ASWI - Pokročilé softwarové inženýrství » ASWI 2018 » Zobrazení dat o průjezdu vozidel (Plzeňský kraj) - Pivovar

# slozka s idea projektem

backend/.idea

APP_ENV=local

APP_DEBUG=true

APP_KEY=SomeRandomKey!!!

DB_CONNECTION=mysql

DB_HOST=localhost

DB_PORT=3306

DB_DATABASE=prujezd_vozidel

DB_USERNAME=aswi

DB_PASSWORD=aswi

CACHE_DRIVER=memcached

QUEUE_DRIVER=sync

# doba platnosti JWT v sekundach

JWT_DURATION=1800

# JWT iss parametr

JWT_ISS=aswi-doprava

JWT_SECRET=asdfkeylol

    public function headerTest(Request $request) {

        $authHeader = $request->header("jwt");

        if($authHeader != null) {

            return $authHeader;

        } else {

            return $request->header("jwt");

        }

    }

<?php

/**

 * Created by PhpStorm.

 * User: Zdenda

 * Date: 29.4.2018

 * Time: 10:20

 */

namespace App\Http\Controllers;

use \Firebase\JWT\JWT;

class TokenController extends Controller

{

    /**

     * Vygeneruje nový token pro JWT autorizaci.

     */

    public function generateToken() {

        $duration = env('JWT_DURATION', 1800);

        // parametry jwt

        $iat = time();

        $exp = $iat + $duration;

        $iss = env('JWT_ISS', 'aswi-doprava');

        // generovani tokenu

        $key = env('JWT_SECRET', '');

        $token = array(

            'iss' => $iss,

            'iat' => $iat,

            'exp' => $exp

        );

        $jwt = JWT::encode($token, $key);

        return $jwt;

    }

}

/**

 * Welcome endpoint.

 */

    return 'Welcome.';

//$app->get($apiUrlRoot.'devices/all', 'DeviceController@getAll');

/**

 * Vrati vsechna mesta.

 */

/**

 * Vygeneruje novy JWT s omezenou platnosti.

 */

$app->get($apiUrlRoot.'token', 'TokenController@generateToken');

// testovani

$app->get($apiUrlRoot.'header', 'DeviceController@headerTest');

        "vlucas/phpdotenv": "~2.2",

        "firebase/php-jwt": "^5.0"

    "hash": "d6efa3bd19563e064047d9b70e8a2752",

    "content-hash": "e59526fcb072b5d7e63b1eea55da3b4f",

        {

            "name": "firebase/php-jwt",

            "version": "v5.0.0",

            "source": {

                "type": "git",

                "url": "https://github.com/firebase/php-jwt.git",

                "reference": "9984a4d3a32ae7673d6971ea00bae9d0a1abba0e"

            },

            "dist": {

                "type": "zip",

                "url": "https://api.github.com/repos/firebase/php-jwt/zipball/9984a4d3a32ae7673d6971ea00bae9d0a1abba0e",

                "reference": "9984a4d3a32ae7673d6971ea00bae9d0a1abba0e",

                "shasum": ""

            },

            "require": {

                "php": ">=5.3.0"

            },

            "require-dev": {

                "phpunit/phpunit": " 4.8.35"

            },

            "type": "library",

            "autoload": {

                "psr-4": {

                    "Firebase\\JWT\\": "src"

                }

            },

            "notification-url": "https://packagist.org/downloads/",

            "license": [

                "BSD-3-Clause"

            ],

            "authors": [

                {

                    "name": "Neuman Vong",

                    "email": "neuman+pear@twilio.com",

                    "role": "Developer"

                },

                {

                    "name": "Anant Narayanan",

                    "email": "anant@php.net",

                    "role": "Developer"

                }

            ],

            "description": "A simple library to encode and decode JSON Web Tokens (JWT) in PHP. Should conform to the current spec.",

            "homepage": "https://github.com/firebase/php-jwt",

            "time": "2017-06-27 22:17:23"

        },

    'Firebase\\JWT\\' => array($vendorDir . '/firebase/php-jwt/src'),

            'Firebase\\JWT\\' => 13,

        'Firebase\\JWT\\' => 

        array (

            0 => __DIR__ . '/..' . '/firebase/php-jwt/src',

        ),

    },

    {

        "name": "firebase/php-jwt",

        "version": "v5.0.0",

        "version_normalized": "5.0.0.0",

        "source": {

            "type": "git",

            "url": "https://github.com/firebase/php-jwt.git",

            "reference": "9984a4d3a32ae7673d6971ea00bae9d0a1abba0e"

