[Summary view] [Print] [Text view]

   1  <?php
   2  /**
   3   * This file is part of Lcobucci\JWT, a simple library to handle JWT and JWS
   4   *
   5   * @license http://opensource.org/licenses/BSD-3-Clause BSD-3-Clause
   6   */
   7  
   8  namespace Lcobucci\JWT;
   9  
  10  use DateTimeImmutable;
  11  use InvalidArgumentException;
  12  use Lcobucci\JWT\Parsing\Decoder;
  13  use Lcobucci\JWT\Token\DataSet;
  14  use Lcobucci\JWT\Token\InvalidTokenStructure;
  15  use Lcobucci\JWT\Token\RegisteredClaims;
  16  use Lcobucci\JWT\Token\UnsupportedHeaderFound;
  17  use RuntimeException;
  18  use function array_key_exists;
  19  use function is_array;
  20  
  21  /**
  22   * This class parses the JWT strings and convert them into tokens
  23   *
  24   * @author Luís Otávio Cobucci Oblonczyk <[email protected]>
  25   * @since 0.1.0
  26   */
  27  class Parser
  28  {
  29      /**
  30       * The data decoder
  31       *
  32       * @var Decoder
  33       */
  34      private $decoder;
  35  
  36      /**
  37       * Initializes the object
  38       *
  39       * @param Decoder $decoder
  40       */
  41      public function __construct(Decoder $decoder = null)
  42      {
  43          $this->decoder = $decoder ?: new Decoder();
  44      }
  45  
  46      /**
  47       * Parses the JWT and returns a token
  48       *
  49       * @param string $jwt
  50       *
  51       * @return Token
  52       *
  53       * @throws InvalidArgumentException  When JWT is not a string or is invalid.
  54       * @throws RuntimeException          When something goes wrong while decoding
  55       */
  56      public function parse($jwt)
  57      {
  58          $data = $this->splitJwt($jwt);
  59          $header = $this->parseHeader($data[0]);
  60          $claims = $this->parseClaims($data[1]);
  61          $signature = $this->parseSignature($header, $data[2]);
  62  
  63          foreach ($claims as $name => $value) {
  64              if (isset($header[$name])) {
  65                  $header[$name] = $value;
  66              }
  67          }
  68  
  69          return new Token(
  70              new DataSet($header, $data[0]),
  71              new DataSet($claims, $data[1]),
  72              $signature,
  73              ['', '']
  74          );
  75      }
  76  
  77      /**
  78       * Splits the JWT string into an array
  79       *
  80       * @param string $jwt
  81       *
  82       * @return array
  83       *
  84       * @throws InvalidArgumentException When JWT is not a string or is invalid
  85       */
  86      protected function splitJwt($jwt)
  87      {
  88          if (!is_string($jwt)) {
  89              throw InvalidTokenStructure::missingOrNotEnoughSeparators();
  90          }
  91  
  92          $data = explode('.', $jwt);
  93  
  94          if (count($data) != 3) {
  95              throw InvalidTokenStructure::missingOrNotEnoughSeparators();
  96          }
  97  
  98          return $data;
  99      }
 100  
 101      /**
 102       * Parses the header from a string
 103       *
 104       * @param string $data
 105       *
 106       * @return array
 107       *
 108       * @throws UnsupportedHeaderFound When an invalid header is informed
 109       */
 110      protected function parseHeader($data)
 111      {
 112          $header = (array) $this->decoder->jsonDecode($this->decoder->base64UrlDecode($data));
 113  
 114          if (isset($header['enc'])) {
 115              throw UnsupportedHeaderFound::encryption();
 116          }
 117  
 118          return $this->convertItems($header);
 119      }
 120  
 121      /**
 122       * Parses the claim set from a string
 123       *
 124       * @param string $data
 125       *
 126       * @return array
 127       */
 128      protected function parseClaims($data)
 129      {
 130          $claims = (array) $this->decoder->jsonDecode($this->decoder->base64UrlDecode($data));
 131  
 132          return $this->convertItems($claims);
 133      }
 134  
 135      /**
 136       * @param array<string, mixed> $items
 137       *
 138       * @return array<string, mixed>
 139       */
 140      private function convertItems(array $items)
 141      {
 142          foreach (RegisteredClaims::DATE_CLAIMS as $name) {
 143              if (! array_key_exists($name, $items)) {
 144                  continue;
 145              }
 146  
 147              $items[$name] = new DateTimeImmutable('@' . ((int) $items[$name]));
 148          }
 149  
 150          if (array_key_exists(RegisteredClaims::AUDIENCE, $items) && ! is_array($items[RegisteredClaims::AUDIENCE])) {
 151              $items[RegisteredClaims::AUDIENCE] = [$items[RegisteredClaims::AUDIENCE]];
 152          }
 153  
 154          return $items;
 155      }
 156  
 157      /**
 158       * Returns the signature from given data
 159       *
 160       * @param array $header
 161       * @param string $data
 162       *
 163       * @return Signature
 164       */
 165      protected function parseSignature(array $header, $data)
 166      {
 167          if ($data == '' || !isset($header['alg']) || $header['alg'] == 'none') {
 168              return Signature::fromEmptyData();
 169          }
 170  
 171          $hash = $this->decoder->base64UrlDecode($data);
 172  
 173          return new Signature($hash, $data);
 174      }
 175  }