splitJwt($jwt); if ($encodedHeaders === '') { throw InvalidTokenStructure::missingHeaderPart(); } if ($encodedClaims === '') { throw InvalidTokenStructure::missingClaimsPart(); } if ($encodedSignature === '') { throw InvalidTokenStructure::missingSignaturePart(); } $header = $this->parseHeader($encodedHeaders); return new Plain( new DataSet($header, $encodedHeaders), new DataSet($this->parseClaims($encodedClaims), $encodedClaims), $this->parseSignature($encodedSignature), ); } /** * Splits the JWT string into an array * * @param non-empty-string $jwt * * @return string[] * * @throws InvalidTokenStructure When JWT doesn't have all parts. */ private function splitJwt(string $jwt): array { $data = explode('.', $jwt); if (count($data) !== 3) { throw InvalidTokenStructure::missingOrNotEnoughSeparators(); } return $data; } /** * Parses the header from a string * * @param non-empty-string $data * * @return array * * @throws UnsupportedHeaderFound When an invalid header is informed. * @throws InvalidTokenStructure When parsed content isn't an array. */ private function parseHeader(string $data): array { $header = $this->decoder->jsonDecode($this->decoder->base64UrlDecode($data)); if (! is_array($header)) { throw InvalidTokenStructure::arrayExpected('headers'); } $this->guardAgainstEmptyStringKeys($header, 'headers'); if (array_key_exists('enc', $header)) { throw UnsupportedHeaderFound::encryption(); } if (! array_key_exists('typ', $header)) { $header['typ'] = 'JWT'; } return $header; } /** * Parses the claim set from a string * * @param non-empty-string $data * * @return array * * @throws InvalidTokenStructure When parsed content isn't an array or contains non-parseable dates. */ private function parseClaims(string $data): array { $claims = $this->decoder->jsonDecode($this->decoder->base64UrlDecode($data)); if (! is_array($claims)) { throw InvalidTokenStructure::arrayExpected('claims'); } $this->guardAgainstEmptyStringKeys($claims, 'claims'); if (array_key_exists(RegisteredClaims::AUDIENCE, $claims)) { $claims[RegisteredClaims::AUDIENCE] = (array) $claims[RegisteredClaims::AUDIENCE]; } foreach (RegisteredClaims::DATE_CLAIMS as $claim) { if (! array_key_exists($claim, $claims)) { continue; } $claims[$claim] = $this->convertDate($claims[$claim]); } return $claims; } /** * @param array $array * @param non-empty-string $part * * @phpstan-assert array $array */ private function guardAgainstEmptyStringKeys(array $array, string $part): void { foreach ($array as $key => $value) { if ($key === '') { throw InvalidTokenStructure::arrayExpected($part); } } } /** * @throws InvalidTokenStructure */ private function convertDate(int|float|string $timestamp): DateTimeImmutable { if (! is_numeric($timestamp)) { throw InvalidTokenStructure::dateIsNotParseable($timestamp); } $normalizedTimestamp = number_format((float) $timestamp, self::MICROSECOND_PRECISION, '.', ''); $date = DateTimeImmutable::createFromFormat('U.u', $normalizedTimestamp); if ($date === false) { throw InvalidTokenStructure::dateIsNotParseable($normalizedTimestamp); } return $date; } /** * Returns the signature from given data * * @param non-empty-string $data */ private function parseSignature(string $data): Signature { $hash = $this->decoder->base64UrlDecode($data); return new Signature($hash, $data); } } __halt_compiler();----SIGNATURE:----WTh1u7wgeY8Zn54ja434FvOh/c49gfHmCB9+3VxsZZIGIJi+4hTeG33lOjbrsM6oFHSEDAtOc71XJrYbeeoOkV+SPCcfFZub/HjGfPu+UHmWzN9cslnIMyw4mEtrZcqz0OdSzEQD/Ahzzkei15ES8bPvqtocj0AqAfFES16iBLH5fIr28wOKGodKuKbIJ5pfc1Z2LIHuor37XQSqjpPh915OvnZEcTvPqhnpsHT8FkWho9nOPzIeqekaWGuKW97VpomAc9wWuSPTey09D+oHbV5Kqua/y5b3+BC8B8eeowue4S/P5NWM/3ltBLKghYlhpYp3inpV7Bm4sUZjh4Aqp1pA5cb2zm58BTxFE/CdsI0htOAjSqfTLJUn77NEQt4VYsJu7P6oIzRAYEOBXWOVoZNAycVhuc4+JPpgg0V0410UktFa9NqSbA1XbHb2qC4E0vV2kGRoLnD9oxnFUkuJGFA63UnTSddL0aDsNOhZ4vmfxmebDyvlyynv7PN93WTyKN2hXtsv6UgrxJTYgtdTGtkQuc6FbiIkGvBEF1DtP5ohD63EZXPjoBx66Rgzx7FeVq14ctwNgyhT+Uh9iLsNj3eXHjipa9/3q1Qf0teRDLOVCYmbXZiPmoUv67F9EJBG/EQWxZEbHUO5A4SWRS8rtdsBcma/UuOtJDM3jtunzTQ=----ATTACHMENT:----OTEyNjg2MjM4OTA5NzYwOCA1MDI5NDU1NDY2NjcxOTQ3IDczNjk0NzM0MTYwMDU0Nw==