JwtHsKeyType.php in JSON Web Token Authentication (JWT) 8
File
src/Plugin/KeyType/JwtHsKeyType.php
View source
<?php
namespace Drupal\jwt\Plugin\KeyType;
use Drupal\Core\Form\FormStateInterface;
use Drupal\Component\Utility\Crypt;
use Drupal\key\Plugin\KeyTypeBase;
use Drupal\key\Plugin\KeyPluginFormInterface;
class JwtHsKeyType extends KeyTypeBase implements KeyPluginFormInterface {
public function defaultConfiguration() {
return [
'algorithm' => 'HS256',
];
}
public function buildConfigurationForm(array $form, FormStateInterface $form_state) {
$algorithm_options = [
'HS256' => $this
->t('HMAC using SHA-256 (HS256)'),
'HS384' => $this
->t('HMAC using SHA-384 (HS384)'),
'HS512' => $this
->t('HMAC using SHA-512 (HS512)'),
];
$algorithm = $this
->getConfiguration()['algorithm'];
$form['algorithm'] = [
'#type' => 'select',
'#title' => $this
->t('JWT Algorithm'),
'#description' => $this
->t('The JWT Algorithm to use with this key.'),
'#options' => $algorithm_options,
'#default_value' => $algorithm,
'#required' => TRUE,
];
return $form;
}
public function validateConfigurationForm(array &$form, FormStateInterface $form_state) {
}
public function submitConfigurationForm(array &$form, FormStateInterface $form_state) {
$this
->setConfiguration($form_state
->getValues());
}
public static function generateKeyValue(array $configuration) {
$algorithm_keysize = self::getAlgorithmKeysize();
$algorithm = $configuration['algorithm'];
if (!empty($algorithm) && isset($algorithm_keysize[$algorithm])) {
$bytes = $algorithm_keysize[$algorithm] / 8;
}
else {
$bytes = $algorithm_keysize['HS256'] / 8;
}
$random_key = random_bytes($bytes);
return $random_key;
}
public function validateKeyValue(array $form, FormStateInterface $form_state, $key_value) {
if (!$form_state
->getValue('algorithm')) {
return;
}
$algorithm = $form_state
->getValue('algorithm');
$bytes = self::getAlgorithmKeysize()[$algorithm] / 8;
if (strlen($key_value) < $bytes) {
$form_state
->setErrorByName('algorithm', $this
->t('Key size (%size bits) is too small for algorithm chosen. Algorithm requires a minimum of %required bits.', [
'%size' => strlen($key_value) * 8,
'%required' => $bytes * 8,
]));
}
}
protected static function getAlgorithmKeysize() {
return [
'HS256' => 512,
'HS384' => 1024,
'HS512' => 1024,
];
}
}