function bakery_validate_data in Bakery Single Sign-On System 7.4
Same name and namespace in other branches
- 6.2 bakery.module \bakery_validate_data()
- 7.2 bakery.module \bakery_validate_data()
Validate signature and attributes.
Parameters
Serialized token data.:
Optional string defining the type of data this is.:
Return value
\Lcobucci\JWT\Token A token object
Throws
\Exception on failure
5 calls to bakery_validate_data()
- bakery_profile_request_account in ./
bakery_profile.module - Request account information from master to create account locally.
- bakery_profile_taste_gingerbread_cookie in ./
bakery_profile.module - Validate the account information request.
- bakery_profile_taste_stroopwafel_cookie in ./
bakery_profile.module - Validate update request.
- bakery_profile_taste_thinmint_cookie in ./
bakery_profile.module - Verify the validation request.
- _bakery_validate_cookie in ./
bakery.module - Function to validate cookies
File
- ./
bakery.module, line 430
Code
function bakery_validate_data($data, $type = NULL) {
$key = variable_get('bakery_key', '');
// Parse the provided token and check the signature.
$token = (new Parser())
->parse((string) $data);
if (!$token
->verify(_bakery_signer(), $key)) {
throw new \InvalidArgumentException('Could not verify the signature');
}
// Verify other attibutes.
$uri = _bakery_uri();
$validation = new ValidationData();
$validation
->setIssuer($uri);
$validation
->setAudience($uri);
if (!$token
->validate($validation)) {
throw new \InvalidArgumentException('Could not validate the issuer and audience');
}
// Prevent one cookie being used in place of another.
if ($type !== NULL && $token
->getClaim('type') !== $type) {
throw new \InvalidArgumentException('Could not validate the type');
}
return $token;
}