mirrors/PocketMine-MP
1
0
Fork 0
mirror of https://github.com/pmmp/PocketMine-MP.git synced 2025-06-12 22:45:28 +00:00
Code Issues Projects Releases Wiki Activity

Properly handle error conditions in Utils::decodeJWT()

Browse Source
This commit is contained in:
Dylan K. Taylor 2020-04-15 10:18:02 +01:00
parent 2281fe4e67
commit 917c744266
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/pocketmine/utils/Utils.php
View File

@ -480,9 +480,18 @@ class Utils{
* @phpstan-return array<string, mixed> * @phpstan-return array<string, mixed>
*/ */
public static function decodeJWT(string $token) : array{ public static function decodeJWT(string $token) : array{
list($headB64, $payloadB64, $sigB64) = explode(".", $token); [$headB64, $payloadB64, $sigB64] = explode(".", $token);
return json_decode(base64_decode(strtr($payloadB64, '-_', '+/'), true), true); $rawPayloadJSON = base64_decode(strtr($payloadB64, '-_', '+/'), true);
if($rawPayloadJSON === false){
throw new \InvalidArgumentException("Payload base64 is invalid and cannot be decoded");
}
$decodedPayload = json_decode($rawPayloadJSON, true);
if(!is_array($decodedPayload)){
throw new \InvalidArgumentException("Decoded payload should be array, " . gettype($decodedPayload) . " received");
}
return $decodedPayload;
} }
/** /**