ILIAS  release_8 Revision v8.24
Public Member Functions | Private Member Functions | Private Attributes
Firebase\JWT\CachedKeySet Class Reference

<string, Key> More...

+ Inheritance diagram for Firebase\JWT\CachedKeySet:
+ Collaboration diagram for Firebase\JWT\CachedKeySet:

Public Member Functions

 __construct (string $jwksUri, ClientInterface $httpClient, RequestFactoryInterface $httpFactory, CacheItemPoolInterface $cache, int $expiresAfter=null, bool $rateLimit=false, string $defaultAlg=null)
 
 offsetGet ($keyId)
 
 offsetExists ($keyId)
 
 offsetSet ($offset, $value)
 
 offsetUnset ($offset)
 

Private Member Functions

 formatJwksForCache (string $jwks)
 
 keyIdExists (string $keyId)
 
 rateLimitExceeded ()
 
 getCacheItem ()
 
 setCacheKeys ()
 

Private Attributes

string $jwksUri
 
ClientInterface $httpClient
 
RequestFactoryInterface $httpFactory
 
CacheItemPoolInterface $cache
 
int $expiresAfter
 
CacheItemInterface $cacheItem
 
array $keySet
 
string $cacheKey
 
string $cacheKeyPrefix = 'jwks'
 
int $maxKeyLength = 64
 
bool $rateLimit
 
string $rateLimitCacheKey
 
int $maxCallsPerMinute = 10
 
string $defaultAlg
 

Detailed Description

<string, Key>

Definition at line 19 of file CachedKeySet.php.

Constructor & Destructor Documentation

◆ __construct()

Firebase\JWT\CachedKeySet::__construct ( string  $jwksUri,
ClientInterface  $httpClient,
RequestFactoryInterface  $httpFactory,
CacheItemPoolInterface  $cache,
int  $expiresAfter = null,
bool  $rateLimit = false,
string  $defaultAlg = null 
)

Definition at line 78 of file CachedKeySet.php.

86 {
87 $this->jwksUri = $jwksUri;
88 $this->httpClient = $httpClient;
89 $this->httpFactory = $httpFactory;
90 $this->cache = $cache;
91 $this->expiresAfter = $expiresAfter;
92 $this->rateLimit = $rateLimit;
93 $this->defaultAlg = $defaultAlg;
94 $this->setCacheKeys();
95 }
Firebase\JWT\CachedKeySet\$httpClient
ClientInterface $httpClient
Definition: CachedKeySet.php:28
Firebase\JWT\CachedKeySet\$cache
CacheItemPoolInterface $cache
Definition: CachedKeySet.php:36
Firebase\JWT\CachedKeySet\$httpFactory
RequestFactoryInterface $httpFactory
Definition: CachedKeySet.php:32

References Firebase\JWT\CachedKeySet\$cache, Firebase\JWT\CachedKeySet\$defaultAlg, Firebase\JWT\CachedKeySet\$expiresAfter, Firebase\JWT\CachedKeySet\$httpClient, Firebase\JWT\CachedKeySet\$httpFactory, Firebase\JWT\CachedKeySet\$jwksUri, Firebase\JWT\CachedKeySet\$rateLimit, and Firebase\JWT\CachedKeySet\setCacheKeys().

+ Here is the call graph for this function:

Member Function Documentation

◆ formatJwksForCache()

Firebase\JWT\CachedKeySet::formatJwksForCache ( string  $jwks)
private
Returns
array<mixed>

Definition at line 138 of file CachedKeySet.php.

138 : array
139 {
140 $jwks = json_decode($jwks, true);
141
142 if (!isset($jwks['keys'])) {
143 throw new UnexpectedValueException('"keys" member must exist in the JWK Set');
144 }
145
146 if (empty($jwks['keys'])) {
147 throw new InvalidArgumentException('JWK Set did not contain any keys');
148 }
149
150 $keys = [];
151 foreach ($jwks['keys'] as $k => $v) {
152 $kid = isset($v['kid']) ? $v['kid'] : $k;
153 $keys[(string) $kid] = $v;
154 }
155
156 return $keys;
157 }
$keys
$keys
Definition: metadata.php:204
ILIAS\LTI\ToolProvider\$kid
string $kid
Key ID.
Definition: System.php:88

References $keys, and ILIAS\LTI\ToolProvider\$kid.

Referenced by Firebase\JWT\CachedKeySet\keyIdExists().

+ Here is the caller graph for this function:

◆ getCacheItem()

Firebase\JWT\CachedKeySet::getCacheItem ( )
private

Definition at line 229 of file CachedKeySet.php.

229 : CacheItemInterface
230 {
231 if (\is_null($this->cacheItem)) {
232 $this->cacheItem = $this->cache->getItem($this->cacheKey);
233 }
234
235 return $this->cacheItem;
236 }
Firebase\JWT\CachedKeySet\$cacheItem
CacheItemInterface $cacheItem
Definition: CachedKeySet.php:44

References Firebase\JWT\CachedKeySet\$cacheItem.

