ceLTIc\LTI\Jwt\WebTokenClient Class Reference

Class to implement the JWT interface using the Web Token JWT Framework library from https://web-token.spomky-labs.com. More...

Inheritance diagram for ceLTIc\LTI\Jwt\WebTokenClient:

Public Member Functions
bool	hasJwt ()
	Check if a JWT is defined.
bool	isEncrypted ()
	Check if a JWT's content is encrypted.
bool	load (string $jwtString, ?string $privateKey=null)
	Load a JWT from a string.
array	getJweHeaders ()
	Get the value of the JWE headers.
bool	hasHeader (string $name)
	Check whether a JWT has a header with the specified name.
string null	getHeader (string $name, ?string $defaultValue=null)
	Get the value of the header with the specified name.
array object null	getHeaders ()
	Get the value of the headers.
bool	hasClaim (string $name)
	Check whether a JWT has a claim with the specified name.
int float string bool array object null	getClaim (string $name, int|float|string|bool|array|object|null $defaultValue=null)
	Get the value of the claim with the specified name.
array object null	getPayload ()
	Get the value of the payload.
bool	verify (?string $publicKey, ?string $jku=null)
	Verify the signature of the JWT.
bool	verifySignature (?string &$publicKey, ?string $jku=null)
	Verify the signature of the JWT.

Static Public Member Functions
static string[]	getSupportedAlgorithms ()
	Return an array of supported signature algorithms.
static array object null	getLastHeaders ()
	Get the value of the headers for the last signed JWT (before any encryption).
static array object null	getLastPayload ()
	Get the value of the payload for the last signed JWT (before any encryption).
static string	sign (array $payload, string $signatureMethod, string $privateKey, ?string $kid=null, ?string $jku=null, ?string $encryptionMethod=null, ?string $publicKey=null)
	Sign the JWT.
static string null	generateKey (string $signatureMethod='RS256')
	Generate a new private key in PEM format.
static string null	getPublicKey (string $privateKey)
	Get the public key for a private key.
static array	getJWKS (string $pemKey, string $signatureMethod, ?string $kid=null)
	Get the public JWKS from a key in PEM format.

Public Attributes
const	SUPPORTED_ALGORITHMS = ['RS256', 'RS384', 'RS512']
	Supported signature algorithms.

Detailed Description

Class to implement the JWT interface using the Web Token JWT Framework library from https://web-token.spomky-labs.com.

Author

Stephen P Vickers steph.nosp@m.en@s.nosp@m.pvsof.nosp@m.twar.nosp@m.eprod.nosp@m.ucts.nosp@m..com

Copyright

SPV Software Products

Licence: GNU Lesser General Public License, version 3 (<http://www.gnu.org/licenses/lgpl.html>)

Member Function Documentation

generateKey()

static string null ceLTIc\LTI\Jwt\WebTokenClient::generateKey ( string $signatureMethod = 'RS256' )

static

Generate a new private key in PEM format.

Parameters

string

$signatureMethod

Signature method

Returns

string|null Key in PEM format

Implements ceLTIc\LTI\Jwt\ClientInterface.

getClaim()

int float string bool array object null ceLTIc\LTI\Jwt\WebTokenClient::getClaim	(	string	$name,
		int|float|string|bool|array|object|null	$defaultValue = null )

Get the value of the claim with the specified name.

Parameters

string	$name	Claim name
int | float | string | bool | array | object | null	$defaultValue	Default value

Returns

int|float|string|bool|array|object|null The value of the claim with the specified name, or the default value if it does not exist

Implements ceLTIc\LTI\Jwt\ClientInterface.

References ceLTIc\LTI\Util\logDebug(), verify(), and verifySignature().

Referenced by getHeaders().

getHeader()

string null ceLTIc\LTI\Jwt\WebTokenClient::getHeader	(	string	$name,
		?string	$defaultValue = null )

Get the value of the header with the specified name.

Parameters

string	$name	Header name
string | null	$defaultValue	Default value

Returns

string|null The value of the header with the specified name, or the default value if it does not exist

Implements ceLTIc\LTI\Jwt\ClientInterface.

Referenced by verify(), and verifySignature().

getHeaders()

array object null ceLTIc\LTI\Jwt\WebTokenClient::getHeaders

(

)

Get the value of the headers.

Returns

array|object|null The value of the headers

Implements ceLTIc\LTI\Jwt\ClientInterface.

References getClaim(), and hasClaim().

getJweHeaders()

array ceLTIc\LTI\Jwt\WebTokenClient::getJweHeaders

(

)

Get the value of the JWE headers.

Returns

array The value of the JWE headers

Implements ceLTIc\LTI\Jwt\ClientInterface.

getJWKS()

static array ceLTIc\LTI\Jwt\WebTokenClient::getJWKS ( string $pemKey, string $signatureMethod, ?string $kid = null )

static

Get the public JWKS from a key in PEM format.

Parameters

string	$pemKey	Private or public key in PEM format
string	$signatureMethod	Signature method
string | null	$kid	Key ID (optional)

Returns

array JWKS keys

Implements ceLTIc\LTI\Jwt\ClientInterface.

getLastHeaders()

static array object null ceLTIc\LTI\Jwt\WebTokenClient::getLastHeaders ( )

static

Get the value of the headers for the last signed JWT (before any encryption).

