I came across this bit of code:
class JWT {
private $secret = "secret-string";
private $algos = ['HS256'];
private $domain;
function __construct() {
$this->domain = $_SERVER['HTTP_HOST'];
}
function get() {
if ( isset($_COOKIE['jwt']) ) {
$ticket = $_COOKIE['jwt'];
try {
$data = \Firebase\JWT\JWT::decode($ticket, $this->secret, $this->algos);
return $data->data;
} catch (Exception $e) {
return null;
}
} else {
return null;
}
}
function set($data) {
$time = time();
$expire = $time+60*60*24;
$data = [
"iat" => $time,
"nbf" => $time,
"exp" => $expire,
"data" => $data,
];
$jwt = \Firebase\JWT\JWT::encode($data, $this->secret, $this->algos[0]);
setcookie('jwt', $jwt, $expire, '/', $domain, true, true);
}
}
I am not familiar with php, But because of certain conditions, I have to slam my head against it currently. After slamming my head repetitively against this, I came to the conclusion that I am having a problem in the following bit of code:
$jwt = \Firebase\JWT\JWT::encode($data, $this->secret, $this->algos[0]);
setcookie('jwt', $jwt, $expire, '/', $domain, true, true);
I am not able to understand the format the JWT tokens will be encoded in. I have tried some trial and error but I failed and I feel like I am missing somewhere. My last resort was to move to stackoverflow to ask the wonderful programmers here about this.
For context: I would have posted this on security overflow, But I posted it here as the last time I did that my question got migrated.
Hopefully I can be shown the right direction!
Aucun commentaire:
Enregistrer un commentaire