summaryrefslogtreecommitdiffstats
path: root/vendor/web-token/jwt-signature/Serializer
diff options
context:
space:
mode:
authorAnton Luka Šijanec <anton@sijanec.eu>2022-01-11 12:35:47 +0100
committerAnton Luka Šijanec <anton@sijanec.eu>2022-01-11 12:35:47 +0100
commit19985dbb8c0aa66dc4bf7905abc1148de909097d (patch)
tree2cd5a5d20d7e80fc2a51adf60d838d8a2c40999e /vendor/web-token/jwt-signature/Serializer
download1ka-19985dbb8c0aa66dc4bf7905abc1148de909097d.tar
1ka-19985dbb8c0aa66dc4bf7905abc1148de909097d.tar.gz
1ka-19985dbb8c0aa66dc4bf7905abc1148de909097d.tar.bz2
1ka-19985dbb8c0aa66dc4bf7905abc1148de909097d.tar.lz
1ka-19985dbb8c0aa66dc4bf7905abc1148de909097d.tar.xz
1ka-19985dbb8c0aa66dc4bf7905abc1148de909097d.tar.zst
1ka-19985dbb8c0aa66dc4bf7905abc1148de909097d.zip
Diffstat (limited to '')
-rw-r--r--vendor/web-token/jwt-signature/Serializer/CompactSerializer.php97
-rw-r--r--vendor/web-token/jwt-signature/Serializer/JSONFlattenedSerializer.php109
-rw-r--r--vendor/web-token/jwt-signature/Serializer/JSONGeneralSerializer.php174
-rw-r--r--vendor/web-token/jwt-signature/Serializer/JWSSerializer.php42
-rw-r--r--vendor/web-token/jwt-signature/Serializer/JWSSerializerManager.php104
-rw-r--r--vendor/web-token/jwt-signature/Serializer/JWSSerializerManagerFactory.php64
-rw-r--r--vendor/web-token/jwt-signature/Serializer/Serializer.php22
7 files changed, 612 insertions, 0 deletions
diff --git a/vendor/web-token/jwt-signature/Serializer/CompactSerializer.php b/vendor/web-token/jwt-signature/Serializer/CompactSerializer.php
new file mode 100644
index 0000000..7e26d79
--- /dev/null
+++ b/vendor/web-token/jwt-signature/Serializer/CompactSerializer.php
@@ -0,0 +1,97 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Serializer;
+
+use Base64Url\Base64Url;
+use Jose\Component\Core\Converter\JsonConverter;
+use Jose\Component\Signature\JWS;
+
+final class CompactSerializer extends Serializer
+{
+ public const NAME = 'jws_compact';
+
+ /**
+ * @var JsonConverter
+ */
+ private $jsonConverter;
+
+ /**
+ * JSONFlattenedSerializer constructor.
+ */
+ public function __construct(?JsonConverter $jsonConverter = null)
+ {
+ $this->jsonConverter = $jsonConverter ?? new \Jose\Component\Core\Util\JsonConverter();
+ }
+
+ public function displayName(): string
+ {
+ return 'JWS Compact';
+ }
+
+ public function name(): string
+ {
+ return self::NAME;
+ }
+
+ public function serialize(JWS $jws, ?int $signatureIndex = null): string
+ {
+ if (null === $signatureIndex) {
+ $signatureIndex = 0;
+ }
+ $signature = $jws->getSignature($signatureIndex);
+ if (!empty($signature->getHeader())) {
+ throw new \LogicException('The signature contains unprotected header parameters and cannot be converted into compact JSON.');
+ }
+ if (!$this->isPayloadEncoded($signature->getProtectedHeader()) && !empty($jws->getEncodedPayload())) {
+ if (1 !== \preg_match('/^[\x{20}-\x{2d}|\x{2f}-\x{7e}]*$/u', $jws->getPayload())) {
+ throw new \LogicException('Unable to convert the JWS with non-encoded payload.');
+ }
+ }
+
+ return \sprintf(
+ '%s.%s.%s',
+ $signature->getEncodedProtectedHeader(),
+ $jws->getEncodedPayload(),
+ Base64Url::encode($signature->getSignature())
+ );
+ }
+
+ public function unserialize(string $input): JWS
+ {
+ $parts = \explode('.', $input);
