Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $jwt="/root/transcoder/jwt_key.json";
- $token="eyJhbGciOiJIUzI1NiJ9.eyJjaGFsbGVuZ2UiOiI2ZmZjMjkwZDg0YjJhNzk2YWZiYmMxMTljMTZkYWViYjU3NTIxOTc5MWU3YWZlODMwMjI2MGIwYTVhMDNiZGQ0ZTU0NTRiNzg4ZDM2Mjk2YjQ0OTFiYjcxN2I0YjU4MzMiLCJleHAiOjE1NjEzNjU0ODcsImVtYWlsIjoiY3Jpc3RpQG5vdmFuZXQucm8ifQ.pGS4J_9sPafuJ78zAAkzh8VXlxy-XK2zv7Kvxs7Oo7g";
- $key=get_key($jwt);
- print("\ntoken: $token \nkey: $key\n");
- if(validate($token, $key)) print("\nvalidate"); else print("\ninvalidate");
- print("\n");
- /////////////////////////////////////////////////////////
- function get_key($jwt="/root/transcoder/jwt_key.json") {
- $j=file_get_contents($jwt);
- $json=json_decode($j, true);
- return $json["k"];
- }
- function urlsafeB64Decode($input) {
- $remainder = strlen($input) % 4;
- if ($remainder) {
- $padlen = 4 - $remainder;
- $input .= str_repeat('=', $padlen);
- }
- return base64_decode(strtr($input, '-_', '+/'));
- }
- function jsonDecode($input) {
- return json_decode($input, false, 512, JSON_BIGINT_AS_STRING);
- }
- function validate($token, $key){
- $tks = explode('.', $token);
- list($headb64, $bodyb64, $cryptob64) = $tks;
- $header = jsonDecode(urlsafeB64Decode($headb64));
- $payload = jsonDecode(jsonDecode($bodyb64));
- $sig = urlsafeB64Decode($cryptob64);
- $hash = hash_hmac("sha256", "$headb64.$bodyb64", urlsafeB64Decode($key), true);
- return hash_equals($sig, $hash);
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