        },

        "dist": {

            "type": "zip",

            "url": "https://api.github.com/repos/firebase/php-jwt/zipball/9984a4d3a32ae7673d6971ea00bae9d0a1abba0e",

            "reference": "9984a4d3a32ae7673d6971ea00bae9d0a1abba0e",

            "shasum": ""

        },

        "require": {

            "php": ">=5.3.0"

        },

        "require-dev": {

            "phpunit/phpunit": " 4.8.35"

        },

        "time": "2017-06-27 22:17:23",

        "type": "library",

        "installation-source": "dist",

        "autoload": {

            "psr-4": {

                "Firebase\\JWT\\": "src"

            }

        },

        "notification-url": "https://packagist.org/downloads/",

        "license": [

            "BSD-3-Clause"

        ],

        "authors": [

            {

                "name": "Neuman Vong",

                "email": "neuman+pear@twilio.com",

                "role": "Developer"

            },

            {

                "name": "Anant Narayanan",

                "email": "anant@php.net",

                "role": "Developer"

            }

        ],

        "description": "A simple library to encode and decode JSON Web Tokens (JWT) in PHP. Should conform to the current spec.",

        "homepage": "https://github.com/firebase/php-jwt"

Copyright (c) 2011, Neuman Vong

All rights reserved.

Redistribution and use in source and binary forms, with or without

modification, are permitted provided that the following conditions are met:

    * Redistributions of source code must retain the above copyright

      notice, this list of conditions and the following disclaimer.

    * Redistributions in binary form must reproduce the above

      copyright notice, this list of conditions and the following

      disclaimer in the documentation and/or other materials provided

      with the distribution.

    * Neither the name of Neuman Vong nor the names of other

      contributors may be used to endorse or promote products derived

      from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS

"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT

LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR

A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT

OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT

LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,

DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY

THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT

(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE

OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

[![Build Status](https://travis-ci.org/firebase/php-jwt.png?branch=master)](https://travis-ci.org/firebase/php-jwt)

[![Latest Stable Version](https://poser.pugx.org/firebase/php-jwt/v/stable)](https://packagist.org/packages/firebase/php-jwt)

[![Total Downloads](https://poser.pugx.org/firebase/php-jwt/downloads)](https://packagist.org/packages/firebase/php-jwt)

[![License](https://poser.pugx.org/firebase/php-jwt/license)](https://packagist.org/packages/firebase/php-jwt)

PHP-JWT

=======

A simple library to encode and decode JSON Web Tokens (JWT) in PHP, conforming to [RFC 7519](https://tools.ietf.org/html/rfc7519).

Installation

------------

Use composer to manage your dependencies and download PHP-JWT:

```bash

composer require firebase/php-jwt

```

Example

-------

```php

<?php

use \Firebase\JWT\JWT;

$key = "example_key";

$token = array(

    "iss" => "http://example.org",

    "aud" => "http://example.com",

    "iat" => 1356999524,

    "nbf" => 1357000000

);

/**

 * IMPORTANT:

 * You must specify supported algorithms for your application. See

 * https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40

 * for a list of spec-compliant algorithms.

 */

$jwt = JWT::encode($token, $key);

$decoded = JWT::decode($jwt, $key, array('HS256'));

print_r($decoded);

/*

 NOTE: This will now be an object instead of an associative array. To get

 an associative array, you will need to cast it as such:

*/

$decoded_array = (array) $decoded;

/**

 * You can add a leeway to account for when there is a clock skew times between

 * the signing and verifying servers. It is recommended that this leeway should

 * not be bigger than a few minutes.

 *

 * Source: http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#nbfDef

 */

JWT::$leeway = 60; // $leeway in seconds

$decoded = JWT::decode($jwt, $key, array('HS256'));

?>

```

Example with RS256 (openssl)

