Showing 2 of 8 files from the diff.

@@ -86,4 +86,16 @@
Loading
86 86
    {
87 87
        return hash_equals($signature, $comparison);
88 88
    }
89 +
90 +
    /**
91 +
     * Check the alg claim is in the list of valid algorithms. These are the
92 +
     * valid digital signatures, MAC algorithms or "none" as
93 +
     * defined in RFC 7518.
94 +
     */
95 +
    public function algorithm(string $algorithm, array $additional): bool
96 +
    {
97 +
        $base = ["none", "HS256"];
98 +
99 +
        return in_array($algorithm, array_merge($base, $additional));
100 +
    }
89 101
}

@@ -134,6 +134,22 @@
Loading
134 134
        return $this;
135 135
    }
136 136
137 +
    /**
138 +
     * Validate the tokens alg claim is a valid digital signature or MAC
139 +
     * algorithm. Value can also be "none". See RFC 7518 for more details.
140 +
     */
141 +
    public function validateAlgorithm(): self
142 +
    {
143 +
        if (!$this->validate->algorithm($this->getAlgorithm(), [])) {
144 +
            throw new ValidateException(
145 +
                'Algorithm claim is not valid.',
146 +
                12
147 +
            );
148 +
        }
149 +
150 +
        return $this;
151 +
    }
152 +
137 153
    /**
138 154
     * Generate the Parsed Value Object. This method should be called last
139 155
     * after the relevant validate methods have been called.
@@ -258,6 +274,21 @@
Loading
258 274
        throw new ValidateException('Audience claim is not set.', 11);
259 275
    }
260 276
277 +
    /**
278 +
     * Retrieve the algorithm claim from the JWT.
279 +
     *
280 +
     * @return string
281 +
     * @throws ValidateException
282 +
     */
283 +
    private function getAlgorithm(): string
284 +
    {
285 +
        if (isset($this->decodeHeader()['alg'])) {
286 +
            return $this->decodeHeader()['alg'];
287 +
        }
288 +
289 +
        throw new ValidateException('Algorithm claim is not set.', 13);
290 +
    }
291 +
261 292
    /**
262 293
     * Decode the JWT header string to an associative array.
263 294
     *
Files Complexity Coverage
src 110 100.00%
Project Totals (9 files) 110 100.00%
Sunburst
The inner-most circle is the entire project, moving away from the center are folders then, finally, a single file. The size and color of each slice is representing the number of statements and the coverage, respectively.
Icicle
The top section represents the entire project. Proceeding with folders and finally individual files. The size and color of each slice is representing the number of statements and the coverage, respectively.
Grid
Each block represents a single file in the project. The size and color of each block is represented by the number of statements and the coverage, respectively.
Loading