diff options
Diffstat (limited to 'application/api/ApiUtils.php')
-rw-r--r-- | application/api/ApiUtils.php | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/application/api/ApiUtils.php b/application/api/ApiUtils.php index d0242919..d4015865 100644 --- a/application/api/ApiUtils.php +++ b/application/api/ApiUtils.php | |||
@@ -1,13 +1,11 @@ | |||
1 | <?php | 1 | <?php |
2 | |||
3 | namespace Shaarli\Api; | 2 | namespace Shaarli\Api; |
4 | 3 | ||
4 | use Shaarli\Base64Url; | ||
5 | use Shaarli\Api\Exceptions\ApiAuthorizationException; | 5 | use Shaarli\Api\Exceptions\ApiAuthorizationException; |
6 | 6 | ||
7 | /** | 7 | /** |
8 | * Class ApiUtils | 8 | * REST API utilities |
9 | * | ||
10 | * Utility functions for the API. | ||
11 | */ | 9 | */ |
12 | class ApiUtils | 10 | class ApiUtils |
13 | { | 11 | { |
@@ -26,17 +24,17 @@ class ApiUtils | |||
26 | throw new ApiAuthorizationException('Malformed JWT token'); | 24 | throw new ApiAuthorizationException('Malformed JWT token'); |
27 | } | 25 | } |
28 | 26 | ||
29 | $genSign = hash_hmac('sha512', $parts[0] .'.'. $parts[1], $secret); | 27 | $genSign = Base64Url::encode(hash_hmac('sha512', $parts[0] .'.'. $parts[1], $secret, true)); |
30 | if ($parts[2] != $genSign) { | 28 | if ($parts[2] != $genSign) { |
31 | throw new ApiAuthorizationException('Invalid JWT signature'); | 29 | throw new ApiAuthorizationException('Invalid JWT signature'); |
32 | } | 30 | } |
33 | 31 | ||
34 | $header = json_decode(base64_decode($parts[0])); | 32 | $header = json_decode(Base64Url::decode($parts[0])); |
35 | if ($header === null) { | 33 | if ($header === null) { |
36 | throw new ApiAuthorizationException('Invalid JWT header'); | 34 | throw new ApiAuthorizationException('Invalid JWT header'); |
37 | } | 35 | } |
38 | 36 | ||
39 | $payload = json_decode(base64_decode($parts[1])); | 37 | $payload = json_decode(Base64Url::decode($parts[1])); |
40 | if ($payload === null) { | 38 | if ($payload === null) { |
41 | throw new ApiAuthorizationException('Invalid JWT payload'); | 39 | throw new ApiAuthorizationException('Invalid JWT payload'); |
42 | } | 40 | } |