drkthunder02/w4rpservices
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added predis and eseye back in.

Browse Source
This commit is contained in:
drkthunder02
2020-12-25 11:28:41 +00:00
parent 0ddd298350
commit 017f72b42e
670 changed files with 60992 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
vendor/web-token/jwt-signature/.github/CONTRIBUTING.md vendored Normal file
View File

@@ -0,0 +1,4 @@
# Contributing
This repository is a sub repository of [the JWT Framework](https://github.com/web-token/jwt-framework) project and is READ ONLY.
Please do not submit any Pull Requests here. It will be automatically closed.

1
vendor/web-token/jwt-signature/.github/FUNDING.yml vendored Normal file
View File

@@ -0,0 +1 @@
patreon: FlorentMorselli

3
vendor/web-token/jwt-signature/.github/PULL_REQUEST_TEMPLATE.md vendored Normal file
View File

@@ -0,0 +1,3 @@
Please do not submit any Pull Requests here. It will be automatically closed.
You should submit it here: https://github.com/web-token/jwt-framework/pulls

37
vendor/web-token/jwt-signature/Algorithm/MacAlgorithm.php vendored Normal file
View File

@@ -0,0 +1,37 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature\Algorithm;
use Jose\Component\Core\Algorithm;
use Jose\Component\Core\JWK;
interface MacAlgorithm extends Algorithm
{
/**
* Sign the input.
*
* @param JWK $key The private key used to hash the data
* @param string $input The input
*/
public function hash(JWK $key, string $input): string;
/**
* Verify the signature of data.
*
* @param JWK $key The private key used to hash the data
* @param string $input The input
* @param string $signature The signature to verify
*/
public function verify(JWK $key, string $input, string $signature): bool;
}

37
vendor/web-token/jwt-signature/Algorithm/SignatureAlgorithm.php vendored Normal file
View File

@@ -0,0 +1,37 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature\Algorithm;
use Jose\Component\Core\Algorithm;
use Jose\Component\Core\JWK;
interface SignatureAlgorithm extends Algorithm
{
/**
* Sign the input.
*
* @param JWK $key The private key used to sign the data
* @param string $input The input
*/
public function sign(JWK $key, string $input): string;
/**
* Verify the signature of data.
*
* @param JWK $key The private key used to sign the data
* @param string $input The input
* @param string $signature The signature to verify
*/
public function verify(JWK $key, string $input, string $signature): bool;
}

150
vendor/web-token/jwt-signature/JWS.php vendored Normal file
View File

@@ -0,0 +1,150 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature;
use function count;
use InvalidArgumentException;
use Jose\Component\Core\JWT;
class JWS implements JWT
{
/**
* @var bool
*/
private $isPayloadDetached = false;
/**
* @var null|string
*/
private $encodedPayload;
/**
* @var Signature[]
*/
private $signatures = [];
/**
* @var null|string
*/
private $payload;
public function __construct(?string $payload, ?string $encodedPayload = null, bool $isPayloadDetached = false)
{
$this->payload = $payload;
$this->encodedPayload = $encodedPayload;
$this->isPayloadDetached = $isPayloadDetached;
}
public function getPayload(): ?string
{
return $this->payload;
}
/**
* Returns true if the payload is detached.
*/
public function isPayloadDetached(): bool
{
return $this->isPayloadDetached;
}
/**
* Returns the Base64Url encoded payload.
* If the payload is detached, this method returns null.
*/
public function getEncodedPayload(): ?string
{
if (true === $this->isPayloadDetached()) {
return null;
}
return $this->encodedPayload;
}
/**
* Returns the signatures associated with the JWS.
*
* @return Signature[]
*/
public function getSignatures(): array
{
return $this->signatures;
}
/**
* Returns the signature at the given index.
*
* @throws InvalidArgumentException if the signature index does not exist
*/
public function getSignature(int $id): Signature
{
if (isset($this->signatures[$id])) {
return $this->signatures[$id];
}
throw new InvalidArgumentException('The signature does not exist.');
}
/**
* This method adds a signature to the JWS object.
* Its returns a new JWS object.
*
* @internal
*
* @return JWS
*/
public function addSignature(string $signature, array $protectedHeader, ?string $encodedProtectedHeader, array $header = []): self
{
$jws = clone $this;
$jws->signatures[] = new Signature($signature, $protectedHeader, $encodedProtectedHeader, $header);
return $jws;
}
/**
* Returns the number of signature associated with the JWS.
*/
public function countSignatures(): int
{
return count($this->signatures);
}
/**
* This method splits the JWS into a list of JWSs.
* It is only useful when the JWS contains more than one signature (JSON General Serialization).
*
* @return JWS[]
*/
public function split(): array
{
$result = [];
foreach ($this->signatures as $signature) {
$jws = new self(
$this->payload,
$this->encodedPayload,
$this->isPayloadDetached
);
$jws = $jws->addSignature(
$signature->getSignature(),
$signature->getProtectedHeader(),
$signature->getEncodedProtectedHeader(),
$signature->getHeader()
);
$result[] = $jws;
}
return $result;
}
}

235
vendor/web-token/jwt-signature/JWSBuilder.php vendored Normal file
View File

@@ -0,0 +1,235 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature;
use function array_key_exists;
use Base64Url\Base64Url;
use function count;
use function in_array;
use InvalidArgumentException;
use function is_array;
use Jose\Component\Core\Algorithm;
use Jose\Component\Core\AlgorithmManager;
use Jose\Component\Core\JWK;
use Jose\Component\Core\Util\JsonConverter;
use Jose\Component\Core\Util\KeyChecker;
use Jose\Component\Signature\Algorithm\MacAlgorithm;
use Jose\Component\Signature\Algorithm\SignatureAlgorithm;
use LogicException;
use RuntimeException;
class JWSBuilder
{
/**
* @var null|string
*/
protected $payload;
/**
* @var bool
*/
protected $isPayloadDetached;
/**
* @var array
*/
protected $signatures = [];
/**
* @var null|bool
*/
protected $isPayloadEncoded;
/**
* @var AlgorithmManager
*/
private $signatureAlgorithmManager;
public function __construct(AlgorithmManager $signatureAlgorithmManager)
{
$this->signatureAlgorithmManager = $signatureAlgorithmManager;
}
/**
* Returns the algorithm manager associated to the builder.
*/
public function getSignatureAlgorithmManager(): AlgorithmManager
{
return $this->signatureAlgorithmManager;
}
/**
* Reset the current data.
*
* @return JWSBuilder
*/
public function create(): self
{
$this->payload = null;
$this->isPayloadDetached = false;
$this->signatures = [];
$this->isPayloadEncoded = null;
return $this;
}
/**
* Set the payload.
* This method will return a new JWSBuilder object.
*
* @throws InvalidArgumentException if the payload is not UTF-8 encoded
*
* @return JWSBuilder
*/
public function withPayload(string $payload, bool $isPayloadDetached = false): self
{
if (false === mb_detect_encoding($payload, 'UTF-8', true)) {
throw new InvalidArgumentException('The payload must be encoded in UTF-8');
}
$clone = clone $this;
$clone->payload = $payload;
$clone->isPayloadDetached = $isPayloadDetached;
return $clone;
}
/**
* Adds the information needed to compute the signature.
* This method will return a new JWSBuilder object.
*
* @throws InvalidArgumentException if the payload encoding is inconsistent
*
* @return JWSBuilder
*/
public function addSignature(JWK $signatureKey, array $protectedHeader, array $header = []): self
{
$this->checkB64AndCriticalHeader($protectedHeader);
$isPayloadEncoded = $this->checkIfPayloadIsEncoded($protectedHeader);
if (null === $this->isPayloadEncoded) {
$this->isPayloadEncoded = $isPayloadEncoded;
} elseif ($this->isPayloadEncoded !== $isPayloadEncoded) {
throw new InvalidArgumentException('Foreign payload encoding detected.');
}
$this->checkDuplicatedHeaderParameters($protectedHeader, $header);
KeyChecker::checkKeyUsage($signatureKey, 'signature');
$algorithm = $this->findSignatureAlgorithm($signatureKey, $protectedHeader, $header);
KeyChecker::checkKeyAlgorithm($signatureKey, $algorithm->name());
$clone = clone $this;
$clone->signatures[] = [
'signature_algorithm' => $algorithm,
'signature_key' => $signatureKey,
'protected_header' => $protectedHeader,
'header' => $header,
];
return $clone;
}
/**
* Computes all signatures and return the expected JWS object.
*
* @throws RuntimeException if the payload is not set
* @throws RuntimeException if no signature is defined
*/
public function build(): JWS
{
if (null === $this->payload) {
throw new RuntimeException('The payload is not set.');
}
if (0 === count($this->signatures)) {
throw new RuntimeException('At least one signature must be set.');
}
$encodedPayload = false === $this->isPayloadEncoded ? $this->payload : Base64Url::encode($this->payload);
$jws = new JWS($this->payload, $encodedPayload, $this->isPayloadDetached);
foreach ($this->signatures as $signature) {
/** @var MacAlgorithm|SignatureAlgorithm $algorithm */
$algorithm = $signature['signature_algorithm'];
/** @var JWK $signatureKey */
$signatureKey = $signature['signature_key'];
/** @var array $protectedHeader */
$protectedHeader = $signature['protected_header'];
/** @var array $header */
$header = $signature['header'];
$encodedProtectedHeader = 0 === count($protectedHeader) ? null : Base64Url::encode(JsonConverter::encode($protectedHeader));
$input = sprintf('%s.%s', $encodedProtectedHeader, $encodedPayload);
if ($algorithm instanceof SignatureAlgorithm) {
$s = $algorithm->sign($signatureKey, $input);
} else {
$s = $algorithm->hash($signatureKey, $input);
}
$jws = $jws->addSignature($s, $protectedHeader, $encodedProtectedHeader, $header);
}
return $jws;
}
private function checkIfPayloadIsEncoded(array $protectedHeader): bool
{
return !array_key_exists('b64', $protectedHeader) || true === $protectedHeader['b64'];
}
/**
* @throws LogicException if the header parameter "crit" is missing, invalid or does not contain "b64" when "b64" is set
*/
private function checkB64AndCriticalHeader(array $protectedHeader): void
{
if (!array_key_exists('b64', $protectedHeader)) {
return;
}
if (!array_key_exists('crit', $protectedHeader)) {
throw new LogicException('The protected header parameter "crit" is mandatory when protected header parameter "b64" is set.');
}
if (!is_array($protectedHeader['crit'])) {
throw new LogicException('The protected header parameter "crit" must be an array.');
}
if (!in_array('b64', $protectedHeader['crit'], true)) {
throw new LogicException('The protected header parameter "crit" must contain "b64" when protected header parameter "b64" is set.');
}
}
/**
* @throws InvalidArgumentException if the header parameter "alg" is missing or the algorithm is not allowed/not supported
*
* @return MacAlgorithm|SignatureAlgorithm
*/
private function findSignatureAlgorithm(JWK $key, array $protectedHeader, array $header): Algorithm
{
$completeHeader = array_merge($header, $protectedHeader);
if (!array_key_exists('alg', $completeHeader)) {
throw new InvalidArgumentException('No "alg" parameter set in the header.');
}
if ($key->has('alg') && $key->get('alg') !== $completeHeader['alg']) {
throw new InvalidArgumentException(sprintf('The algorithm "%s" is not allowed with this key.', $completeHeader['alg']));
}
$algorithm = $this->signatureAlgorithmManager->get($completeHeader['alg']);
if (!$algorithm instanceof SignatureAlgorithm && !$algorithm instanceof MacAlgorithm) {
throw new InvalidArgumentException(sprintf('The algorithm "%s" is not supported.', $completeHeader['alg']));
}
return $algorithm;
}
/**
* @throws InvalidArgumentException if the header contains duplicated entries
*/
private function checkDuplicatedHeaderParameters(array $header1, array $header2): void
{
$inter = array_intersect_key($header1, $header2);
if (0 !== count($inter)) {
throw new InvalidArgumentException(sprintf('The header contains duplicated entries: %s.', implode(', ', array_keys($inter))));
}
}
}

41
vendor/web-token/jwt-signature/JWSBuilderFactory.php vendored Normal file
View File

@@ -0,0 +1,41 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature;
use Jose\Component\Core\AlgorithmManagerFactory;
class JWSBuilderFactory
{
/**
* @var AlgorithmManagerFactory
*/
private $signatureAlgorithmManagerFactory;
public function __construct(AlgorithmManagerFactory $signatureAlgorithmManagerFactory)
{
$this->signatureAlgorithmManagerFactory = $signatureAlgorithmManagerFactory;
}
/**
* This method creates a JWSBuilder using the given algorithm aliases.
*
* @param string[] $algorithms
*/
public function create(array $algorithms): JWSBuilder
{
$algorithmManager = $this->signatureAlgorithmManagerFactory->create($algorithms);
return new JWSBuilder($algorithmManager);
}
}

124
vendor/web-token/jwt-signature/JWSLoader.php vendored Normal file
View File

@@ -0,0 +1,124 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature;
use Exception;
use Jose\Component\Checker\HeaderCheckerManager;
use Jose\Component\Core\JWK;
use Jose\Component\Core\JWKSet;
use Jose\Component\Signature\Serializer\JWSSerializerManager;
use Throwable;
class JWSLoader
{
/**
* @var JWSVerifier
*/
private $jwsVerifier;
/**
* @var null|HeaderCheckerManager
*/
private $headerCheckerManager;
/**
* @var JWSSerializerManager
*/
private $serializerManager;
/**
* JWSLoader constructor.
*/
public function __construct(JWSSerializerManager $serializerManager, JWSVerifier $jwsVerifier, ?HeaderCheckerManager $headerCheckerManager)
{
$this->serializerManager = $serializerManager;
$this->jwsVerifier = $jwsVerifier;
$this->headerCheckerManager = $headerCheckerManager;
}
/**
* Returns the JWSVerifier associated to the JWSLoader.
*/
public function getJwsVerifier(): JWSVerifier
{
return $this->jwsVerifier;
}
/**
* Returns the Header Checker Manager associated to the JWSLoader.
*/
public function getHeaderCheckerManager(): ?HeaderCheckerManager
{
return $this->headerCheckerManager;
}
/**
* Returns the JWSSerializer associated to the JWSLoader.
*/
public function getSerializerManager(): JWSSerializerManager
{
return $this->serializerManager;
}
/**
* This method will try to load and verify the token using the given key.
* It returns a JWS and will populate the $signature variable in case of success, otherwise an exception is thrown.
*
* @throws Exception if the token cannot be loaded or verified
*/
public function loadAndVerifyWithKey(string $token, JWK $key, ?int &$signature, ?string $payload = null): JWS
{
$keyset = new JWKSet([$key]);
return $this->loadAndVerifyWithKeySet($token, $keyset, $signature, $payload);
}
/**
* This method will try to load and verify the token using the given key set.
* It returns a JWS and will populate the $signature variable in case of success, otherwise an exception is thrown.
*
* @throws Exception if the token cannot be loaded or verified
*/
public function loadAndVerifyWithKeySet(string $token, JWKSet $keyset, ?int &$signature, ?string $payload = null): JWS
{
try {
$jws = $this->serializerManager->unserialize($token);
$nbSignatures = $jws->countSignatures();
for ($i = 0; $i < $nbSignatures; ++$i) {
if ($this->processSignature($jws, $keyset, $i, $payload)) {
$signature = $i;
return $jws;
}
}
} catch (Throwable $e) {
// Nothing to do. Exception thrown just after
}
throw new Exception('Unable to load and verify the token.');
}
private function processSignature(JWS $jws, JWKSet $keyset, int $signature, ?string $payload): bool
{
try {
if (null !== $this->headerCheckerManager) {
$this->headerCheckerManager->check($jws, $signature);
}
return $this->jwsVerifier->verifyWithKeySet($jws, $keyset, $signature, $payload);
} catch (Throwable $e) {
return false;
}
}
}

59
vendor/web-token/jwt-signature/JWSLoaderFactory.php vendored Normal file
View File

@@ -0,0 +1,59 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature;
use Jose\Component\Checker\HeaderCheckerManagerFactory;
use Jose\Component\Signature\Serializer\JWSSerializerManagerFactory;
class JWSLoaderFactory
{
/**
* @var JWSVerifierFactory
*/
private $jwsVerifierFactory;
/**
* @var JWSSerializerManagerFactory
*/
private $jwsSerializerManagerFactory;
/**
* @var null|HeaderCheckerManagerFactory
*/
private $headerCheckerManagerFactory;
public function __construct(JWSSerializerManagerFactory $jwsSerializerManagerFactory, JWSVerifierFactory $jwsVerifierFactory, ?HeaderCheckerManagerFactory $headerCheckerManagerFactory)
{
$this->jwsSerializerManagerFactory = $jwsSerializerManagerFactory;
$this->jwsVerifierFactory = $jwsVerifierFactory;
$this->headerCheckerManagerFactory = $headerCheckerManagerFactory;
}
/**
* Creates a JWSLoader using the given serializer aliases, signature algorithm aliases and (optionally)
* the header checker aliases.
*/
public function create(array $serializers, array $algorithms, array $headerCheckers = []): JWSLoader
{
$serializerManager = $this->jwsSerializerManagerFactory->create($serializers);
$jwsVerifier = $this->jwsVerifierFactory->create($algorithms);
if (null !== $this->headerCheckerManagerFactory) {
$headerCheckerManager = $this->headerCheckerManagerFactory->create($headerCheckers);
} else {
$headerCheckerManager = null;
}
return new JWSLoader($serializerManager, $jwsVerifier, $headerCheckerManager);
}
}

42
vendor/web-token/jwt-signature/JWSTokenSupport.php vendored Normal file
View File

