5
5
use Psr \Http \Message \ResponseInterface ;
6
6
use Psr \Http \Message \ServerRequestInterface ;
7
7
8
+ use Lcobucci \JWT \Configuration ;
9
+ use Lcobucci \JWT \Signer \Key \InMemory ;
10
+ use Lcobucci \JWT \Signer \Rsa \Sha256 ;
11
+
8
12
class AuthorizeController extends ServerController
9
13
{
10
14
final public function __invoke (ServerRequestInterface $ request , array $ args ): ResponseInterface
@@ -21,11 +25,11 @@ final public function __invoke(ServerRequestInterface $request, array $args): Re
21
25
22
26
$ queryParams = $ request ->getQueryParams ();
23
27
24
- $ parser = new \ Lcobucci \ JWT \ Parser ( );
28
+ $ jwtConfig = Configuration:: forSymmetricSigner ( new Sha256 (), InMemory:: plainText ( $ this -> config -> getPrivateKey ()) );
25
29
26
30
try {
27
- $ token = $ parser ->parse ($ request ->getQueryParams ()['request ' ]);
28
- $ _SESSION ["nonce " ] = $ token ->getClaim ('nonce ' );
31
+ $ token = $ jwtConfig -> parser () ->parse ($ request ->getQueryParams ()['request ' ]);
32
+ $ _SESSION ["nonce " ] = $ token ->claims ()-> get ('nonce ' );
29
33
} catch (\Exception $ e ) {
30
34
$ _SESSION ["nonce " ] = $ request ->getQueryParams ()['nonce ' ];
31
35
}
@@ -42,7 +46,7 @@ final public function __invoke(ServerRequestInterface $request, array $args): Re
42
46
43
47
if (!isset ($ getVars ['redirect_uri ' ])) {
44
48
try {
45
- $ getVars ['redirect_uri ' ] = $ token ->getClaim ("redirect_uri " );
49
+ $ getVars ['redirect_uri ' ] = $ token ->claims ()-> get ("redirect_uri " );
46
50
} catch (\Exception $ e ) {
47
51
return $ this ->getResponse ()
48
52
->withStatus (400 , "Bad request, missing redirect uri " )
0 commit comments