Referenced by Firebase\JWT\CachedKeySet\keyIdExists().

+ Here is the caller graph for this function:

◆ keyIdExists()

Firebase\JWT\CachedKeySet::keyIdExists ( string  $keyId)
private

Definition at line 159 of file CachedKeySet.php.

159 : bool
160 {
161 if (null === $this->keySet) {
162 $item = $this->getCacheItem();
163 // Try to load keys from cache
164 if ($item->isHit()) {
165 // item found! retrieve it
166 $this->keySet = $item->get();
167 // If the cached item is a string, the JWKS response was cached (previous behavior).
168 // Parse this into expected format array<kid, jwk> instead.
169 if (\is_string($this->keySet)) {
170 $this->keySet = $this->formatJwksForCache($this->keySet);
171 }
172 }
173 }
174
175 if (!isset($this->keySet[$keyId])) {
176 if ($this->rateLimitExceeded()) {
177 return false;
178 }
179 $request = $this->httpFactory->createRequest('GET', $this->jwksUri);
180 $jwksResponse = $this->httpClient->sendRequest($request);
181 if ($jwksResponse->getStatusCode() !== 200) {
182 throw new UnexpectedValueException(
183 sprintf(
184 'HTTP Error: %d %s for URI "%s"',
185 $jwksResponse->getStatusCode(),
186 $jwksResponse->getReasonPhrase(),
187 $this->jwksUri,
188 ),
189 $jwksResponse->getStatusCode()
190 );
191 }
192 $this->keySet = $this->formatJwksForCache((string) $jwksResponse->getBody());
193
194 if (!isset($this->keySet[$keyId])) {
195 return false;
196 }
197
198 $item = $this->getCacheItem();
199 $item->set($this->keySet);
200 if ($this->expiresAfter) {
201 $item->expiresAfter($this->expiresAfter);
202 }
203 $this->cache->save($item);
204 }
205
206 return true;
207 }
Firebase\JWT\CachedKeySet\formatJwksForCache
formatJwksForCache(string $jwks)
Definition: CachedKeySet.php:138

References Firebase\JWT\CachedKeySet\formatJwksForCache(), Firebase\JWT\CachedKeySet\getCacheItem(), and Firebase\JWT\CachedKeySet\rateLimitExceeded().

Referenced by Firebase\JWT\CachedKeySet\offsetExists(), and Firebase\JWT\CachedKeySet\offsetGet().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ offsetExists()

Firebase\JWT\CachedKeySet::offsetExists (   $keyId)
Parameters
string$keyId
Returns
bool

Definition at line 113 of file CachedKeySet.php.

113 : bool
114 {
115 return $this->keyIdExists($keyId);
116 }
Firebase\JWT\CachedKeySet\keyIdExists
keyIdExists(string $keyId)
Definition: CachedKeySet.php:159

References Firebase\JWT\CachedKeySet\keyIdExists().

+ Here is the call graph for this function:

◆ offsetGet()

Firebase\JWT\CachedKeySet::offsetGet (   $keyId)
Parameters
string$keyId
Returns
Key

Definition at line 101 of file CachedKeySet.php.

101 : Key
102 {
103 if (!$this->keyIdExists($keyId)) {
104 throw new OutOfBoundsException('Key ID not found');
105 }
106 return JWK::parseKey($this->keySet[$keyId], $this->defaultAlg);
107 }
Firebase\JWT\JWK\parseKey
static parseKey(array $jwk, string $defaultAlg=null)
Parse a JWK key.
Definition: JWK.php:96

References Firebase\JWT\CachedKeySet\keyIdExists(), and Firebase\JWT\JWK\parseKey().

+ Here is the call graph for this function:

◆ offsetSet()

Firebase\JWT\CachedKeySet::offsetSet (   $offset,
  $value 
)
Parameters
string$offset
Key$value

Definition at line 122 of file CachedKeySet.php.

122 : void
123 {
124 throw new LogicException('Method not implemented');
125 }

◆ offsetUnset()

Firebase\JWT\CachedKeySet::offsetUnset (   $offset)
Parameters
string$offset

Definition at line 130 of file CachedKeySet.php.

130 : void
131 {
132 throw new LogicException('Method not implemented');
133 }

◆ rateLimitExceeded()

Firebase\JWT\CachedKeySet::rateLimitExceeded ( )
private

Definition at line 209 of file CachedKeySet.php.

209 : bool
210 {
211 if (!$this->rateLimit) {
212 return false;
213 }
214
215 $cacheItem = $this->cache->getItem($this->rateLimitCacheKey);
216 if (!$cacheItem->isHit()) {
217 $cacheItem->expiresAfter(1); // # of calls are cached each minute
218 }
219
220 $callsPerMinute = (int) $cacheItem->get();
221 if (++$callsPerMinute > $this->maxCallsPerMinute) {
222 return true;
223 }
224 $cacheItem->set($callsPerMinute);
225 $this->cache->save($cacheItem);
226 return false;
227 }

References Firebase\JWT\CachedKeySet\$cacheItem, and ILIAS\Repository\int().

