Class to implement the JWT interface using the Firebase JWT library from https://github.com/firebase/php-jwt. More...

Inheritance diagram for ceLTIc\LTI\Jwt\FirebaseClient:

Public Member Functions
bool	hasJwt ()
	Check if a JWT is defined.

bool	isEncrypted ()
	Check if a JWT's content is encrypted.

bool	load (string $jwtString, ?string $privateKey=null)
	Load a JWT from a string.

array	getJweHeaders ()
	Get the value of the JWE headers.

bool	hasHeader (string $name)
	Check whether a JWT has a header with the specified name.

string null	getHeader (string $name, ?string $defaultValue=null)
	Get the value of the header with the specified name.

array object null	getHeaders ()
	Get the value of the headers.

bool	hasClaim (string $name)
	Check whether a JWT has a claim with the specified name.

int float string bool array object null	getClaim (string $name, int\|float\|string\|bool\|array\|object\|null $defaultValue=null)
	Get the value of the claim with the specified name.

array object null	getPayload ()
	Get the value of the payload.

bool	verify (?string $publicKey, ?string $jku=null)
	Verify the signature of the JWT.

bool	verifySignature (?string &$publicKey, ?string $jku=null)
	Verify the signature of the JWT.

Static Public Member Functions
static string[]	getSupportedAlgorithms ()
	Return an array of supported signature algorithms.

static array object null	getLastHeaders ()
	Get the value of the headers for the last signed JWT (before any encryption).

static array object null	getLastPayload ()
	Get the value of the payload for the last signed JWT (before any encryption).

static string	sign (array $payload, string $signatureMethod, string $privateKey, ?string $kid=null, ?string $jku=null, ?string $encryptionMethod=null, ?string $publicKey=null)
	Sign the JWT.

static string null	generateKey (string $signatureMethod='RS256')
	Generate a new private key in PEM format.

static string null	getPublicKey (string $privateKey)
	Get the public key for a private key.

static array	getJWKS (string $pemKey, string $signatureMethod, ?string $kid=null)
	Get the public JWKS from a key in PEM format.

Public Attributes
const	SUPPORTED_ALGORITHMS = ['RS256', 'RS384', 'RS512']
	Supported signature algorithms.

Detailed Description

Class to implement the JWT interface using the Firebase JWT library from https://github.com/firebase/php-jwt.

Author: Stephen P Vickers steph.nosp@m.en@s.nosp@m.pvsof.nosp@m.twar.nosp@m.eprod.nosp@m.ucts.nosp@m..com

Copyright: SPV Software Products

Licence: GNU Lesser General Public License, version 3 (<http://www.gnu.org/licenses/lgpl.html>)

Member Function Documentation

◆ generateKey()

static string null ceLTIc\LTI\Jwt\FirebaseClient::generateKey ( string $signatureMethod = 'RS256' )

static

Generate a new private key in PEM format.

Parameters

string $signatureMethod Signature method

Returns: string|null Key in PEM format

Implements ceLTIc\LTI\Jwt\ClientInterface.

◆ getClaim()

int float string bool array object null ceLTIc\LTI\Jwt\FirebaseClient::getClaim	(	string	$name,
		int\|float\|string\|bool\|array\|object\|null	$defaultValue = null )

Get the value of the claim with the specified name.

Parameters

string	$name	Claim name
int \| float \| string \| bool \| array \| object \| null	$defaultValue	Default value

Returns: int|float|string|bool|array|object|null The value of the claim with the specified name, or the default value if it does not exist

Implements ceLTIc\LTI\Jwt\ClientInterface.

References ceLTIc\LTI\Util\logDebug(), verify(), and verifySignature().

◆ getHeader()

string null ceLTIc\LTI\Jwt\FirebaseClient::getHeader	(	string	$name,
		?string	$defaultValue = null )

Get the value of the header with the specified name.

Parameters

string	$name	Header name
string \| null	$defaultValue	Default value

Returns: string|null The value of the header with the specified name, or the default value if it does not exist

Implements ceLTIc\LTI\Jwt\ClientInterface.

Referenced by getJWKS(), getLastPayload(), and verify().

◆ getHeaders()

array object null ceLTIc\LTI\Jwt\FirebaseClient::getHeaders ( )

Get the value of the headers.

Returns: array|object|null The value of the headers

Implements ceLTIc\LTI\Jwt\ClientInterface.

Referenced by getJweHeaders().

◆ getJweHeaders()

array ceLTIc\LTI\Jwt\FirebaseClient::getJweHeaders ( )

Get the value of the JWE headers.

Returns: array The value of the JWE headers

Implements ceLTIc\LTI\Jwt\ClientInterface.

References getHeaders().

◆ getJWKS()

static array ceLTIc\LTI\Jwt\FirebaseClient::getJWKS	(	string	$pemKey,
		string	$signatureMethod,
		?string	$kid = null )

static

Get the public JWKS from a key in PEM format.

Parameters

string	$pemKey	Private or public key in PEM format
string	$signatureMethod	Signature method
string \| null	$kid	Key ID (optional)

Returns: array JWKS keys

Implements ceLTIc\LTI\Jwt\ClientInterface.

References getHeader(), and ceLTIc\LTI\Util\jsonDecode().

◆ getLastHeaders()

static array object null ceLTIc\LTI\Jwt\FirebaseClient::getLastHeaders ( )

static

Get the value of the headers for the last signed JWT (before any encryption).

Returns: array|object|null The value of the headers

Implements ceLTIc\LTI\Jwt\ClientInterface.

References getPayload().

◆ getLastPayload()

static array object null ceLTIc\LTI\Jwt\FirebaseClient::getLastPayload ( )

static

Get the value of the payload for the last signed JWT (before any encryption).