----------------------------

```php

<?php

use \Firebase\JWT\JWT;

$privateKey = <<<EOD

-----BEGIN RSA PRIVATE KEY-----

MIICXAIBAAKBgQC8kGa1pSjbSYZVebtTRBLxBz5H4i2p/llLCrEeQhta5kaQu/Rn

vuER4W8oDH3+3iuIYW4VQAzyqFpwuzjkDI+17t5t0tyazyZ8JXw+KgXTxldMPEL9

5+qVhgXvwtihXC1c5oGbRlEDvDF6Sa53rcFVsYJ4ehde/zUxo6UvS7UrBQIDAQAB

AoGAb/MXV46XxCFRxNuB8LyAtmLDgi/xRnTAlMHjSACddwkyKem8//8eZtw9fzxz

bWZ/1/doQOuHBGYZU8aDzzj59FZ78dyzNFoF91hbvZKkg+6wGyd/LrGVEB+Xre0J

Nil0GReM2AHDNZUYRv+HYJPIOrB0CRczLQsgFJ8K6aAD6F0CQQDzbpjYdx10qgK1

cP59UHiHjPZYC0loEsk7s+hUmT3QHerAQJMZWC11Qrn2N+ybwwNblDKv+s5qgMQ5

5tNoQ9IfAkEAxkyffU6ythpg/H0Ixe1I2rd0GbF05biIzO/i77Det3n4YsJVlDck

ZkcvY3SK2iRIL4c9yY6hlIhs+K9wXTtGWwJBAO9Dskl48mO7woPR9uD22jDpNSwe

k90OMepTjzSvlhjbfuPN1IdhqvSJTDychRwn1kIJ7LQZgQ8fVz9OCFZ/6qMCQGOb

qaGwHmUK6xzpUbbacnYrIM6nLSkXgOAwv7XXCojvY614ILTK3iXiLBOxPu5Eu13k

eUz9sHyD6vkgZzjtxXECQAkp4Xerf5TGfQXGXhxIX52yH+N2LtujCdkQZjXAsGdm

B2zNzvrlgRmgBrklMTrMYgm1NPcW+bRLGcwgW2PTvNM=

-----END RSA PRIVATE KEY-----

EOD;

$publicKey = <<<EOD

-----BEGIN PUBLIC KEY-----

MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8kGa1pSjbSYZVebtTRBLxBz5H

4i2p/llLCrEeQhta5kaQu/RnvuER4W8oDH3+3iuIYW4VQAzyqFpwuzjkDI+17t5t

0tyazyZ8JXw+KgXTxldMPEL95+qVhgXvwtihXC1c5oGbRlEDvDF6Sa53rcFVsYJ4

ehde/zUxo6UvS7UrBQIDAQAB

-----END PUBLIC KEY-----

EOD;

$token = array(

    "iss" => "example.org",

    "aud" => "example.com",

    "iat" => 1356999524,

    "nbf" => 1357000000

);

$jwt = JWT::encode($token, $privateKey, 'RS256');

echo "Encode:\n" . print_r($jwt, true) . "\n";

$decoded = JWT::decode($jwt, $publicKey, array('RS256'));

/*

 NOTE: This will now be an object instead of an associative array. To get

 an associative array, you will need to cast it as such:

*/

$decoded_array = (array) $decoded;

echo "Decode:\n" . print_r($decoded_array, true) . "\n";

?>

```

Changelog

---------

#### 5.0.0 / 2017-06-26

- Support RS384 and RS512.

  See [#117](https://github.com/firebase/php-jwt/pull/117). Thanks [@joostfaassen](https://github.com/joostfaassen)!

- Add an example for RS256 openssl.

  See [#125](https://github.com/firebase/php-jwt/pull/125). Thanks [@akeeman](https://github.com/akeeman)!

- Detect invalid Base64 encoding in signature.

  See [#162](https://github.com/firebase/php-jwt/pull/162). Thanks [@psignoret](https://github.com/psignoret)!

- Update `JWT::verify` to handle OpenSSL errors.

  See [#159](https://github.com/firebase/php-jwt/pull/159). Thanks [@bshaffer](https://github.com/bshaffer)!

- Add `array` type hinting to `decode` method

  See [#101](https://github.com/firebase/php-jwt/pull/101). Thanks [@hywak](https://github.com/hywak)!

- Add all JSON error types.

  See [#110](https://github.com/firebase/php-jwt/pull/110). Thanks [@gbalduzzi](https://github.com/gbalduzzi)!

- Bugfix 'kid' not in given key list.

