diff --git a/CHANGELOG.md b/CHANGELOG.md index 3f6fe2d..41a2cef 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,9 @@ All notable changes to this project will be documented in this file. ## Unreleased +- Changed: Split `SimpleJWT\Crypt` namespace into multiple namespaces, one + for each algorithm type (#60) +- Changed: `JWT` and `JWE` now derives from a common parent class `Token` - Deprecated: Helper::getObject() and Helper::getJWTObject() have been replaced by Helper::decode() and Helper::decodeFully() respectively, and will be removed in future versions diff --git a/src/SimpleJWT/Crypt/AlgorithmFactory.php b/src/SimpleJWT/Crypt/AlgorithmFactory.php index 8bd0b04..375cf4a 100644 --- a/src/SimpleJWT/Crypt/AlgorithmFactory.php +++ b/src/SimpleJWT/Crypt/AlgorithmFactory.php @@ -48,31 +48,31 @@ class AlgorithmFactory { /** @var array $alg_map */ static $alg_map = [ // Signature algorithms - '/^ES\d+$/' => 'SimpleJWT\Crypt\OpenSSLSig', - '/^ES256K$/' => 'SimpleJWT\Crypt\OpenSSLSig', - '/^RS\d+$/' => 'SimpleJWT\Crypt\OpenSSLSig', - '/^HS\d+$/' => 'SimpleJWT\Crypt\HMAC', + '/^ES\d+$/' => 'SimpleJWT\Crypt\Signature\OpenSSLSig', + '/^ES256K$/' => 'SimpleJWT\Crypt\Signature\OpenSSLSig', + '/^RS\d+$/' => 'SimpleJWT\Crypt\Signature\OpenSSLSig', + '/^HS\d+$/' => 'SimpleJWT\Crypt\Signature\HMAC', // Key management algorithms (derivation or encryption) - '/^dir$/' => 'SimpleJWT\Crypt\DirectEncryption', - '/^RSA1_5$/' => 'SimpleJWT\Crypt\RSAES', - '/^RSA-OAEP$/' => 'SimpleJWT\Crypt\RSAES', - '/^RSA-OAEP-256$/' => 'SimpleJWT\Crypt\RSAES', - '/^A\d+KW$/' => 'SimpleJWT\Crypt\AESKeyWrap', - '/^PBES2-HS\d+\\+A\d+KW$/' => 'SimpleJWT\Crypt\PBES2', - '/^ECDH-ES$/' => 'SimpleJWT\Crypt\ECDH', - '/^ECDH-ES\\+A\d+KW$/' => 'SimpleJWT\Crypt\ECDH_AESKeyWrap', + '/^dir$/' => 'SimpleJWT\Crypt\KeyManagement\DirectEncryption', + '/^RSA1_5$/' => 'SimpleJWT\Crypt\KeyManagement\RSAES', + '/^RSA-OAEP$/' => 'SimpleJWT\Crypt\KeyManagement\RSAES', + '/^RSA-OAEP-256$/' => 'SimpleJWT\Crypt\KeyManagement\RSAES', + '/^A\d+KW$/' => 'SimpleJWT\Crypt\KeyManagement\AESKeyWrap', + '/^PBES2-HS\d+\\+A\d+KW$/' => 'SimpleJWT\Crypt\KeyManagement\PBES2', + '/^ECDH-ES$/' => 'SimpleJWT\Crypt\KeyManagement\ECDH', + '/^ECDH-ES\\+A\d+KW$/' => 'SimpleJWT\Crypt\KeyManagement\ECDH_AESKeyWrap', // Content encryption algorithms - '/^A\d+CBC-HS\d+$/' => 'SimpleJWT\Crypt\AESCBC_HMACSHA2', - '/^A\d+GCM$/' => 'SimpleJWT\Crypt\AESGCM' + '/^A\d+CBC-HS\d+$/' => 'SimpleJWT\Crypt\Encryption\AESCBC_HMACSHA2', + '/^A\d+GCM$/' => 'SimpleJWT\Crypt\Encryption\AESGCM' ]; /** @var array $use_map */ private static $use_map = [ - Algorithm::SIGNATURE_ALGORITHM => 'SimpleJWT\Crypt\SignatureAlgorithm', - Algorithm::ENCRYPTION_ALGORITHM => 'SimpleJWT\Crypt\EncryptionAlgorithm', - Algorithm::KEY_ALGORITHM => 'SimpleJWT\Crypt\KeyManagementAlgorithm' + Algorithm::SIGNATURE_ALGORITHM => 'SimpleJWT\Crypt\Signature\SignatureAlgorithm', + Algorithm::ENCRYPTION_ALGORITHM => 'SimpleJWT\Crypt\Encryption\EncryptionAlgorithm', + Algorithm::KEY_ALGORITHM => 'SimpleJWT\Crypt\KeyManagement\KeyManagementAlgorithm' ]; /** @@ -141,7 +141,7 @@ static public function getSupportedAlgs($use) { * @return void */ static public function addNoneAlg() { - self::$alg_map['/^none$/'] = 'SimpleJWT\Crypt\None'; + self::$alg_map['/^none$/'] = 