Returns: array|object|null The value of the payload

Implements ceLTIc\LTI\Jwt\ClientInterface.

References getHeader().

◆ getPayload()

array object null ceLTIc\LTI\Jwt\FirebaseClient::getPayload ( )

Get the value of the payload.

Returns: array|object|null The value of the payload

Implements ceLTIc\LTI\Jwt\ClientInterface.

References ceLTIc\LTI\Util\jsonDecode(), and verifySignature().

Referenced by getLastHeaders().

◆ getPublicKey()

static string null ceLTIc\LTI\Jwt\FirebaseClient::getPublicKey ( string $privateKey )

static

Get the public key for a private key.

Parameters

string $privateKey Private key in PEM format

Returns: string|null Public key in PEM format

Implements ceLTIc\LTI\Jwt\ClientInterface.

◆ getSupportedAlgorithms()

static string[] ceLTIc\LTI\Jwt\FirebaseClient::getSupportedAlgorithms ( )

static

Return an array of supported signature algorithms.

Returns: string[] Array of algorithm names

Implements ceLTIc\LTI\Jwt\ClientInterface.

◆ hasClaim()

bool ceLTIc\LTI\Jwt\FirebaseClient::hasClaim ( string $name )

Check whether a JWT has a claim with the specified name.

Parameters

string $name Claim name

Returns: bool True if the JWT has a claim of the specified name

Implements ceLTIc\LTI\Jwt\ClientInterface.

◆ hasHeader()

bool ceLTIc\LTI\Jwt\FirebaseClient::hasHeader ( string $name )

Check whether a JWT has a header with the specified name.

Parameters

string $name Header name

Returns: bool True if the JWT has a header of the specified name

Implements ceLTIc\LTI\Jwt\ClientInterface.

◆ hasJwt()

bool ceLTIc\LTI\Jwt\FirebaseClient::hasJwt ( )

Check if a JWT is defined.

Returns: bool True if a JWT is defined

Implements ceLTIc\LTI\Jwt\ClientInterface.

◆ isEncrypted()

bool ceLTIc\LTI\Jwt\FirebaseClient::isEncrypted ( )

Check if a JWT's content is encrypted.

Returns: bool True if a JWT is encrypted

Implements ceLTIc\LTI\Jwt\ClientInterface.

◆ load()

bool ceLTIc\LTI\Jwt\FirebaseClient::load	(	string	$jwtString,
		?string	$privateKey = null )

Load a JWT from a string.

Parameters

string	$jwtString	JWT string
string \| null	$privateKey	Private key in PEM format for decrypting encrypted tokens (optional)

Returns: bool True if the JWT was successfully loaded

Implements ceLTIc\LTI\Jwt\ClientInterface.

◆ sign()

static string ceLTIc\LTI\Jwt\FirebaseClient::sign	(	array	$payload,
		string	$signatureMethod,
		string	$privateKey,
		?string	$kid = null,
		?string	$jku = null,
		?string	$encryptionMethod = null,
		?string	$publicKey = null )

static

Sign the JWT.

Parameters

array	$payload	Payload
string	$signatureMethod	Signature method
string	$privateKey	Private key in PEM format
string \| null	$kid	Key ID (optional)
string \| null	$jku	JSON Web Key URL (optional)
string \| null	$encryptionMethod	Encryption method (optional)
string \| null	$publicKey	Public key of recipient for content encryption (optional)

Returns: string Signed JWT

Exceptions

Exception

Implements ceLTIc\LTI\Jwt\ClientInterface.

◆ verify()

bool ceLTIc\LTI\Jwt\FirebaseClient::verify	(	?string	$publicKey,
		?string	$jku = null )

Verify the signature of the JWT.

Deprecated: Use verifySignature() instead

Parameters

string \| null	$publicKey	Public key of issuer
string \| null	$jku	JSON Web Key URL of issuer (optional)

Returns: bool True if the JWT has a valid signature

Implements ceLTIc\LTI\Jwt\ClientInterface.

References ceLTIc\LTI\Jwt\Jwt\$leeway, getHeader(), and ceLTIc\LTI\Util\logError().

Referenced by getClaim().

◆ verifySignature()

bool ceLTIc\LTI\Jwt\FirebaseClient::verifySignature	(	?string &	$publicKey,
		?string	$jku = null )

Verify the signature of the JWT.

If a new public key is fetched and used to successfully verify the signature, the value of the publicKey parameter is updated.

Parameters

string \| null	$publicKey	Public key of issuer (passed by reference)
string \| null	$jku	JSON Web Key URL of issuer (optional)

Returns: bool True if the JWT has a valid signature

Implements ceLTIc\LTI\Jwt\ClientInterface.

Referenced by getClaim(), and getPayload().

Member Data Documentation

◆ SUPPORTED_ALGORITHMS

const ceLTIc\LTI\Jwt\FirebaseClient::SUPPORTED_ALGORITHMS = ['RS256', 'RS384', 'RS512']

Supported signature algorithms.

Public Member Functions

Static Public Member Functions

Public Attributes

Detailed Description

Member Function Documentation

◆ generateKey()

◆ getClaim()

◆ getHeader()

◆ getHeaders()

◆ getJweHeaders()

◆ getJWKS()

◆ getLastHeaders()

◆ getLastPayload()

◆ getPayload()

◆ getPublicKey()

◆ getSupportedAlgorithms()

◆ hasClaim()

◆ hasHeader()

◆ hasJwt()

◆ isEncrypted()

◆ load()

◆ sign()

◆ verify()

◆ verifySignature()

Member Data Documentation

◆ SUPPORTED_ALGORITHMS