class JwtRsKeyType in JSON Web Token Authentication (JWT) 8
Same name and namespace in other branches
- 8.0 src/Plugin/KeyType/JwtRsKeyType.php \Drupal\jwt\Plugin\KeyType\JwtRsKeyType
Defines a key type for JWT RSA Signatures.
Plugin annotation
@KeyType(
id = "jwt_rs",
label = @Translation("JWT RSA Key"),
description = @Translation("A key type used for JWT RSA signature algorithms."),
group = "privatekey",
key_value = {
"plugin" = "textarea_field"
}
)
Hierarchy
- class \Drupal\Component\Plugin\PluginBase implements DerivativeInspectionInterface, PluginInspectionInterface
- class \Drupal\Core\Plugin\PluginBase uses DependencySerializationTrait, MessengerTrait, StringTranslationTrait
- class \Drupal\key\Plugin\KeyPluginBase implements KeyPluginInterface
- class \Drupal\key\Plugin\KeyTypeBase implements KeyTypeInterface
- class \Drupal\jwt\Plugin\KeyType\JwtRsKeyType implements KeyPluginFormInterface
- class \Drupal\key\Plugin\KeyTypeBase implements KeyTypeInterface
- class \Drupal\key\Plugin\KeyPluginBase implements KeyPluginInterface
- class \Drupal\Core\Plugin\PluginBase uses DependencySerializationTrait, MessengerTrait, StringTranslationTrait
Expanded class hierarchy of JwtRsKeyType
File
- src/
Plugin/ KeyType/ JwtRsKeyType.php, line 22
Namespace
Drupal\jwt\Plugin\KeyTypeView source
class JwtRsKeyType extends KeyTypeBase implements KeyPluginFormInterface {
/**
* {@inheritdoc}
*/
public function defaultConfiguration() {
return [
'algorithm' => 'RS256',
];
}
/**
* {@inheritdoc}
*/
public function buildConfigurationForm(array $form, FormStateInterface $form_state) {
$algorithm_options = [
'RS256' => $this
->t('RSASSA-PKCS1-v1_5 using SHA-256 (RS256)'),
];
$algorithm = $this
->getConfiguration()['algorithm'];
$form['algorithm'] = [
'#type' => 'select',
'#title' => $this
->t('JWT Algorithm'),
'#description' => $this
->t('The JWT Algorithm to use with this key.'),
'#options' => $algorithm_options,
'#default_value' => $algorithm,
'#required' => TRUE,
];
return $form;
}
/**
* {@inheritdoc}
*/
public function validateConfigurationForm(array &$form, FormStateInterface $form_state) {
}
/**
* {@inheritdoc}
*/
public function submitConfigurationForm(array &$form, FormStateInterface $form_state) {
$this
->setConfiguration($form_state
->getValues());
}
/**
* {@inheritdoc}
*/
public static function generateKeyValue(array $configuration) {
$algorithm_keysize = self::getAlgorithmKeysize();
$algorithm = $configuration['algorithm'];
if (empty($algorithm) || !isset($algorithm_keysize[$algorithm])) {
$algorithm = 'RS256';
}
$key_resource = openssl_pkey_new([
'private_key_bits' => $algorithm_keysize[$algorithm],
'private_key_type' => OPENSSL_KEYTYPE_RSA,
]);
$key_string = '';
openssl_pkey_export($key_resource, $key_string);
openssl_pkey_free($key_resource);
return $key_string;
}
/**
* {@inheritdoc}
*/
public function validateKeyValue(array $form, FormStateInterface $form_state, $key_value) {
if (!$form_state
->getValue('algorithm')) {
return;
}
// Validate the key.
$algorithm = $form_state
->getValue('algorithm');
if (strpos($key_value, '-----BEGIN PUBLIC KEY-----') !== FALSE) {
$key_resource = openssl_pkey_get_public($key_value);
}
else {
$key_resource = openssl_pkey_get_private($key_value);
}
if ($key_resource === FALSE) {
$form_state
->setErrorByName('key_type', $this
->t('Invalid Key.'));
return;
}
$key_details = openssl_pkey_get_details($key_resource);
if ($key_details === FALSE) {
$form_state
->setErrorByName('key_type', $this
->t('Unable to get key details.'));
return;
}
$required_bits = self::getAlgorithmKeysize()[$algorithm];
if ($key_details['bits'] < $required_bits) {
$form_state
->setErrorByName('key_type', $this
->t('Key size (%size bits) is too small for algorithm chosen. Algorithm requires a minimum of %required bits.', [
'%size' => $key_details['bits'],
'%required' => $required_bits,
]));
}
if ($key_details['type'] != OPENSSL_KEYTYPE_RSA) {
$form_state
->setErrorByName('key_type', $this
->t('Key must be RSA.'));
}
openssl_pkey_free($key_resource);
}
/**
* Get keysizes for the various algorithms.