'SimpleJWT\Crypt\Signature\None'; } /** diff --git a/src/SimpleJWT/Crypt/AESCBC_HMACSHA2.php b/src/SimpleJWT/Crypt/Encryption/AESCBC_HMACSHA2.php similarity index 97% rename from src/SimpleJWT/Crypt/AESCBC_HMACSHA2.php rename to src/SimpleJWT/Crypt/Encryption/AESCBC_HMACSHA2.php index 9bfa9fe..2baa6ab 100644 --- a/src/SimpleJWT/Crypt/AESCBC_HMACSHA2.php +++ b/src/SimpleJWT/Crypt/Encryption/AESCBC_HMACSHA2.php @@ -33,8 +33,10 @@ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -namespace SimpleJWT\Crypt; +namespace SimpleJWT\Crypt\Encryption; +use SimpleJWT\Crypt\Algorithm; +use SimpleJWT\Crypt\CryptException; use SimpleJWT\Util\Util; /** diff --git a/src/SimpleJWT/Crypt/AESGCM.php b/src/SimpleJWT/Crypt/Encryption/AESGCM.php similarity index 97% rename from src/SimpleJWT/Crypt/AESGCM.php rename to src/SimpleJWT/Crypt/Encryption/AESGCM.php index 936dfd2..22108d5 100644 --- a/src/SimpleJWT/Crypt/AESGCM.php +++ b/src/SimpleJWT/Crypt/Encryption/AESGCM.php @@ -33,8 +33,10 @@ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -namespace SimpleJWT\Crypt; +namespace SimpleJWT\Crypt\Encryption; +use SimpleJWT\Crypt\Algorithm; +use SimpleJWT\Crypt\CryptException; use SimpleJWT\Util\Util; /** diff --git a/src/SimpleJWT/Crypt/EncryptionAlgorithm.php b/src/SimpleJWT/Crypt/Encryption/EncryptionAlgorithm.php similarity index 98% rename from src/SimpleJWT/Crypt/EncryptionAlgorithm.php rename to src/SimpleJWT/Crypt/Encryption/EncryptionAlgorithm.php index d43d6fb..410d56e 100644 --- a/src/SimpleJWT/Crypt/EncryptionAlgorithm.php +++ b/src/SimpleJWT/Crypt/Encryption/EncryptionAlgorithm.php @@ -33,7 +33,9 @@ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -namespace SimpleJWT\Crypt; +namespace SimpleJWT\Crypt\Encryption; + +use SimpleJWT\Crypt\CryptException; /** * Interface for content authenticated encryption algorithms. diff --git a/src/SimpleJWT/Crypt/AESKeyWrap.php b/src/SimpleJWT/Crypt/KeyManagement/AESKeyWrap.php similarity index 98% rename from src/SimpleJWT/Crypt/AESKeyWrap.php rename to src/SimpleJWT/Crypt/KeyManagement/AESKeyWrap.php index e6e3773..8dad8fd 100644 --- a/src/SimpleJWT/Crypt/AESKeyWrap.php +++ b/src/SimpleJWT/Crypt/KeyManagement/AESKeyWrap.php @@ -33,8 +33,10 @@ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -namespace SimpleJWT\Crypt; +namespace SimpleJWT\Crypt\KeyManagement; +use SimpleJWT\Crypt\Algorithm; +use SimpleJWT\Crypt\CryptException; use SimpleJWT\Util\Util; use SimpleJWT\Keys\Key; use SimpleJWT\Keys\SymmetricKey; diff --git a/src/SimpleJWT/Crypt/AESKeyWrapTrait.php b/src/SimpleJWT/Crypt/KeyManagement/AESKeyWrapTrait.php similarity index 99% rename from src/SimpleJWT/Crypt/AESKeyWrapTrait.php rename to src/SimpleJWT/Crypt/KeyManagement/AESKeyWrapTrait.php index 72812bc..792d382 100644 --- a/src/SimpleJWT/Crypt/AESKeyWrapTrait.php +++ b/src/SimpleJWT/Crypt/KeyManagement/AESKeyWrapTrait.php @@ -33,7 +33,7 @@ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -namespace SimpleJWT\Crypt; +namespace SimpleJWT\Crypt\KeyManagement; use SimpleJWT\Keys\Key; use SimpleJWT\Keys\KeySet; diff --git a/src/SimpleJWT/Crypt/DirectEncryption.php b/src/SimpleJWT/Crypt/KeyManagement/DirectEncryption.php similarity index 95% rename from src/SimpleJWT/Crypt/DirectEncryption.php rename to src/SimpleJWT/Crypt/KeyManagement/DirectEncryption.php index 1d399df..50bff06 