aboutsummaryrefslogtreecommitdiffhomepage
path: root/application/api/ApiUtils.php
diff options
context:
space:
mode:
Diffstat (limited to 'application/api/ApiUtils.php')
-rw-r--r--application/api/ApiUtils.php12
1 files changed, 5 insertions, 7 deletions
diff --git a/application/api/ApiUtils.php b/application/api/ApiUtils.php
index d0242919..d4015865 100644
--- a/application/api/ApiUtils.php
+++ b/application/api/ApiUtils.php
@@ -1,13 +1,11 @@
1<?php 1<?php
2
3namespace Shaarli\Api; 2namespace Shaarli\Api;
4 3
4use Shaarli\Base64Url;
5use Shaarli\Api\Exceptions\ApiAuthorizationException; 5use Shaarli\Api\Exceptions\ApiAuthorizationException;
6 6
7/** 7/**
8 * Class ApiUtils 8 * REST API utilities
9 *
10 * Utility functions for the API.
11 */ 9 */
12class ApiUtils 10class ApiUtils
13{ 11{
@@ -26,17 +24,17 @@ class ApiUtils
26 throw new ApiAuthorizationException('Malformed JWT token'); 24 throw new ApiAuthorizationException('Malformed JWT token');
27 } 25 }
28 26
29 $genSign = hash_hmac('sha512', $parts[0] .'.'. $parts[1], $secret); 27 $genSign = Base64Url::encode(hash_hmac('sha512', $parts[0] .'.'. $parts[1], $secret, true));
30 if ($parts[2] != $genSign) { 28 if ($parts[2] != $genSign) {
31 throw new ApiAuthorizationException('Invalid JWT signature'); 29 throw new ApiAuthorizationException('Invalid JWT signature');
32 } 30 }
33 31
34 $header = json_decode(base64_decode($parts[0])); 32 $header = json_decode(Base64Url::decode($parts[0]));
35 if ($header === null) { 33 if ($header === null) {
36 throw new ApiAuthorizationException('Invalid JWT header'); 34 throw new ApiAuthorizationException('Invalid JWT header');
37 } 35 }
38 36
39 $payload = json_decode(base64_decode($parts[1])); 37 $payload = json_decode(Base64Url::decode($parts[1]));
40 if ($payload === null) { 38 if ($payload === null) {
41 throw new ApiAuthorizationException('Invalid JWT payload'); 39 throw new ApiAuthorizationException('Invalid JWT payload');
42 } 40 }