Skip to content

Commit 240edef

Browse files
author
csteipp
committed
optimize, and remove all php-jwt code
1 parent d5e3ac1 commit 240edef

File tree

1 file changed

+4
-12
lines changed

1 file changed

+4
-12
lines changed

MWOAuthClient.php

Lines changed: 4 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -234,11 +234,12 @@ private function makeCurlCall( $url, $headers, $isPost, $postFields, MWOAuthClie
234234

235235

236236
private function decodeJWT( $JWT, $secret ) {
237+
$JWT = strtr( $JWT, '-_', '+/' );
237238
list( $headb64, $bodyb64, $sigb64 ) = explode( '.', $JWT );
238239

239-
$header = json_decode( $this->urlsafeB64Decode( $headb64 ) );
240-
$payload = json_decode( $this->urlsafeB64Decode( $bodyb64 ) );
241-
$sig = $this->urlsafeB64Decode( $sigb64 );
240+
$header = json_decode( base64_decode( $headb64 ) );
241+
$payload = json_decode( base64_decode( $bodyb64 ) );
242+
$sig = base64_decode( $sigb64 );
242243

243244
// MediaWiki will only use sha256 hmac (HS256) for now. This check makes sure
244245
// an attacker doesn't return a JWT with 'none' signature type.
@@ -275,15 +276,6 @@ protected function validateJWT( $identity, $consumerKey, $expectedConnonicalServ
275276
return true;
276277
}
277278

278-
private function urlsafeB64Decode( $input ) {
279-
$remainder = strlen( $input ) % 4;
280-
if ( $remainder ) {
281-
$padlen = 4 - $remainder;
282-
$input .= str_repeat( '=', $padlen );
283-
}
284-
return base64_decode( strtr( $input, '-_', '+/' ) );
285-
}
286-
287279
// Constant time comparison
288280
private function compareHash( $hash1, $hash2 ) {
289281
$result = strlen( $hash1 ) ^ strlen( $hash2 );

0 commit comments

Comments
 (0)