100644 --- a/src/SimpleJWT/Crypt/DirectEncryption.php +++ b/src/SimpleJWT/Crypt/KeyManagement/DirectEncryption.php @@ -33,8 +33,10 @@ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -namespace SimpleJWT\Crypt; +namespace SimpleJWT\Crypt\KeyManagement; +use SimpleJWT\Crypt\Algorithm; +use SimpleJWT\Crypt\CryptException; use SimpleJWT\Util\Util; use SimpleJWT\Keys\Key; use SimpleJWT\Keys\SymmetricKey; diff --git a/src/SimpleJWT/Crypt/ECDH.php b/src/SimpleJWT/Crypt/KeyManagement/ECDH.php similarity index 97% rename from src/SimpleJWT/Crypt/ECDH.php rename to src/SimpleJWT/Crypt/KeyManagement/ECDH.php index 7d0892d..044e68d 100644 --- a/src/SimpleJWT/Crypt/ECDH.php +++ b/src/SimpleJWT/Crypt/KeyManagement/ECDH.php @@ -33,8 +33,11 @@ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -namespace SimpleJWT\Crypt; +namespace SimpleJWT\Crypt\KeyManagement; +use SimpleJWT\Crypt\Algorithm; +use SimpleJWT\Crypt\AlgorithmFactory; +use SimpleJWT\Crypt\CryptException; use SimpleJWT\Keys\ECKey; use SimpleJWT\Keys\KeyFactory; use SimpleJWT\Util\Util; @@ -93,7 +96,7 @@ public function deriveKey($keys, &$headers, $kid = null) { // 1. Get the required key length and alg input into Concat KDF if (isset($headers['enc'])) { try { - /** @var \SimpleJWT\Crypt\EncryptionAlgorithm $enc */ + /** @var \SimpleJWT\Crypt\Encryption\EncryptionAlgorithm $enc */ $enc = AlgorithmFactory::create($headers['enc'], Algorithm::ENCRYPTION_ALGORITHM); $size = $enc->getCEKSize(); } catch (\UnexpectedValueException $e) { diff --git a/src/SimpleJWT/Crypt/ECDH_AESKeyWrap.php b/src/SimpleJWT/Crypt/KeyManagement/ECDH_AESKeyWrap.php similarity index 98% rename from src/SimpleJWT/Crypt/ECDH_AESKeyWrap.php rename to src/SimpleJWT/Crypt/KeyManagement/ECDH_AESKeyWrap.php index a7120cb..1ec7885 100644 --- a/src/SimpleJWT/Crypt/ECDH_AESKeyWrap.php +++ b/src/SimpleJWT/Crypt/KeyManagement/ECDH_AESKeyWrap.php @@ -33,7 +33,7 @@ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -namespace SimpleJWT\Crypt; +namespace SimpleJWT\Crypt\KeyManagement; use SimpleJWT\Keys\KeySet; diff --git a/src/SimpleJWT/Crypt/KeyDerivationAlgorithm.php b/src/SimpleJWT/Crypt/KeyManagement/KeyDerivationAlgorithm.php similarity index 97% rename from src/SimpleJWT/Crypt/KeyDerivationAlgorithm.php rename to src/SimpleJWT/Crypt/KeyManagement/KeyDerivationAlgorithm.php index 8c75bfe..a043811 100644 --- a/src/SimpleJWT/Crypt/KeyDerivationAlgorithm.php +++ b/src/SimpleJWT/Crypt/KeyManagement/KeyDerivationAlgorithm.php @@ -33,8 +33,9 @@ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -namespace SimpleJWT\Crypt; +namespace SimpleJWT\Crypt\KeyManagement; +use SimpleJWT\Crypt\CryptException; use SimpleJWT\Keys\KeySet; use SimpleJWT\Keys\KeyException; diff --git a/src/SimpleJWT/Crypt/KeyEncryptionAlgorithm.php b/src/SimpleJWT/Crypt/KeyManagement/KeyEncryptionAlgorithm.php similarity index 97% rename from src/SimpleJWT/Crypt/KeyEncryptionAlgorithm.php rename to src/SimpleJWT/Crypt/KeyManagement/KeyEncryptionAlgorithm.php index a90c9b9..895da49 100644 --- a/src/SimpleJWT/Crypt/KeyEncryptionAlgorithm.php +++ b/src/SimpleJWT/Crypt/KeyManagement/KeyEncryptionAlgorithm.php @@ -33,8 +33,9 @@ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -namespace SimpleJWT\Crypt; +namespace SimpleJWT\Crypt\KeyManagement; +use SimpleJWT\Crypt\CryptException; use