@@ -0,0 +1,42 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature;
use InvalidArgumentException;
use Jose\Component\Checker\TokenTypeSupport;
use Jose\Component\Core\JWT;
final class JWSTokenSupport implements TokenTypeSupport
{
public function supports(JWT $jwt): bool
{
return $jwt instanceof JWS;
}
/**
* @throws InvalidArgumentException if the signature index does not exist
*/
public function retrieveTokenHeaders(JWT $jwt, int $index, array &$protectedHeader, array &$unprotectedHeader): void
{
if (!$jwt instanceof JWS) {
return;
}
if ($index > $jwt->countSignatures()) {
throw new InvalidArgumentException('Unknown signature index.');
}
$protectedHeader = $jwt->getSignature($index)->getProtectedHeader();
$unprotectedHeader = $jwt->getSignature($index)->getHeader();
}
}

170
vendor/web-token/jwt-signature/JWSVerifier.php vendored Normal file
View File

@@ -0,0 +1,170 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature;
use Base64Url\Base64Url;
use InvalidArgumentException;
use Jose\Component\Core\Algorithm;
use Jose\Component\Core\AlgorithmManager;
use Jose\Component\Core\JWK;
use Jose\Component\Core\JWKSet;
use Jose\Component\Core\Util\KeyChecker;
use Jose\Component\Signature\Algorithm\MacAlgorithm;
use Jose\Component\Signature\Algorithm\SignatureAlgorithm;
use Throwable;
class JWSVerifier
{
/**
* @var AlgorithmManager
*/
private $signatureAlgorithmManager;
/**
* JWSVerifier constructor.
*/
public function __construct(AlgorithmManager $signatureAlgorithmManager)
{
$this->signatureAlgorithmManager = $signatureAlgorithmManager;
}
/**
* Returns the algorithm manager associated to the JWSVerifier.
*/
public function getSignatureAlgorithmManager(): AlgorithmManager
{
return $this->signatureAlgorithmManager;
}
/**
* This method will try to verify the JWS object using the given key and for the given signature.
* It returns true if the signature is verified, otherwise false.
*
* @return bool true if the verification of the signature succeeded, else false
*/
public function verifyWithKey(JWS $jws, JWK $jwk, int $signature, ?string $detachedPayload = null): bool
{
$jwkset = new JWKSet([$jwk]);
return $this->verifyWithKeySet($jws, $jwkset, $signature, $detachedPayload);
}
/**
* This method will try to verify the JWS object using the given key set and for the given signature.
* It returns true if the signature is verified, otherwise false.
*
* @param JWS $jws A JWS object
* @param JWKSet $jwkset The signature will be verified using keys in the key set
* @param JWK $jwk The key used to verify the signature in case of success
* @param null|string $detachedPayload If not null, the value must be the detached payload encoded in Base64 URL safe. If the input contains a payload, throws an exception.
*
* @throws InvalidArgumentException if there is no key in the keyset
* @throws InvalidArgumentException if the token does not contain any signature
*
* @return bool true if the verification of the signature succeeded, else false
*/
public function verifyWithKeySet(JWS $jws, JWKSet $jwkset, int $signatureIndex, ?string $detachedPayload = null, JWK &$jwk = null): bool
{
if (0 === $jwkset->count()) {
throw new InvalidArgumentException('There is no key in the key set.');
}
if (0 === $jws->countSignatures()) {
throw new InvalidArgumentException('The JWS does not contain any signature.');
}
$this->checkPayload($jws, $detachedPayload);
$signature = $jws->getSignature($signatureIndex);
return $this->verifySignature($jws, $jwkset, $signature, $detachedPayload, $jwk);
}
private function verifySignature(JWS $jws, JWKSet $jwkset, Signature $signature, ?string $detachedPayload = null, JWK &$successJwk = null): bool
{
$input = $this->getInputToVerify($jws, $signature, $detachedPayload);
$algorithm = $this->getAlgorithm($signature);
foreach ($jwkset->all() as $jwk) {
try {
KeyChecker::checkKeyUsage($jwk, 'verification');
KeyChecker::checkKeyAlgorithm($jwk, $algorithm->name());
if (true === $algorithm->verify($jwk, $input, $signature->getSignature())) {
$successJwk = $jwk;
return true;
}
} catch (Throwable $e) {
//We do nothing, we continue with other keys
continue;
}
}
return false;
}
private function getInputToVerify(JWS $jws, Signature $signature, ?string $detachedPayload): string
{
$isPayloadEmpty = $this->isPayloadEmpty($jws->getPayload());
$encodedProtectedHeader = $signature->getEncodedProtectedHeader();
if (!$signature->hasProtectedHeaderParameter('b64') || true === $signature->getProtectedHeaderParameter('b64')) {
if (null !== $jws->getEncodedPayload()) {
return sprintf('%s.%s', $encodedProtectedHeader, $jws->getEncodedPayload());
}
$payload = $isPayloadEmpty ? $detachedPayload : $jws->getPayload();
return sprintf('%s.%s', $encodedProtectedHeader, Base64Url::encode($payload));
}
$payload = $isPayloadEmpty ? $detachedPayload : $jws->getPayload();
return sprintf('%s.%s', $encodedProtectedHeader, $payload);
}
/**
* @throws InvalidArgumentException if the payload is set when a detached payload is provided or no payload is defined
*/
private function checkPayload(JWS $jws, ?string $detachedPayload = null): void
{
$isPayloadEmpty = $this->isPayloadEmpty($jws->getPayload());
if (null !== $detachedPayload && !$isPayloadEmpty) {
throw new InvalidArgumentException('A detached payload is set, but the JWS already has a payload.');
}
if ($isPayloadEmpty && null === $detachedPayload) {
throw new InvalidArgumentException('The JWS has a detached payload, but no payload is provided.');
}
}
/**
* @throws InvalidArgumentException if the header parameter "alg" is missing or invalid
*
* @return MacAlgorithm|SignatureAlgorithm
*/
private function getAlgorithm(Signature $signature): Algorithm
{
$completeHeader = array_merge($signature->getProtectedHeader(), $signature->getHeader());
if (!isset($completeHeader['alg'])) {
throw new InvalidArgumentException('No "alg" parameter set in the header.');
}
$algorithm = $this->signatureAlgorithmManager->get($completeHeader['alg']);
if (!$algorithm instanceof SignatureAlgorithm && !$algorithm instanceof MacAlgorithm) {
throw new InvalidArgumentException(sprintf('The algorithm "%s" is not supported or is not a signature or MAC algorithm.', $completeHeader['alg']));
}
return $algorithm;
}
private function isPayloadEmpty(?string $payload): bool
{
return null === $payload || '' === $payload;
}
}

41
vendor/web-token/jwt-signature/JWSVerifierFactory.php vendored Normal file
View File

@@ -0,0 +1,41 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature;
use Jose\Component\Core\AlgorithmManagerFactory;
class JWSVerifierFactory
{
/**
* @var AlgorithmManagerFactory
*/
private $algorithmManagerFactory;
public function __construct(AlgorithmManagerFactory $algorithmManagerFactory)
{
$this->algorithmManagerFactory = $algorithmManagerFactory;
}
/**
* Creates a JWSVerifier using the given signature algorithm aliases.
*
* @param string[] $algorithms
*/
public function create(array $algorithms): JWSVerifier
{
$algorithmManager = $this->algorithmManagerFactory->create($algorithms);
return new JWSVerifier($algorithmManager);
}
}

21
vendor/web-token/jwt-signature/LICENSE vendored Normal file
View File

@@ -0,0 +1,21 @@
The MIT License (MIT)
Copyright (c) 2014-2019 Spomky-Labs
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

15
vendor/web-token/jwt-signature/README.md vendored Normal file
View File

@@ -0,0 +1,15 @@
PHP JWT Signature Component
===========================
This repository is a sub repository of [the JWT Framework](https://github.com/web-token/jwt-framework) project and is READ ONLY.
**Please do not submit any Pull Request here.**
You should go to [the main repository](https://github.com/web-token/jwt-framework) instead.
# Documentation
The official documentation is available as https://web-token.spomky-labs.com/
# Licence
This software is release under [MIT licence](LICENSE).

96
vendor/web-token/jwt-signature/Serializer/CompactSerializer.php vendored Normal file
View File

@@ -0,0 +1,96 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature\Serializer;
use Base64Url\Base64Url;
use function count;
use InvalidArgumentException;
use Jose\Component\Core\Util\JsonConverter;
use Jose\Component\Signature\JWS;
use LogicException;
use Throwable;
final class CompactSerializer extends Serializer
{
public const NAME = 'jws_compact';
public function displayName(): string
{
return 'JWS Compact';
}
public function name(): string
{
return self::NAME;
}
/**
* @throws LogicException if the JWS has unprotected header (invalid for compact JSON)
* @throws LogicException if the payload is not encoded but contains unauthorized characters
*/
public function serialize(JWS $jws, ?int $signatureIndex = null): string
{
if (null === $signatureIndex) {
$signatureIndex = 0;
}
$signature = $jws->getSignature($signatureIndex);
if (0 !== count($signature->getHeader())) {
throw new LogicException('The signature contains unprotected header parameters and cannot be converted into compact JSON.');
}
$isEmptyPayload = null === $jws->getEncodedPayload() || '' === $jws->getEncodedPayload();
if (!$this->isPayloadEncoded($signature->getProtectedHeader()) && !$isEmptyPayload) {
if (1 !== preg_match('/^[\x{20}-\x{2d}|\x{2f}-\x{7e}]*$/u', $jws->getPayload())) {
throw new LogicException('Unable to convert the JWS with non-encoded payload.');
}
}
return sprintf(
'%s.%s.%s',
$signature->getEncodedProtectedHeader(),
$jws->getEncodedPayload(),
Base64Url::encode($signature->getSignature())
);
}
/**
* @throws InvalidArgumentException if the input is invalid
*/
public function unserialize(string $input): JWS
{
$parts = explode('.', $input);
if (3 !== count($parts)) {
throw new InvalidArgumentException('Unsupported input');
}
try {
$encodedProtectedHeader = $parts[0];
$protectedHeader = JsonConverter::decode(Base64Url::decode($parts[0]));
$hasPayload = '' !== $parts[1];
if (!$hasPayload) {
$payload = null;
$encodedPayload = null;
} else {
$encodedPayload = $parts[1];
$payload = $this->isPayloadEncoded($protectedHeader) ? Base64Url::decode($encodedPayload) : $encodedPayload;
}
$signature = Base64Url::decode($parts[2]);
$jws = new JWS($payload, $encodedPayload, !$hasPayload);
return $jws->addSignature($signature, $protectedHeader, $encodedProtectedHeader);
} catch (Throwable $throwable) {
throw new InvalidArgumentException('Unsupported input', $throwable->getCode(), $throwable);
}
}
}

110
vendor/web-token/jwt-signature/Serializer/JSONFlattenedSerializer.php vendored Normal file
View File

@@ -0,0 +1,110 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature\Serializer;
use Base64Url\Base64Url;
use function count;
use InvalidArgumentException;
use function is_array;
use Jose\Component\Core\Util\JsonConverter;
use Jose\Component\Signature\JWS;
final class JSONFlattenedSerializer extends Serializer
{
public const NAME = 'jws_json_flattened';
public function displayName(): string
{
return 'JWS JSON Flattened';
}
public function name(): string
{
return self::NAME;
}
public function serialize(JWS $jws, ?int $signatureIndex = null): string
{
if (null === $signatureIndex) {
$signatureIndex = 0;
}
$signature = $jws->getSignature($signatureIndex);
$data = [];
$values = [
'payload' => $jws->getEncodedPayload(),
'protected' => $signature->getEncodedProtectedHeader(),
'header' => $signature->getHeader(),
];
$encodedPayload = $jws->getEncodedPayload();
if (null !== $encodedPayload && '' !== $encodedPayload) {
$data['payload'] = $encodedPayload;
}
$encodedProtectedHeader = $signature->getEncodedProtectedHeader();
if (null !== $encodedProtectedHeader && '' !== $encodedProtectedHeader) {
$data['protected'] = $encodedProtectedHeader;
}
$header = $signature->getHeader();
if (0 !== count($header)) {
$data['header'] = $header;
}
$data['signature'] = Base64Url::encode($signature->getSignature());
return JsonConverter::encode($data);
}
/**
* @throws InvalidArgumentException if the input is not supported
* @throws InvalidArgumentException if the JWS header is invalid
*/
public function unserialize(string $input): JWS
{
$data = JsonConverter::decode($input);
if (!is_array($data)) {
throw new InvalidArgumentException('Unsupported input.');
}
if (!isset($data['signature'])) {
throw new InvalidArgumentException('Unsupported input.');
}
$signature = Base64Url::decode($data['signature']);
if (isset($data['protected'])) {
$encodedProtectedHeader = $data['protected'];
$protectedHeader = JsonConverter::decode(Base64Url::decode($data['protected']));
} else {
$encodedProtectedHeader = null;
$protectedHeader = [];
}
if (isset($data['header'])) {
if (!is_array($data['header'])) {
throw new InvalidArgumentException('Bad header.');
}
$header = $data['header'];
} else {
$header = [];
}
if (isset($data['payload'])) {
$encodedPayload = $data['payload'];
$payload = $this->isPayloadEncoded($protectedHeader) ? Base64Url::decode($encodedPayload) : $encodedPayload;
} else {
$payload = null;
$encodedPayload = null;
}
$jws = new JWS($payload, $encodedPayload, null === $encodedPayload);
return $jws->addSignature($signature, $protectedHeader, $encodedProtectedHeader, $header);
}
}

167
vendor/web-token/jwt-signature/Serializer/JSONGeneralSerializer.php vendored Normal file
View File

@@ -0,0 +1,167 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature\Serializer;
use function array_key_exists;
use Base64Url\Base64Url;
use function count;
use InvalidArgumentException;
use function is_array;
use function is_string;
use Jose\Component\Core\Util\JsonConverter;
use Jose\Component\Signature\JWS;
use LogicException;
final class JSONGeneralSerializer extends Serializer
{
public const NAME = 'jws_json_general';
public function displayName(): string
{
return 'JWS JSON General';
}
public function name(): string
{
return self::NAME;
}
/**
* @throws LogicException if no signature is attached
*/
public function serialize(JWS $jws, ?int $signatureIndex = null): string
{
if (0 === $jws->countSignatures()) {
throw new LogicException('No signature.');
}
$data = [];
$this->checkPayloadEncoding($jws);
if (false === $jws->isPayloadDetached()) {
$data['payload'] = $jws->getEncodedPayload();
}
$data['signatures'] = [];
foreach ($jws->getSignatures() as $signature) {
$tmp = ['signature' => Base64Url::encode($signature->getSignature())];
$values = [
'protected' => $signature->getEncodedProtectedHeader(),
'header' => $signature->getHeader(),
];
foreach ($values as $key => $value) {
if ((is_string($value) && '' !== $value) || (is_array($value) && 0 !== count($value))) {
$tmp[$key] = $value;
}
}
$data['signatures'][] = $tmp;
}
return JsonConverter::encode($data);
}
/**
* @throws InvalidArgumentException if the input is not supported
*/
public function unserialize(string $input): JWS
{
$data = JsonConverter::decode($input);
if (!isset($data['signatures'])) {
throw new InvalidArgumentException('Unsupported input.');
}
$isPayloadEncoded = null;
$rawPayload = $data['payload'] ?? null;
$signatures = [];
foreach ($data['signatures'] as $signature) {
if (!isset($signature['signature'])) {
throw new InvalidArgumentException('Unsupported input.');
}
list($encodedProtectedHeader, $protectedHeader, $header) = $this->processHeaders($signature);
$signatures[] = [
'signature' => Base64Url::decode($signature['signature']),
'protected' => $protectedHeader,
'encoded_protected' => $encodedProtectedHeader,
'header' => $header,
];
$isPayloadEncoded = $this->processIsPayloadEncoded($isPayloadEncoded, $protectedHeader);
}
$payload = $this->processPayload($rawPayload, $isPayloadEncoded);
$jws = new JWS($payload, $rawPayload);
foreach ($signatures as $signature) {
$jws = $jws->addSignature(
$signature['signature'],
$signature['protected'],
$signature['encoded_protected'],
$signature['header']
);
}
return $jws;
}
/**
* @throws InvalidArgumentException if the payload encoding is invalid
*/
private function processIsPayloadEncoded(?bool $isPayloadEncoded, array $protectedHeader): bool
{
if (null === $isPayloadEncoded) {
return $this->isPayloadEncoded($protectedHeader);
}
if ($this->isPayloadEncoded($protectedHeader) !== $isPayloadEncoded) {
throw new InvalidArgumentException('Foreign payload encoding detected.');
}
return $isPayloadEncoded;
}
private function processHeaders(array $signature): array
{
$encodedProtectedHeader = $signature['protected'] ?? null;
$protectedHeader = null === $encodedProtectedHeader ? [] : JsonConverter::decode(Base64Url::decode($encodedProtectedHeader));
$header = array_key_exists('header', $signature) ? $signature['header'] : [];
return [$encodedProtectedHeader, $protectedHeader, $header];
}
private function processPayload(?string $rawPayload, ?bool $isPayloadEncoded): ?string
{
if (null === $rawPayload) {
return null;
}
return false === $isPayloadEncoded ? $rawPayload : Base64Url::decode($rawPayload);
}
// @throws LogicException if the payload encoding is invalid
private function checkPayloadEncoding(JWS $jws): void
{
if ($jws->isPayloadDetached()) {
return;
}
$is_encoded = null;
foreach ($jws->getSignatures() as $signature) {
if (null === $is_encoded) {
$is_encoded = $this->isPayloadEncoded($signature->getProtectedHeader());
}
if (false === $jws->isPayloadDetached()) {
if ($is_encoded !== $this->isPayloadEncoded($signature->getProtectedHeader())) {
throw new LogicException('Foreign payload encoding detected.');
}
}
}
}
}

38
vendor/web-token/jwt-signature/Serializer/JWSSerializer.php vendored Normal file
View File

@@ -0,0 +1,38 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature\Serializer;
use Jose\Component\Signature\JWS;
interface JWSSerializer
{
/**
* The name of the serialization.
*/
public function name(): string;
public function displayName(): string;
/**
* Converts a JWS into a string.
*/
public function serialize(JWS $jws, ?int $signatureIndex = null): string;
/**
* Loads data and return a JWS object.
*
* @param string $input A string that represents a JWS
*/
public function unserialize(string $input): JWS;
}

86
vendor/web-token/jwt-signature/Serializer/JWSSerializerManager.php vendored Normal file
View File

@@ -0,0 +1,86 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature\Serializer;
use InvalidArgumentException;
use Jose\Component\Signature\JWS;
class JWSSerializerManager
{
/**
* @var JWSSerializer[]
*/
private $serializers = [];
/**
* @param JWSSerializer[] $serializers
*/
public function __construct(array $serializers)
{
foreach ($serializers as $serializer) {
$this->add($serializer);
}
}
/**
* @return string[]
*/
public function list(): array
{
return array_keys($this->serializers);
}
/**
* Converts a JWS into a string.
*
* @throws InvalidArgumentException if the serializer is not supported
*/
public function serialize(string $name, JWS $jws, ?int $signatureIndex = null): string
{
if (!isset($this->serializers[$name])) {
throw new InvalidArgumentException(sprintf('Unsupported serializer "%s".', $name));
}
return $this->serializers[$name]->serialize($jws, $signatureIndex);
}
/**
* Loads data and return a JWS object.
*
* @param string $input A string that represents a JWS
* @param null|string $name the name of the serializer if the input is unserialized
*
* @throws InvalidArgumentException if the input is not supported
*/
public function unserialize(string $input, ?string &$name = null): JWS
{
foreach ($this->serializers as $serializer) {
try {
$jws = $serializer->unserialize($input);
$name = $serializer->name();
return $jws;
} catch (InvalidArgumentException $e) {
continue;
}
}
throw new InvalidArgumentException('Unsupported input.');
}
private function add(JWSSerializer $serializer): void
{
$this->serializers[$serializer->name()] = $serializer;
}
}

63
vendor/web-token/jwt-signature/Serializer/JWSSerializerManagerFactory.php vendored Normal file
View File

@@ -0,0 +1,63 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature\Serializer;
use InvalidArgumentException;
class JWSSerializerManagerFactory
{
/**
* @var JWSSerializer[]
*/
private $serializers = [];
/**
* @param string[] $names
*
* @throws InvalidArgumentException if the serializer is not supported
*/
public function create(array $names): JWSSerializerManager
{
$serializers = [];
foreach ($names as $name) {
if (!isset($this->serializers[$name])) {
throw new InvalidArgumentException(sprintf('Unsupported serializer "%s".', $name));
}
$serializers[] = $this->serializers[$name];
}
return new JWSSerializerManager($serializers);
}
/**
* @return string[]
*/
public function names(): array
{
return array_keys($this->serializers);
}
/**
* @return JWSSerializer[]
*/
public function all(): array
{
return $this->serializers;
}
public function add(JWSSerializer $serializer): void
{
$this->serializers[$serializer->name()] = $serializer;
}
}

24
vendor/web-token/jwt-signature/Serializer/Serializer.php vendored Normal file
View File

@@ -0,0 +1,24 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature\Serializer;
use function array_key_exists;
abstract class Serializer implements JWSSerializer
{
protected function isPayloadEncoded(array $protectedHeader): bool
{
return !array_key_exists('b64', $protectedHeader) || true === $protectedHeader['b64'];
}
}

134
vendor/web-token/jwt-signature/Signature.php vendored Normal file
View File

@@ -0,0 +1,134 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature;
use function array_key_exists;
use InvalidArgumentException;
class Signature
{
/**
* @var null|string
*/
private $encodedProtectedHeader;
/**
* @var array
*/
private $protectedHeader;
/**
* @var array
*/
private $header;
/**
* @var string
*/
private $signature;
public function __construct(string $signature, array $protectedHeader, ?string $encodedProtectedHeader, array $header)
{
$this->protectedHeader = null === $encodedProtectedHeader ? [] : $protectedHeader;
$this->encodedProtectedHeader = $encodedProtectedHeader;
$this->signature = $signature;
$this->header = $header;
}
/**
* The protected header associated with the signature.
*/
public function getProtectedHeader(): array
{
return $this->protectedHeader;
}
/**
* The unprotected header associated with the signature.
*/
public function getHeader(): array
{
return $this->header;
}
/**
* The protected header associated with the signature.
*/
public function getEncodedProtectedHeader(): ?string
{
return $this->encodedProtectedHeader;
}
/**
* Returns the value of the protected header of the specified key.
*
* @param string $key The key
*
* @throws InvalidArgumentException if the header parameter does not exist
*
* @return null|mixed Header value
*/
public function getProtectedHeaderParameter(string $key)
{
if ($this->hasProtectedHeaderParameter($key)) {
return $this->getProtectedHeader()[$key];
}
throw new InvalidArgumentException(sprintf('The protected header "%s" does not exist', $key));
}
/**
* Returns true if the protected header has the given parameter.
*
* @param string $key The key
*/
public function hasProtectedHeaderParameter(string $key): bool
{
return array_key_exists($key, $this->getProtectedHeader());
}
/**
* Returns the value of the unprotected header of the specified key.
*
* @param string $key The key
*
* @return null|mixed Header value
*/
public function getHeaderParameter(string $key)
{
if ($this->hasHeaderParameter($key)) {
return $this->header[$key];
}
throw new InvalidArgumentException(sprintf('The header "%s" does not exist', $key));
}
/**
* Returns true if the unprotected header has the given parameter.
*
* @param string $key The key
*/
public function hasHeaderParameter(string $key): bool
{
return array_key_exists($key, $this->header);
}
/**
* Returns the value of the signature.
*/
public function getSignature(): string
{
return $this->signature;
}
}

56
vendor/web-token/jwt-signature/Tests/ForeignJWTTest.php vendored Normal file
View File

@@ -0,0 +1,56 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature\Tests;
use Jose\Component\Core\JWK;
/**
* @group ForeignJWT
* @group functional
*
* @internal
*/
class ForeignJWTTest extends SignatureTest
{
/*
* The following test uses an assertion created with another library.
* This assertion is valid if verified with the JWK.
*/
/**
* @test
*/
public function validJWTFromOtherLibrary(): void
{
$jwk = new JWK([
'kty' => 'RSA',
'kid' => 'public',
'n' => 'rYYOdiGrtRzCcV179qEI7TN-kkdmL37zJ3qugImaoOKbtw9EUwZGyMkcYp48eVksOwT7bxSn1hzP_n75Jlwl85MMAYIqKiQFHjjUVHBAD6HWFHsriod6-fdJxsXDhJ4lDoWxIQFLEKhGo3QeIYO0b6iwuSSIR2qO8sOCmmEngvq4OfyZz11mTpztl5cObeal8f6lQ5UHFUCXfx_QLnkrrTMuRioFZ1lEn2MhGm9Mx8eATY8OXUsK6L47LYP7aiWFKepesX4Tk16aKoB2GdlDO3-TG0aAYe89Ar7rGaoW39EYAuzxpbMka2Pp83Re4dEzMKMXy-mbGMTh5waqHIE9L9Rwldi2CaRrLgBBuMF_XyrCL4nMbEQ7xbVDxkayZ1sOir3TbrV9Z-bRjNNQhPl_zmfttyTEk18EyXhIwOVxjRmMdbPbP_K93o3h7_-mYTRgpoUM93X_3ec-lnyDHhSX2IrRe9z3eerzu4c7l3XV8eWhqIYWOw_AyArK1XxSlJhcSwWAFBXt7fYHGoT-wOI3lr7mJb8hqIMIOxA3M9-3NK_IPPjBcKQHrpUKQBulaYGCSlbIgUIkMDoxU4RaRAbR_31JLi9ZEgTmKjg7Db6I-omIlBSqdPZIEVQpHgGPlMMfKD05cYfXg82b5M_xuGNHXaFm_MkCJnKDq4NKx4ePUkM',
'e' => 'AQAB',
]);
$challenge = 'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJmNTIyMjI3OS1kNTQ0LTRjM2QtYWM3Yy1mYzU0NzE1ZDBjMjYiLCJleHAiOjE0Njk2NDkyMDksImp0aSI6IjZhZjExNDk3LTdkNmItNDQ5Ny04NDI1LTc0YmExM2E1ODMxYyIsInJlZGlyIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NDQ0NC9vYXV0aDIvYXV0aD9jbGllbnRfaWQ9ZjUyMjIyNzktZDU0NC00YzNkLWFjN2MtZmM1NDcxNWQwYzI2XHUwMDI2cmVzcG9uc2VfdHlwZT1jb2RlXHUwMDI2c2NvcGU9Y29yZStmb29cdTAwMjZzdGF0ZT1hYmNkZWZnaFx1MDAyNnJlZGlyZWN0X3VyaT1odHRwOi8vbG9jYWxob3N0L2NiIiwic2NwIjpbImNvcmUiLCJmb28iXX0.U3fu5eJVDD5tpOa9O3SejMh78skCj6a3rv5qWqzmME2WF0R9QnTR6TS5g6OOCh86o03AlHi2LhE4GSoUmC8WMPzXopDSdZdEkuifYUOSjRQV3Mp5tn6ozkkB75TtIhM8x5_QV3YKgTy3bcojg-Nx3ix43ENGdnbaCZ6Sxqj4xDknh7pHtsUiHfHZL7jd0I0xP5TYOw0_rxhuK9UZKtt_o05sFnNr0PW1k5d6aU5qJoBNVAendr_evrzXIV0yCC_odj5KySsNaQiXjUX_Tri2_5gSgcr8t3GMRm-HjDJRttwD3vgQG_K3vuToB-JAtHNMDcqmPjLzEFFkRDeh55kHgPJlYzSdwWD52b9sX5fj-VrRLdQzO2VVVkP7a9GoCGS06ypV9R_yGK8HzKJ8uB12dTNmplo03v4vdWxVdsnWxmBJ0m7G7yBCr-iGi87ezowpkMw22rNBkqnaEZIVbmX5E-G3UncE6io3IizEGH4YcGxWSk_D2fCII6X9uncf2rwslhEMiGC6rwlrL8dgl3kJTB4d0s2wIKgWJwEfLkiamJ2CJp6x0tqG7ozWv3k1tNQaZ9OwaulZ7nbmHgalyIOI2k-emMhFZsdnAtCxtcrxleevoiYF-Q54h1BhYInQT6Ejx7CdKOTEjljttB7lcqqpboSblw8Ji7lxUiKHWyGhcPI';
$jwsVerifier = $this->getJWSVerifierFactory()->create(['RS256']);
$jwt = $this->getJWSSerializerManager()->unserialize($challenge);
static::assertTrue($jwsVerifier->verifyWithKey($jwt, $jwk, 0));
$expectedHeader = [
'alg' => 'RS256',
'typ' => 'JWT',
];
static::assertEquals($expectedHeader, $jwt->getSignature(0)->getProtectedHeader());
}
}

35
vendor/web-token/jwt-signature/Tests/JWSFlattenedTest.php vendored Normal file
View File

@@ -0,0 +1,35 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature\Tests;
/**
* @group functional
*
* @internal
*/
class JWSFlattenedTest extends SignatureTest
{
/**
* @see https://tools.ietf.org/html/rfc7516#appendix-A.5
*
* @test
*/
public function loadFlattenedJWS(): void
{
$loaded = $this->getJWSSerializerManager()->unserialize('{"payload":"eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ","protected":"eyJhbGciOiJFUzI1NiJ9","header":{"kid":"e9bc097a-ce51-4036-9562-d2ade882db0d"},"signature":"DtEhU3ljbEg8L38VWAfUAqOyKAM6-Xx-F4GawxaepmXFCgfTjDxw5djxLa8ISlSApmWQxfKTUJqPP3-Kg6NU1Q"}');
static::assertEquals('ES256', $loaded->getSignature(0)->getProtectedHeaderParameter('alg'));
static::assertEquals(['iss' => 'joe', 'exp' => 1300819380, 'http://example.com/is_root' => true], json_decode($loaded->getPayload(), true));
}
}

120
vendor/web-token/jwt-signature/Tests/JWSLoaderTest.php vendored Normal file
View File

@@ -0,0 +1,120 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature\Tests;
use Exception;
use Jose\Component\Core\JWK;
use Jose\Component\Signature\JWSLoader;
/**
* @group JWSLoader
* @group unit
*
* @internal
*/
class JWSLoaderTest extends SignatureTest
{
/**
* @var null|JWSLoader
*/
private $jwsLoader;
/**
* @test
*/
public function theFlattenedTokenCannotBeLoaded(): void
{
$this->expectException(Exception::class);
$this->expectExceptionMessage('Unable to load and verify the token.');
$token = '{"payload":"SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywgZ29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9hZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXigJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9mZiB0by4","protected":"eyJhbGciOiJSUzI1NiIsImtpZCI6ImJpbGJvLmJhZ2dpbnNAaG9iYml0b24uZXhhbXBsZSJ9","signature":"MRjdkly7_-oTPTS3AXP41iQIGKa80A0ZmTuV5MEaHoxnW2e5CZ5NlKtainoFmKZopdHM1O2U4mwzJdQx996ivp83xuglII7PNDi84wnB-BDkoBwA78185hX-Es4JIwmDLJK3lfWRa-XtL0RnltuYv746iYTh_qHRD68BNt1uSNCrUCTJDt5aAE6x8wW1Kt9eRo4QPocSadnHXFxnt8Is9UzpERV0ePPQdLuW3IS_de3xyIrDaLGdjluPxUAhb6L2aXic1U12podGU0KLUQSE_oI-ZnmKJ3F4uOZDnd6QZWJushZ41Axf_fcIe8u9ipH84ogoree7vjbU5y18kDquDg"}';
$key = new JWK([
'kty' => 'RSA',
'kid' => 'bilbo.baggins@hobbiton.example',
'use' => 'sig',
'n' => 'n4EPtAOCc9AlkeQHPzHStgAbgs7bTZLwUBZdR8_KuKPEHLd4rHVTeT-O-XV2jRojdNhxJWTDvNd7nqQ0VEiZQHz_AJmSCpMaJMRBSFKrKb2wqVwGU_NsYOYL-QtiWN2lbzcEe6XC0dApr5ydQLrHqkHHig3RBordaZ6Aj-oBHqFEHYpPe7Tpe-OfVfHd1E6cS6M1FZcD1NNLYD5lFHpPI9bTwJlsde3uhGqC0ZCuEHg8lhzwOHrtIQbS0FVbb9k3-tVTU4fg_3L_vniUFAKwuCLqKnS2BYwdq_mzSnbLY7h_qixoR7jig3__kRhuaxwUkRz5iaiQkqgc5gHdrNP5zw',
'e' => 'AQAB',
]);
$this->getJWSLoader()->loadAndVerifyWithKey($token, $key, $signature);
}
/**
* @test
*/
public function theTokenCannotBeVerifiedBecauseOfAnUnsupportedAlgorithm(): void
{
$this->expectException(Exception::class);
$this->expectExceptionMessage('Unable to load and verify the token.');
$token = 'eyJhbGciOiJSUzI1NiIsImtpZCI6ImJpbGJvLmJhZ2dpbnNAaG9iYml0b24uZXhhbXBsZSJ9.SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywgZ29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9hZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXigJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9mZiB0by4.MRjdkly7_-oTPTS3AXP41iQIGKa80A0ZmTuV5MEaHoxnW2e5CZ5NlKtainoFmKZopdHM1O2U4mwzJdQx996ivp83xuglII7PNDi84wnB-BDkoBwA78185hX-Es4JIwmDLJK3lfWRa-XtL0RnltuYv746iYTh_qHRD68BNt1uSNCrUCTJDt5aAE6x8wW1Kt9eRo4QPocSadnHXFxnt8Is9UzpERV0ePPQdLuW3IS_de3xyIrDaLGdjluPxUAhb6L2aXic1U12podGU0KLUQSE_oI-ZnmKJ3F4uOZDnd6QZWJushZ41Axf_fcIe8u9ipH84ogoree7vjbU5y18kDquDg';
$key = new JWK([
'kty' => 'RSA',
'kid' => 'bilbo.baggins@hobbiton.example',
'use' => 'sig',
'n' => 'n4EPtAOCc9AlkeQHPzHStgAbgs7bTZLwUBZdR8_KuKPEHLd4rHVTeT-O-XV2jRojdNhxJWTDvNd7nqQ0VEiZQHz_AJmSCpMaJMRBSFKrKb2wqVwGU_NsYOYL-QtiWN2lbzcEe6XC0dApr5ydQLrHqkHHig3RBordaZ6Aj-oBHqFEHYpPe7Tpe-OfVfHd1E6cS6M1FZcD1NNLYD5lFHpPI9bTwJlsde3uhGqC0ZCuEHg8lhzwOHrtIQbS0FVbb9k3-tVTU4fg_3L_vniUFAKwuCLqKnS2BYwdq_mzSnbLY7h_qixoR7jig3__kRhuaxwUkRz5iaiQkqgc5gHdrNP5zw',
'e' => 'AQAB',
]);
$this->getJWSLoader()->loadAndVerifyWithKey($token, $key, $signature);
}
/**
* @test
*/
public function theTokenCannotBeVerifiedBecauseOfABadKey(): void
{
$this->expectException(Exception::class);
$this->expectExceptionMessage('Unable to load and verify the token.');
$token = 'eyJhbGciOiJIUzI1NiIsImtpZCI6IjAxOGMwYWU1LTRkOWItNDcxYi1iZmQ2LWVlZjMxNGJjNzAzNyJ9.SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywgZ29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9hZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXigJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9mZiB0by4.s0h6KThzkfBBBkLspW1h84VsJZFTsPPqMDA7g1Md7p0';
$key = new JWK([
'kty' => 'RSA',
'kid' => 'bilbo.baggins@hobbiton.example',
'use' => 'sig',
'n' => 'n4EPtAOCc9AlkeQHPzHStgAbgs7bTZLwUBZdR8_KuKPEHLd4rHVTeT-O-XV2jRojdNhxJWTDvNd7nqQ0VEiZQHz_AJmSCpMaJMRBSFKrKb2wqVwGU_NsYOYL-QtiWN2lbzcEe6XC0dApr5ydQLrHqkHHig3RBordaZ6Aj-oBHqFEHYpPe7Tpe-OfVfHd1E6cS6M1FZcD1NNLYD5lFHpPI9bTwJlsde3uhGqC0ZCuEHg8lhzwOHrtIQbS0FVbb9k3-tVTU4fg_3L_vniUFAKwuCLqKnS2BYwdq_mzSnbLY7h_qixoR7jig3__kRhuaxwUkRz5iaiQkqgc5gHdrNP5zw',
'e' => 'AQAB',
]);
$this->getJWSLoader()->loadAndVerifyWithKey($token, $key, $signature);
}
/**
* @test
*/
public function theTokenCanBeVerified(): void
{
$token = 'eyJhbGciOiJIUzI1NiIsImtpZCI6IjAxOGMwYWU1LTRkOWItNDcxYi1iZmQ2LWVlZjMxNGJjNzAzNyJ9.SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywgZ29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9hZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXigJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9mZiB0by4.s0h6KThzkfBBBkLspW1h84VsJZFTsPPqMDA7g1Md7p0';
$key = new JWK([
'kty' => 'oct',
'kid' => '018c0ae5-4d9b-471b-bfd6-eef314bc7037',
'use' => 'sig',
'alg' => 'HS256',
'k' => 'hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg',
]);
$jws = $this->getJWSLoader()->loadAndVerifyWithKey($token, $key, $signature);
static::assertEquals("It\xe2\x80\x99s a dangerous business, Frodo, going out your door. You step onto the road, and if you don't keep your feet, there\xe2\x80\x99s no knowing where you might be swept off to.", $jws->getPayload());
static::assertEquals(0, $signature);
}
private function getJWSLoader(): JWSLoader
{
if (null === $this->jwsLoader) {
$this->jwsLoader = $this->getJWSLoaderFactory()->create(['jws_compact'], ['HS256']);
}
return $this->jwsLoader;
}
}

