diff options
| author | Anant Narayanan <anant@kix.in> | 2013-04-03 16:17:10 -0700 |
|---|---|---|
| committer | Anant Narayanan <anant@kix.in> | 2013-04-03 16:17:10 -0700 |
| commit | 0d3b9be5ea490c05108458d69803f38d7fb3eaa7 (patch) | |
| tree | e31d5f971370f903d8d23cc92ce09a56aa25cb6e | |
| parent | 564878fccb6e1fac83d229ce1d3122fc3d915922 (diff) | |
| download | php-jwt-0d3b9be5ea490c05108458d69803f38d7fb3eaa7.zip php-jwt-0d3b9be5ea490c05108458d69803f38d7fb3eaa7.tar.gz php-jwt-0d3b9be5ea490c05108458d69803f38d7fb3eaa7.tar.bz2 | |
Fix warnings and errors reported by PHP_CodeSniffer
| -rw-r--r-- | Authentication/JWT.php | 106 |
1 files changed, 63 insertions, 43 deletions
diff --git a/Authentication/JWT.php b/Authentication/JWT.php index fb32df1..7a7b4a0 100644 --- a/Authentication/JWT.php +++ b/Authentication/JWT.php @@ -4,22 +4,41 @@ * JSON Web Token implementation, based on this spec: * http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-06 * - * @author Neuman Vong <neuman@twilio.com> - * @author Anant Narayanan <anant@php.net> + * PHP version 5 + * + * @category Authentication + * @package Authentication_JWT + * @author Neuman Vong <neuman@twilio.com> + * @author Anant Narayanan <anant@php.net> + * @license http://opensource.org/licenses/BSD-3-Clause 3-clause BSD + * @link https://github.com/firebase/php-jwt + */ +/** + * JSON Web Token implementation, based on this spec: + * http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-06 + * + * @category Authentication + * @package Authentication_JWT + * @author Neuman Vong <neuman@twilio.com> + * @author Anant Narayanan <anant@php.net> + * @license http://opensource.org/licenses/BSD-3-Clause 3-clause BSD + * @link https://github.com/firebase/php-jwt */ class JWT { /** * Decodes a JWT string into a PHP object. * - * @access public - * @param string $jwt The JWT - * @param string|null $key The secret key - * @param bool $verify Don't skip verification process + * @param string $jwt The JWT + * @param string|null $key The secret key + * @param bool $verify Don't skip verification process * - * @return object The JWT's payload as a PHP object - * @uses jsonDecode - * @uses urlsafeB64Decode + * @return object The JWT's payload as a PHP object + * @throws UnexpectedValueException Provided JWT was invalid + * @throws DomainException Algorithm was not provided + * + * @uses jsonDecode + * @uses urlsafeB64Decode */ public static function decode($jwt, $key = null, $verify = true) { @@ -27,11 +46,11 @@ class JWT if (count($tks) != 3) { throw new UnexpectedValueException('Wrong number of segments'); } - list($headb64, $payloadb64, $cryptob64) = $tks; + list($headb64, $bodyb64, $cryptob64) = $tks; if (null === ($header = JWT::jsonDecode(JWT::urlsafeB64Decode($headb64)))) { throw new UnexpectedValueException('Invalid segment encoding'); } - if (null === $payload = JWT::jsonDecode(JWT::urlsafeB64Decode($payloadb64))) { + if (null === $payload = JWT::jsonDecode(JWT::urlsafeB64Decode($bodyb64))) { throw new UnexpectedValueException('Invalid segment encoding'); } $sig = JWT::urlsafeB64Decode($cryptob64); @@ -39,7 +58,7 @@ class JWT if (empty($header->alg)) { throw new DomainException('Empty algorithm'); } - if ($sig != JWT::sign("$headb64.$payloadb64", $key, $header->alg)) { + if ($sig != JWT::sign("$headb64.