IssuedAtClaim::now(), NotBeforeClaim::now(), |
|
| 26 | + ExpirationTimeClaim::fromString("now + 30 minutes"), |
|
| 27 | + new JWTIDClaim(UUIDv4::createRandom()), |
|
| 28 | + new Claim("custom claim", ["any", "values"])); |
|
| 29 | 29 | // create a signed JWT using HS256 with "secret" as a password |
| 30 | 30 | $jwt = JWT::signedFromClaims($claims, new HS256Algorithm("secret")); |
| 31 | 31 | echo $jwt->token() . "\n"; |
@@ -17,12 +17,12 @@ |
||
| 17 | 17 | $jwk = SymmetricKeyJWK::fromKey("secret"); |
| 18 | 18 | // create validation context |
| 19 | 19 | $ctx = ValidationContext::fromJWK($jwk)->withIssuer("John Doe") |
| 20 | - ->withSubject("Jane Doe") |
|
| 21 | - ->withAudience("acme-client"); |
|
| 20 | + ->withSubject("Jane Doe") |
|
| 21 | + ->withAudience("acme-client"); |
|
| 22 | 22 | // get claims set from the JWT. signature shall be verified and claims |
| 23 | 23 | // validated according to validation context. |
| 24 | 24 | $claims = $jwt->claims($ctx); |
| 25 | 25 | // print all claims |
| 26 | 26 | foreach ($claims as $claim) { |
| 27 | - echo $claim->name() . ": " . json_encode($claim->value()) . "\n"; |
|
| 27 | + echo $claim->name() . ": " . json_encode($claim->value()) . "\n"; |
|
| 28 | 28 | } |
@@ -24,7 +24,7 @@ discard block |
||
| 24 | 24 | |
| 25 | 25 | // load EC private key |
| 26 | 26 | $ec_priv_jwk = ECPrivateKeyJWK::fromPEM( |
| 27 | - PEM::fromFile(dirname(__DIR__) . "/test/assets/ec/private_key_P-256.pem")); |
|
| 27 | + PEM::fromFile(dirname(__DIR__) . "/test/assets/ec/private_key_P-256.pem")); |
|
| 28 | 28 | // initialize ES256 signature algorithm and set key ID |
| 29 | 29 | $sig_algo = ES256Algorithm::fromPrivateKey($ec_priv_jwk)->withKeyID("sig-key"); |
| 30 | 30 | // initialize A128GCMKW key management algorithm and set key ID |
@@ -34,8 +34,8 @@ discard block |
||
| 34 | 34 | $enc_algo = new A128CBCHS256Algorithm(); |
| 35 | 35 | // compose claims set |
| 36 | 36 | $claims = new Claims(new IssuerClaim("joe"), |
| 37 | - ExpirationTimeClaim::fromString("now + 1 hour"), |
|
| 38 | - new Claim("http://example.com/is_root", true)); |
|
| 37 | + ExpirationTimeClaim::fromString("now + 1 hour"), |
|
| 38 | + new Claim("http://example.com/is_root", true)); |
|
| 39 | 39 | // sign claims to produce JWT as a JWS |
| 40 | 40 | $jwt = JWT::signedFromClaims($claims, $sig_algo); |
| 41 | 41 | // encrypt JWS further to produce JWT as a JWE |