55
vendor/web-token/jwt-signature/Tests/JWSSplitTest.php vendored Normal file
View File

@@ -0,0 +1,55 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature\Tests;
use function count;
use Jose\Component\Signature\JWS;
use Jose\Component\Signature\Serializer\JSONGeneralSerializer;
/**
* @group JWS
*
* @internal
*/
class JWSSplitTest extends SignatureTest
{
/**
* @test
*/
public function aJwsObjectWithMoreThanOneRecipientCanBeSplittedIntoSeveralJwsObjects(): void
{
$input = '{"payload":"SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywgZ29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9hZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXigJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9mZiB0by4","signatures":[{"protected":"eyJhbGciOiJSUzI1NiJ9","header":{"kid":"bilbo.baggins@hobbiton.example"},"signature":"MIsjqtVlOpa71KE-Mss8_Nq2YH4FGhiocsqrgi5NvyG53uoimic1tcMdSg-qptrzZc7CG6Svw2Y13TDIqHzTUrL_lR2ZFcryNFiHkSw129EghGpwkpxaTn_THJTCglNbADko1MZBCdwzJxwqZc-1RlpO2HibUYyXSwO97BSe0_evZKdjvvKSgsIqjytKSeAMbhMBdMma622_BG5t4sdbuCHtFjp9iJmkio47AIwqkZV1aIZsv33uPUqBBCXbYoQJwt7mxPftHmNlGoOSMxR_3thmXTCm4US-xiNOyhbm8afKK64jU6_TPtQHiJeQJxz9G3Tx-083B745_AfYOnlC9w"},{"header":{"alg":"ES512","kid":"bilbo.baggins@hobbiton.example"},"signature":"ARcVLnaJJaUWG8fG-8t5BREVAuTY8n8YHjwDO1muhcdCoFZFFjfISu0Cdkn9Ybdlmi54ho0x924DUz8sK7ZXkhc7AFM8ObLfTvNCrqcI3Jkl2U5IX3utNhODH6v7xgy1Qahsn0fyb4zSAkje8bAWz4vIfj5pCMYxxm4fgV3q7ZYhm5eD"},{"protected":"eyJhbGciOiJIUzI1NiIsImtpZCI6IjAxOGMwYWU1LTRkOWItNDcxYi1iZmQ2LWVlZjMxNGJjNzAzNyJ9","signature":"s0h6KThzkfBBBkLspW1h84VsJZFTsPPqMDA7g1Md7p0"}]}';
$serializer = new JSONGeneralSerializer();
$jws = $serializer->unserialize($input);
$split = $jws->split();
static::assertEquals(3, $jws->countSignatures());
static::assertEquals(3, count($jws->split()));
for ($i = 0; $i < $jws->countSignatures(); ++$i) {
$signature1 = $jws->getSignature($i);
$tempJws = $split[$i];
static::assertEquals(1, $tempJws->countSignatures());
static::assertEquals($jws->isPayloadDetached(), $tempJws->isPayloadDetached());
static::assertEquals($jws->getEncodedPayload(), $tempJws->getEncodedPayload());
static::assertEquals($jws->getPayload(), $tempJws->getPayload());
$signature2 = $tempJws->getSignature(0);
static::assertEquals($signature1->getSignature(), $signature2->getSignature());
static::assertEquals($signature1->getHeader(), $signature2->getHeader());
static::assertEquals($signature1->getEncodedProtectedHeader(), $signature2->getEncodedProtectedHeader());
static::assertEquals($signature1->getProtectedHeader(), $signature2->getProtectedHeader());
}
}
}

180
vendor/web-token/jwt-signature/Tests/JWSTest.php vendored Normal file
View File

@@ -0,0 +1,180 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature\Tests;
use Base64Url\Base64Url;
use InvalidArgumentException;
use Jose\Component\Signature\JWS;
use LogicException;
/**
* @group JWS
* @group unit
*
* @internal
*/
class JWSTest extends SignatureTest
{
/**
* @test
*/
public function jWS(): void
{
$claims = [
'nbf' => time(),
'iat' => time(),
'exp' => time() + 3600,
'iss' => 'Me',
'aud' => 'You',
'sub' => 'My friend',
];
$header = ['alg' => 'none'];
$jws = new JWS(json_encode($claims), json_encode($claims));
$jws = $jws->addSignature('', $header, Base64Url::encode(json_encode($header)));
static::assertEquals(json_encode($claims), $jws->getPayload());
static::assertEquals(1, $jws->countSignatures());
static::assertTrue($jws->getSignature(0)->hasProtectedHeaderParameter('alg'));
static::assertEquals($header, $jws->getSignature(0)->getProtectedHeader());
static::assertEquals('none', $jws->getSignature(0)->getProtectedHeaderParameter('alg'));
static::assertEquals([], $jws->getSignature(0)->getHeader());
}
/**
* @test
*/
public function toCompactJSONFailed(): void
{
$this->expectException(InvalidArgumentException::class);
$this->expectExceptionMessage('The signature does not exist.');
$claims = [
'nbf' => time(),
'iat' => time(),
'exp' => time() + 3600,
'iss' => 'Me',
'aud' => 'You',
'sub' => 'My friend',
];
$jws = new JWS(json_encode($claims), json_encode($claims));
$this->getJWSSerializerManager()->serialize('jws_compact', $jws, 0);
}
/**
* @test
*/
public function toFlattenedJSONFailed(): void
{
$this->expectException(InvalidArgumentException::class);
$this->expectExceptionMessage('The signature does not exist.');
$claims = [
'nbf' => time(),
'iat' => time(),
'exp' => time() + 3600,
'iss' => 'Me',
'aud' => 'You',
'sub' => 'My friend',
];
$jws = new JWS(json_encode($claims), json_encode($claims));
$this->getJWSSerializerManager()->serialize('jws_json_flattened', $jws, 0);
}
/**
* @test
*/
public function toJSONFailed(): void
{
$this->expectException(LogicException::class);
$this->expectExceptionMessage('No signature.');
$claims = [
'nbf' => time(),
'iat' => time(),
'exp' => time() + 3600,
'iss' => 'Me',
'aud' => 'You',
'sub' => 'My friend',
];
$jws = new JWS(json_encode($claims), json_encode($claims));
$this->getJWSSerializerManager()->serialize('jws_json_general', $jws, 0);
}
/**
* @test
*/
public function signatureContainsUnprotectedHeader(): void
{
$this->expectException(LogicException::class);
$this->expectExceptionMessage('The signature contains unprotected header parameters and cannot be converted into compact JSON');
$claims = [
'nbf' => time(),
'iat' => time(),
'exp' => time() + 3600,
'iss' => 'Me',
'aud' => 'You',
'sub' => 'My friend',
];
$header = ['alg' => 'none'];
$jws = new JWS(json_encode($claims), json_encode($claims));
$jws = $jws->addSignature('', $header, Base64Url::encode(json_encode($header)), ['foo' => 'bar']);
$this->getJWSSerializerManager()->serialize('jws_compact', $jws, 0);
}
/**
* @test
*/
public function signatureDoesNotContainHeader(): void
{
$this->expectException(InvalidArgumentException::class);
$this->expectExceptionMessage('The header "foo" does not exist');
$claims = [
'nbf' => time(),
'iat' => time(),
'exp' => time() + 3600,
'iss' => 'Me',
'aud' => 'You',
'sub' => 'My friend',
];
$header = ['alg' => 'none'];
$jws = new JWS(json_encode($claims), json_encode($claims));
$jws = $jws->addSignature('', $header, Base64Url::encode(json_encode($header)));
$jws->getSignature(0)->getHeaderParameter('foo');
}
/**
* @test
*/
public function signatureDoesNotContainProtectedHeader(): void
{
$this->expectException(InvalidArgumentException::class);
$this->expectExceptionMessage('The protected header "foo" does not exist');
$claims = [
'nbf' => time(),
'iat' => time(),
'exp' => time() + 3600,
'iss' => 'Me',
'aud' => 'You',
'sub' => 'My friend',
];
$header = ['alg' => 'none'];
$jws = new JWS(json_encode($claims), json_encode($claims));
$jws = $jws->addSignature('', $header, Base64Url::encode(json_encode($header)));
$jws->getSignature(0)->getProtectedHeaderParameter('foo');
}
}

97
vendor/web-token/jwt-signature/Tests/RFC7520/MultipleSignaturesTest.php vendored Normal file
View File

@@ -0,0 +1,97 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature\Tests\RFC7520;
use Jose\Component\Core\JWK;
use Jose\Component\Signature\Tests\SignatureTest;
/**
* @see https://tools.ietf.org/html/rfc7520#section-4.8
*
* @group RFC7520
*
* @internal
*/
class MultipleSignaturesTest extends SignatureTest
{
/**
* @test
*/
public function multipleSignatures(): void
{
/*
* Payload,
* @see https://tools.ietf.org/html/rfc7520#section-4.8.1
*/
$payload = "It\xe2\x80\x99s a dangerous business, Frodo, going out your door. You step onto the road, and if you don't keep your feet, there\xe2\x80\x99s no knowing where you might be swept off to.";
$rsa_private_key = new JWK([
'kty' => 'RSA',
'kid' => 'bilbo.baggins@hobbiton.example',
'use' => 'sig',
'n' => 'n4EPtAOCc9AlkeQHPzHStgAbgs7bTZLwUBZdR8_KuKPEHLd4rHVTeT-O-XV2jRojdNhxJWTDvNd7nqQ0VEiZQHz_AJmSCpMaJMRBSFKrKb2wqVwGU_NsYOYL-QtiWN2lbzcEe6XC0dApr5ydQLrHqkHHig3RBordaZ6Aj-oBHqFEHYpPe7Tpe-OfVfHd1E6cS6M1FZcD1NNLYD5lFHpPI9bTwJlsde3uhGqC0ZCuEHg8lhzwOHrtIQbS0FVbb9k3-tVTU4fg_3L_vniUFAKwuCLqKnS2BYwdq_mzSnbLY7h_qixoR7jig3__kRhuaxwUkRz5iaiQkqgc5gHdrNP5zw',
'e' => 'AQAB',
'd' => 'bWUC9B-EFRIo8kpGfh0ZuyGPvMNKvYWNtB_ikiH9k20eT-O1q_I78eiZkpXxXQ0UTEs2LsNRS-8uJbvQ-A1irkwMSMkK1J3XTGgdrhCku9gRldY7sNA_AKZGh-Q661_42rINLRCe8W-nZ34ui_qOfkLnK9QWDDqpaIsA-bMwWWSDFu2MUBYwkHTMEzLYGqOe04noqeq1hExBTHBOBdkMXiuFhUq1BU6l-DqEiWxqg82sXt2h-LMnT3046AOYJoRioz75tSUQfGCshWTBnP5uDjd18kKhyv07lhfSJdrPdM5Plyl21hsFf4L_mHCuoFau7gdsPfHPxxjVOcOpBrQzwQ',
'p' => '3Slxg_DwTXJcb6095RoXygQCAZ5RnAvZlno1yhHtnUex_fp7AZ_9nRaO7HX_-SFfGQeutao2TDjDAWU4Vupk8rw9JR0AzZ0N2fvuIAmr_WCsmGpeNqQnev1T7IyEsnh8UMt-n5CafhkikzhEsrmndH6LxOrvRJlsPp6Zv8bUq0k',
'q' => 'uKE2dh-cTf6ERF4k4e_jy78GfPYUIaUyoSSJuBzp3Cubk3OCqs6grT8bR_cu0Dm1MZwWmtdqDyI95HrUeq3MP15vMMON8lHTeZu2lmKvwqW7anV5UzhM1iZ7z4yMkuUwFWoBvyY898EXvRD-hdqRxHlSqAZ192zB3pVFJ0s7pFc',
'dp' => 'B8PVvXkvJrj2L-GYQ7v3y9r6Kw5g9SahXBwsWUzp19TVlgI-YV85q1NIb1rxQtD-IsXXR3-TanevuRPRt5OBOdiMGQp8pbt26gljYfKU_E9xn-RULHz0-ed9E9gXLKD4VGngpz-PfQ_q29pk5xWHoJp009Qf1HvChixRX59ehik',
'dq' => 'CLDmDGduhylc9o7r84rEUVn7pzQ6PF83Y-iBZx5NT-TpnOZKF1pErAMVeKzFEl41DlHHqqBLSM0W1sOFbwTxYWZDm6sI6og5iTbwQGIC3gnJKbi_7k_vJgGHwHxgPaX2PnvP-zyEkDERuf-ry4c_Z11Cq9AqC2yeL6kdKT1cYF8',
'qi' => '3PiqvXQN0zwMeE-sBvZgi289XP9XCQF3VWqPzMKnIgQp7_Tugo6-NZBKCQsMf3HaEGBjTVJs_jcK8-TRXvaKe-7ZMaQj8VfBdYkssbu0NKDDhjJ-GtiseaDVWt7dcH0cfwxgFUHpQh7FoCrjFJ6h6ZEpMF6xmujs4qMpPz8aaI4',
]);
$ecdsa_private_key = new JWK([
'kty' => 'EC',
'kid' => 'bilbo.baggins@hobbiton.example',
'use' => 'sig',
'crv' => 'P-521',
'x' => 'AHKZLLOsCOzz5cY97ewNUajB957y-C-U88c3v13nmGZx6sYl_oJXu9A5RkTKqjqvjyekWF-7ytDyRXYgCF5cj0Kt',
'y' => 'AdymlHvOiLxXkEhayXQnNCvDX4h9htZaCJN34kfmC6pV5OhQHiraVySsUdaQkAgDPrwQrJmbnX9cwlGfP-HqHZR1',
'd' => 'AAhRON2r9cqXX1hg-RoI6R1tX5p2rUAYdmpHZoC1XNM56KtscrX6zbKipQrCW9CGZH3T4ubpnoTKLDYJ_fF3_rJt',
]);
$symmetric_key = new JWK([
'kty' => 'oct',
'kid' => '018c0ae5-4d9b-471b-bfd6-eef314bc7037',
'use' => 'sig',
'alg' => 'HS256',
'k' => 'hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg',
]);
$jwsBuilder = $this->getJWSBuilderFactory()->create(['RS256', 'ES512', 'HS256']);
$jwsVerifier = $this->getJWSVerifierFactory()->create(['RS256', 'ES512', 'HS256']);
$jws = $jwsBuilder
->create()->withPayload($payload)
->addSignature($ecdsa_private_key, [], ['alg' => 'ES512', 'kid' => 'bilbo.baggins@hobbiton.example']) //@see https://tools.ietf.org/html/rfc7520#section-4.8.2
->addSignature($rsa_private_key, ['alg' => 'RS256'], ['kid' => 'bilbo.baggins@hobbiton.example']) //@see https://tools.ietf.org/html/rfc7520#section-4.8.3
->addSignature($symmetric_key, ['alg' => 'HS256', 'kid' => '018c0ae5-4d9b-471b-bfd6-eef314bc7037']) //@see https://tools.ietf.org/html/rfc7520#section-4.8.4
->build()
;
static::assertEquals(3, $jws->countSignatures());
static::assertTrue($jwsVerifier->verifyWithKey($jws, $ecdsa_private_key, 0));
static::assertTrue($jwsVerifier->verifyWithKey($jws, $rsa_private_key, 1));
static::assertTrue($jwsVerifier->verifyWithKey($jws, $symmetric_key, 2));
// @see https://tools.ietf.org/html/rfc7520#section-4.8.5
$expected_json = '{"payload":"SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywgZ29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9hZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXigJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9mZiB0by4","signatures":[{"protected":"eyJhbGciOiJSUzI1NiJ9","header":{"kid":"bilbo.baggins@hobbiton.example"},"signature":"MIsjqtVlOpa71KE-Mss8_Nq2YH4FGhiocsqrgi5NvyG53uoimic1tcMdSg-qptrzZc7CG6Svw2Y13TDIqHzTUrL_lR2ZFcryNFiHkSw129EghGpwkpxaTn_THJTCglNbADko1MZBCdwzJxwqZc-1RlpO2HibUYyXSwO97BSe0_evZKdjvvKSgsIqjytKSeAMbhMBdMma622_BG5t4sdbuCHtFjp9iJmkio47AIwqkZV1aIZsv33uPUqBBCXbYoQJwt7mxPftHmNlGoOSMxR_3thmXTCm4US-xiNOyhbm8afKK64jU6_TPtQHiJeQJxz9G3Tx-083B745_AfYOnlC9w"},{"header":{"alg":"ES512","kid":"bilbo.baggins@hobbiton.example"},"signature":"ARcVLnaJJaUWG8fG-8t5BREVAuTY8n8YHjwDO1muhcdCoFZFFjfISu0Cdkn9Ybdlmi54ho0x924DUz8sK7ZXkhc7AFM8ObLfTvNCrqcI3Jkl2U5IX3utNhODH6v7xgy1Qahsn0fyb4zSAkje8bAWz4vIfj5pCMYxxm4fgV3q7ZYhm5eD"},{"protected":"eyJhbGciOiJIUzI1NiIsImtpZCI6IjAxOGMwYWU1LTRkOWItNDcxYi1iZmQ2LWVlZjMxNGJjNzAzNyJ9","signature":"s0h6KThzkfBBBkLspW1h84VsJZFTsPPqMDA7g1Md7p0"}]}';
$loaded_json = $this->getJWSSerializerManager()->unserialize($expected_json);
static::assertEquals(3, $loaded_json->countSignatures());
static::assertTrue($jwsVerifier->verifyWithKey($loaded_json, $rsa_private_key, 0));
static::assertTrue($jwsVerifier->verifyWithKey($loaded_json, $ecdsa_private_key, 1));
static::assertTrue($jwsVerifier->verifyWithKey($loaded_json, $symmetric_key, 2));
}
}

