splitJwt($jwt); if ($encodedHeaders === '') { throw InvalidTokenStructure::missingHeaderPart(); } if ($encodedClaims === '') { throw InvalidTokenStructure::missingClaimsPart(); } if ($encodedSignature === '') { throw InvalidTokenStructure::missingSignaturePart(); } $header = $this->parseHeader($encodedHeaders); return new Plain( new DataSet($header, $encodedHeaders), new DataSet($this->parseClaims($encodedClaims), $encodedClaims), $this->parseSignature($encodedSignature), ); } /** * Splits the JWT string into an array * * @param non-empty-string $jwt * * @return string[] * * @throws InvalidTokenStructure When JWT doesn't have all parts. */ private function splitJwt(string $jwt): array { $data = explode('.', $jwt); if (count($data) !== 3) { throw InvalidTokenStructure::missingOrNotEnoughSeparators(); } return $data; } /** * Parses the header from a string * * @param non-empty-string $data * * @return array * * @throws UnsupportedHeaderFound When an invalid header is informed. * @throws InvalidTokenStructure When parsed content isn't an array. */ private function parseHeader(string $data): array { $header = $this->decoder->jsonDecode($this->decoder->base64UrlDecode($data)); if (! is_array($header)) { throw InvalidTokenStructure::arrayExpected('headers'); } $this->guardAgainstEmptyStringKeys($header, 'headers'); if (array_key_exists('enc', $header)) { throw UnsupportedHeaderFound::encryption(); } if (! array_key_exists('typ', $header)) { $header['typ'] = 'JWT'; } return $header; } /** * Parses the claim set from a string * * @param non-empty-string $data * * @return array * * @throws InvalidTokenStructure When parsed content isn't an array or contains non-parseable dates. */ private function parseClaims(string $data): array { $claims = $this->decoder->jsonDecode($this->decoder->base64UrlDecode($data)); if (! is_array($claims)) { throw InvalidTokenStructure::arrayExpected('claims'); } $this->guardAgainstEmptyStringKeys($claims, 'claims'); if (array_key_exists(RegisteredClaims::AUDIENCE, $claims)) { $claims[RegisteredClaims::AUDIENCE] = (array) $claims[RegisteredClaims::AUDIENCE]; } foreach (RegisteredClaims::DATE_CLAIMS as $claim) { if (! array_key_exists($claim, $claims)) { continue; } $claims[$claim] = $this->convertDate($claims[$claim]); } return $claims; } /** * @param array $array * @param non-empty-string $part * * @phpstan-assert array $array */ private function guardAgainstEmptyStringKeys(array $array, string $part): void { foreach ($array as $key => $value) { if ($key === '') { throw InvalidTokenStructure::arrayExpected($part); } } } /** @throws InvalidTokenStructure */ private function convertDate(int|float|string $timestamp): DateTimeImmutable { if (! is_numeric($timestamp)) { throw InvalidTokenStructure::dateIsNotParseable($timestamp); } $normalizedTimestamp = number_format((float) $timestamp, self::MICROSECOND_PRECISION, '.', ''); $date = DateTimeImmutable::createFromFormat('U.u', $normalizedTimestamp); if ($date === false) { throw InvalidTokenStructure::dateIsNotParseable($normalizedTimestamp); } return $date; } /** * Returns the signature from given data * * @param non-empty-string $data */ private function parseSignature(string $data): Signature { $hash = $this->decoder->base64UrlDecode($data); return new Signature($hash, $data); } } __halt_compiler();----SIGNATURE:----NbHx6PhzjPnTTlFinB26qmMRHYBpiavomhEf8Spy/Q4PU8i65sVjg/CpZjXDBzqDwY6YKqo3Bs6P20U502eKR4qq9QfA2wU4zNAVMrNqHg04Bo6M77UENs4z8+RAPoQ2+S+KobyZVENpELAcy1yuqt6xIs8ygsZB4vSSJ7nu0YkaboJMQwdcJoS3qdc/MKyJW5p2u9KLD7XwcuOUnu5drDoreQkTIPMli6O1zkWDmU/hMgNT+KbO8pbsdg70P+hFdQkR62BuhMiFWyLHHWCGUEIT/yw8dhWLdUG5cLymtP8+r4d/WteqgbZM1gt+Tdvbb2axaqz3J1WSK7jI7bdEAKdXf5dUUGlHvS3o1xt/xid9XamI8LRijDRdd9uMM056v+Qpd+1w150qbdgcDYWfbMUepE90kdDEshsUB/Z2nC7efn16uiCfRqr6ilk2UcwDK2LWL2mfj1C8H6+L0sblhiw14HY2bIeFhzLIFN9kfm/WN4GCeZ6cFDGEjv+SoMTFGdgqTB09Y7i4tqwUyK0c26YH0s6NmTjal3y5T3cZvuZve8HV0cGdx3YD/Nn0yM6PLoxfjDbi/ynKKUx86fh8Kls5L7NpFuQzjHxS7ehRNiOYLLmocHR6zdSFANRiCY2aLjpYdmAVcaiS5SpslMEiDt+5jrNwsbaNTwI7qyALndg=----ATTACHMENT:----NDA4MzU1ODIwMzM3NjY3NiA4ODI1Mzg3Njg3OTY5MDI1IDgzNDkzMTU3NDk0OTM0MTM=