Skip to content

Commit 64de88d

Browse files
mevdscheemevdschee
committed
Add support for multiple keys as proposed in #544 
1 parent 6ff0e01 commit 64de88d

File tree

3 files changed

+50
-10
lines changed

3 files changed

+50
-10
lines changed

api.php

Lines changed: 25 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -6735,6 +6735,21 @@ protected function getArrayProperty(string $key, string $default): array
67356735
return array_filter(array_map('trim', explode(',', $this->getProperty($key, $default))));
67366736
}
67376737

6738+
protected function getMapProperty(string $key, string $default): array
6739+
{
6740+
$pairs = $this->getArrayProperty($key, $default);
6741+
$result = array();
6742+
foreach ($pairs as $pair) {
6743+
if (strpos($pair, ':')) {
6744+
list($k, $v) = explode(':', $pair, 2);
6745+
$result[trim($k)] = trim($v);
6746+
} else {
6747+
$result[] = trim($pair);
6748+
}
6749+
}
6750+
return $result;
6751+
}
6752+
67386753
protected function getProperty(string $key, $default)
67396754
{
67406755
return isset($this->properties[$key]) ? $this->properties[$key] : $default;
@@ -7582,7 +7597,7 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
75827597

75837598
class JwtAuthMiddleware extends Middleware
75847599
{
7585-
private function getVerifiedClaims(string $token, int $time, int $leeway, int $ttl, string $secret, array $requirements): array
7600+
private function getVerifiedClaims(string $token, int $time, int $leeway, int $ttl, array $secrets, array $requirements): array
75867601
{
75877602
$algorithms = array(
75887603
'HS256' => 'sha256',
@@ -7597,9 +7612,14 @@ private function getVerifiedClaims(string $token, int $time, int $leeway, int $t
75977612
return array();
75987613
}
75997614
$header = json_decode(base64_decode(strtr($token[0], '-_', '+/')), true);
7600-
if (!$secret) {
7615+
$kid = 0;
7616+
if (isset($header['kid'])) {
7617+
$kid = $header['kid'];
7618+
}
7619+
if (!$secrets[$kid]) {
76017620
return array();
76027621
}
7622+
$secret = $secrets[$kid];
76037623
if ($header['typ'] != 'JWT') {
76047624
return array();
76057625
}
@@ -7663,16 +7683,16 @@ private function getClaims(string $token): array
76637683
$time = (int) $this->getProperty('time', time());
76647684
$leeway = (int) $this->getProperty('leeway', '5');
76657685
$ttl = (int) $this->getProperty('ttl', '30');
7666-
$secret = $this->getProperty('secret', '');
7686+
$secrets = $this->getMapProperty('secrets', '');
76677687
$requirements = array(
76687688
'alg' => $this->getArrayProperty('algorithms', ''),
76697689
'aud' => $this->getArrayProperty('audiences', ''),
76707690
'iss' => $this->getArrayProperty('issuers', ''),
76717691
);
7672-
if (!$secret) {
7692+
if (!$secrets) {
76737693
return array();
76747694
}
7675-
return $this->getVerifiedClaims($token, $time, $leeway, $ttl, $secret, $requirements);
7695+
return $this->getVerifiedClaims($token, $time, $leeway, $ttl, $secrets, $requirements);
76767696
}
76777697

76787698
private function getAuthorizationToken(ServerRequestInterface $request): string

src/Tqdev/PhpCrudApi/Middleware/Base/Middleware.php

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,21 @@ protected function getArrayProperty(string $key, string $default): array
2424
return array_filter(array_map('trim', explode(',', $this->getProperty($key, $default))));
2525
}
2626

27+
protected function getMapProperty(string $key, string $default): array
28+
{
29+
$pairs = $this->getArrayProperty($key, $default);
30+
$result = array();
31+
foreach ($pairs as $pair) {
32+
if (strpos($pair, ':')) {
33+
list($k, $v) = explode(':', $pair, 2);
34+
$result[trim($k)] = trim($v);
35+
} else {
36+
$result[] = trim($pair);
37+
}
38+
}
39+
return $result;
40+
}
41+
2742
protected function getProperty(string $key, $default)
2843
{
2944
return isset($this->properties[$key]) ? $this->properties[$key] : $default;

src/Tqdev/PhpCrudApi/Middleware/JwtAuthMiddleware.php

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212

1313
class JwtAuthMiddleware extends Middleware
1414
{
15-
private function getVerifiedClaims(string $token, int $time, int $leeway, int $ttl, string $secret, array $requirements): array
15+
private function getVerifiedClaims(string $token, int $time, int $leeway, int $ttl, array $secrets, array $requirements): array
1616
{
1717
$algorithms = array(
1818
'HS256' => 'sha256',
@@ -27,9 +27,14 @@ private function getVerifiedClaims(string $token, int $time, int $leeway, int $t
2727
return array();
2828
}
2929
$header = json_decode(base64_decode(strtr($token[0], '-_', '+/')), true);
30-
if (!$secret) {
30+
$kid = 0;
31+
if (isset($header['kid'])) {
32+
$kid = $header['kid'];
33+
}
34+
if (!$secrets[$kid]) {
3135
return array();
3236
}
37+
$secret = $secrets[$kid];
3338
if ($header['typ'] != 'JWT') {
3439
return array();
3540
}
@@ -93,16 +98,16 @@ private function getClaims(string $token): array
9398
$time = (int) $this->getProperty('time', time());
9499
$leeway = (int) $this->getProperty('leeway', '5');
95100
$ttl = (int) $this->getProperty('ttl', '30');
96-
$secret = $this->getProperty('secret', '');
101+
$secrets = $this->getMapProperty('secrets', '');
97102
$requirements = array(
98103
'alg' => $this->getArrayProperty('algorithms', ''),
99104
'aud' => $this->getArrayProperty('audiences', ''),
100105
'iss' => $this->getArrayProperty('issuers', ''),
101106
);
102-
if (!$secret) {
107+
if (!$secrets) {
103108
return array();
104109
}
105-
return $this->getVerifiedClaims($token, $time, $leeway, $ttl, $secret, $requirements);
110+
return $this->getVerifiedClaims($token, $time, $leeway, $ttl, $secrets, $requirements);
106111
}
107112

108113
private function getAuthorizationToken(ServerRequestInterface $request): string

0 commit comments

Comments
 (0)