67
vendor/web-token/jwt-signature/Tests/RFC7520/NestingTest.php vendored Normal file
View File

@@ -0,0 +1,67 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature\Tests\RFC7520;
use Jose\Component\Core\JWK;
use Jose\Component\Signature\Tests\SignatureTest;
/**
* @see https://tools.ietf.org/html/rfc7520#section-6
*
* @group RFC7520
*
* @internal
*/
class NestingTest extends SignatureTest
{
/**
* @test
*/
public function signatureVerification(): void
{
$payload = [
'iss' => 'hobbiton.example',
'exp' => 1300819380,
'http://example.com/is_root' => true,
];
$signature_key = new JWK([
'kty' => 'RSA',
'kid' => 'hobbiton.example',
'use' => 'sig',
'n' => 'kNrPIBDXMU6fcyv5i-QHQAQ-K8gsC3HJb7FYhYaw8hXbNJa-t8q0lDKwLZgQXYV-ffWxXJv5GGrlZE4GU52lfMEegTDzYTrRQ3tepgKFjMGg6Iy6fkl1ZNsx2gEonsnlShfzA9GJwRTmtKPbk1s-hwx1IU5AT-AIelNqBgcF2vE5W25_SGGBoaROVdUYxqETDggM1z5cKV4ZjDZ8-lh4oVB07bkac6LQdHpJUUySH_Er20DXx30Kyi97PciXKTS-QKXnmm8ivyRCmux22ZoPUind2BKC5OiG4MwALhaL2Z2k8CsRdfy-7dg7z41Rp6D0ZeEvtaUp4bX4aKraL4rTfw',
'e' => 'AQAB',
'd' => 'ZLe_TIxpE9-W_n2VBa-HWvuYPtjvxwVXClJFOpJsdea8g9RMx34qEOEtnoYc2un3CZ3LtJi-mju5RAT8YSc76YJds3ZVw0UiO8mMBeG6-iOnvgobobNx7K57-xjTJZU72EjOr9kB7z6ZKwDDq7HFyCDhUEcYcHFVc7iL_6TibVhAhOFONWlqlJgEgwVYd0rybNGKifdnpEbwyHoMwY6HM1qvnEFgP7iZ0YzHUT535x6jj4VKcdA7ZduFkhUauysySEW7mxZM6fj1vdjJIy9LD1fIz30Xv4ckoqhKF5GONU6tNmMmNgAD6gIViyEle1PrIxl1tBhCI14bRW-zrpHgAQ',
'p' => 'yKWYoNIAqwMRQlgIBOdT1NIcbDNUUs2Rh-pBaxD_mIkweMt4Mg-0-B2iSYvMrs8horhonV7vxCQagcBAATGW-hAafUehWjxWSH-3KccRM8toL4e0q7M-idRDOBXSoe7Z2-CV2x_ZCY3RP8qp642R13WgXqGDIM4MbUkZSjcY9-c',
'q' => 'uND4o15V30KDzf8vFJw589p1vlQVQ3NEilrinRUPHkkxaAzDzccGgrWMWpGxGFFnNL3w5CqPLeU76-5IVYQq0HwYVl0hVXQHr7sgaGu-483Ad3ENcL23FrOnF45m7_2ooAstJDe49MeLTTQKrSIBl_SKvqpYvfSPTczPcZkh9Kk',
'dp' => 'jmTnEoq2qqa8ouaymjhJSCnsveUXnMQC2gAneQJRQkFqQu-zV2PKPKNbPvKVyiF5b2-L3tM3OW2d2iNDyRUWXlT7V5l0KwPTABSTOnTqAmYChGi8kXXdlhcrtSvXldBakC6saxwI_TzGGY2MVXzc2ZnCvCXHV4qjSxOrfP3pHFU',
'dq' => 'R9FUvU88OVzEkTkXl3-5-WusE4DjHmndeZIlu3rifBdfLpq_P-iWPBbGaq9wzQ1c-J7SzCdJqkEJDv5yd2C7rnZ6kpzwBh_nmL8zscAk1qsunnt9CJGAYz7-sGWy1JGShFazfP52ThB4rlCJ0YuEaQMrIzpY77_oLAhpmDA0hLk',
'qi' => 'S8tC7ZknW6hPITkjcwttQOPLVmRfwirRlFAViuDb8NW9CrV_7F2OqUZCqmzHTYAumwGFHI1WVRep7anleWaJjxC_1b3fq_al4qH3Pe-EKiHg6IMazuRtZLUROcThrExDbF5dYbsciDnfRUWLErZ4N1Be0bnxYuPqxwKd9QZwMo0',
]);
$signature_header = [
'alg' => 'PS256',
'typ' => 'JWT',
];
$json_compact = 'eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJob2JiaXRvbi5leGFtcGxlIiwiZXhwIjoxMzAwODE5MzgwLCJodHRwOi8vZXhhbXBsZS5jb20vaXNfcm9vdCI6dHJ1ZX0.dPpMqwRZxFYi1UfcDAaf8M99o7kwUWtiXZ-ByvVuJih4MhJ_aZqciprz0OWaIAkIvn1qskChirjKvY9ESZNUCP4JjvfyPS-nqjJxYoA5ztWOyFk2cZNIPXjcJXSQwXPO9tEe-v4VSqgD0aKHqPxYog4N6Cz1lKph1U1sYDSI67_bLL7elg_vkjfMp5_W5l5LuUYGMeh6hxQIaIUXf9EwV2JmvTMuZ-vBOWy0Sniy1EFo72CRTvmtrIf5AROo5MNliY3KtUxeP-SOmD-LEYwW9SlkohYzMVAZDDOrVbv7KVRHpeYNaK75KEQqdCEEkS_rskZS-Qtt_nlegTWh1mEYaA';
$jwsVerifier = $this->getJWSVerifierFactory()->create(['PS256']);
$loaded_compact_json = $this->getJWSSerializerManager()->unserialize($json_compact);
static::assertTrue($jwsVerifier->verifyWithKey($loaded_compact_json, $signature_key, 0));
static::assertEquals($signature_header, $loaded_compact_json->getSignature(0)->getProtectedHeader());
static::assertEquals($payload, json_decode($loaded_compact_json->getPayload(), true));
}
}

138
vendor/web-token/jwt-signature/Tests/SignatureTest.php vendored Normal file
View File

@@ -0,0 +1,138 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature\Tests;
use Jose\Component\Core\AlgorithmManagerFactory;
use Jose\Component\Signature\Algorithm;
use Jose\Component\Signature\JWSBuilderFactory;
use Jose\Component\Signature\JWSLoaderFactory;
use Jose\Component\Signature\JWSVerifierFactory;
use Jose\Component\Signature\Serializer;
use PHPUnit\Framework\TestCase;
abstract class SignatureTest extends TestCase
{
/**
* @var AlgorithmManagerFactory
*/
private $algorithmManagerFactory;
/**
* @var JWSBuilderFactory
*/
private $jwsBuilderFactory;
/**
* @var JWSVerifierFactory
*/
private $jwsVerifierFactory;
/**
* @var null|Serializer\JWSSerializerManagerFactory
*/
private $jwsSerializerManagerFactory;
/**
* @var null|Serializer\JWSSerializerManager
*/
private $jwsSerializerManager;
/**
* @var JWSLoaderFactory
*/
private $jwsLoaderFactory;
protected function getAlgorithmManagerFactory(): AlgorithmManagerFactory
{
if (null === $this->algorithmManagerFactory) {
$this->algorithmManagerFactory = new AlgorithmManagerFactory();
$this->algorithmManagerFactory->add('HS256', new Algorithm\HS256());
$this->algorithmManagerFactory->add('HS384', new Algorithm\HS384());
$this->algorithmManagerFactory->add('HS512', new Algorithm\HS512());
$this->algorithmManagerFactory->add('ES256', new Algorithm\ES256());
$this->algorithmManagerFactory->add('ES384', new Algorithm\ES384());
$this->algorithmManagerFactory->add('ES512', new Algorithm\ES512());
$this->algorithmManagerFactory->add('RS256', new Algorithm\RS256());
$this->algorithmManagerFactory->add('RS384', new Algorithm\RS384());
$this->algorithmManagerFactory->add('RS512', new Algorithm\RS512());
$this->algorithmManagerFactory->add('PS256', new Algorithm\PS256());
$this->algorithmManagerFactory->add('PS384', new Algorithm\PS384());
$this->algorithmManagerFactory->add('PS512', new Algorithm\PS512());
$this->algorithmManagerFactory->add('none', new Algorithm\None());
$this->algorithmManagerFactory->add('EdDSA', new Algorithm\EdDSA());
}
return $this->algorithmManagerFactory;
}
protected function getJWSBuilderFactory(): JWSBuilderFactory
{
if (null === $this->jwsBuilderFactory) {
$this->jwsBuilderFactory = new JWSBuilderFactory(
$this->getAlgorithmManagerFactory()
);
}
return $this->jwsBuilderFactory;
}
protected function getJWSVerifierFactory(): JWSVerifierFactory
{
if (null === $this->jwsVerifierFactory) {
$this->jwsVerifierFactory = new JWSVerifierFactory(
$this->getAlgorithmManagerFactory()
);
}
return $this->jwsVerifierFactory;
}
protected function getJWSSerializerManagerFactory(): Serializer\JWSSerializerManagerFactory
{
if (null === $this->jwsSerializerManagerFactory) {
$this->jwsSerializerManagerFactory = new Serializer\JWSSerializerManagerFactory();
$this->jwsSerializerManagerFactory->add(new Serializer\CompactSerializer());
$this->jwsSerializerManagerFactory->add(new Serializer\JSONFlattenedSerializer());
$this->jwsSerializerManagerFactory->add(new Serializer\JSONGeneralSerializer());
}
return $this->jwsSerializerManagerFactory;
}
protected function getJWSSerializerManager(): Serializer\JWSSerializerManager
{
if (null === $this->jwsSerializerManager) {
$this->jwsSerializerManager = new Serializer\JWSSerializerManager([
new Serializer\CompactSerializer(),
new Serializer\JSONFlattenedSerializer(),
new Serializer\JSONGeneralSerializer(),
]);
}
return $this->jwsSerializerManager;
}
protected function getJWSLoaderFactory(): JWSLoaderFactory
{
if (null === $this->jwsLoaderFactory) {
$this->jwsLoaderFactory = new JWSLoaderFactory(
$this->getJWSSerializerManagerFactory(),
$this->getJWSVerifierFactory(),
null
);
}
return $this->jwsLoaderFactory;
}
}

967
vendor/web-token/jwt-signature/Tests/SignerTest.php vendored Normal file
View File

