diff options
| author | VirtualTam <virtualtam@flibidi.net> | 2017-01-04 11:41:05 +0100 |
|---|---|---|
| committer | VirtualTam <virtualtam@flibidi.net> | 2017-01-04 16:59:47 +0100 |
| commit | 7a9daac56dc64ec1ddb12adece3e1a8f71778cc7 (patch) | |
| tree | b92c37792e7af48e1da36686f1d722aaffb90a06 /composer.json | |
| parent | fc11ab2f290a3712b766d78fdbcd354625a35d0a (diff) | |
| download | Shaarli-7a9daac56dc64ec1ddb12adece3e1a8f71778cc7.tar.gz Shaarli-7a9daac56dc64ec1ddb12adece3e1a8f71778cc7.tar.zst Shaarli-7a9daac56dc64ec1ddb12adece3e1a8f71778cc7.zip | |
API: fix JWT signature verification
Fixes https://github.com/shaarli/Shaarli/issues/737
Added:
- Base64Url utilities
Fixed:
- use URL-safe Base64 encoding/decoding functions
- use byte representations for HMAC digests
- all JWT parts are Base64Url-encoded
See:
- https://en.wikipedia.org/wiki/JSON_Web_Token
- https://tools.ietf.org/html/rfc7519
- https://scotch.io/tutorials/the-anatomy-of-a-json-web-token
- https://jwt.io/introduction/
- https://en.wikipedia.org/wiki/Base64#URL_applications
- https://secure.php.net/manual/en/function.base64-encode.php#103849
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
Diffstat (limited to 'composer.json')
| -rw-r--r-- | composer.json | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/composer.json b/composer.json index cfbde1a0..2fed0df7 100644 --- a/composer.json +++ b/composer.json | |||
| @@ -24,6 +24,7 @@ | |||
| 24 | }, | 24 | }, |
| 25 | "autoload": { | 25 | "autoload": { |
| 26 | "psr-4": { | 26 | "psr-4": { |
| 27 | "Shaarli\\": "application", | ||
| 27 | "Shaarli\\Api\\": "application/api/", | 28 | "Shaarli\\Api\\": "application/api/", |
| 28 | "Shaarli\\Api\\Controllers\\": "application/api/controllers", | 29 | "Shaarli\\Api\\Controllers\\": "application/api/controllers", |
| 29 | "Shaarli\\Api\\Exceptions\\": "application/api/exceptions" | 30 | "Shaarli\\Api\\Exceptions\\": "application/api/exceptions" |