Referenced by Firebase\JWT\CachedKeySet\keyIdExists().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ setCacheKeys()

Firebase\JWT\CachedKeySet::setCacheKeys ( )
private

Definition at line 238 of file CachedKeySet.php.

238 : void
239 {
240 if (empty($this->jwksUri)) {
241 throw new RuntimeException('JWKS URI is empty');
242 }
243
244 // ensure we do not have illegal characters
245 $key = preg_replace('|[^a-zA-Z0-9_\.!]|', '', $this->jwksUri);
246
247 // add prefix
248 $key = $this->cacheKeyPrefix . $key;
249
250 // Hash keys if they exceed $maxKeyLength of 64
251 if (\strlen($key) > $this->maxKeyLength) {
252 $key = substr(hash('sha256', $key), 0, $this->maxKeyLength);
253 }
254
255 $this->cacheKey = $key;
256
257 if ($this->rateLimit) {
258 // add prefix
259 $rateLimitKey = $this->cacheKeyPrefix . 'ratelimit' . $key;
260
261 // Hash keys if they exceed $maxKeyLength of 64
262 if (\strlen($rateLimitKey) > $this->maxKeyLength) {
263 $rateLimitKey = substr(hash('sha256', $rateLimitKey), 0, $this->maxKeyLength);
264 }
265
266 $this->rateLimitCacheKey = $rateLimitKey;
267 }
268 }
ILIAS\LTI\ToolProvider\$key
string $key
Consumer key/client ID value.
Definition: System.php:193

References ILIAS\LTI\ToolProvider\$key.

Referenced by Firebase\JWT\CachedKeySet\__construct().

+ Here is the caller graph for this function:

Field Documentation

◆ $cache

CacheItemPoolInterface Firebase\JWT\CachedKeySet::$cache
private

Definition at line 36 of file CachedKeySet.php.

Referenced by Firebase\JWT\CachedKeySet\__construct().

◆ $cacheItem

CacheItemInterface Firebase\JWT\CachedKeySet::$cacheItem
private

Definition at line 44 of file CachedKeySet.php.

Referenced by Firebase\JWT\CachedKeySet\getCacheItem(), and Firebase\JWT\CachedKeySet\rateLimitExceeded().

◆ $cacheKey

string Firebase\JWT\CachedKeySet::$cacheKey
private

Definition at line 52 of file CachedKeySet.php.

◆ $cacheKeyPrefix

string Firebase\JWT\CachedKeySet::$cacheKeyPrefix = 'jwks'
private

Definition at line 56 of file CachedKeySet.php.

◆ $defaultAlg

string Firebase\JWT\CachedKeySet::$defaultAlg
private

Definition at line 76 of file CachedKeySet.php.

Referenced by Firebase\JWT\CachedKeySet\__construct().

◆ $expiresAfter

int Firebase\JWT\CachedKeySet::$expiresAfter
private

Definition at line 40 of file CachedKeySet.php.

Referenced by Firebase\JWT\CachedKeySet\__construct().

◆ $httpClient

ClientInterface Firebase\JWT\CachedKeySet::$httpClient
private

Definition at line 28 of file CachedKeySet.php.

Referenced by Firebase\JWT\CachedKeySet\__construct().

◆ $httpFactory

RequestFactoryInterface Firebase\JWT\CachedKeySet::$httpFactory
private

Definition at line 32 of file CachedKeySet.php.

Referenced by Firebase\JWT\CachedKeySet\__construct().

◆ $jwksUri

string Firebase\JWT\CachedKeySet::$jwksUri
private

Definition at line 24 of file CachedKeySet.php.

Referenced by Firebase\JWT\CachedKeySet\__construct().

◆ $keySet

array Firebase\JWT\CachedKeySet::$keySet
private

Definition at line 48 of file CachedKeySet.php.

◆ $maxCallsPerMinute

int Firebase\JWT\CachedKeySet::$maxCallsPerMinute = 10
private

Definition at line 72 of file CachedKeySet.php.

◆ $maxKeyLength

int Firebase\JWT\CachedKeySet::$maxKeyLength = 64
private

Definition at line 60 of file CachedKeySet.php.

◆ $rateLimit

bool Firebase\JWT\CachedKeySet::$rateLimit
private

Definition at line 64 of file CachedKeySet.php.

Referenced by Firebase\JWT\CachedKeySet\__construct().

◆ $rateLimitCacheKey

string Firebase\JWT\CachedKeySet::$rateLimitCacheKey
private

Definition at line 68 of file CachedKeySet.php.

The documentation for this class was generated from the following file: