ReallySimpleJWT/src/Tokens.php at 87ce57fcb13e0663966451952e36e1122cd06e1b · RobDWaller/ReallySimpleJWT · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
<?php

declare(strict_types=1);

namespace ReallySimpleJWT;

use ReallySimpleJWT\Helper\Validator;
use ReallySimpleJWT\Encoders\EncodeHS256;
use ReallySimpleJWT\Encoders\EncodeHS256Strong;
use ReallySimpleJWT\Exception\TokensException;
use ReallySimpleJWT\Exception\ValidateException;
use ReallySimpleJWT\Exception\JwtException;
use ReallySimpleJWT\Exception\ParsedException;

/**
 * Core factory and interface class for creating basic JSON Web Tokens.
 */
class Tokens
{
    /**
     * Factory method to return an instance of the Build class for creating new
     * JSON Web Tokens.
     */
    public function builder(string $secret, array $options): Build
    {
        return new Build(
            'JWT',
            new Validator(),
            new EncodeHS256Strong($secret, $options)
        );
    }

    /**
     * Factory method to return an instance of the Parse class for
     * parsing a JWT.
     */
    public function parser(string $token): Parse
    {
        return new Parse(
            new Jwt($token),
            new Decode()
        );
    }

    /**
     * Factory method to return an instance of the Validate class to validate
     * the structure, signature and claims data of a JWT.
     */
    public function validator(string $token, string $secret = ''): Validate
    {
        return new Validate(
            $this->parser($token)->parse(),
            new EncodeHS256($secret),
            new Validator()
        );
    }

    /**
     * Return the header claims data from a JWT.
     *
     * @return mixed[]
     */
    public function getHeader(string $token): array
    {
        try {
            $parser = $this->parser($token);
            return $parser->parse()->getHeader();
        } catch (JwtException $e) {
            return [];
        }
    }

    /**
     * Return the payload claims data from a JWT.
     *
     * @return mixed[]
     */
    public function getPayload(string $token): array
    {
        try {
            $parser = $this->parser($token);
            return $parser->parse()->getPayload();
        } catch (JwtException $e) {
            return [];
        }
    }

    /**
     * Create a basic JSON Web Token for a user, define the user key and id to
     * identify the user along with an expiration and issuer.
     *
     * @param string|int $userId
     */
    public function create(string $userKey, string|int $userId, string $secret, int $expiration, string $issuer, array $options): Jwt
    {
        $builder = $this->builder($secret, $options);

        return $builder->setPayloadClaim($userKey, $userId)
            ->setExpiration($expiration)
            ->setIssuer($issuer)
            ->setIssuedAt(time())
            ->build();
    }

    /**
     * Create a basic token based on an array of payload claims.
     * Format [string: mixed].
     *
     * @param mixed[] $payload
     */
    public function customPayload(array $payload, string $secret): Jwt
    {
        $builder = $this->builder($secret);

        foreach ($payload as $key => $value) {
            if (is_int($key)) {
                throw new TokensException('Invalid payload claim.', 8);
            }

            $builder->setPayloadClaim($key, $value);
        }

        return $builder->build();
    }

    /**
     * Validate the token structure and signature.
     */
    public function validate(string $token, string $secret): bool
    {
        try {
            $validate = $this->validator($token, $secret);
            $validate->algorithmNotNone()
                ->signature();
            return true;
        } catch (ValidateException $e) {
            return false;
        } catch (JwtException $e) {
            return false;
        }
    }

    /**
     * Validate the expiration claim of a token to see if it has expired. Will
     * return false if the expiration (exp) claim is not set.
     */
    public function validateExpiration(string $token): bool
    {
        $validate = $this->validator($token);

        try {
            $validate->expiration();
            return true;
        } catch (ValidateException $e) {
            return false;
        } catch (ParsedException $e) {
            return false;
        }
    }

    /**
     * Validate the not before claim of a token to see if it is ready to use.
     * Will return false if the not before (nbf) claim is not set.
     */
    public function validateNotBefore(string $token): bool
    {
        $validate = $this->validator($token);

        try {
            $validate->notBefore();
            return true;
        } catch (ValidateException $e) {
            return false;
        } catch (ParsedException $e) {
            return false;
        }
    }
}