noccy
/
php-simple-jwt
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity
php-simple-jwt/src/Validator/JWTValidator.php

84 lines
2.1 KiB
PHP
Raw Blame History

<?php
namespace NoccyLabs\SimpleJWT\Validator;
use NoccyLabs\SimpleJWT\JWTToken;
use NoccyLabs\SimpleJWT\Key\KeyInterface;
class JWTValidator
{
private $requireHeaders = [];
private $requireClaims = [];
private $requireIssuer = [];
private $requireAudience = [];
public function __construct()
{
$this->requireHeaders = [
'alg',
'typ',
];
}
public function addRequiredClaim(string $name)
{
if (!in_array($name, $this->requireClaims)) {
return;
}
$this->requireClaims[] = $name;
}
public function requireIssuer($issuer)
{
$this->requireIssuer = (array)$issuer;
}
public function requireAudience($audience)
{
$this->requireAudience = (array)$audience;
}
public function validateToken(JWTToken $token)
{
if (!$token->isValid()) {
throw new JWTTokenException("The token is not valid");
}
if (!$token->header->hasAll($this->requireHeaders)) {
throw new JWTHeaderException("The token is missing one or more required headers");
}
if (!$token->claims->hasAll($this->requireClaims)) {
throw new JWTHeaderException("The token is missing one or more required claims");
}
if ($this->requireIssuer) {
$hasIssuer = $token->header->has("iss");
if ((!$hasIssuer)
|| (!in_array($token->header->get("iss"), $this->requireIssuer)))
throw new JWTTokenException("Invalid issuer");
}
if ($this->requireAudience) {
$hasAudience = $token->header->has("aud");
if ((!$hasAudience)
|| (!in_array($token->header->get("aud"), $this->requireAudience)))
throw new JWTTokenException("Invalid audience");
}
return true;
}
public function validate(KeyInterface $key, string $raw)
{
$token = new JWTToken($key, $raw);
if ($this->validateToken($token)) {
return $token;
}
}
}
Reference in New Issue View Git Blame Copy Permalink