+ if (3 !== \count($parts)) {
+ throw new \InvalidArgumentException('Unsupported input');
+ }
+
+ try {
+ $encodedProtectedHeader = $parts[0];
+ $protectedHeader = $this->jsonConverter->decode(Base64Url::decode($parts[0]));
+ if (empty($parts[1])) {
+ $payload = null;
+ $encodedPayload = null;
+ } else {
+ $encodedPayload = $parts[1];
+ $payload = $this->isPayloadEncoded($protectedHeader) ? Base64Url::decode($encodedPayload) : $encodedPayload;
+ }
+ $signature = Base64Url::decode($parts[2]);
+
+ $jws = JWS::create($payload, $encodedPayload, empty($parts[1]));
+ $jws = $jws->addSignature($signature, $protectedHeader, $encodedProtectedHeader);
+
+ return $jws;
+ } catch (\Error | \Exception $e) {
+ throw new \InvalidArgumentException('Unsupported input');
+ }
+ }
+}
diff --git a/vendor/web-token/jwt-signature/Serializer/JSONFlattenedSerializer.php b/vendor/web-token/jwt-signature/Serializer/JSONFlattenedSerializer.php
new file mode 100644
index 0000000..82b79ab
--- /dev/null
+++ b/vendor/web-token/jwt-signature/Serializer/JSONFlattenedSerializer.php
@@ -0,0 +1,109 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Serializer;
+
+use Base64Url\Base64Url;
+use Jose\Component\Core\Converter\JsonConverter;
+use Jose\Component\Signature\JWS;
+
+final class JSONFlattenedSerializer extends Serializer
+{
+ public const NAME = 'jws_json_flattened';
+
+ /**
+ * @var JsonConverter|\Jose\Component\Core\Util\JsonConverter|null
+ */
+ private $jsonConverter;
+
+ /**
+ * JSONFlattenedSerializer constructor.
+ */
+ public function __construct(?JsonConverter $jsonConverter = null)
+ {
+ $this->jsonConverter = $jsonConverter ?? new \Jose\Component\Core\Util\JsonConverter();
+ }
+
+ public function displayName(): string
+ {
+ return 'JWS JSON Flattened';
+ }
+
+ public function name(): string
+ {
+ return self::NAME;
+ }
+
+ public function serialize(JWS $jws, ?int $signatureIndex = null): string
+ {
+ if (null === $signatureIndex) {
+ $signatureIndex = 0;
+ }
+ $signature = $jws->getSignature($signatureIndex);
+
+ $data = [];
+ $values = [
+ 'payload' => $jws->getEncodedPayload(),
+ 'protected' => $signature->getEncodedProtectedHeader(),
+ 'header' => $signature->getHeader(),
+ ];
+
+ foreach ($values as $key => $value) {
+ if (!empty($value)) {
+ $data[$key] = $value;
+ }
+ }
+ $data['signature'] = Base64Url::encode($signature->getSignature());
+
+ return $this->jsonConverter->encode($data);
+ }
+
+ public function unserialize(string $input): JWS
+ {
+ $data = $this->jsonConverter->decode($input);
+ if (!\is_array($data) || !\array_key_exists('signature', $data)) {
+ throw new \InvalidArgumentException('Unsupported input.');
+ }
+
+ $signature = Base64Url::decode($data['signature']);
+
+ if (\array_key_exists('protected', $data)) {
+ $encodedProtectedHeader = $data['protected'];
+ $protectedHeader = $this->jsonConverter->decode(Base64Url::decode($data['protected']));
+ } else {
+ $encodedProtectedHeader = null;
+ $protectedHeader = [];
+ }
+ if (\array_key_exists('header', $data)) {
+ if (!\is_array($data['header'])) {
+ throw new \InvalidArgumentException('Bad header.');
+ }
+ $header = $data['header'];
+ } else {
+ $header = [];
+ }
+
+ if (\array_key_exists('payload', $data)) {
+ $encodedPayload = $data['payload'];