  See [#129](https://github.com/firebase/php-jwt/pull/129). Thanks [@stampycode](https://github.com/stampycode)!

- Miscellaneous cleanup, documentation and test fixes.

  See [#107](https://github.com/firebase/php-jwt/pull/107), [#115](https://github.com/firebase/php-jwt/pull/115),

  [#160](https://github.com/firebase/php-jwt/pull/160), [#161](https://github.com/firebase/php-jwt/pull/161), and

  [#165](https://github.com/firebase/php-jwt/pull/165). Thanks [@akeeman](https://github.com/akeeman),

  [@chinedufn](https://github.com/chinedufn), and [@bshaffer](https://github.com/bshaffer)!

#### 4.0.0 / 2016-07-17

- Add support for late static binding. See [#88](https://github.com/firebase/php-jwt/pull/88) for details. Thanks to [@chappy84](https://github.com/chappy84)!

- Use static `$timestamp` instead of `time()` to improve unit testing. See [#93](https://github.com/firebase/php-jwt/pull/93) for details. Thanks to [@josephmcdermott](https://github.com/josephmcdermott)!

- Fixes to exceptions classes. See [#81](https://github.com/firebase/php-jwt/pull/81) for details. Thanks to [@Maks3w](https://github.com/Maks3w)!

- Fixes to PHPDoc. See [#76](https://github.com/firebase/php-jwt/pull/76) for details. Thanks to [@akeeman](https://github.com/akeeman)!

#### 3.0.0 / 2015-07-22

- Minimum PHP version updated from `5.2.0` to `5.3.0`.

- Add `\Firebase\JWT` namespace. See

[#59](https://github.com/firebase/php-jwt/pull/59) for details. Thanks to

[@Dashron](https://github.com/Dashron)!

- Require a non-empty key to decode and verify a JWT. See

[#60](https://github.com/firebase/php-jwt/pull/60) for details. Thanks to

[@sjones608](https://github.com/sjones608)!

- Cleaner documentation blocks in the code. See

[#62](https://github.com/firebase/php-jwt/pull/62) for details. Thanks to

[@johanderuijter](https://github.com/johanderuijter)!

#### 2.2.0 / 2015-06-22

- Add support for adding custom, optional JWT headers to `JWT::encode()`. See

[#53](https://github.com/firebase/php-jwt/pull/53/files) for details. Thanks to

[@mcocaro](https://github.com/mcocaro)!

#### 2.1.0 / 2015-05-20

- Add support for adding a leeway to `JWT:decode()` that accounts for clock skew

between signing and verifying entities. Thanks to [@lcabral](https://github.com/lcabral)!

- Add support for passing an object implementing the `ArrayAccess` interface for

`$keys` argument in `JWT::decode()`. Thanks to [@aztech-dev](https://github.com/aztech-dev)!

#### 2.0.0 / 2015-04-01

- **Note**: It is strongly recommended that you update to > v2.0.0 to address

  known security vulnerabilities in prior versions when both symmetric and

  asymmetric keys are used together.

- Update signature for `JWT::decode(...)` to require an array of supported

  algorithms to use when verifying token signatures.

Tests

-----

Run the tests using phpunit:

```bash

$ pear install PHPUnit

$ phpunit --configuration phpunit.xml.dist

PHPUnit 3.7.10 by Sebastian Bergmann.

.....

Time: 0 seconds, Memory: 2.50Mb

OK (5 tests, 5 assertions)

```

New Lines in private keys

-----

If your private key contains `\n` characters, be sure to wrap it in double quotes `""`

and not single quotes `''` in order to properly interpret the escaped characters.

License

-------

[3-Clause BSD](http://opensource.org/licenses/BSD-3-Clause).

{

    "name": "firebase/php-jwt",

    "description": "A simple library to encode and decode JSON Web Tokens (JWT) in PHP. Should conform to the current spec.",

    "homepage": "https://github.com/firebase/php-jwt",

    "authors": [

        {

            "name": "Neuman Vong",

            "email": "neuman+pear@twilio.com",

            "role": "Developer"

        },

        {

            "name": "Anant Narayanan",

            "email": "anant@php.net",

            "role": "Developer"

        }

    ],

    "license": "BSD-3-Clause",

    "require": {

        "php": ">=5.3.0"

    },

    "autoload": {

        "psr-4": {

            "Firebase\\JWT\\": "src"

