Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 6 additions & 2 deletions src/Codec.php
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@

namespace Firehed\JWT;

use SensitiveParameter;

/**
* Convenience wrapper for key management. The intent is to set up an instance
* of this class once in your application's DI container, and pass it around
Expand All @@ -29,8 +31,10 @@ public function encode(array $claims, $keyId = null): string
return $jwt->getEncoded($keyId);
}

public function decode(string $jwt): JWT
{
public function decode(
#[SensitiveParameter]
string $jwt
): JWT {
return JWT::fromEncoded($jwt, $this->keys);
}
}
8 changes: 6 additions & 2 deletions src/JWT.php
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
use Exception;
use Firehed\Security\Secret;
use RuntimeException;
use SensitiveParameter;
use UnexpectedValueException;

class JWT
Expand Down Expand Up @@ -88,8 +89,11 @@ public function setKeys(KeyContainer $keys): self
return $this;
}

public static function fromEncoded(string $encoded, KeyContainer $keys): self
{
public static function fromEncoded(
#[SensitiveParameter]
string $encoded,
KeyContainer $keys
): self {
// This should exactly follow s7.2 of the IETF JWT spec
$parts = explode('.', $encoded);
if (3 !== count($parts)) {
Expand Down