SimpleJWT\Keys\KeySet; use SimpleJWT\Keys\KeyException; diff --git a/src/SimpleJWT/Crypt/KeyManagementAlgorithm.php b/src/SimpleJWT/Crypt/KeyManagement/KeyManagementAlgorithm.php similarity index 97% rename from src/SimpleJWT/Crypt/KeyManagementAlgorithm.php rename to src/SimpleJWT/Crypt/KeyManagement/KeyManagementAlgorithm.php index 7d19391..74ff2a0 100644 --- a/src/SimpleJWT/Crypt/KeyManagementAlgorithm.php +++ b/src/SimpleJWT/Crypt/KeyManagement/KeyManagementAlgorithm.php @@ -33,7 +33,7 @@ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -namespace SimpleJWT\Crypt; +namespace SimpleJWT\Crypt\KeyManagement; /** * Interface for key management algorithms. These can be *key encryption diff --git a/src/SimpleJWT/Crypt/PBES2.php b/src/SimpleJWT/Crypt/KeyManagement/PBES2.php similarity index 97% rename from src/SimpleJWT/Crypt/PBES2.php rename to src/SimpleJWT/Crypt/KeyManagement/PBES2.php index 7c0aa61..164e7cd 100644 --- a/src/SimpleJWT/Crypt/PBES2.php +++ b/src/SimpleJWT/Crypt/KeyManagement/PBES2.php @@ -33,12 +33,14 @@ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -namespace SimpleJWT\Crypt; +namespace SimpleJWT\Crypt\KeyManagement; -use SimpleJWT\Util\Util; +use SimpleJWT\Crypt\Algorithm; +use SimpleJWT\Crypt\CryptException; use SimpleJWT\Keys\Key; use SimpleJWT\Keys\KeySet; use SimpleJWT\Keys\SymmetricKey; +use SimpleJWT\Util\Util; /** * Implements PBES2 key encryption algorithm with AES key wrap. diff --git a/src/SimpleJWT/Crypt/RSAES.php b/src/SimpleJWT/Crypt/KeyManagement/RSAES.php similarity index 98% rename from src/SimpleJWT/Crypt/RSAES.php rename to src/SimpleJWT/Crypt/KeyManagement/RSAES.php index 320e83d..b55ed86 100644 --- a/src/SimpleJWT/Crypt/RSAES.php +++ b/src/SimpleJWT/Crypt/KeyManagement/RSAES.php @@ -33,10 +33,12 @@ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -namespace SimpleJWT\Crypt; +namespace SimpleJWT\Crypt\KeyManagement; -use SimpleJWT\Util\Util; +use SimpleJWT\Crypt\Algorithm; +use SimpleJWT\Crypt\CryptException; use SimpleJWT\Keys\Key; +use SimpleJWT\Util\Util; /** * Implementation of the RSA Encryption Scheme algorithms, including `RSA1_5` and diff --git a/src/SimpleJWT/Crypt/openssl.cnf b/src/SimpleJWT/Crypt/KeyManagement/openssl.cnf similarity index 100% rename from src/SimpleJWT/Crypt/openssl.cnf rename to src/SimpleJWT/Crypt/KeyManagement/openssl.cnf diff --git a/src/SimpleJWT/Crypt/HMAC.php b/src/SimpleJWT/Crypt/Signature/HMAC.php similarity index 98% rename from src/SimpleJWT/Crypt/HMAC.php rename to src/SimpleJWT/Crypt/Signature/HMAC.php index 45e3e65..72b84df 100644 --- a/src/SimpleJWT/Crypt/HMAC.php +++ b/src/SimpleJWT/Crypt/Signature/HMAC.php @@ -33,7 +33,7 @@ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -namespace SimpleJWT\Crypt; +namespace SimpleJWT\Crypt\Signature; use SimpleJWT\Keys\KeyException; use SimpleJWT\Util\Util; diff --git a/src/SimpleJWT/Crypt/None.php b/src/SimpleJWT/Crypt/Signature/None.php similarity index 97% rename from src/SimpleJWT/Crypt/None.php rename to src/SimpleJWT/Crypt/Signature/None.php index 51fea6b..81faa70 100644 --- a/src/SimpleJWT/Crypt/None.php +++ b/src/SimpleJWT/Crypt/Signature/None.php @@ -33,7 +33,9 @@ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -namespace SimpleJWT\Crypt; +namespace SimpleJWT\Crypt\Signature; + +use