+ $payload = $this->isPayloadEncoded($protectedHeader) ? Base64Url::decode($encodedPayload) : $encodedPayload;
+ } else {
+ $payload = null;
+ $encodedPayload = null;
+ }
+
+ $jws = JWS::create($payload, $encodedPayload, null === $encodedPayload);
+ $jws = $jws->addSignature($signature, $protectedHeader, $encodedProtectedHeader, $header);
+
+ return $jws;
+ }
+}
diff --git a/vendor/web-token/jwt-signature/Serializer/JSONGeneralSerializer.php b/vendor/web-token/jwt-signature/Serializer/JSONGeneralSerializer.php
new file mode 100644
index 0000000..35958c6
--- /dev/null
+++ b/vendor/web-token/jwt-signature/Serializer/JSONGeneralSerializer.php
@@ -0,0 +1,174 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Serializer;
+
+use Base64Url\Base64Url;
+use Jose\Component\Core\Converter\JsonConverter;
+use Jose\Component\Signature\JWS;
+
+final class JSONGeneralSerializer extends Serializer
+{
+ public const NAME = 'jws_json_general';
+
+ /**
+ * @var \Jose\Component\Core\Util\JsonConverter
+ */
+ private $jsonConverter;
+
+ /**
+ * JSONFlattenedSerializer constructor.
+ */
+ public function __construct(?JsonConverter $jsonConverter = null)
+ {
+ $this->jsonConverter = $jsonConverter ?? new \Jose\Component\Core\Util\JsonConverter();
+ }
+
+ public function displayName(): string
+ {
+ return 'JWS JSON General';
+ }
+
+ public function name(): string
+ {
+ return self::NAME;
+ }
+
+ public function serialize(JWS $jws, ?int $signatureIndex = null): string
+ {
+ if (0 === $jws->countSignatures()) {
+ throw new \LogicException('No signature.');
+ }
+
+ $data = [];
+ $this->checkPayloadEncoding($jws);
+
+ if (false === $jws->isPayloadDetached()) {
+ $data['payload'] = $jws->getEncodedPayload();
+ }
+
+ $data['signatures'] = [];
+ foreach ($jws->getSignatures() as $signature) {
+ $tmp = ['signature' => Base64Url::encode($signature->getSignature())];
+ $values = [
+ 'protected' => $signature->getEncodedProtectedHeader(),
+ 'header' => $signature->getHeader(),
+ ];
+
+ foreach ($values as $key => $value) {
+ if (!empty($value)) {
+ $tmp[$key] = $value;
+ }
+ }
+ $data['signatures'][] = $tmp;
+ }
+
+ return $this->jsonConverter->encode($data);
+ }
+
+ private function checkData($data)
+ {
+ if (!\is_array($data) || !\array_key_exists('signatures', $data)) {
+ throw new \InvalidArgumentException('Unsupported input.');
+ }
+ }
+
+ private function checkSignature($signature)
+ {
+ if (!\is_array($signature) || !\array_key_exists('signature', $signature)) {
+ throw new \InvalidArgumentException('Unsupported input.');
+ }
+ }
+
+ public function unserialize(string $input): JWS
+ {
+ $data = $this->jsonConverter->decode($input);
+ $this->checkData($data);
+
+ $isPayloadEncoded = null;
+ $rawPayload = \array_key_exists('payload', $data) ? $data['payload'] : null;
+ $signatures = [];
+ foreach ($data['signatures'] as $signature) {
+ $this->checkSignature($signature);
+ list($encodedProtectedHeader, $protectedHeader, $header) = $this->processHeaders($signature);
+ $signatures[] = [
+ 'signature' => Base64Url::decode($signature['signature']),
+ 'protected' => $protectedHeader,
+ 'encoded_protected' => $encodedProtectedHeader,
+ 'header' => $header,
+ ];
+ $isPayloadEncoded = $this->processIsPayloadEncoded($isPayloadEncoded, $protectedHeader);
+ }
+