$bodyb64", $key, $header->alg)) { throw new UnexpectedValueException('Signature verification failed'); } } @@ -49,14 +68,14 @@ class JWT /** * Converts and signs a PHP object or array into a JWT string. * - * @access public - * @param object|array $payload PHP object or array - * @param string $key The secret key - * @param string $algo The signing algorithm + * @param object|array $payload PHP object or array + * @param string $key The secret key + * @param string $algo The signing algorithm. Supported + * algorithms are 'HS256', 'HS384' and 'HS512' * - * @return string A signed JWT - * @uses jsonEncode - * @uses urlsafeB64Encode + * @return string A signed JWT + * @uses jsonEncode + * @uses urlsafeB64Encode */ public static function encode($payload, $key, $algo = 'HS256') { @@ -76,12 +95,13 @@ class JWT /** * Sign a string with a given key and algorithm. * - * @access public - * @param string $msg The message to sign - * @param string $key The secret key - * @param string $method The signing algorithm + * @param string $msg The message to sign + * @param string $key The secret key + * @param string $method The signing algorithm. Supported + * algorithms are 'HS256', 'HS384' and 'HS512' * - * @return string An encrypted message + * @return string An encrypted message + * @throws DomainException Unsupported algorithm was specified */ public static function sign($msg, $key, $method = 'HS256') { @@ -99,16 +119,16 @@ class JWT /** * Decode a JSON string into a PHP object. * - * @access public - * @param string $input JSON string + * @param string $input JSON string * - * @return object Object representation of JSON string + * @return object Object representation of JSON string + * @throws DomainException Provided string was invalid JSON */ public static function jsonDecode($input) { $obj = json_decode($input); if (function_exists('json_last_error') && $errno = json_last_error()) { - JWT::handleJsonError($errno); + JWT::_handleJsonError($errno); } else if ($obj === null && $input !== 'null') { throw new DomainException('Null result with non-null input'); } @@ -118,16 +138,16 @@ class JWT /** * Encode a PHP object into a JSON string. * - * @access public - * @param object|array $input A PHP object or array + * @param object|array $input A PHP object or array * - * @return string JSON representation of the PHP object or array + * @return string JSON representation of the PHP object or array + * @throws DomainException Provided object could not be encoded to valid JSON */ public static function jsonEncode($input) { $json = json_encode($input); if (function_exists('json_last_error') && $errno = json_last_error()) { - JWT::handleJsonError($errno); + JWT::_handleJsonError($errno); } else if ($json === 'null' && $input !== null) { throw new DomainException('Null result with non-null input'); } @@ -137,10 +157,9 @@ class JWT /** * Decode a string with URL-safe Base64. * - * @access public - * @param string $input A Base64 encoded string + * @param string $input A Base64 encoded string * - * @return string A decoded string + * @return string A decoded string */ public static function urlsafeB64Decode($input) { @@ -155,10 +174,9 @@ class JWT /** * Encode a string with URL-safe Base64. * - * @access public - * @param string $input The string you want encoded + * @param string $input The string you want encoded * - * @return string The base64 encode of what you passed in + * @return string The base64 encode of what you passed in */ public static function urlsafeB64Encode($input) { @@ -166,19 +184,21 @@ class JWT } /** - * @access private - * @param int $errno An error number from json_last_error() + * Helper method to create a JSON error. + * + * @param int $errno An error number from json_last_error() * - * @return void + * @return void */ - private static function handleJsonError($errno) + private static function _handleJsonError($errno) { $messages = array( JSON_ERROR_DEPTH => 'Maximum stack depth exceeded', JSON_ERROR_CTRL_CHAR => 'Unexpected control character found', JSON_ERROR_SYNTAX => 'Syntax error, malformed JSON' ); - throw new DomainException(isset($messages[$errno]) + throw new DomainException( + isset($messages[$errno]) ? $messages[$errno] : 'Unknown JSON error: ' . $errno ); |