@@ -0,0 +1,967 @@
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2020 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace Jose\Component\Signature\Tests;
use Base64Url\Base64Url;
use InvalidArgumentException;
use Jose\Component\Core\JWK;
use Jose\Component\Core\JWKSet;
use Jose\Component\Signature\Serializer\CompactSerializer;
use LogicException;
/**
* @group Signer
* @group functional
*
* @internal
*/
class SignerTest extends SignatureTest
{
/**
* @test
*/
public function algParameterIsMissing(): void
{
$this->expectException(InvalidArgumentException::class);
$this->expectExceptionMessage('No "alg" parameter set in the header.');
$jwsBuilder = $this->getJWSBuilderFactory()->create([]);
$jwsBuilder
->create()->withPayload(json_encode($this->getKey3()))
->addSignature($this->getKey1(), [])
->build()
;
}
/**
* @test
*/
public function algParameterIsNotSupported(): void
{
$this->expectException(InvalidArgumentException::class);
$this->expectExceptionMessage('The algorithm "foo" is not supported.');
$jwsBuilder = $this->getJWSBuilderFactory()->create([]);
$jwsBuilder
->create()->withPayload(json_encode($this->getKey3()))
->addSignature($this->getKey1(), ['alg' => 'foo'])
->build()
;
}
/**
* @test
*/
public function duplicatedHeader(): void
{
$this->expectException(InvalidArgumentException::class);
$this->expectExceptionMessage('The header contains duplicated entries: foo.');
$jwsBuilder = $this->getJWSBuilderFactory()->create([]);
$jwsBuilder
->create()->withPayload(json_encode($this->getKey3()))
->addSignature($this->getKey1(), ['alg' => 'ES256', 'foo' => 'bar'], ['foo' => 'bar'])
;
}
/**
* @test
*/
public function signAndLoadCompact(): void
{
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS512', 'RS512']);
$jws = $jwsBuilder
->create()->withPayload(json_encode($this->getKey3()))
->addSignature($this->getKey1(), ['alg' => 'HS512'])
->addSignature($this->getKey2(), ['alg' => 'RS512'])
->build()
;
static::assertEquals(2, $jws->countSignatures());
$loaded = $this->getJWSSerializerManager()->unserialize($this->getJWSSerializerManager()->serialize('jws_json_general', $jws, 0));
static::assertEquals('HS512', $loaded->getSignature(0)->getProtectedHeaderParameter('alg'));
static::assertEquals('RS512', $loaded->getSignature(1)->getProtectedHeaderParameter('alg'));
}
/**
* @test
*/
public function signMultipleInstructionWithCompactRepresentation(): void
{
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS512', 'RS512']);
$jws = $jwsBuilder
->create()->withPayload('Live long and Prosper.')
->addSignature($this->getKey1(), ['alg' => 'HS512'])
->addSignature($this->getKey2(), ['alg' => 'RS512'])
->build()
;
static::assertEquals(2, $jws->countSignatures());
static::assertEquals('eyJhbGciOiJIUzUxMiJ9.TGl2ZSBsb25nIGFuZCBQcm9zcGVyLg.TjxvVLKLc1kU5XW1NjZlI6_kQHjeU2orTWBZ7p0KuRzq_9lyPWR04PAUpbYkaLJLsmIJ8Fxi8Gsrc0khPtFxfQ', $this->getJWSSerializerManager()->serialize('jws_compact', $jws, 0));
static::assertEquals('eyJhbGciOiJSUzUxMiJ9.TGl2ZSBsb25nIGFuZCBQcm9zcGVyLg.cR-npy2oEi275rpeTAKooLRzOhIOFMewpzE38CLx4_CtdkN4Y7EUlca9ryV6yGMH8SswUqosMnmUU8XYg7xkuNAc6mCODJVF2exfb_Mulmr9YolQrLFrFRsMk1rztXMinCMQeCe5ue3Ck4E4aJlIkjf-d0DJktoIhH6d2gZ-iJeLQ32wcBhPcEbj2gr7K_wYKlEXhKFwG59OE-hIi9IHXEKvK-2V5vzZLVC80G4aWYd3D-2eX3LF1K69NP04jGcu1D4l9UV8zTz1gOWe697iZG0JyKhSccUaHZ0TfEa8cT0tm6xTz6tpUGSDdvPQU8JCU8GTOsi9ifxTsI-GlWE3YA', $this->getJWSSerializerManager()->serialize('jws_compact', $jws, 1));
}
/**
* @group JWSBuilder
*
* @test
*/
public function signMultipleInstructionWithCompactRepresentationUsingBuilder(): void
{
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS512', 'RS512']);
$jws = $jwsBuilder
->create()->withPayload('Live long and Prosper.')
->addSignature($this->getKey1(), ['alg' => 'HS512'])
->addSignature($this->getKey2(), ['alg' => 'RS512'])
->build()
;
static::assertEquals(2, $jws->countSignatures());
static::assertEquals('eyJhbGciOiJIUzUxMiJ9.TGl2ZSBsb25nIGFuZCBQcm9zcGVyLg.TjxvVLKLc1kU5XW1NjZlI6_kQHjeU2orTWBZ7p0KuRzq_9lyPWR04PAUpbYkaLJLsmIJ8Fxi8Gsrc0khPtFxfQ', $this->getJWSSerializerManager()->serialize('jws_compact', $jws, 0));
static::assertEquals('eyJhbGciOiJSUzUxMiJ9.TGl2ZSBsb25nIGFuZCBQcm9zcGVyLg.cR-npy2oEi275rpeTAKooLRzOhIOFMewpzE38CLx4_CtdkN4Y7EUlca9ryV6yGMH8SswUqosMnmUU8XYg7xkuNAc6mCODJVF2exfb_Mulmr9YolQrLFrFRsMk1rztXMinCMQeCe5ue3Ck4E4aJlIkjf-d0DJktoIhH6d2gZ-iJeLQ32wcBhPcEbj2gr7K_wYKlEXhKFwG59OE-hIi9IHXEKvK-2V5vzZLVC80G4aWYd3D-2eX3LF1K69NP04jGcu1D4l9UV8zTz1gOWe697iZG0JyKhSccUaHZ0TfEa8cT0tm6xTz6tpUGSDdvPQU8JCU8GTOsi9ifxTsI-GlWE3YA', $this->getJWSSerializerManager()->serialize('jws_compact', $jws, 1));
}
/**
* @group JWSBuilder
*
* @test
*/
public function signMultipleInstructionWithCompactRepresentationUsingBuilderAndDetachedPayload(): void
{
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS512', 'RS512']);
$jws = $jwsBuilder
->create()->withPayload('Live long and Prosper.', true)
->addSignature($this->getKey1(), ['alg' => 'HS512'])
->addSignature($this->getKey2(), ['alg' => 'RS512'])
->build()
;
static::assertEquals(2, $jws->countSignatures());
static::assertEquals('eyJhbGciOiJIUzUxMiJ9..TjxvVLKLc1kU5XW1NjZlI6_kQHjeU2orTWBZ7p0KuRzq_9lyPWR04PAUpbYkaLJLsmIJ8Fxi8Gsrc0khPtFxfQ', $this->getJWSSerializerManager()->serialize('jws_compact', $jws, 0));
static::assertEquals('eyJhbGciOiJSUzUxMiJ9..cR-npy2oEi275rpeTAKooLRzOhIOFMewpzE38CLx4_CtdkN4Y7EUlca9ryV6yGMH8SswUqosMnmUU8XYg7xkuNAc6mCODJVF2exfb_Mulmr9YolQrLFrFRsMk1rztXMinCMQeCe5ue3Ck4E4aJlIkjf-d0DJktoIhH6d2gZ-iJeLQ32wcBhPcEbj2gr7K_wYKlEXhKFwG59OE-hIi9IHXEKvK-2V5vzZLVC80G4aWYd3D-2eX3LF1K69NP04jGcu1D4l9UV8zTz1gOWe697iZG0JyKhSccUaHZ0TfEa8cT0tm6xTz6tpUGSDdvPQU8JCU8GTOsi9ifxTsI-GlWE3YA', $this->getJWSSerializerManager()->serialize('jws_compact', $jws, 1));
}
/**
* @test
*/
public function createCompactJWSUsingFactory(): void
{
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS512', 'RS512']);
$jwsVerifier = $this->getJWSVerifierFactory()->create(['HS512', 'RS512']);
$jws = $jwsBuilder
->create()->withPayload('Live long and Prosper.')
->addSignature($this->getKey1(), ['alg' => 'HS512'])
->addSignature($this->getKey2(), ['alg' => 'RS512'])
->build()
;
$jws0 = $this->getJWSSerializerManager()->serialize('jws_compact', $jws, 0);
$jws1 = $this->getJWSSerializerManager()->serialize('jws_compact', $jws, 1);
$jws = $jwsBuilder
->create()->withPayload('Live long and Prosper.', true)
->addSignature($this->getKey1(), ['alg' => 'HS512'])
->addSignature($this->getKey2(), ['alg' => 'RS512'])
->build()
;
$jws2 = $this->getJWSSerializerManager()->serialize('jws_compact', $jws, 0);
$jws3 = $this->getJWSSerializerManager()->serialize('jws_compact', $jws, 1);
static::assertEquals('eyJhbGciOiJIUzUxMiJ9.TGl2ZSBsb25nIGFuZCBQcm9zcGVyLg.TjxvVLKLc1kU5XW1NjZlI6_kQHjeU2orTWBZ7p0KuRzq_9lyPWR04PAUpbYkaLJLsmIJ8Fxi8Gsrc0khPtFxfQ', $jws0);
static::assertEquals('eyJhbGciOiJSUzUxMiJ9.TGl2ZSBsb25nIGFuZCBQcm9zcGVyLg.cR-npy2oEi275rpeTAKooLRzOhIOFMewpzE38CLx4_CtdkN4Y7EUlca9ryV6yGMH8SswUqosMnmUU8XYg7xkuNAc6mCODJVF2exfb_Mulmr9YolQrLFrFRsMk1rztXMinCMQeCe5ue3Ck4E4aJlIkjf-d0DJktoIhH6d2gZ-iJeLQ32wcBhPcEbj2gr7K_wYKlEXhKFwG59OE-hIi9IHXEKvK-2V5vzZLVC80G4aWYd3D-2eX3LF1K69NP04jGcu1D4l9UV8zTz1gOWe697iZG0JyKhSccUaHZ0TfEa8cT0tm6xTz6tpUGSDdvPQU8JCU8GTOsi9ifxTsI-GlWE3YA', $jws1);
static::assertEquals('eyJhbGciOiJIUzUxMiJ9..TjxvVLKLc1kU5XW1NjZlI6_kQHjeU2orTWBZ7p0KuRzq_9lyPWR04PAUpbYkaLJLsmIJ8Fxi8Gsrc0khPtFxfQ', $jws2);
static::assertEquals('eyJhbGciOiJSUzUxMiJ9..cR-npy2oEi275rpeTAKooLRzOhIOFMewpzE38CLx4_CtdkN4Y7EUlca9ryV6yGMH8SswUqosMnmUU8XYg7xkuNAc6mCODJVF2exfb_Mulmr9YolQrLFrFRsMk1rztXMinCMQeCe5ue3Ck4E4aJlIkjf-d0DJktoIhH6d2gZ-iJeLQ32wcBhPcEbj2gr7K_wYKlEXhKFwG59OE-hIi9IHXEKvK-2V5vzZLVC80G4aWYd3D-2eX3LF1K69NP04jGcu1D4l9UV8zTz1gOWe697iZG0JyKhSccUaHZ0TfEa8cT0tm6xTz6tpUGSDdvPQU8JCU8GTOsi9ifxTsI-GlWE3YA', $jws3);
$loaded_0 = $this->getJWSSerializerManager()->unserialize($jws0);
static::assertTrue($jwsVerifier->verifyWithKey($loaded_0, $this->getKey1(), 0));
$loaded_1 = $this->getJWSSerializerManager()->unserialize($jws1);
static::assertTrue($jwsVerifier->verifyWithKey($loaded_1, $this->getKey2(), 0));
$loaded_2 = $this->getJWSSerializerManager()->unserialize($jws2);
static::assertTrue($jwsVerifier->verifyWithKey($loaded_2, $this->getKey1(), 0, 'Live long and Prosper.'));
$loaded_3 = $this->getJWSSerializerManager()->unserialize($jws3);
static::assertTrue($jwsVerifier->verifyWithKey($loaded_3, $this->getKey2(), 0, 'Live long and Prosper.'));
}
/**
* @test
*/
public function signMultipleInstructionWithFlattenedRepresentation(): void
{
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS512', 'RS512']);
$jws = $jwsBuilder
->create()->withPayload('Live long and Prosper.')
->addSignature($this->getKey1(), ['alg' => 'HS512'])
->addSignature($this->getKey2(), ['alg' => 'RS512'])
->build()
;
static::assertEquals(2, $jws->countSignatures());
static::assertEquals('{"payload":"TGl2ZSBsb25nIGFuZCBQcm9zcGVyLg","protected":"eyJhbGciOiJIUzUxMiJ9","signature":"TjxvVLKLc1kU5XW1NjZlI6_kQHjeU2orTWBZ7p0KuRzq_9lyPWR04PAUpbYkaLJLsmIJ8Fxi8Gsrc0khPtFxfQ"}', $this->getJWSSerializerManager()->serialize('jws_json_flattened', $jws, 0));
static::assertEquals('{"payload":"TGl2ZSBsb25nIGFuZCBQcm9zcGVyLg","protected":"eyJhbGciOiJSUzUxMiJ9","signature":"cR-npy2oEi275rpeTAKooLRzOhIOFMewpzE38CLx4_CtdkN4Y7EUlca9ryV6yGMH8SswUqosMnmUU8XYg7xkuNAc6mCODJVF2exfb_Mulmr9YolQrLFrFRsMk1rztXMinCMQeCe5ue3Ck4E4aJlIkjf-d0DJktoIhH6d2gZ-iJeLQ32wcBhPcEbj2gr7K_wYKlEXhKFwG59OE-hIi9IHXEKvK-2V5vzZLVC80G4aWYd3D-2eX3LF1K69NP04jGcu1D4l9UV8zTz1gOWe697iZG0JyKhSccUaHZ0TfEa8cT0tm6xTz6tpUGSDdvPQU8JCU8GTOsi9ifxTsI-GlWE3YA"}', $this->getJWSSerializerManager()->serialize('jws_json_flattened', $jws, 1));
}
/**
* @test
*/
public function createFlattenedJWSUsingFactory(): void
{
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS512', 'RS512']);
$jwsVerifier = $this->getJWSVerifierFactory()->create(['HS512', 'RS512']);
$jws = $jwsBuilder
->create()->withPayload('Live long and Prosper.')
->addSignature($this->getKey1(), ['alg' => 'HS512'], ['foo' => 'bar'])
->addSignature($this->getKey2(), ['alg' => 'RS512'], ['plic' => 'ploc'])
->build()
;
$jws0 = $this->getJWSSerializerManager()->serialize('jws_json_flattened', $jws, 0);
$jws1 = $this->getJWSSerializerManager()->serialize('jws_json_flattened', $jws, 1);
$jws = $jwsBuilder
->create()->withPayload('Live long and Prosper.', true)
->addSignature($this->getKey1(), ['alg' => 'HS512'], ['foo' => 'bar'])
->addSignature($this->getKey2(), ['alg' => 'RS512'], ['plic' => 'ploc'])
->build()
;
$jws2 = $this->getJWSSerializerManager()->serialize('jws_json_flattened', $jws, 0);
$jws3 = $this->getJWSSerializerManager()->serialize('jws_json_flattened', $jws, 1);
static::assertEquals('{"payload":"TGl2ZSBsb25nIGFuZCBQcm9zcGVyLg","protected":"eyJhbGciOiJIUzUxMiJ9","header":{"foo":"bar"},"signature":"TjxvVLKLc1kU5XW1NjZlI6_kQHjeU2orTWBZ7p0KuRzq_9lyPWR04PAUpbYkaLJLsmIJ8Fxi8Gsrc0khPtFxfQ"}', $jws0);
static::assertEquals('{"payload":"TGl2ZSBsb25nIGFuZCBQcm9zcGVyLg","protected":"eyJhbGciOiJSUzUxMiJ9","header":{"plic":"ploc"},"signature":"cR-npy2oEi275rpeTAKooLRzOhIOFMewpzE38CLx4_CtdkN4Y7EUlca9ryV6yGMH8SswUqosMnmUU8XYg7xkuNAc6mCODJVF2exfb_Mulmr9YolQrLFrFRsMk1rztXMinCMQeCe5ue3Ck4E4aJlIkjf-d0DJktoIhH6d2gZ-iJeLQ32wcBhPcEbj2gr7K_wYKlEXhKFwG59OE-hIi9IHXEKvK-2V5vzZLVC80G4aWYd3D-2eX3LF1K69NP04jGcu1D4l9UV8zTz1gOWe697iZG0JyKhSccUaHZ0TfEa8cT0tm6xTz6tpUGSDdvPQU8JCU8GTOsi9ifxTsI-GlWE3YA"}', $jws1);
static::assertEquals('{"protected":"eyJhbGciOiJIUzUxMiJ9","header":{"foo":"bar"},"signature":"TjxvVLKLc1kU5XW1NjZlI6_kQHjeU2orTWBZ7p0KuRzq_9lyPWR04PAUpbYkaLJLsmIJ8Fxi8Gsrc0khPtFxfQ"}', $jws2);
static::assertEquals('{"protected":"eyJhbGciOiJSUzUxMiJ9","header":{"plic":"ploc"},"signature":"cR-npy2oEi275rpeTAKooLRzOhIOFMewpzE38CLx4_CtdkN4Y7EUlca9ryV6yGMH8SswUqosMnmUU8XYg7xkuNAc6mCODJVF2exfb_Mulmr9YolQrLFrFRsMk1rztXMinCMQeCe5ue3Ck4E4aJlIkjf-d0DJktoIhH6d2gZ-iJeLQ32wcBhPcEbj2gr7K_wYKlEXhKFwG59OE-hIi9IHXEKvK-2V5vzZLVC80G4aWYd3D-2eX3LF1K69NP04jGcu1D4l9UV8zTz1gOWe697iZG0JyKhSccUaHZ0TfEa8cT0tm6xTz6tpUGSDdvPQU8JCU8GTOsi9ifxTsI-GlWE3YA"}', $jws3);
$loaded_0 = $this->getJWSSerializerManager()->unserialize($jws0);
static::assertTrue($jwsVerifier->verifyWithKey($loaded_0, $this->getKey1(), 0));
$loaded_1 = $this->getJWSSerializerManager()->unserialize($jws1);
static::assertTrue($jwsVerifier->verifyWithKey($loaded_1, $this->getKey2(), 0));
$loaded_2 = $this->getJWSSerializerManager()->unserialize($jws2);
static::assertTrue($jwsVerifier->verifyWithKey($loaded_2, $this->getKey1(), 0, 'Live long and Prosper.'));
$loaded_3 = $this->getJWSSerializerManager()->unserialize($jws3);
static::assertTrue($jwsVerifier->verifyWithKey($loaded_3, $this->getKey2(), 0, 'Live long and Prosper.'));
}
/**
* @test
*/
public function algorithmNotAllowedForTheKey(): void
{
$this->expectException(InvalidArgumentException::class);
$this->expectExceptionMessage('The algorithm "RS512" is not allowed with this key.');
$jwsBuilder = $this->getJWSBuilderFactory()->create([]);
$jwsBuilder
->create()->withPayload('Live long and Prosper.')
->addSignature($this->getKey5(), ['alg' => 'RS512'])
->build()
;
}
/**
* @test
*/
public function operationNotAllowedForTheKey(): void
{
$this->expectException(InvalidArgumentException::class);
$this->expectExceptionMessage('Key cannot be used to sign');
$jwsBuilder = $this->getJWSBuilderFactory()->create(['PS512']);
$jwsBuilder
->create()->withPayload('Live long and Prosper.')
->addSignature($this->getKey4(), ['alg' => 'PS512'])
->build()
;
}
/**
* @test
*/
public function signAndLoadFlattened(): void
{
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS512']);
$jws = $jwsBuilder
->create()->withPayload(json_encode(['baz', 'ban']))
->addSignature($this->getKey1(), ['alg' => 'HS512'], ['foo' => 'bar'])
->build()
;
$loaded = $this->getJWSSerializerManager()->unserialize($this->getJWSSerializerManager()->serialize('jws_json_flattened', $jws, 0));
static::assertEquals(1, $loaded->countSignatures());
static::assertEquals('HS512', $loaded->getSignature(0)->getProtectedHeaderParameter('alg'));
}
/**
* @test
*/
public function signAndLoad(): void
{
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS512', 'RS512']);
$jwsVerifier = $this->getJWSVerifierFactory()->create(['HS512', 'RS512']);
$jws = $jwsBuilder
->create()->withPayload('Live long and Prosper.')
->addSignature($this->getKey1(), ['alg' => 'HS512'], ['foo' => 'bar'])
->addSignature($this->getKey2(), ['alg' => 'RS512'])
->build()
;
$loaded = $this->getJWSSerializerManager()->unserialize($this->getJWSSerializerManager()->serialize('jws_json_general', $jws, 0));
static::assertEquals(2, $loaded->countSignatures());
static::assertEquals('Live long and Prosper.', $loaded->getPayload());
static::assertTrue($jwsVerifier->verifyWithKeySet($loaded, $this->getSymmetricKeySet(), 0));
static::assertTrue($jwsVerifier->verifyWithKeySet($loaded, $this->getPublicKeySet(), 1));
static::assertEquals('HS512', $loaded->getSignature(0)->getProtectedHeaderParameter('alg'));
static::assertEquals('RS512', $loaded->getSignature(1)->getProtectedHeaderParameter('alg'));
}
/**
* @test
*/
public function signAndLoadWithWrongKeys(): void
{
$jwsBuilder = $this->getJWSBuilderFactory()->create(['RS512']);
$jwsVerifier = $this->getJWSVerifierFactory()->create(['RS512']);
$jws = $jwsBuilder
->create()->withPayload('Live long and Prosper.')
->addSignature($this->getKey2(), ['alg' => 'RS512'])
->build()
;
$loaded = $this->getJWSSerializerManager()->unserialize($this->getJWSSerializerManager()->serialize('jws_json_general', $jws, 0));
static::assertEquals(1, $loaded->countSignatures());
static::assertEquals('Live long and Prosper.', $loaded->getPayload());
static::assertFalse($jwsVerifier->verifyWithKeySet($loaded, $this->getSymmetricKeySet(), 0));
}
/**
* @test
*/
public function signAndLoadWithUnsupportedAlgorithm(): void
{
$jwsBuilder = $this->getJWSBuilderFactory()->create(['RS512']);
$jwsVerifier = $this->getJWSVerifierFactory()->create(['RS512']);
$jws = $jwsBuilder
->create()->withPayload('Live long and Prosper.')
->addSignature($this->getKey2(), ['alg' => 'RS512'])
->build()
;
$loaded = $this->getJWSSerializerManager()->unserialize($this->getJWSSerializerManager()->serialize('jws_json_general', $jws, 0));
static::assertEquals(1, $loaded->countSignatures());
static::assertEquals('Live long and Prosper.', $loaded->getPayload());
static::assertFalse($jwsVerifier->verifyWithKeySet($loaded, $this->getSymmetricKeySet(), 0));
}
/**
* @test
*/
public function signAndLoadWithJWSWithoutSignatures(): void
{
$this->expectException(InvalidArgumentException::class);
$this->expectExceptionMessage('The JWS does not contain any signature.');
$payload = "It\xe2\x80\x99s a dangerous business, Frodo, going out your door. You step onto the road, and if you don't keep your feet, there\xe2\x80\x99s no knowing where you might be swept off to.";
$jws = '{"payload":"SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywgZ29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9hZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXigJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9mZiB0by4","signatures":[]}';
$jwsVerifier = $this->getJWSVerifierFactory()->create([]);
$loaded = $this->getJWSSerializerManager()->unserialize($jws);
static::assertEquals(0, $loaded->countSignatures());
static::assertEquals($payload, $loaded->getPayload());
static::assertTrue($jwsVerifier->verifyWithKeySet($loaded, $this->getSymmetricKeySet(), 0));
}
/**
* @see https://tools.ietf.org/html/rfc7797#section-4
* @see https://tools.ietf.org/html/rfc7797#section-4.2
*
* @test
*/
public function compactJSONWithUnencodedPayloadFailsBecauseOfForbiddenCharacters(): void
{
$this->expectException(LogicException::class);
$this->expectExceptionMessage('Unable to convert the JWS with non-encoded payload.');
$protectedHeader = [
'alg' => 'HS256',
'b64' => false,
'crit' => ['b64'],
];
$key = new JWK([
'kty' => 'oct',
'k' => 'AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow',
]);
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS256']);
$jws = $jwsBuilder
->create()->withPayload('Live long and Prosper.')
->addSignature($key, $protectedHeader)
->build()
;
$this->getJWSSerializerManager()->serialize('jws_compact', $jws, 0);
}
/**
* @see https://tools.ietf.org/html/rfc7797#section-4
* @see https://tools.ietf.org/html/rfc7797#section-4.2
*
* @test
*/
public function compactJSONWithUnencodedPayloadSucceeded(): void
{
$protectedHeader = [
'alg' => 'HS256',
'b64' => false,
'crit' => ['b64'],
];
$key = new JWK([
'kty' => 'oct',
'k' => 'AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow',
]);
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS256']);
$jws = $jwsBuilder
->create()->withPayload('Live long and Prosper~')
->addSignature($key, $protectedHeader)
->build()
;
$compact = $this->getJWSSerializerManager()->serialize('jws_compact', $jws, 0);
static::assertEquals('eyJhbGciOiJIUzI1NiIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19.Live long and Prosper~.nUNenbjNAEH2nNIXyQYmutiHRPnT17HcaMr5Lsho4BE', $compact);
$loaded = $this->getJWSSerializerManager()->unserialize($compact, $serializer);
static::assertEquals(CompactSerializer::NAME, $serializer);
static::assertEquals('Live long and Prosper~', $loaded->getPayload());
static::assertEquals('Live long and Prosper~', $loaded->getEncodedPayload());
static::assertEquals($protectedHeader, $loaded->getSignature(0)->getProtectedHeader());
}
/**
* @see https://tools.ietf.org/html/rfc7797#section-4
* @see https://tools.ietf.org/html/rfc7797#section-4.2
*
* @test
*/
public function compactJSONWithUnencodedDetachedPayload(): void
{
$payload = '$.02';