SimpleJWT\Crypt\Algorithm; /** * Implements the `none` signature algorithm. diff --git a/src/SimpleJWT/Crypt/OpenSSLSig.php b/src/SimpleJWT/Crypt/Signature/OpenSSLSig.php similarity index 98% rename from src/SimpleJWT/Crypt/OpenSSLSig.php rename to src/SimpleJWT/Crypt/Signature/OpenSSLSig.php index 51c23cb..c3464e7 100644 --- a/src/SimpleJWT/Crypt/OpenSSLSig.php +++ b/src/SimpleJWT/Crypt/Signature/OpenSSLSig.php @@ -33,8 +33,9 @@ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -namespace SimpleJWT\Crypt; +namespace SimpleJWT\Crypt\Signature; +use SimpleJWT\Crypt\CryptException; use SimpleJWT\Keys\Key; use SimpleJWT\Keys\KeyException; use SimpleJWT\Util\ASN1; diff --git a/src/SimpleJWT/Crypt/SHA2.php b/src/SimpleJWT/Crypt/Signature/SHA2.php similarity index 97% rename from src/SimpleJWT/Crypt/SHA2.php rename to src/SimpleJWT/Crypt/Signature/SHA2.php index 62979db..0b9b797 100644 --- a/src/SimpleJWT/Crypt/SHA2.php +++ b/src/SimpleJWT/Crypt/Signature/SHA2.php @@ -33,8 +33,9 @@ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -namespace SimpleJWT\Crypt; +namespace SimpleJWT\Crypt\Signature; +use SimpleJWT\Crypt\Algorithm; use SimpleJWT\Util\Util; /** diff --git a/src/SimpleJWT/Crypt/SignatureAlgorithm.php b/src/SimpleJWT/Crypt/Signature/SignatureAlgorithm.php similarity index 98% rename from src/SimpleJWT/Crypt/SignatureAlgorithm.php rename to src/SimpleJWT/Crypt/Signature/SignatureAlgorithm.php index ad140ad..dd69d9a 100644 --- a/src/SimpleJWT/Crypt/SignatureAlgorithm.php +++ b/src/SimpleJWT/Crypt/Signature/SignatureAlgorithm.php @@ -33,8 +33,9 @@ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -namespace SimpleJWT\Crypt; +namespace SimpleJWT\Crypt\Signature; +use SimpleJWT\Crypt\CryptException; use SimpleJWT\Keys\Key; use SimpleJWT\Keys\KeySet; use SimpleJWT\Keys\KeyException; diff --git a/src/SimpleJWT/JWE.php b/src/SimpleJWT/JWE.php index 6406073..18e355e 100644 --- a/src/SimpleJWT/JWE.php +++ b/src/SimpleJWT/JWE.php @@ -36,19 +36,14 @@ use SimpleJWT\Crypt\AlgorithmFactory; use SimpleJWT\Crypt\CryptException; -use SimpleJWT\Crypt\KeyDerivationAlgorithm; -use SimpleJWT\Crypt\KeyEncryptionAlgorithm; +use SimpleJWT\Crypt\KeyManagement\KeyDerivationAlgorithm; +use SimpleJWT\Crypt\KeyManagement\KeyEncryptionAlgorithm; use SimpleJWT\Keys\SymmetricKey; use SimpleJWT\Keys\KeyException; use SimpleJWT\Util\Helper; use SimpleJWT\Util\Util; -class JWE { - /** @var string COMPACT_FORMAT Compact JWE serialisation format */ - const COMPACT_FORMAT = Helper::COMPACT_FORMAT; - /** @var string JSON_FORMAT JSON JWE serialisation format */ - const JSON_FORMAT = Helper::JSON_FORMAT; - +class JWE extends Token { /** @var array $headers */ protected $headers = ['typ' => 'JWE']; @@ -62,7 +57,7 @@ class JWE { * @param string $plaintext the plaintext to encrypt */ public function __construct($headers, $plaintext) { - $this->headers = $headers; + parent::__construct($headers); $this->plaintext = $plaintext; } @@ -138,7 +133,7 @@ public static function decrypt($token, $keys, $expected_alg) { if ($headers['alg'] != $expected_alg) throw new InvalidTokenException('Unexpected algorithm', InvalidTokenException::DECRYPTION_ERROR); $key_enc = AlgorithmFactory::create($headers['alg']); - /** @var \SimpleJWT\Crypt\EncryptionAlgorithm $content_enc */ + /** @var \SimpleJWT\Crypt\Encryption\EncryptionAlgorithm $content_enc */ $content_enc = AlgorithmFactory::create($headers['enc']); if ($key_enc instanceof KeyDerivationAlgorithm) { @@ -203,25 +198,6 @@ public static function decrypt($token, $keys, $expected_alg) { return new JWE($headers, $plaintext); } - /** - * Returns the JWE's headers. - * - * @return array the headers - */ - public function getHeaders() { - return $this->headers; - } - - /** - * Returns a specified header - * - * @param string $header the header to return - * @return mixed the header value - */ - public function getHeader($header) { - return $this->headers[$header]; - } - /** * Returns the JWE's plaintext * @@ -250,7 +226,7 @@ public function encrypt($keys, $kid = null, $format = self::COMPACT_FORMAT) { $key_enc = AlgorithmFactory::create($this->headers['alg']); - /** @var \SimpleJWT\Crypt\EncryptionAlgorithm $content_enc */ + /** @var \SimpleJWT\Crypt\Encryption\EncryptionAlgorithm $content_enc */ $content_enc = AlgorithmFactory::create($this->headers['enc']); if ($kid != null) $this->headers['kid'] = $kid; diff --git a/src/SimpleJWT/JWT.php b/src/SimpleJWT/JWT.php index d0f4564..8f8ddab 100644 --- a/src/SimpleJWT/JWT.php +++ b/src/SimpleJWT/JWT.php @@ -53,12 +53,7 @@ * claims can then be retrieved using the {@link getHeaders()} and {@link getClaims()} * functions. */ -class JWT { - /** @var string COMPACT_FORMAT Compact JWT serialisation format */ - const COMPACT_FORMAT = Helper::COMPACT_FORMAT; - /** @var string JSON_FORMAT JSON JWT serialisation format */ - const JSON_FORMAT = Helper::JSON_FORMAT; - +class JWT extends Token { /** @var int $TIME_ALLOWANCE */ static public $TIME_ALLOWANCE = 300; @@ -78,7 +73,7 @@ class JWT { * @param array $claims the claims */ public function __construct($headers, $claims) { - $this->headers = $headers; + parent::__construct($headers); $this->claims = $claims; } @@ -137,7 +132,7 @@ public static function decode($token, $keys, $expected_alg, $kid = null, $skip_v // Check signatures if ($headers['alg'] != $expected_alg) throw new InvalidTokenException('Unexpected algorithm', InvalidTokenException::SIGNATURE_VERIFICATION_ERROR); - /** @var \SimpleJWT\Crypt\SignatureAlgorithm $signer */ + /** @var \SimpleJWT\Crypt\Signature\SignatureAlgorithm $signer */ $signer = AlgorithmFactory::create($expected_alg); try { @@ -167,25 +162,6 @@ public static function decode($token, $keys, $expected_alg, $kid = null, $skip_v return new JWT($headers, $claims); } - /** - * Returns the JWT's headers. - * - * @return array the headers - */ - public function getHeaders() { - return $this->headers; - } - - /** - * Returns a specified header - * - * @param string $header the header to return - * @return mixed the header value - */ - public function getHeader($header) { - return $this->headers[$header]; - } - /** * Returns the JWT's claims. * @@ -228,7 +204,7 @@ public function encode($keys, $kid = null, $auto_complete = ['iat', 'kid'], $alg if (in_array('iat', $auto_complete) && !isset($this->claims['iat'])) $this->claims['iat'] = time(); try { - /** @var \SimpleJWT\Crypt\SignatureAlgorithm $signer */ + /** @var \SimpleJWT\Crypt\Signature\SignatureAlgorithm $signer */ $signer = AlgorithmFactory::create($this->headers['alg']); } catch (\UnexpectedValueException $e) { throw new CryptException($e->getMessage(), 0, $e); @@ -390,7 +366,7 @@ public static function tokenHash($token) { $deserialised = self::deserialise($token); $alg = $deserialised['signatures'][0]['headers']['alg']; - /** @var \SimpleJWT\Crypt\SignatureAlgorithm $signer */ + /** @var \SimpleJWT\Crypt\Signature\SignatureAlgorithm $signer */ $signer = AlgorithmFactory::create($alg); return $signer->shortHash($token); } diff --git a/src/SimpleJWT/Token.php b/src/SimpleJWT/Token.php new file mode 100644 index 0000000..510eb31 --- /dev/null +++ b/src/SimpleJWT/Token.php @@ -0,0 +1,82 @@ + $headers */ + protected $headers; + + /** + * Creates a new token. + * + * @param array $headers the headers + */ + public function __construct($headers) { + $this->headers = $headers; + } + + /** + * Returns the token's headers. + * + * @return array the headers + */ + public function getHeaders() { + return $this->headers; + } + + /** + * Returns a specified header + * + * @param string $header the header to return + * @return mixed the header value + */ + public function getHeader($header) { + return $this->headers[$header]; + } +} +?> diff --git a/src/SimpleJWT/Util/Helper.php b/src/SimpleJWT/Util/Helper.php index cff610d..44a0284 100644 --- a/src/SimpleJWT/Util/Helper.php +++ b/src/SimpleJWT/Util/Helper.php @@ -37,6 +37,7 @@ use SimpleJWT\JWT; use SimpleJWT\JWE; +use SimpleJWT\Token; use SimpleJWT\InvalidTokenException; /** @@ -45,10 +46,6 @@ * JWTs and JWEs are accepted. */ class Helper { - - const COMPACT_FORMAT = 'compact'; - const JSON_FORMAT = 'json'; - /** @var string $data */ private $data; @@ -106,7 +103,7 @@ function getFormat() { * should be agreed between the parties out-of-band * @param string $kid the ID of the key to use for verification of a JWT. If null, this * is automatically retrieved. If the token is a JWE, this parameter is ignored. - * @return JWT|JWE the decoded JWT or JWE + * @return Token the decoded JWT or JWE * @throws InvalidTokenException if the token is invalid for any reason */ function decode($keys, $expected_alg, $kid = null) { @@ -126,7 +123,7 @@ function decode($keys, $expected_alg, $kid = null) { * should be agreed between the parties out-of-band * @param string $kid the ID of the key to use for verification of a JWT. If null, this * is automatically retrieved. For a JWE, this parameter is ignored. - * @return JWT|JWE the decoded JWT or JWE + * @return Token the decoded JWT or JWE * @throws InvalidTokenException if the token is invalid for any reason * @deprecated use {@link decode()} instead * @codeCoverageIgnore @@ -207,18 +204,18 @@ static function detect($data) { $dot_count = substr_count($data, '.'); if (($dot_count == 1) || ($dot_count == 2)) { $results['type'] = 'JWT'; - $results['format'] = self::COMPACT_FORMAT; + $results['format'] = Token::COMPACT_FORMAT; } elseif ($dot_count == 4) { $results['type'] = 'JWE'; - $results['format'] = self::COMPACT_FORMAT; + $results['format'] = Token::COMPACT_FORMAT; } } else { if (isset($obj['signature']) || isset($obj['signatures'])) { $results['type'] = 'JWT'; - $results['format'] = self::JSON_FORMAT; + $results['format'] = Token::JSON_FORMAT; } elseif (isset($obj['ciphertext'])) { $results['type'] = 'JWE'; - $results['format'] = self::JSON_FORMAT; + $results['format'] = Token::JSON_FORMAT; } } diff --git a/tests/AESCBC_HMACSHA2Test.php