        }

    },

    "require-dev": {

        "phpunit/phpunit": " 4.8.35"

    }

}

<?php

namespace Firebase\JWT;

class BeforeValidException extends \UnexpectedValueException

{

}

<?php

namespace Firebase\JWT;

class ExpiredException extends \UnexpectedValueException

{

}

<?php

namespace Firebase\JWT;

use \DomainException;

use \InvalidArgumentException;

use \UnexpectedValueException;

use \DateTime;

/**

 * JSON Web Token implementation, based on this spec:

 * https://tools.ietf.org/html/rfc7519

 *

 * PHP version 5

 *

 * @category Authentication

 * @package  Authentication_JWT

 * @author   Neuman Vong <neuman@twilio.com>

 * @author   Anant Narayanan <anant@php.net>

 * @license  http://opensource.org/licenses/BSD-3-Clause 3-clause BSD

 * @link     https://github.com/firebase/php-jwt

 */

class JWT

{

    /**

     * When checking nbf, iat or expiration times,

     * we want to provide some extra leeway time to

     * account for clock skew.

     */

    public static $leeway = 0;

    /**

     * Allow the current timestamp to be specified.

     * Useful for fixing a value within unit testing.

     *

     * Will default to PHP time() value if null.

     */

    public static $timestamp = null;

    public static $supported_algs = array(

        'HS256' => array('hash_hmac', 'SHA256'),

        'HS512' => array('hash_hmac', 'SHA512'),

        'HS384' => array('hash_hmac', 'SHA384'),

        'RS256' => array('openssl', 'SHA256'),

        'RS384' => array('openssl', 'SHA384'),

        'RS512' => array('openssl', 'SHA512'),

    );

    /**

     * Decodes a JWT string into a PHP object.

     *

     * @param string        $jwt            The JWT

     * @param string|array  $key            The key, or map of keys.

     *                                      If the algorithm used is asymmetric, this is the public key

     * @param array         $allowed_algs   List of supported verification algorithms

     *                                      Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'

     *

     * @return object The JWT's payload as a PHP object

     *

     * @throws UnexpectedValueException     Provided JWT was invalid

     * @throws SignatureInvalidException    Provided JWT was invalid because the signature verification failed

     * @throws BeforeValidException         Provided JWT is trying to be used before it's eligible as defined by 'nbf'

     * @throws BeforeValidException         Provided JWT is trying to be used before it's been created as defined by 'iat'

     * @throws ExpiredException             Provided JWT has since expired, as defined by the 'exp' claim

     *

     * @uses jsonDecode

     * @uses urlsafeB64Decode

     */

    public static function decode($jwt, $key, array $allowed_algs = array())

    {

        $timestamp = is_null(static::$timestamp) ? time() : static::$timestamp;

        if (empty($key)) {

            throw new InvalidArgumentException('Key may not be empty');

        }

        $tks = explode('.', $jwt);

        if (count($tks) != 3) {

            throw new UnexpectedValueException('Wrong number of segments');

        }

        list($headb64, $bodyb64, $cryptob64) = $tks;

        if (null === ($header = static::jsonDecode(static::urlsafeB64Decode($headb64)))) {

            throw new UnexpectedValueException('Invalid header encoding');

        }

        if (null === $payload = static::jsonDecode(static::urlsafeB64Decode($bodyb64))) {

            throw new UnexpectedValueException('Invalid claims encoding');

        }

        if (false === ($sig = static::urlsafeB64Decode($cryptob64))) {

            throw new UnexpectedValueException('Invalid signature encoding');

        }

        if (empty($header->alg)) {

            throw new UnexpectedValueException('Empty algorithm');

        }

        if (empty(static::$supported_algs[$header->alg])) {

            throw new UnexpectedValueException('Algorithm not supported');

        }

        if (!in_array($header->alg, $allowed_algs)) {

            throw new UnexpectedValueException('Algorithm not allowed');

        }

        if (is_array($key) || $key instanceof \ArrayAccess) {

            if (isset($header->kid)) {

                if (!isset($key[$header->kid])) {

                    throw new UnexpectedValueException('"kid" invalid, unable to lookup correct key');

                }

                $key = $key[$header->kid];

            } else {

                throw new UnexpectedValueException('"kid" empty, unable to lookup correct key');