Returns

array|object|null The value of the headers

Implements ceLTIc\LTI\Jwt\ClientInterface.

References getPayload().

getLastPayload()

static array object null ceLTIc\LTI\Jwt\WebTokenClient::getLastPayload ( )

static

Get the value of the payload for the last signed JWT (before any encryption).

Returns

array|object|null The value of the payload

Implements ceLTIc\LTI\Jwt\ClientInterface.

References ceLTIc\LTI\Util\jsonDecode().

getPayload()

array object null ceLTIc\LTI\Jwt\WebTokenClient::getPayload

(

)

Get the value of the payload.

Returns

array|object|null The value of the payload

Implements ceLTIc\LTI\Jwt\ClientInterface.

References ceLTIc\LTI\Jwt\Jwt\$leeway, and verifySignature().

Referenced by getLastHeaders().

getPublicKey()

static string null ceLTIc\LTI\Jwt\WebTokenClient::getPublicKey ( string $privateKey )

static

Get the public key for a private key.

Parameters

string

$privateKey

Private key in PEM format

Returns

string|null Public key in PEM format

Implements ceLTIc\LTI\Jwt\ClientInterface.

getSupportedAlgorithms()

static string[] ceLTIc\LTI\Jwt\WebTokenClient::getSupportedAlgorithms ( )

static

Return an array of supported signature algorithms.

Returns

string[] Array of algorithm names

Implements ceLTIc\LTI\Jwt\ClientInterface.

hasClaim()

bool ceLTIc\LTI\Jwt\WebTokenClient::hasClaim

(

string

$name

)

Check whether a JWT has a claim with the specified name.

Parameters

string

$name

Claim name

Returns

bool True if the JWT has a claim of the specified name

Implements ceLTIc\LTI\Jwt\ClientInterface.

Referenced by getHeaders().

hasHeader()

bool ceLTIc\LTI\Jwt\WebTokenClient::hasHeader

(

string

$name

)

Check whether a JWT has a header with the specified name.

Parameters

string

$name

Header name

Returns

bool True if the JWT has a header of the specified name

Implements ceLTIc\LTI\Jwt\ClientInterface.

Referenced by verify().

hasJwt()

bool ceLTIc\LTI\Jwt\WebTokenClient::hasJwt

(

)

Check if a JWT is defined.

Returns

bool True if a JWT is defined

Implements ceLTIc\LTI\Jwt\ClientInterface.

isEncrypted()

bool ceLTIc\LTI\Jwt\WebTokenClient::isEncrypted

(

)

Check if a JWT's content is encrypted.

Returns

bool True if a JWT is encrypted

Implements ceLTIc\LTI\Jwt\ClientInterface.

load()

bool ceLTIc\LTI\Jwt\WebTokenClient::load	(	string	$jwtString,
		?string	$privateKey = null )

Load a JWT from a string.

Parameters

string	$jwtString	JWT string
string | null	$privateKey	Private key in PEM format for decrypting encrypted tokens (optional)

Returns

bool True if the JWT was successfully loaded

Implements ceLTIc\LTI\Jwt\ClientInterface.

sign()

static string ceLTIc\LTI\Jwt\WebTokenClient::sign ( array $payload, string $signatureMethod, string $privateKey, ?string $kid = null, ?string $jku = null, ?string $encryptionMethod = null, ?string $publicKey = null )

static

Sign the JWT.

Parameters

array	$payload	Payload
string	$signatureMethod	Signature method
string	$privateKey	Private key in PEM format
string | null	$kid	Key ID (optional)
string | null	$jku	JSON Web Key URL (optional)
string | null	$encryptionMethod	Encryption method (optional)
string | null	$publicKey	Public key of recipient for content encryption (optional)

Returns

string Signed JWT

Exceptions

Exception

Implements ceLTIc\LTI\Jwt\ClientInterface.

verify()

bool ceLTIc\LTI\Jwt\WebTokenClient::verify	(	?string	$publicKey,
		?string	$jku = null )

Verify the signature of the JWT.

Deprecated

Use verifySignature() instead

Parameters

string | null	$publicKey	Public key of issuer
string | null	$jku	JSON Web Key URL of issuer (optional)

Returns

bool True if the JWT has a valid signature

Implements ceLTIc\LTI\Jwt\ClientInterface.

References ceLTIc\LTI\Jwt\Jwt\$allowJkuHeader, getHeader(), and hasHeader().

Referenced by getClaim().

verifySignature()

bool ceLTIc\LTI\Jwt\WebTokenClient::verifySignature	(	?string &	$publicKey,
		?string	$jku = null )

Verify the signature of the JWT.

If a new public key is fetched and used to successfully verify the signature, the value of the publicKey parameter is updated.

Parameters

string | null	$publicKey	Public key of issuer (passed by reference)
string | null	$jku	JSON Web Key URL of issuer (optional)

Returns

bool True if the JWT has a valid signature

Implements ceLTIc\LTI\Jwt\ClientInterface.

References getHeader(), and ceLTIc\LTI\Util\jsonDecode().

Referenced by getClaim(), and getPayload().

Member Data Documentation

SUPPORTED_ALGORITHMS

const ceLTIc\LTI\Jwt\WebTokenClient::SUPPORTED_ALGORITHMS = ['RS256', 'RS384', 'RS512']

Supported signature algorithms.