*
* @return array
* An array key keysizes.
*/
protected static function getAlgorithmKeysize() {
return [
'RS256' => 2048,
];
}
}Members
Name |
Modifiers | Type | Description | Overrides |
|---|---|---|---|---|
|
DependencySerializationTrait:: |
protected | property | An array of entity type IDs keyed by the property name of their storages. | |
|
DependencySerializationTrait:: |
protected | property | An array of service IDs keyed by property name used for serialization. | |
|
DependencySerializationTrait:: |
public | function | 1 | |
|
DependencySerializationTrait:: |
public | function | 2 | |
|
JwtRsKeyType:: |
public | function |
Form constructor. Overrides PluginFormInterface:: |
|
|
JwtRsKeyType:: |
public | function |
Gets default configuration for this plugin. Overrides KeyPluginBase:: |
|
|
JwtRsKeyType:: |
public static | function |
Generate a key value of this type using the submitted configuration. Overrides KeyTypeInterface:: |
|
|
JwtRsKeyType:: |
protected static | function | Get keysizes for the various algorithms. | |
|
JwtRsKeyType:: |
public | function |
Form submission handler. Overrides PluginFormInterface:: |
|
|
JwtRsKeyType:: |
public | function |
Form validation handler. Overrides PluginFormInterface:: |
|
|
JwtRsKeyType:: |
public | function |
Allows the Key Type plugin to validate the key value. Overrides KeyTypeInterface:: |
|
|
KeyPluginBase:: |
public | function |
Calculates dependencies for the configured plugin. Overrides DependentPluginInterface:: |
|
|
KeyPluginBase:: |
public static | function |
Creates an instance of the plugin. Overrides ContainerFactoryPluginInterface:: |
1 |
|
KeyPluginBase:: |
public | function |
Gets this plugin's configuration. Overrides ConfigurableInterface:: |
|
|
KeyPluginBase:: |
public | function |
Returns the type of plugin. Overrides KeyPluginInterface:: |
|
|
KeyPluginBase:: |
public | function |
Sets the configuration for this plugin instance. Overrides ConfigurableInterface:: |
|
|
KeyPluginBase:: |
public | function |
Constructs a \Drupal\Component\Plugin\PluginBase object. Overrides PluginBase:: |
|
|
MessengerTrait:: |
protected | property | The messenger. | 29 |
|
MessengerTrait:: |
public | function | Gets the messenger. | 29 |
|
MessengerTrait:: |
public | function | Sets the messenger. | |
|
PluginBase:: |
protected | property | Configuration information passed into the plugin. | 1 |
|
PluginBase:: |
protected | property | The plugin implementation definition. | 1 |
|
PluginBase:: |
protected | property | The plugin_id. | |
|
PluginBase:: |
constant | A string which is used to separate base plugin IDs from the derivative ID. | ||
|
PluginBase:: |
public | function |
Gets the base_plugin_id of the plugin instance. Overrides DerivativeInspectionInterface:: |
|
|
PluginBase:: |
public | function |
Gets the derivative_id of the plugin instance. Overrides DerivativeInspectionInterface:: |
|
|
PluginBase:: |
public | function |
Gets the definition of the plugin implementation. Overrides PluginInspectionInterface:: |
3 |
|
PluginBase:: |
public | function |
Gets the plugin_id of the plugin instance. Overrides PluginInspectionInterface:: |
|
|
PluginBase:: |
public | function | Determines if the plugin is configurable. | |
|
StringTranslationTrait:: |
protected | property | The string translation service. | 1 |
|
StringTranslationTrait:: |
protected | function | Formats a string containing a count of items. | |
|
StringTranslationTrait:: |
protected | function | Returns the number of plurals supported by a given language. | |
|
StringTranslationTrait:: |
protected | function | Gets the string translation service. | |
|
StringTranslationTrait:: |
public | function | Sets the string translation service to use. | 2 |
|
StringTranslationTrait:: |
protected | function | Translates a string to the current language or to a given language. |