+ $payload = $this->processPayload($rawPayload, $isPayloadEncoded);
+ $jws = JWS::create($payload, $rawPayload);
+ foreach ($signatures as $signature) {
+ $jws = $jws->addSignature(
+ $signature['signature'],
+ $signature['protected'],
+ $signature['encoded_protected'],
+ $signature['header']
+ );
+ }
+
+ return $jws;
+ }
+
+ private function processIsPayloadEncoded(?bool $isPayloadEncoded, array $protectedHeader): bool
+ {
+ if (null === $isPayloadEncoded) {
+ return self::isPayloadEncoded($protectedHeader);
+ }
+ if ($this->isPayloadEncoded($protectedHeader) !== $isPayloadEncoded) {
+ throw new \InvalidArgumentException('Foreign payload encoding detected.');
+ }
+
+ return $isPayloadEncoded;
+ }
+
+ private function processHeaders(array $signature): array
+ {
+ $encodedProtectedHeader = \array_key_exists('protected', $signature) ? $signature['protected'] : null;
+ $protectedHeader = null !== $encodedProtectedHeader ? $this->jsonConverter->decode(Base64Url::decode($encodedProtectedHeader)) : [];
+ $header = \array_key_exists('header', $signature) ? $signature['header'] : [];
+
+ return [$encodedProtectedHeader, $protectedHeader, $header];
+ }
+
+ private function processPayload(?string $rawPayload, ?bool $isPayloadEncoded): ?string
+ {
+ if (null === $rawPayload) {
+ return null;
+ }
+
+ return false === $isPayloadEncoded ? $rawPayload : Base64Url::decode($rawPayload);
+ }
+
+ private function checkPayloadEncoding(JWS $jws)
+ {
+ if ($jws->isPayloadDetached()) {
+ return;
+ }
+ $is_encoded = null;
+ foreach ($jws->getSignatures() as $signature) {
+ if (null === $is_encoded) {
+ $is_encoded = $this->isPayloadEncoded($signature->getProtectedHeader());
+ }
+ if (false === $jws->isPayloadDetached()) {
+ if ($is_encoded !== $this->isPayloadEncoded($signature->getProtectedHeader())) {
+ throw new \LogicException('Foreign payload encoding detected.');
+ }
+ }
+ }
+ }
+}
diff --git a/vendor/web-token/jwt-signature/Serializer/JWSSerializer.php b/vendor/web-token/jwt-signature/Serializer/JWSSerializer.php
new file mode 100644
index 0000000..285aef4
--- /dev/null
+++ b/vendor/web-token/jwt-signature/Serializer/JWSSerializer.php
@@ -0,0 +1,42 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Serializer;
+
+use Jose\Component\Signature\JWS;
+
+interface JWSSerializer
+{
+ /**
+ * The name of the serialization.
+ */
+ public function name(): string;
+
+ public function displayName(): string;
+
+ /**
+ * Converts a JWS into a string.
+ *
+ * @throws \Exception
+ */
+ public function serialize(JWS $jws, ?int $signatureIndex = null): string;
+
+ /**
+ * Loads data and return a JWS object.
+ *
+ * @param string $input A string that represents a JWS
+ *
+ * @throws \Exception
+ */
+ public function unserialize(string $input): JWS;
+}
diff --git a/vendor/web-token/jwt-signature/Serializer/JWSSerializerManager.php b/vendor/web-token/jwt-signature/Serializer/JWSSerializerManager.php
new file mode 100644
index 0000000..198dfd1
--- /dev/null
+++ b/vendor/web-token/jwt-signature/Serializer/JWSSerializerManager.php
@@ -0,0 +1,104 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Serializer;
+
+use Jose\Component\Signature\JWS;
+
+class JWSSerializerManager
+{
+ /**
+ * @var JWSSerializer[]
+ */
+ private $serializers = [];
+
+ /**
+ * JWSSerializerManager constructor.