$protectedHeader = [
'alg' => 'HS256',
'b64' => false,
'crit' => ['b64'],
];
$key = new JWK([
'kty' => 'oct',
'k' => 'AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow',
]);
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS256']);
$jwsVerifier = $this->getJWSVerifierFactory()->create(['HS256']);
$jws = $jwsBuilder
->create()->withPayload($payload, true)
->addSignature($key, $protectedHeader)
->build()
;
$jws = $this->getJWSSerializerManager()->serialize('jws_compact', $jws, 0);
static::assertEquals('eyJhbGciOiJIUzI1NiIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..A5dxf2s96_n5FLueVuW1Z_vh161FwXZC4YLPff6dmDY', $jws);
$loaded = $this->getJWSSerializerManager()->unserialize($jws);
static::assertTrue($jwsVerifier->verifyWithKey($loaded, $key, 0, $payload));
static::assertEquals($protectedHeader, $loaded->getSignature(0)->getProtectedHeader());
}
/**
* The library is able to support multiple payload encoding and conversion in JSON if payload is detached.
*
* @test
*/
public function compactJSONWithUnencodedDetachedPayloadAndMultipleSignatures(): void
{
$payload = '$.02';
$protectedHeader1 = [
'alg' => 'HS256',
'b64' => false,
'crit' => ['b64'],
];
$protectedHeader2 = [
'alg' => 'HS512',
'b64' => false,
'crit' => ['b64'],
];
$key = new JWK([
'kty' => 'oct',
'k' => 'AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow',
]);
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS256', 'HS512']);
$jwsVerifier = $this->getJWSVerifierFactory()->create(['HS256', 'HS512']);
$jws = $jwsBuilder
->create()->withPayload($payload, true)
->addSignature($key, $protectedHeader1)
->addSignature($key, $protectedHeader2)
->build()
;
$expected_result = '{"signatures":[{"signature":"A5dxf2s96_n5FLueVuW1Z_vh161FwXZC4YLPff6dmDY","protected":"eyJhbGciOiJIUzI1NiIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19"},{"signature":"Mp-m-Vyst0zYCNkpg2RiIN8W9GO4nLU3FKsFtHzEcP4tgR4QcMys1_2m9HrDwszi0Cp2gv_Lioe6UPCcTNn6tQ","protected":"eyJhbGciOiJIUzUxMiIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19"}]}';
static::assertEquals($expected_result, $this->getJWSSerializerManager()->serialize('jws_json_general', $jws, 0));
$loaded = $this->getJWSSerializerManager()->unserialize($expected_result);
static::assertTrue($jwsVerifier->verifyWithKey($loaded, $key, 0, $payload));
static::assertEquals($protectedHeader1, $loaded->getSignature(0)->getProtectedHeader());
}
/**
* The library is able to support multiple payload encoding and conversion in JSON is not available if payload is not detached.
*
* @test
*/
public function compactJSONWithUnencodedPayloadAndMultipleSignatures(): void
{
$this->expectException(LogicException::class);
$this->expectExceptionMessage('Foreign payload encoding detected.');
$payload = '$.02';
$protectedHeader1 = [
'alg' => 'HS256',
'b64' => false,
'crit' => ['b64'],
];
$protectedHeader2 = [
'alg' => 'HS256',
];
$key = new JWK([
'kty' => 'oct',
'k' => 'AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow',
]);
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS256']);
$jws = $jwsBuilder
->create()->withPayload($payload)
->addSignature($key, $protectedHeader1)
->addSignature($key, $protectedHeader2)
->build()
;
$this->getJWSSerializerManager()->serialize('jws_json_general', $jws, 0);
}
/**
* @test
*/
public function jWSWithUnencodedPayloadButNoCritHeader(): void
{
$this->expectException(LogicException::class);
$this->expectExceptionMessage('The protected header parameter "crit" is mandatory when protected header parameter "b64" is set.');
$payload = '$.02';
$protectedHeader = [
'alg' => 'HS256',
'b64' => false,
];
$key = new JWK([
'kty' => 'oct',
'k' => 'AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow',
]);
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS256']);
$jws = $jwsBuilder
->create()->withPayload($payload, true)
->addSignature($key, $protectedHeader)
->build()
;
$this->getJWSSerializerManager()->serialize('jws_compact', $jws, 0);
}
/**
* @test
*/
public function jWSWithUnencodedPayloadButCritHeaderIsNotAnArray(): void
{
$this->expectException(LogicException::class);
$this->expectExceptionMessage('The protected header parameter "crit" must be an array.');
$payload = '$.02';
$protectedHeader = [
'alg' => 'HS256',
'b64' => false,
'crit' => 'foo',
];
$key = new JWK([
'kty' => 'oct',
'k' => 'AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow',
]);
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS256']);
$jws = $jwsBuilder
->create()->withPayload($payload, true)
->addSignature($key, $protectedHeader)
->build()
;
$this->getJWSSerializerManager()->serialize('jws_compact', $jws, 0);
}
/**
* @test
*/
public function jWSWithUnencodedPayloadButCritHeaderDoesNotContainB64(): void
{
$this->expectException(LogicException::class);
$this->expectExceptionMessage('The protected header parameter "crit" must contain "b64" when protected header parameter "b64" is set.');
$payload = '$.02';
$protectedHeader = [
'alg' => 'HS256',
'b64' => false,
'crit' => ['foo'],
];
$key = new JWK([
'kty' => 'oct',
'k' => 'AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow',
]);
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS256']);
$jws = $jwsBuilder
->create()->withPayload($payload, true)
->addSignature($key, $protectedHeader)
->build()
;
$this->getJWSSerializerManager()->serialize('jws_compact', $jws, 0);
}
/**
* @see https://tools.ietf.org/html/rfc7797#section-4
* @see https://tools.ietf.org/html/rfc7797#section-4.2
*
* @test
*/
public function flattenedJSONWithUnencodedPayload(): void
{
$payload = '$.02';
$protectedHeader = [
'alg' => 'HS256',
'b64' => false,
'crit' => ['b64'],
];
$key = new JWK([
'kty' => 'oct',
'k' => 'AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow',
]);
$expected_result = [
'protected' => 'eyJhbGciOiJIUzI1NiIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19',
'payload' => '$.02',
'signature' => 'A5dxf2s96_n5FLueVuW1Z_vh161FwXZC4YLPff6dmDY',
];
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS256']);
$jwsVerifier = $this->getJWSVerifierFactory()->create(['HS256']);
$jws = $jwsBuilder
->create()->withPayload($payload)
->addSignature($key, $protectedHeader)
->build()
;
$jws = $this->getJWSSerializerManager()->serialize('jws_json_flattened', $jws, 0);
static::assertEquals($expected_result, json_decode($jws, true));
$loaded = $this->getJWSSerializerManager()->unserialize($jws);
static::assertTrue($jwsVerifier->verifyWithKey($loaded, $key, 0));
static::assertEquals($payload, $loaded->getPayload());
static::assertEquals($protectedHeader, $loaded->getSignature(0)->getProtectedHeader());
}
/**
* @see https://tools.ietf.org/html/rfc7797#section-4
* @see https://tools.ietf.org/html/rfc7797#section-4.2
*
* @test
*/
public function flattenedJSONWithUnencodedDetachedPayload(): void
{
$payload = '$.02';
$protectedHeader = [
'alg' => 'HS256',
'b64' => false,
'crit' => ['b64'],
];
$key = new JWK([
'kty' => 'oct',
'k' => 'AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow',
]);
$expected_result = [
'protected' => 'eyJhbGciOiJIUzI1NiIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19',
'signature' => 'A5dxf2s96_n5FLueVuW1Z_vh161FwXZC4YLPff6dmDY',
];
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS256']);
$jws = $jwsBuilder
->create()->withPayload($payload, true)
->addSignature($key, $protectedHeader)
->build()
;
$jws = $this->getJWSSerializerManager()->serialize('jws_json_flattened', $jws, 0);
static::assertEquals($expected_result, json_decode($jws, true));
}
/**
* @test
*/
public function signAndLoadWithoutAlgParameterInTheHeader(): void
{
$this->expectException(InvalidArgumentException::class);
$this->expectExceptionMessage('No "alg" parameter set in the header.');
$payload = "It\xe2\x80\x99s a dangerous business, Frodo, going out your door. You step onto the road, and if you don't keep your feet, there\xe2\x80\x99s no knowing where you might be swept off to.";
$jws = 'eyJraWQiOiJiaWxiby5iYWdnaW5zQGhvYmJpdG9uLmV4YW1wbGUifQ.SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywgZ29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9hZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXigJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9mZiB0by4.MRjdkly7_-oTPTS3AXP41iQIGKa80A0ZmTuV5MEaHoxnW2e5CZ5NlKtainoFmKZopdHM1O2U4mwzJdQx996ivp83xuglII7PNDi84wnB-BDkoBwA78185hX-Es4JIwmDLJK3lfWRa-XtL0RnltuYv746iYTh_qHRD68BNt1uSNCrUCTJDt5aAE6x8wW1Kt9eRo4QPocSadnHXFxnt8Is9UzpERV0ePPQdLuW3IS_de3xyIrDaLGdjluPxUAhb6L2aXic1U12podGU0KLUQSE_oI-ZnmKJ3F4uOZDnd6QZWJushZ41Axf_fcIe8u9ipH84ogoree7vjbU5y18kDquDg';
$jwsVerifier = $this->getJWSVerifierFactory()->create([]);
$loaded = $this->getJWSSerializerManager()->unserialize($jws);
static::assertEquals(1, $loaded->countSignatures());
static::assertEquals($payload, $loaded->getPayload());
static::assertTrue($jwsVerifier->verifyWithKeySet($loaded, $this->getSymmetricKeySet(), 0));
}
/**
* @test
*/
public function signAndLoadJWKSet(): void
{
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS512', 'RS512']);
$jwsVerifier = $this->getJWSVerifierFactory()->create(['HS512', 'RS512']);
$jws = $jwsBuilder
->create()->withPayload(json_encode($this->getKeyset()))
->addSignature($this->getKey1(), ['alg' => 'HS512'], ['foo' => 'bar'])
->addSignature($this->getKey2(), ['alg' => 'RS512'])
->build()
;
$loaded = $this->getJWSSerializerManager()->unserialize($this->getJWSSerializerManager()->serialize('jws_json_general', $jws, 0));
static::assertEquals(2, $loaded->countSignatures());
static::assertEquals($this->getKeyset(), JWKSet::createFromKeyData(json_decode($loaded->getPayload(), true)));
static::assertTrue($jwsVerifier->verifyWithKeySet($loaded, $this->getSymmetricKeySet(), 0));
static::assertTrue($jwsVerifier->verifyWithKeySet($loaded, $this->getPublicKeySet(), 1));
static::assertEquals('HS512', $loaded->getSignature(0)->getProtectedHeaderParameter('alg'));
static::assertEquals('RS512', $loaded->getSignature(1)->getProtectedHeaderParameter('alg'));
}
/**
* @test
*/
public function keySetIsEmpty(): void
{
$this->expectException(InvalidArgumentException::class);
$this->expectExceptionMessage('There is no key in the key set.');
$jwsBuilder = $this->getJWSBuilderFactory()->create(['HS512', 'RS512']);
$jwsVerifier = $this->getJWSVerifierFactory()->create(['HS512', 'RS512']);
$jws = $jwsBuilder
->create()->withPayload(json_encode($this->getKeyset()))
->addSignature($this->getKey1(), ['alg' => 'HS512', ['foo' => 'bar']])
->addSignature($this->getKey2(), ['alg' => 'RS512'])
->build()
;
$loaded = $this->getJWSSerializerManager()->unserialize($this->getJWSSerializerManager()->serialize('jws_json_general', $jws, 0));
static::assertEquals(2, $loaded->countSignatures());
static::assertEquals($this->getKeyset(), JWKSet::createFromKeyData(json_decode($loaded->getPayload(), true)));
static::assertTrue($jwsVerifier->verifyWithKeySet($loaded, new JWKSet([]), 0));
static::assertTrue($jwsVerifier->verifyWithKey($loaded, new JWK(['kty' => 'EC']), 1));
}
private function getKey1(): JWK
{
return new JWK([
'kty' => 'oct',
'k' => 'AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow',
]);
}
private function getKey2(): JWK
{
return new JWK([
'kty' => 'RSA',
'use' => 'sig',
'key_ops' => ['sign', 'verify'],
'n' => 'ofgWCuLjybRlzo0tZWJjNiuSfb4p4fAkd_wWJcyQoTbji9k0l8W26mPddxHmfHQp-Vaw-4qPCJrcS2mJPMEzP1Pt0Bm4d4QlL-yRT-SFd2lZS-pCgNMsD1W_YpRPEwOWvG6b32690r2jZ47soMZo9wGzjb_7OMg0LOL-bSf63kpaSHSXndS5z5rexMdbBYUsLA9e-KXBdQOS-UTo7WTBEMa2R2CapHg665xsmtdVMTBQY4uDZlxvb3qCo5ZwKh9kG4LT6_I5IhlJH7aGhyxXFvUK-DWNmoudF8NAco9_h9iaGNj8q2ethFkMLs91kzk2PAcDTW9gb54h4FRWyuXpoQ',
'e' => 'AQAB',
'd' => 'Eq5xpGnNCivDflJsRQBXHx1hdR1k6Ulwe2JZD50LpXyWPEAeP88vLNO97IjlA7_GQ5sLKMgvfTeXZx9SE-7YwVol2NXOoAJe46sui395IW_GO-pWJ1O0BkTGoVEn2bKVRUCgu-GjBVaYLU6f3l9kJfFNS3E0QbVdxzubSu3Mkqzjkn439X0M_V51gfpRLI9JYanrC4D4qAdGcopV_0ZHHzQlBjudU2QvXt4ehNYTCBr6XCLQUShb1juUO1ZdiYoFaFQT5Tw8bGUl_x_jTj3ccPDVZFD9pIuhLhBOneufuBiB4cS98l2SR_RQyGWSeWjnczT0QU91p1DhOVRuOopznQ',
'p' => '4BzEEOtIpmVdVEZNCqS7baC4crd0pqnRH_5IB3jw3bcxGn6QLvnEtfdUdiYrqBdss1l58BQ3KhooKeQTa9AB0Hw_Py5PJdTJNPY8cQn7ouZ2KKDcmnPGBY5t7yLc1QlQ5xHdwW1VhvKn-nXqhJTBgIPgtldC-KDV5z-y2XDwGUc',
'q' => 'uQPEfgmVtjL0Uyyx88GZFF1fOunH3-7cepKmtH4pxhtCoHqpWmT8YAmZxaewHgHAjLYsp1ZSe7zFYHj7C6ul7TjeLQeZD_YwD66t62wDmpe_HlB-TnBA-njbglfIsRLtXlnDzQkv5dTltRJ11BKBBypeeF6689rjcJIDEz9RWdc',
'dp' => 'BwKfV3Akq5_MFZDFZCnW-wzl-CCo83WoZvnLQwCTeDv8uzluRSnm71I3QCLdhrqE2e9YkxvuxdBfpT_PI7Yz-FOKnu1R6HsJeDCjn12Sk3vmAktV2zb34MCdy7cpdTh_YVr7tss2u6vneTwrA86rZtu5Mbr1C1XsmvkxHQAdYo0',
'dq' => 'h_96-mK1R_7glhsum81dZxjTnYynPbZpHziZjeeHcXYsXaaMwkOlODsWa7I9xXDoRwbKgB719rrmI2oKr6N3Do9U0ajaHF-NKJnwgjMd2w9cjz3_-kyNlxAr2v4IKhGNpmM5iIgOS1VZnOZ68m6_pbLBSp3nssTdlqvd0tIiTHU',
'qi' => 'IYd7DHOhrWvxkwPQsRM2tOgrjbcrfvtQJipd-DlcxyVuuM9sQLdgjVk2oy26F0EmpScGLq2MowX7fhd_QJQ3ydy5cY7YIBi87w93IKLEdfnbJtoOPLUW0ITrJReOgo1cq9SbsxYawBgfp_gh6A5603k2-ZQwVK0JKSHuLFkuQ3U',
]);
}
private function getKey3(): JWK
{
return new JWK([
'kty' => 'EC',
'crv' => 'P-256',
'use' => 'sig',
'key_ops' => ['sign'],
'x' => 'f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU',
'y' => 'x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0',
'd' => 'jpsQnnGQmL-YBIffH1136cspYG6-0iY7X1fCE9-E9LI',
]);
}
private function getKey4(): JWK
{
return new JWK([
'kty' => 'RSA',
'alg' => 'PS512',
'key_ops' => ['encrypt', 'decrypt'],
'n' => 'ofgWCuLjybRlzo0tZWJjNiuSfb4p4fAkd_wWJcyQoTbji9k0l8W26mPddxHmfHQp-Vaw-4qPCJrcS2mJPMEzP1Pt0Bm4d4QlL-yRT-SFd2lZS-pCgNMsD1W_YpRPEwOWvG6b32690r2jZ47soMZo9wGzjb_7OMg0LOL-bSf63kpaSHSXndS5z5rexMdbBYUsLA9e-KXBdQOS-UTo7WTBEMa2R2CapHg665xsmtdVMTBQY4uDZlxvb3qCo5ZwKh9kG4LT6_I5IhlJH7aGhyxXFvUK-DWNmoudF8NAco9_h9iaGNj8q2ethFkMLs91kzk2PAcDTW9gb54h4FRWyuXpoQ',
'e' => 'AQAB',
'd' => 'Eq5xpGnNCivDflJsRQBXHx1hdR1k6Ulwe2JZD50LpXyWPEAeP88vLNO97IjlA7_GQ5sLKMgvfTeXZx9SE-7YwVol2NXOoAJe46sui395IW_GO-pWJ1O0BkTGoVEn2bKVRUCgu-GjBVaYLU6f3l9kJfFNS3E0QbVdxzubSu3Mkqzjkn439X0M_V51gfpRLI9JYanrC4D4qAdGcopV_0ZHHzQlBjudU2QvXt4ehNYTCBr6XCLQUShb1juUO1ZdiYoFaFQT5Tw8bGUl_x_jTj3ccPDVZFD9pIuhLhBOneufuBiB4cS98l2SR_RQyGWSeWjnczT0QU91p1DhOVRuOopznQ',
'p' => '4BzEEOtIpmVdVEZNCqS7baC4crd0pqnRH_5IB3jw3bcxGn6QLvnEtfdUdiYrqBdss1l58BQ3KhooKeQTa9AB0Hw_Py5PJdTJNPY8cQn7ouZ2KKDcmnPGBY5t7yLc1QlQ5xHdwW1VhvKn-nXqhJTBgIPgtldC-KDV5z-y2XDwGUc',
'q' => 'uQPEfgmVtjL0Uyyx88GZFF1fOunH3-7cepKmtH4pxhtCoHqpWmT8YAmZxaewHgHAjLYsp1ZSe7zFYHj7C6ul7TjeLQeZD_YwD66t62wDmpe_HlB-TnBA-njbglfIsRLtXlnDzQkv5dTltRJ11BKBBypeeF6689rjcJIDEz9RWdc',
'dp' => 'BwKfV3Akq5_MFZDFZCnW-wzl-CCo83WoZvnLQwCTeDv8uzluRSnm71I3QCLdhrqE2e9YkxvuxdBfpT_PI7Yz-FOKnu1R6HsJeDCjn12Sk3vmAktV2zb34MCdy7cpdTh_YVr7tss2u6vneTwrA86rZtu5Mbr1C1XsmvkxHQAdYo0',
'dq' => 'h_96-mK1R_7glhsum81dZxjTnYynPbZpHziZjeeHcXYsXaaMwkOlODsWa7I9xXDoRwbKgB719rrmI2oKr6N3Do9U0ajaHF-NKJnwgjMd2w9cjz3_-kyNlxAr2v4IKhGNpmM5iIgOS1VZnOZ68m6_pbLBSp3nssTdlqvd0tIiTHU',
'qi' => 'IYd7DHOhrWvxkwPQsRM2tOgrjbcrfvtQJipd-DlcxyVuuM9sQLdgjVk2oy26F0EmpScGLq2MowX7fhd_QJQ3ydy5cY7YIBi87w93IKLEdfnbJtoOPLUW0ITrJReOgo1cq9SbsxYawBgfp_gh6A5603k2-ZQwVK0JKSHuLFkuQ3U',
]);
}
private function getKey5(): JWK
{
return new JWK([
'kty' => 'RSA',
'alg' => 'PS512',
'use' => 'sig',
'n' => 'ofgWCuLjybRlzo0tZWJjNiuSfb4p4fAkd_wWJcyQoTbji9k0l8W26mPddxHmfHQp-Vaw-4qPCJrcS2mJPMEzP1Pt0Bm4d4QlL-yRT-SFd2lZS-pCgNMsD1W_YpRPEwOWvG6b32690r2jZ47soMZo9wGzjb_7OMg0LOL-bSf63kpaSHSXndS5z5rexMdbBYUsLA9e-KXBdQOS-UTo7WTBEMa2R2CapHg665xsmtdVMTBQY4uDZlxvb3qCo5ZwKh9kG4LT6_I5IhlJH7aGhyxXFvUK-DWNmoudF8NAco9_h9iaGNj8q2ethFkMLs91kzk2PAcDTW9gb54h4FRWyuXpoQ',
'e' => 'AQAB',
'd' => 'Eq5xpGnNCivDflJsRQBXHx1hdR1k6Ulwe2JZD50LpXyWPEAeP88vLNO97IjlA7_GQ5sLKMgvfTeXZx9SE-7YwVol2NXOoAJe46sui395IW_GO-pWJ1O0BkTGoVEn2bKVRUCgu-GjBVaYLU6f3l9kJfFNS3E0QbVdxzubSu3Mkqzjkn439X0M_V51gfpRLI9JYanrC4D4qAdGcopV_0ZHHzQlBjudU2QvXt4ehNYTCBr6XCLQUShb1juUO1ZdiYoFaFQT5Tw8bGUl_x_jTj3ccPDVZFD9pIuhLhBOneufuBiB4cS98l2SR_RQyGWSeWjnczT0QU91p1DhOVRuOopznQ',
'p' => '4BzEEOtIpmVdVEZNCqS7baC4crd0pqnRH_5IB3jw3bcxGn6QLvnEtfdUdiYrqBdss1l58BQ3KhooKeQTa9AB0Hw_Py5PJdTJNPY8cQn7ouZ2KKDcmnPGBY5t7yLc1QlQ5xHdwW1VhvKn-nXqhJTBgIPgtldC-KDV5z-y2XDwGUc',
'q' => 'uQPEfgmVtjL0Uyyx88GZFF1fOunH3-7cepKmtH4pxhtCoHqpWmT8YAmZxaewHgHAjLYsp1ZSe7zFYHj7C6ul7TjeLQeZD_YwD66t62wDmpe_HlB-TnBA-njbglfIsRLtXlnDzQkv5dTltRJ11BKBBypeeF6689rjcJIDEz9RWdc',
'dp' => 'BwKfV3Akq5_MFZDFZCnW-wzl-CCo83WoZvnLQwCTeDv8uzluRSnm71I3QCLdhrqE2e9YkxvuxdBfpT_PI7Yz-FOKnu1R6HsJeDCjn12Sk3vmAktV2zb34MCdy7cpdTh_YVr7tss2u6vneTwrA86rZtu5Mbr1C1XsmvkxHQAdYo0',
'dq' => 'h_96-mK1R_7glhsum81dZxjTnYynPbZpHziZjeeHcXYsXaaMwkOlODsWa7I9xXDoRwbKgB719rrmI2oKr6N3Do9U0ajaHF-NKJnwgjMd2w9cjz3_-kyNlxAr2v4IKhGNpmM5iIgOS1VZnOZ68m6_pbLBSp3nssTdlqvd0tIiTHU',
'qi' => 'IYd7DHOhrWvxkwPQsRM2tOgrjbcrfvtQJipd-DlcxyVuuM9sQLdgjVk2oy26F0EmpScGLq2MowX7fhd_QJQ3ydy5cY7YIBi87w93IKLEdfnbJtoOPLUW0ITrJReOgo1cq9SbsxYawBgfp_gh6A5603k2-ZQwVK0JKSHuLFkuQ3U',
]);
}
private function getKeyset(): JWKSet
{
return new JWKSet([$this->getKey1(), $this->getKey2()]);
}
private function getPublicKeySet(): JWKSet
{
$keys = ['keys' => [
[
'kid' => '71ee230371d19630bc17fb90ccf20ae632ad8cf8',
'kty' => 'RSA',
'alg' => 'RS256',
'use' => 'sig',
'n' => 'vnMTRCMvsS04M1yaKR112aB8RxOkWHFixZO68wCRlVLxK4ugckXVD_Ebcq-kms1T2XpoWntVfBuX40r2GvcD9UsTFt_MZlgd1xyGwGV6U_tfQUll5mKxCPjr60h83LXKJ_zmLXIqkV8tAoIg78a5VRWoms_0Bn09DKT3-RBWFjk=',
'e' => 'AQAB',
],
[
'kid' => '02491f945c951adf156f370788e8ccdabf8877a8',
'kty' => 'RSA',
'alg' => 'RS256',
'use' => 'sig',
'n' => 'rI67uHIDWDgCy_Ut-FhhjTCkEcqzoO80IRgdpk_fJHlDmXhMTJKPizxbIEMs0wRHRZpwH-4D20thpnQB5Mgx6-XM9kOvcYpHSdcYME77BwX6uQG-hw2w77NOhYiCSZCLzx-5ld5Wjy0dympL-ExqQw-wrWipMX7NQhIbJqVbZ18=',
'e' => 'AQAB',
],
[
'kty' => 'RSA',
'n' => 'oahUIoWw0K0usKNuOR6H4wkf4oBUXHTxRvgb48E-BVvxkeDNjbC4he8rUWcJoZmds2h7M70imEVhRU5djINXtqllXI4DFqcI1DgjT9LewND8MW2Krf3Spsk_ZkoFnilakGygTwpZ3uesH-PFABNIUYpOiN15dsQRkgr0vEhxN92i2asbOenSZeyaxziK72UwxrrKoExv6kc5twXTq4h-QChLOln0_mtUZwfsRaMStPs6mS6XrgxnxbWhojf663tuEQueGC-FCMfra36C9knDFGzKsNa7LZK2djYgyD3JR_MB_4NUJW_TqOQtwHYbxevoJArm-L5StowjzGy-_bq6Gw',
'e' => 'AQAB',
],
[
'kty' => 'RSA',
'n' => 'sXchDaQebHnPiGvyDOAT4saGEUetSyo9MKLOoWFsueri23bOdgWp4Dy1WlUzewbgBHod5pcM9H95GQRV3JDXboIRROSBigeC5yjU1hGzHHyXss8UDprecbAYxknTcQkhslANGRUZmdTOQ5qTRsLAt6BTYuyvVRdhS8exSZEy_c4gs_7svlJJQ4H9_NxsiIoLwAEk7-Q3UXERGYw_75IDrGA84-lA_-Ct4eTlXHBIY2EaV7t7LjJaynVJCpkv4LKjTTAumiGUIuQhrNhZLuF_RJLqHpM2kgWFLU7-VTdL1VbC2tejvcI2BlMkEpk1BzBZI0KQB0GaDWFLN-aEAw3vRw',
'e' => 'AQAB',
],
[
'kty' => 'RSA',
'n' => 'ofgWCuLjybRlzo0tZWJjNiuSfb4p4fAkd_wWJcyQoTbji9k0l8W26mPddxHmfHQp-Vaw-4qPCJrcS2mJPMEzP1Pt0Bm4d4QlL-yRT-SFd2lZS-pCgNMsD1W_YpRPEwOWvG6b32690r2jZ47soMZo9wGzjb_7OMg0LOL-bSf63kpaSHSXndS5z5rexMdbBYUsLA9e-KXBdQOS-UTo7WTBEMa2R2CapHg665xsmtdVMTBQY4uDZlxvb3qCo5ZwKh9kG4LT6_I5IhlJH7aGhyxXFvUK-DWNmoudF8NAco9_h9iaGNj8q2ethFkMLs91kzk2PAcDTW9gb54h4FRWyuXpoQ',
'e' => 'AQAB',
],
[
'kty' => 'EC',
'crv' => 'P-256',
'x' => 'f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU',
'y' => 'x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0',
],
[
'kty' => 'EC',
'crv' => 'P-521',
'x' => 'AekpBQ8ST8a8VcfVOTNl353vSrDCLLJXmPk06wTjxrrjcBpXp5EOnYG_NjFZ6OvLFV1jSfS9tsz4qUxcWceqwQGk',
'y' => 'ADSmRA43Z1DSNx_RvcLI87cdL07l6jQyyBXMoxVg_l2Th-x3S1WDhjDly79ajL4Kkd0AZMaZmh9ubmf63e3kyMj2',
],
]];
return JWKSet::createFromKeyData($keys);
}
private function getSymmetricKeySet(): JWKSet
{
$keys = ['keys' => [
[
'kid' => 'DIR_1',
'kty' => 'oct',
'k' => Base64Url::encode(hex2bin('00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F')),
],
[
'kty' => 'oct',
'k' => 'f5aN5V6iihwQVqP-tPNNtkIJNCwUb9-JukCIKkF0rNfxqxA771RJynYAT2xtzAP0MYaR7U5fMP_wvbRQq5l38Q',
],
[
'kty' => 'oct',
'k' => 'GawgguFyGrWKav7AX4VKUg',
],
[
'kty' => 'oct',
'k' => 'AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow',
],
]];
return JWKSet::createFromKeyData($keys);
}
}