            }

        }

        // Check the signature

        if (!static::verify("$headb64.$bodyb64", $sig, $key, $header->alg)) {

            throw new SignatureInvalidException('Signature verification failed');

        }

        // Check if the nbf if it is defined. This is the time that the

        // token can actually be used. If it's not yet that time, abort.

        if (isset($payload->nbf) && $payload->nbf > ($timestamp + static::$leeway)) {

            throw new BeforeValidException(

                'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->nbf)

            );

        }

        // Check that this token has been created before 'now'. This prevents

        // using tokens that have been created for later use (and haven't

        // correctly used the nbf claim).

        if (isset($payload->iat) && $payload->iat > ($timestamp + static::$leeway)) {

            throw new BeforeValidException(

                'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->iat)

            );

        }

        // Check if this token has expired.

        if (isset($payload->exp) && ($timestamp - static::$leeway) >= $payload->exp) {

            throw new ExpiredException('Expired token');

        }

        return $payload;

    }

    /**

     * Converts and signs a PHP object or array into a JWT string.

     *

     * @param object|array  $payload    PHP object or array

     * @param string        $key        The secret key.

     *                                  If the algorithm used is asymmetric, this is the private key

     * @param string        $alg        The signing algorithm.

     *                                  Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'

     * @param mixed         $keyId

     * @param array         $head       An array with header elements to attach

     *

     * @return string A signed JWT

     *

     * @uses jsonEncode

     * @uses urlsafeB64Encode

     */

    public static function encode($payload, $key, $alg = 'HS256', $keyId = null, $head = null)

    {

        $header = array('typ' => 'JWT', 'alg' => $alg);

        if ($keyId !== null) {

            $header['kid'] = $keyId;

        }

        if ( isset($head) && is_array($head) ) {

            $header = array_merge($head, $header);

        }

        $segments = array();

        $segments[] = static::urlsafeB64Encode(static::jsonEncode($header));

        $segments[] = static::urlsafeB64Encode(static::jsonEncode($payload));

        $signing_input = implode('.', $segments);

        $signature = static::sign($signing_input, $key, $alg);

        $segments[] = static::urlsafeB64Encode($signature);

        return implode('.', $segments);

    }

    /**

     * Sign a string with a given key and algorithm.

     *

     * @param string            $msg    The message to sign

     * @param string|resource   $key    The secret key

     * @param string            $alg    The signing algorithm.

     *                                  Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'

     *

     * @return string An encrypted message

     *

     * @throws DomainException Unsupported algorithm was specified

     */

    public static function sign($msg, $key, $alg = 'HS256')

    {

        if (empty(static::$supported_algs[$alg])) {

            throw new DomainException('Algorithm not supported');

        }

        list($function, $algorithm) = static::$supported_algs[$alg];

        switch($function) {

            case 'hash_hmac':

                return hash_hmac($algorithm, $msg, $key, true);

            case 'openssl':

                $signature = '';

                $success = openssl_sign($msg, $signature, $key, $algorithm);

                if (!$success) {

                    throw new DomainException("OpenSSL unable to sign data");

                } else {

                    return $signature;

                }

        }

    }

    /**

     * Verify a signature with the message, key and method. Not all methods

     * are symmetric, so we must have a separate verify and sign method.

     *

     * @param string            $msg        The original message (header and body)

     * @param string            $signature  The original signature

     * @param string|resource   $key        For HS*, a string key works. for RS*, must be a resource of an openssl public key

     * @param string            $alg        The algorithm

     *

     * @return bool

     *

     * @throws DomainException Invalid Algorithm or OpenSSL failure

     */

    private static function verify($msg, $signature, $key, $alg)

    {

        if (empty(static::$supported_algs[$alg])) {

            throw new DomainException('Algorithm not supported');

        }

        list($function, $algorithm) = static::$supported_algs[$alg];

        switch($function) {

            case 'openssl':

                $success = openssl_verify($msg, $signature, $key, $algorithm);

                if ($success === 1) {

                    return true;

                } elseif ($success === 0) {

                    return false;

                }

                // returns 1 on success, 0 on failure, -1 on error.

                throw new DomainException(

                    'OpenSSL error: ' . openssl_error_string()

                );

            case 'hash_hmac':

            default:

                $hash = hash_hmac($algorithm, $msg, $key, true);

                if (function_exists('hash_equals')) {

                    return hash_equals($signature, $hash);

                }

                $len = min(static::safeStrlen($signature), static::safeStrlen($hash));

                $status = 0;

                for ($i = 0; $i < $len; $i++) {

                    $status |= (ord($signature[$i]) ^ ord($hash[$i]));

                }

                $status |= (static::safeStrlen($signature) ^ static::safeStrlen($hash));

                return ($status === 0);

        }

    }

    /**

     * Decode a JSON string into a PHP object.

