· 7 years ago · Feb 16, 2018, 01:22 AM
1<?php
2namespace App\Controller\Component;
3use Cake\Controller\Component;
4use Cake\Core\Configure;
5
6class JTokensComponent extends Component {
7 public $secretKey;
8 public $algorythm = "HS256";
9 public $type = "JWT";
10 public $payload = [];
11 public $signature;
12
13 /**
14 * this option affects how much time will be given to the token
15 * strict - 1 day
16 * middle - 1 week
17 * low - 1 month
18 * no
19 * */
20 public $expireMode = 'strict';
21
22 private function encryptHeader() {
23 $data = [
24 'alg' => $this->algorythm,
25 'typ' => $this->type
26 ];
27
28 $json = json_encode($data);
29 return base64_encode($json);
30 }
31
32
33 private function setExpires() {
34 $expires = false;
35
36 switch($this->expireMode) {
37 case 'strict':
38 $expires = strtotime("+ 1 day",time());
39 break;
40
41 case 'middle':
42 $expires = strtotime("+ 1 week",date());
43 break;
44
45 case 'low':
46 $expires = strtotime("+ 1 month",date());
47 break;
48 }
49
50 return $expires;
51 }
52
53 private function encryptPayLoad() {
54 $expires = $this->setExpires();
55
56 if($expires!==false) {
57 $this->payload['exp'] = $expires;
58 }
59
60 $json = json_encode($this->payload);
61 return base64_encode($json);
62 }
63
64
65 public function makeToken() {
66 $key = (empty($this->secretKey))?Configure::read('Security.salt'):$this->secretKey;
67 $header = $this->encryptHeader();
68 $payload = $this->encryptPayLoad();
69 $signature = base64_encode(hash_hmac('sha256', $header.'.'.$payload, $key, true));
70 return $header.'.'.$payload.'.'.$signature;
71 }
72
73
74 public function validateToken($token) {
75 $parts = explode(".",$token);
76 $signature = base64_encode(hash_hmac('sha256', $parts[0].'.'.$parts[1], $this->secretKey, true));
77
78 $payload = $parts[1];
79
80 if(!empty($payload['exp']) && $payload['exp']<=date()) {
81 return false;
82 }
83
84 return hash_equals($parts[2],$signature);
85 }
86}