49
vendor/web-token/jwt-signature/composer.json vendored Normal file
View File

@@ -0,0 +1,49 @@
{
"name": "web-token/jwt-signature",
"description": "Signature component of the JWT Framework.",
"type": "library",
"license": "MIT",
"keywords": ["JWS", "JWT", "JWE", "JWA", "JWK", "JWKSet", "Jot", "Jose", "RFC7515", "RFC7516", "RFC7517", "RFC7518", "RFC7519", "RFC7520", "Bundle", "Symfony"],
"homepage": "https://github.com/web-token",
"authors": [
{
"name": "Florent Morselli",
"homepage": "https://github.com/Spomky"
},{
"name": "All contributors",
"homepage": "https://github.com/web-token/jwt-signature/contributors"
}
],
"autoload": {
"psr-4": {
"Jose\\Component\\Signature\\": ""
}
},
"require": {
"web-token/jwt-core": "^2.1"
},
"require-dev": {
"phpunit/phpunit": "^8.0"
},
"suggest": {
"web-token/jwt-signature-algorithm-ecdsa": "ECDSA Based Signature Algorithms",
"web-token/jwt-signature-algorithm-eddsa": "EdDSA Based Signature Algorithms",
"web-token/jwt-signature-algorithm-hmac": "HMAC Based Signature Algorithms",
"web-token/jwt-signature-algorithm-none": "None Signature Algorithm",
"web-token/jwt-signature-algorithm-rsa": "RSA Based Signature Algorithms",
"web-token/jwt-signature-algorithm-experimental": "Experimental Signature Algorithms"
},
"extra": {
"branch-alias": {
"v1.0": "1.0.x-dev",
"v1.1": "1.1.x-dev",
"v1.2": "1.2.x-dev",
"v1.3": "1.3.x-dev",
"v2.0": "2.0.x-dev",
"v2.1": "2.1.x-dev"
}
},
"config": {
"sort-packages": true
}
}

29
vendor/web-token/jwt-signature/phpunit.xml.dist vendored Normal file
View File

@@ -0,0 +1,29 @@
<?xml version="1.0" encoding="UTF-8"?>
<phpunit
backupGlobals="false"
backupStaticAttributes="false"
convertErrorsToExceptions="true"
convertNoticesToExceptions="true"
convertWarningsToExceptions="true"
processIsolation="false"
stopOnFailure="false"
syntaxCheck="true"
bootstrap="vendor/autoload.php"
colors="true">
<testsuites>
<testsuite name="Test Suite">
<directory>./Tests/</directory>
</testsuite>
</testsuites>
<filter>
<whitelist>
<directory suffix=".php">./</directory>
<exclude>
<directory>./vendor</directory>
<directory>./Tests</directory>
<directory suffix="Test.php">./src</directory>
</exclude>
</whitelist>
</filter>
</phpunit>