Merge remote-tracking branch 'upstream/master' into nullkey

Exceptions/BeforeValidException.php

-<?php
-
-class BeforeValidException extends UnexpectedValueException
-{
-
-}

Exceptions/ExpiredException.php

-<?php
-
-class ExpiredException extends UnexpectedValueException
-{
-
-}

Exceptions/SignatureInvalidException.php

-<?php
-
-class SignatureInvalidException extends UnexpectedValueException
-{
-
-}

README.md

@@ -21,6 +21,7 @@ Example
 -------
 ```php
 <?php
+use \Firebase\JWT\JWT;
 
 $key = "example_key";
 $token = array(

composer.json

@@ -16,10 +16,12 @@
     ],
     "license": "BSD-3-Clause",
     "require": {
-        "php": ">=5.2.0"
+        "php": ">=5.3.0"
     },
     "autoload": {
-        "classmap": ["Authentication/", "Exceptions/"]
+        "psr-4": {
+            "Firebase\\JWT\\": "src"
+        }
     },
     "minimum-stability": "dev"
 }

src/BeforeValidException.php

+<?php
+namespace Firebase\JWT;
+
+class BeforeValidException extends \UnexpectedValueException
+{
+
+}

src/ExpiredException.php

+<?php
+namespace Firebase\JWT;
+
+class ExpiredException extends \UnexpectedValueException
+{
+
+}

Authentication/JWT.php → src/JWT.php

 <?php
 
+namespace Firebase\JWT;
+use \DomainException;
+use \UnexpectedValueException;
+use \DateTime;
+
 /**
  * JSON Web Token implementation, based on this spec:
  * http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-06
@@ -33,11 +38,13 @@ class JWT
     /**
      * Decodes a JWT string into a PHP object.
      *
-     * @param string      $jwt           The JWT
-     * @param string|Array|null $key     The secret key, or map of keys
-     * @param Array       $allowed_algs  List of supported verification algorithms
+     * @param string            $jwt            The JWT
+     * @param string|array|null $key            The key, or map of keys.
+     *                                          If the algorithm used is asymmetric, this is the public key
+     * @param array             $allowed_algs   List of supported verification algorithms
+     *                                          Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
      *
-     * @return object      The JWT's payload as a PHP object
+     * @return object The JWT's payload as a PHP object
      *
      * @throws DomainException              Algorithm was not provided
      * @throws UnexpectedValueException     Provided JWT was invalid
@@ -117,13 +124,15 @@ class JWT
     /**
      * Converts and signs a PHP object or array into a JWT string.
      *
-     * @param object|array $payload PHP object or array
-     * @param string       $key     The secret key
-     * @param string       $alg     The signing algorithm. Supported
-     *                              algorithms are 'HS256', 'HS384' and 'HS512'
-     * @param array        $head    An array with header elements to attach
+     * @param object|array  $payload    PHP object or array
+     * @param string        $key        The secret key.
+     *                                  If the algorithm used is asymmetric, this is the private key
+     * @param string        $alg        The signing algorithm.
+     *                                  Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
+     * @param array         $head       An array with header elements to attach
+     *
+     * @return string A signed JWT
      *
-     * @return string      A signed JWT
      * @uses jsonEncode
      * @uses urlsafeB64Encode
      */
@@ -150,12 +159,13 @@ class JWT
     /**
      * Sign a string with a given key and algorithm.
      *
-     * @param string $msg          The message to sign
-     * @param string|resource $key The secret key
-     * @param string $alg       The signing algorithm. Supported algorithms
-     *                               are 'HS256', 'HS384', 'HS512' and 'RS256'
+     * @param string            $msg    The message to sign
+     * @param string|resource   $key    The secret key
+     * @param string            $alg    The signing algorithm.
+     *                                  Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
+     *
+     * @return string An encrypted message
      *
-     * @return string          An encrypted message
      * @throws DomainException Unsupported algorithm was specified
      */
     public static function sign($msg, $key, $alg = 'HS256')
@@ -179,13 +189,16 @@ class JWT
     }
 
     /**
-     * Verify a signature with the mesage, key and method. Not all methods
+     * Verify a signature with the message, key and method. Not all methods
      * are symmetric, so we must have a separate verify and sign method.
-     * @param string $msg the original message
-     * @param string $signature
-     * @param string|resource $key for HS*, a string key works. for RS*, must be a resource of an openssl public key
-     * @param string $alg
+     *
+     * @param string            $msg        The original message (header and body)
+     * @param string            $signature  The original signature