+ *
+ * @param JWSSerializer[] $serializers
+ */
+ public function __construct(array $serializers)
+ {
+ foreach ($serializers as $serializer) {
+ $this->add($serializer);
+ }
+ }
+
+ /**
+ * @deprecated Will be removed in v2.0. Please use constructor instead
+ *
+ * @param JWSSerializer[] $serializers
+ *
+ * @return JWSSerializerManager
+ */
+ public static function create(array $serializers): self
+ {
+ return new self($serializers);
+ }
+
+ /**
+ * @return JWSSerializerManager
+ */
+ private function add(JWSSerializer $serializer): self
+ {
+ $this->serializers[$serializer->name()] = $serializer;
+
+ return $this;
+ }
+
+ /**
+ * @return string[]
+ */
+ public function list(): array
+ {
+ return \array_keys($this->serializers);
+ }
+
+ /**
+ * Converts a JWS into a string.
+ *
+ * @throws \Exception
+ */
+ public function serialize(string $name, JWS $jws, ?int $signatureIndex = null): string
+ {
+ if (!\array_key_exists($name, $this->serializers)) {
+ throw new \InvalidArgumentException(\sprintf('Unsupported serializer "%s".', $name));
+ }
+
+ return ($this->serializers[$name])->serialize($jws, $signatureIndex);
+ }
+
+ /**
+ * Loads data and return a JWS object.
+ *
+ * @param string $input A string that represents a JWS
+ * @param string|null $name the name of the serializer if the input is unserialized
+ *
+ * @throws \Exception
+ */
+ public function unserialize(string $input, ?string &$name = null): JWS
+ {
+ foreach ($this->serializers as $serializer) {
+ try {
+ $jws = $serializer->unserialize($input);
+ $name = $serializer->name();
+
+ return $jws;
+ } catch (\InvalidArgumentException $e) {
+ continue;
+ }
+ }
+
+ throw new \InvalidArgumentException('Unsupported input.');
+ }
+}
diff --git a/vendor/web-token/jwt-signature/Serializer/JWSSerializerManagerFactory.php b/vendor/web-token/jwt-signature/Serializer/JWSSerializerManagerFactory.php
new file mode 100644
index 0000000..1b2c234
--- /dev/null
+++ b/vendor/web-token/jwt-signature/Serializer/JWSSerializerManagerFactory.php
@@ -0,0 +1,64 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Serializer;
+
+class JWSSerializerManagerFactory
+{
+ /**
+ * @var JWSSerializer[]
+ */
+ private $serializers = [];
+
+ /**
+ * @param string[] $names
+ */
+ public function create(array $names): JWSSerializerManager
+ {
+ $serializers = [];
+ foreach ($names as $name) {
+ if (!\array_key_exists($name, $this->serializers)) {
+ throw new \InvalidArgumentException(\sprintf('Unsupported serialiser "%s".', $name));
+ }
+ $serializers[] = $this->serializers[$name];
+ }
+
+ return JWSSerializerManager::create($serializers);
+ }
+
+ /**
+ * @return string[]
+ */
+ public function names(): array
+ {
+ return \array_keys($this->serializers);
+ }
+
+ /**
+ * @return JWSSerializer[]
+ */
+ public function all(): array
+ {
+ return $this->serializers;
+ }
+
+ /**
+ * @return JWSSerializerManagerFactory
+ */
+ public function add(JWSSerializer $serializer): self
+ {
+ $this->serializers[$serializer->name()] = $serializer;
+
+ return $this;
+ }
+}
diff --git a/vendor/web-token/jwt-signature/Serializer/Serializer.php b/vendor/web-token/jwt-signature/Serializer/Serializer.php
new file mode 100644
index 0000000..85636b6
--- /dev/null
+++ b/vendor/web-token/jwt-signature/Serializer/Serializer.php
@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2018 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license. See the LICENSE file for details.
+ */
+
+namespace Jose\Component\Signature\Serializer;
+
+abstract class Serializer implements JWSSerializer
+{
+ protected function isPayloadEncoded(array $protectedHeader): bool
+ {
+ return !\array_key_exists('b64', $protectedHeader) || true === $protectedHeader['b64'];
+ }
+}