diff options
Diffstat (limited to 'Authentication/JWT.php')
| -rw-r--r-- | Authentication/JWT.php | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/Authentication/JWT.php b/Authentication/JWT.php index aa4995d..d82e2cc 100644 --- a/Authentication/JWT.php +++ b/Authentication/JWT.php @@ -65,10 +65,12 @@ class JWT if (empty($header->alg)) { throw new DomainException('Empty algorithm'); } - if (is_array($key) && !isset($header->kid)) { - throw new DomainException('"kid" empty, unable to lookup correct key'); - } elseif(is_array($key) && isset($header->kid)) { - $key = $key[$header->kid]; + if (is_array($key)) { + if(isset($header->kid)) { + $key = $key[$header->kid]; + } else { + throw new DomainException('"kid" empty, unable to lookup correct key'); + } } if (!JWT::verify("$headb64.$bodyb64", $sig, $key, $header->alg)) { throw new UnexpectedValueException('Signature verification failed'); @@ -116,7 +118,7 @@ class JWT * @param string $msg The message to sign * @param string|resource $key The secret key * @param string $method The signing algorithm. Supported - * algorithms are 'HS256', 'HS384' and 'HS512' + * algorithms are 'HS256', 'HS384', 'HS512' and 'RS256' * * @return string An encrypted message * @throws DomainException Unsupported algorithm was specified |