+     * @param string|resource   $key        For HS*, a string key works. for RS*, must be a resource of an openssl public key
+     * @param string            $alg        The algorithm
+     *
      * @return bool
+     *
      * @throws DomainException Invalid Algorithm or OpenSSL failure
      */
     private static function verify($msg, $signature, $key, $alg)
@@ -226,7 +239,8 @@ class JWT
      *
      * @param string $input JSON string
      *
-     * @return object          Object representation of JSON string
+     * @return object Object representation of JSON string
+     *
      * @throws DomainException Provided string was invalid JSON
      */
     public static function jsonDecode($input)
@@ -260,7 +274,8 @@ class JWT
      *
      * @param object|array $input A PHP object or array
      *
-     * @return string          JSON representation of the PHP object or array
+     * @return string JSON representation of the PHP object or array
+     *
      * @throws DomainException Provided object could not be encoded to valid JSON
      */
     public static function jsonEncode($input)
@@ -328,6 +343,7 @@ class JWT
      * Get the number of bytes in cryptographic strings.
      *
      * @param string
+     *
      * @return int
      */
     private static function safeStrlen($str)

src/SignatureInvalidException.php

+<?php
+namespace Firebase\JWT;
+
+class SignatureInvalidException extends \UnexpectedValueException
+{
+
+}

tests/JWTTest.php

 <?php
+use \Firebase\JWT\JWT;
 
 class JWTTest extends PHPUnit_Framework_TestCase
 {
@@ -37,7 +38,7 @@ class JWTTest extends PHPUnit_Framework_TestCase
 
     public function testExpiredToken()
     {
-        $this->setExpectedException('ExpiredException');
+        $this->setExpectedException('Firebase\JWT\ExpiredException');
         $payload = array(
             "message" => "abc",
             "exp" => time() - 20); // time in the past
@@ -47,7 +48,7 @@ class JWTTest extends PHPUnit_Framework_TestCase
 
     public function testBeforeValidTokenWithNbf()
     {
-        $this->setExpectedException('BeforeValidException');
+        $this->setExpectedException('Firebase\JWT\BeforeValidException');
         $payload = array(
             "message" => "abc",
             "nbf" => time() + 20); // time in the future
@@ -57,7 +58,7 @@ class JWTTest extends PHPUnit_Framework_TestCase
 
     public function testBeforeValidTokenWithIat()
     {
-        $this->setExpectedException('BeforeValidException');
+        $this->setExpectedException('Firebase\JWT\BeforeValidException');
         $payload = array(
             "message" => "abc",
             "iat" => time() + 20); // time in the future
@@ -93,7 +94,7 @@ class JWTTest extends PHPUnit_Framework_TestCase
         $payload = array(
             "message" => "abc",
             "exp" => time() - 70); // time far in the past
-        $this->setExpectedException('ExpiredException');
+        $this->setExpectedException('Firebase\JWT\ExpiredException');
         $encoded = JWT::encode($payload, 'my_key');
         $decoded = JWT::decode($encoded, 'my_key', array('HS256'));
         $this->assertEquals($decoded->message, 'abc');
@@ -141,7 +142,7 @@ class JWTTest extends PHPUnit_Framework_TestCase
             "message" => "abc",
             "nbf"     => time() + 65); // not before too far in future
         $encoded = JWT::encode($payload, 'my_key');
-        $this->setExpectedException('BeforeValidException');
+        $this->setExpectedException('Firebase\JWT\BeforeValidException');
         $decoded = JWT::decode($encoded, 'my_key', array('HS256'));
         JWT::$leeway = 0;
     }
@@ -165,7 +166,7 @@ class JWTTest extends PHPUnit_Framework_TestCase
             "message" => "abc",
             "iat"     => time() + 65); // issued too far in future
         $encoded = JWT::encode($payload, 'my_key');
-        $this->setExpectedException('BeforeValidException');
+        $this->setExpectedException('Firebase\JWT\BeforeValidException');
         $decoded = JWT::decode($encoded, 'my_key', array('HS256'));
         JWT::$leeway = 0;
     }
@@ -176,7 +177,7 @@ class JWTTest extends PHPUnit_Framework_TestCase
             "message" => "abc",
             "exp" => time() + 20); // time in the future
         $encoded = JWT::encode($payload, 'my_key');
-        $this->setExpectedException('SignatureInvalidException');
+        $this->setExpectedException('Firebase\JWT\SignatureInvalidException');
         $decoded = JWT::decode($encoded, 'my_key2', array('HS256'));
     }
 
@@ -254,4 +255,10 @@ class JWTTest extends PHPUnit_Framework_TestCase
         $msg = JWT::encode('abc', 'my_key', 'HS256', null, array('cty' => 'test-eit;v=1'));
         $this->assertEquals(JWT::decode($msg, 'my_key', array('HS256')), 'abc');        
     }
+
+    public function testInvalidSegmentCount()
+    {
+        $this->setExpectedException('UnexpectedValueException');
+        JWT::decode('brokenheader.brokenbody', 'my_key', array('HS256'));
+    }
 }