     *

     * @param string $input JSON string

     *

     * @return object Object representation of JSON string

     *

     * @throws DomainException Provided string was invalid JSON

     */

    public static function jsonDecode($input)

    {

        if (version_compare(PHP_VERSION, '5.4.0', '>=') && !(defined('JSON_C_VERSION') && PHP_INT_SIZE > 4)) {

            /** In PHP >=5.4.0, json_decode() accepts an options parameter, that allows you

             * to specify that large ints (like Steam Transaction IDs) should be treated as

             * strings, rather than the PHP default behaviour of converting them to floats.

             */

            $obj = json_decode($input, false, 512, JSON_BIGINT_AS_STRING);

        } else {

            /** Not all servers will support that, however, so for older versions we must

             * manually detect large ints in the JSON string and quote them (thus converting

             *them to strings) before decoding, hence the preg_replace() call.

             */

            $max_int_length = strlen((string) PHP_INT_MAX) - 1;

            $json_without_bigints = preg_replace('/:\s*(-?\d{'.$max_int_length.',})/', ': "$1"', $input);

            $obj = json_decode($json_without_bigints);

        }

        if (function_exists('json_last_error') && $errno = json_last_error()) {

            static::handleJsonError($errno);

        } elseif ($obj === null && $input !== 'null') {

            throw new DomainException('Null result with non-null input');

        }

        return $obj;

    }

    /**

     * Encode a PHP object into a JSON string.

     *

     * @param object|array $input A PHP object or array

     *

     * @return string JSON representation of the PHP object or array

     *

     * @throws DomainException Provided object could not be encoded to valid JSON

     */

    public static function jsonEncode($input)

    {

        $json = json_encode($input);

        if (function_exists('json_last_error') && $errno = json_last_error()) {

            static::handleJsonError($errno);

        } elseif ($json === 'null' && $input !== null) {

            throw new DomainException('Null result with non-null input');

        }

        return $json;

    }

    /**

     * Decode a string with URL-safe Base64.

     *

     * @param string $input A Base64 encoded string

     *

     * @return string A decoded string

     */

    public static function urlsafeB64Decode($input)

    {

        $remainder = strlen($input) % 4;

        if ($remainder) {

            $padlen = 4 - $remainder;

            $input .= str_repeat('=', $padlen);

        }

        return base64_decode(strtr($input, '-_', '+/'));

    }

    /**

     * Encode a string with URL-safe Base64.

     *

     * @param string $input The string you want encoded

     *

     * @return string The base64 encode of what you passed in

     */

    public static function urlsafeB64Encode($input)

    {

        return str_replace('=', '', strtr(base64_encode($input), '+/', '-_'));

    }

    /**

     * Helper method to create a JSON error.

     *

     * @param int $errno An error number from json_last_error()

     *

     * @return void

     */

    private static function handleJsonError($errno)

    {

        $messages = array(

            JSON_ERROR_DEPTH => 'Maximum stack depth exceeded',

            JSON_ERROR_STATE_MISMATCH => 'Invalid or malformed JSON',

            JSON_ERROR_CTRL_CHAR => 'Unexpected control character found',

            JSON_ERROR_SYNTAX => 'Syntax error, malformed JSON',

            JSON_ERROR_UTF8 => 'Malformed UTF-8 characters' //PHP >= 5.3.3

        );

        throw new DomainException(

            isset($messages[$errno])

            ? $messages[$errno]

            : 'Unknown JSON error: ' . $errno

        );

    }

    /**

     * Get the number of bytes in cryptographic strings.

     *

     * @param string

     *

     * @return int

     */

    private static function safeStrlen($str)

    {

        if (function_exists('mb_strlen')) {

            return mb_strlen($str, '8bit');

        }

        return strlen($str);

    }

}

<?php

namespace Firebase\JWT;

class SignatureInvalidException extends \UnexpectedValueException

{

}