- Added payload expiration time validation
This commit is contained in:
Dave Mc Nicoll
parent
d3bb2c248a
commit
23079e6040
|
|
@ -29,6 +29,9 @@ class JsonWebTokenDecoder
|
||||||
JsonWebTokenValidate::validateHeaderType($jsonArray);
|
JsonWebTokenValidate::validateHeaderType($jsonArray);
|
||||||
JsonWebTokenValidate::validateHeaderAlgorithm($jsonArray);
|
JsonWebTokenValidate::validateHeaderAlgorithm($jsonArray);
|
||||||
}
|
}
|
||||||
|
elseif ($key === 'payload') {
|
||||||
|
JsonWebTokenValidate::validatePayloadExpiration($jsonArray);
|
||||||
|
}
|
||||||
|
|
||||||
$this->$key = $jsonArray;
|
$this->$key = $jsonArray;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -26,6 +26,15 @@ abstract class JsonWebTokenValidate
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static function validatePayloadExpiration(array $payload) : void
|
||||||
|
{
|
||||||
|
if ( array_key_exists('exp', $payload) && ( $payload['exp'] < time() ) ) {
|
||||||
|
throw new JsonWebTokenDecodingError(
|
||||||
|
sprintf("Given token is expired (%s)", ( new \DateTime())->setTimestamp($payload['exp'])->format(\DateTime::ISO8601) )
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public static function validateSignature(string $alg, string $secret, string $encodedHeader, string $encodedPayload, string $encodedSignature) : void
|
public static function validateSignature(string $alg, string $secret, string $encodedHeader, string $encodedPayload, string $encodedSignature) : void
|
||||||
{
|
{
|
||||||
$algorithm = JsonWebTokenAlgorithmEnum::fromString($alg);
|
$algorithm = JsonWebTokenAlgorithmEnum::fromString($alg);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue