File core/Protocols/Connect/KeySetBuilder.php | SimpleID Documentation [] API

1:	<?php
2:	/*
3:	* SimpleID
4:	*
5:	* Copyright (C) Kelvin Mo 2012-2025
6:	*
7:	* This program is free software; you can redistribute it and/or
8:	* modify it under the terms of the GNU General Public
9:	* License as published by the Free Software Foundation; either
10:	* version 2 of the License, or (at your option) any later version.
11:	*
12:	* This program is distributed in the hope that it will be useful,
13:	* but WITHOUT ANY WARRANTY; without even the implied warranty of
14:	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15:	* General Public License for more details.
16:	*
17:	* You should have received a copy of the GNU General Public
18:	* License along with this program; if not, write to the Free
19:	* Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20:	*
21:	*/
22:
23:	namespace SimpleID\Protocols\Connect;
24:
25:	use SimpleID\Store\StoreManager;
26:	use SimpleJWT\Keys\KeySet;
27:	use SimpleJWT\Keys\SymmetricKey;
28:	use \Web;
29:	use \Base;
30:
31:	/**
32:	* Utility class to build a SimpleJWT key set based for a specified
33:	* client.
34:	*
35:	* Each of the methods in this class adds various keys to the key
36:	* set being built and returns an instance of this class to enable
37:	* chaining. To obtain the final key set, call the {@link toKeySet()}
38:	* method.
39:	*/
40:	class KeySetBuilder {
41:	/** @var KeySet */
42:	protected $set;
43:
44:	/** @var \SimpleID\Protocols\OAuth\OAuthClient */
45:	protected $client;
46:
47:	/**
48:	* Creates a key set builder for the specified client.
49:	*
50:	* @param \SimpleID\Protocols\OAuth\OAuthClient $client the client
51:	*/
52:	function __construct($client) {
53:	$this->set = new KeySet();
54:	$this->client = $client;
55:	}
56:
57:	/**
58:	* Adds the client secret to the key set.
59:	*
60:	* @return KeySetBuilder
61:	*/
62:	function addClientSecret() {
63:	$this->set->add(new SymmetricKey($this->client['oauth']['client_secret'], 'bin'));
64:	return $this;
65:	}
66:
67:	/**
68:	* Adds the client's public keys. This can be used to encrypt
69:	* data to the client.
70:	*
71:	* @return KeySetBuilder
72:	*/
73:	function addClientPublicKeys() {
74:	if (!isset($this->client['oauth']['jwks']) && isset($this->client['oauth']['jwks_uri']) && is_subclass_of($this->client, 'SimpleID\Protocols\OAuth\OAuthDynamicClient')) {
75:	$this->client->fetchJWKs();
76:	}
77:
78:	if (isset($this->client['oauth']['jwks'])) {
79:	$client_jwks = new KeySet();
80:	$json = json_encode($this->client['oauth']['jwks']);
81:	if ($json == false) return $this;
82:	$client_jwks->load($json);
83:	$this->set->addAll($client_jwks);
84:	}
85:
86:	return $this;
87:	}
88:
89:	/**
90:	* Adds the server's private keys. This can be used to sign
91:	* data to the client.
92:	*
93:	* @return KeySetBuilder
94:	*/
95:	function addServerPrivateKeys() {
96:	$f3 = Base::instance();
97:	$config = $f3->get('config');
98:
99:	if (isset($config['private_jwks_file'])) {
100:	$server_jwks = new KeySet();
101:	$file = file_get_contents($config['private_jwks_file']);
102:	if ($file == false) return $this;
103:	$server_jwks->load($file);
104:	$this->set->addAll($server_jwks);
105:	}
106:
107:	return $this;
108:	}
109:
110:	/**
111:	* Adds the server's public keys.
112:	*
113:	* @return KeySetBuilder
114:	*/
115:	function addServerPublicKeys() {
116:	$f3 = Base::instance();
117:	$config = $f3->get('config');
118:
119:	if (isset($config['public_jwks_file'])) {
120:	$server_jwks = new KeySet();
121:	$file = file_get_contents($config['public_jwks_file']);
122:	if ($file == false) return $this;
123:	$server_jwks->load($file);
124:	$this->set->addAll($server_jwks);
125:	}
126:
127:	return $this;
128:	}
129:
130:	/**
131:	* Returns the completed key set.
132:	*
133:	* @return \SimpleJWT\Keys\KeySet
134:	*/
135:	function toKeySet() {
136:	return $this->set;
137:	}
138:	}
139:
140:	?>
141:

Namespaces

Classes