b/tests/Encryption/AESCBC_HMACSHA2Test.php similarity index 98% rename from tests/AESCBC_HMACSHA2Test.php rename to tests/Encryption/AESCBC_HMACSHA2Test.php index 73f05c3..903521e 100644 --- a/tests/AESCBC_HMACSHA2Test.php +++ b/tests/Encryption/AESCBC_HMACSHA2Test.php @@ -1,6 +1,6 @@ assertEquals('JWT', $results['type']); - $this->assertEquals(Helper::COMPACT_FORMAT, $results['format']); + $this->assertEquals(Token::COMPACT_FORMAT, $results['format']); } function testJWSJSON() { @@ -35,7 +35,7 @@ function testJWSJSON() { $results = Helper::detect($complete_json); $this->assertEquals('JWT', $results['type']); - $this->assertEquals(Helper::JSON_FORMAT, $results['format']); + $this->assertEquals(Token::JSON_FORMAT, $results['format']); $flattened_json = <<assertEquals('JWT', $results['type']); - $this->assertEquals(Helper::JSON_FORMAT, $results['format']); + $this->assertEquals(Token::JSON_FORMAT, $results['format']); } function testJWECompact() { @@ -59,7 +59,7 @@ function testJWECompact() { $results = Helper::detect($compact); $this->assertEquals('JWE', $results['type']); - $this->assertEquals(Helper::COMPACT_FORMAT, $results['format']); + $this->assertEquals(Token::COMPACT_FORMAT, $results['format']); } function testJWEJSON() { @@ -89,7 +89,7 @@ function testJWEJSON() { $results = Helper::detect($complete_json); $this->assertEquals('JWE', $results['type']); - $this->assertEquals(Helper::JSON_FORMAT, $results['format']); + $this->assertEquals(Token::JSON_FORMAT, $results['format']); $flattened_json = <<assertEquals('JWE', $results['type']); - $this->assertEquals(Helper::JSON_FORMAT, $results['format']); + $this->assertEquals(Token::JSON_FORMAT, $results['format']); } function testInvalidToken() { diff --git a/tests/AESKeyWrapTest.php b/tests/KeyManagement/AESKeyWrapTest.php similarity index 99% rename from tests/AESKeyWrapTest.php rename to tests/KeyManagement/AESKeyWrapTest.php index 91217f5..d81f1d0 100644 --- a/tests/AESKeyWrapTest.php +++ b/tests/KeyManagement/AESKeyWrapTest.php @@ -1,6 +1,6 @@ 'SLW_xSffzlPWrHEVI30DHM_4egVwt3NQqeUD7nMFpps' ], 'php'); - $stub = $this->getMockBuilder('SimpleJWT\Crypt\ECDH') + $stub = $this->getMockBuilder('SimpleJWT\Crypt\KeyManagement\ECDH') ->setMethods(['createEphemeralKey'])->setConstructorArgs(['ECDH-ES'])->getMock(); $stub->method('createEphemeralKey')->willReturn($ephemeral_key); diff --git a/tests/ECDH_AESKeyWrapTest.php b/tests/KeyManagement/ECDH_AESKeyWrapTest.php similarity index 98% rename from tests/ECDH_AESKeyWrapTest.php rename to tests/KeyManagement/ECDH_AESKeyWrapTest.php index cf17229..525bcc4 100644 --- a/tests/ECDH_AESKeyWrapTest.php +++ b/tests/KeyManagement/ECDH_AESKeyWrapTest.php @@ -1,6 +1,7 @@ getKeySet($password); - $stub = $this->getMockBuilder('SimpleJWT\Crypt\PBES2') + $stub = $this->getMockBuilder('SimpleJWT\Crypt\KeyManagement\PBES2') ->setMethods(['generateSaltInput'])->setConstructorArgs(['PBES2-HS256+A128KW'])->getMock(); $stub->method('generateSaltInput')->willReturn(Util::base64url_decode('2WCTcJZ1Rvd_CJuJripQ1w')); diff --git a/tests/RSAESTest.php b/tests/KeyManagement/RSAESTest.php similarity index 99% rename from tests/RSAESTest.php rename to tests/KeyManagement/RSAESTest.php index 5b18dac..c113823 100644 --- a/tests/RSAESTest.php +++ b/tests/KeyManagement/RSAESTest.php @@ -1,6 +1,6 @@