--- /dev/null
+<?php
+
+namespace Shaarli;
+
+
+/**
+ * URL-safe Base64 operations
+ *
+ * @see https://en.wikipedia.org/wiki/Base64#URL_applications
+ */
+class Base64Url
+{
+ /**
+ * Base64Url-encodes data
+ *
+ * @param string $data Data to encode
+ *
+ * @return string Base64Url-encoded data
+ */
+ public static function encode($data) {
+ return rtrim(strtr(base64_encode($data), '+/', '-_'), '=');
+ }
+
+ /**
+ * Decodes Base64Url-encoded data
+ *
+ * @param string $data Data to decode
+ *
+ * @return string Decoded data
+ */
+ public static function decode($data) {
+ return base64_decode(str_pad(strtr($data, '-_', '+/'), strlen($data) % 4, '=', STR_PAD_RIGHT));
+ }
+}
<?php
-
namespace Shaarli\Api;
+use Shaarli\Base64Url;
use Shaarli\Api\Exceptions\ApiAuthorizationException;
/**
- * Class ApiUtils
- *
- * Utility functions for the API.
+ * REST API utilities
*/
class ApiUtils
{
throw new ApiAuthorizationException('Malformed JWT token');
}
- $genSign = hash_hmac('sha512', $parts[0] .'.'. $parts[1], $secret);
+ $genSign = Base64Url::encode(hash_hmac('sha512', $parts[0] .'.'. $parts[1], $secret, true));
if ($parts[2] != $genSign) {
throw new ApiAuthorizationException('Invalid JWT signature');
}
- $header = json_decode(base64_decode($parts[0]));
+ $header = json_decode(Base64Url::decode($parts[0]));
if ($header === null) {
throw new ApiAuthorizationException('Invalid JWT header');
}
- $payload = json_decode(base64_decode($parts[1]));
+ $payload = json_decode(Base64Url::decode($parts[1]));
if ($payload === null) {
throw new ApiAuthorizationException('Invalid JWT payload');
}
},
"autoload": {
"psr-4": {
+ "Shaarli\\": "application",
"Shaarli\\Api\\": "application/api/",
"Shaarli\\Api\\Controllers\\": "application/api/controllers",
"Shaarli\\Api\\Exceptions\\": "application/api/exceptions"
namespace Shaarli\Api;
+use Shaarli\Base64Url;
+
+
/**
* Class ApiUtilsTest
*/
*/
public static function generateValidJwtToken($secret)
{
- $header = base64_encode('{
+ $header = Base64Url::encode('{
"typ": "JWT",
"alg": "HS512"
}');
- $payload = base64_encode('{
+ $payload = Base64Url::encode('{
"iat": '. time() .'
}');
- $signature = hash_hmac('sha512', $header .'.'. $payload , $secret);
+ $signature = Base64Url::encode(hash_hmac('sha512', $header .'.'. $payload , $secret, true));
return $header .'.'. $payload .'.'. $signature;
}
*/
public static function generateCustomJwtToken($header, $payload, $secret)
{
- $header = base64_encode($header);
- $payload = base64_encode($payload);
- $signature = hash_hmac('sha512', $header . '.' . $payload, $secret);
+ $header = Base64Url::encode($header);
+ $payload = Base64Url::encode($payload);
+ $signature = Base64Url::encode(hash_hmac('sha512', $header . '.' . $payload, $secret, true));
return $header . '.' . $payload . '.' . $signature;
}