ILIAS  release_8 Revision v8.23
Public Member Functions | Private Member Functions | Private Attributes
Firebase\JWT\CachedKeySet Class Reference
+ Inheritance diagram for Firebase\JWT\CachedKeySet:
+ Collaboration diagram for Firebase\JWT\CachedKeySet:

Public Member Functions

 __construct (string $jwksUri, ClientInterface $httpClient, RequestFactoryInterface $httpFactory, CacheItemPoolInterface $cache, int $expiresAfter=null, bool $rateLimit=false, string $defaultAlg=null)
 
 offsetGet ($keyId)
 
 offsetExists ($keyId)
 
 offsetSet ($offset, $value)
 
 offsetUnset ($offset)
 

Private Member Functions

 formatJwksForCache (string $jwks)
 
 keyIdExists (string $keyId)
 
 rateLimitExceeded ()
 
 getCacheItem ()
 
 setCacheKeys ()
 

Private Attributes

string $jwksUri
 
ClientInterface $httpClient
 
RequestFactoryInterface $httpFactory
 
CacheItemPoolInterface $cache
 
int $expiresAfter
 
CacheItemInterface $cacheItem
 
array $keySet
 
string $cacheKey
 
string $cacheKeyPrefix = 'jwks'
 
int $maxKeyLength = 64
 
bool $rateLimit
 
string $rateLimitCacheKey
 
int $maxCallsPerMinute = 10
 
string $defaultAlg
 

Detailed Description

<string, Key>

Definition at line 19 of file CachedKeySet.php.

Constructor & Destructor Documentation

◆ __construct()

Firebase\JWT\CachedKeySet::__construct ( string  $jwksUri,
ClientInterface  $httpClient,
RequestFactoryInterface  $httpFactory,
CacheItemPoolInterface  $cache,
int  $expiresAfter = null,
bool  $rateLimit = false,
string  $defaultAlg = null 
)

Definition at line 78 of file CachedKeySet.php.

References Firebase\JWT\CachedKeySet\$cache, Firebase\JWT\CachedKeySet\$defaultAlg, Firebase\JWT\CachedKeySet\$expiresAfter, Firebase\JWT\CachedKeySet\$httpClient, Firebase\JWT\CachedKeySet\$httpFactory, Firebase\JWT\CachedKeySet\$jwksUri, Firebase\JWT\CachedKeySet\$rateLimit, and Firebase\JWT\CachedKeySet\setCacheKeys().

86  {
87  $this->jwksUri = $jwksUri;
88  $this->httpClient = $httpClient;
89  $this->httpFactory = $httpFactory;
90  $this->cache = $cache;
91  $this->expiresAfter = $expiresAfter;
92  $this->rateLimit = $rateLimit;
93  $this->defaultAlg = $defaultAlg;
94  $this->setCacheKeys();
95  }
Firebase\JWT\CachedKeySet\$httpFactory
RequestFactoryInterface $httpFactory
Definition: CachedKeySet.php:32
Firebase\JWT\CachedKeySet\$cache
CacheItemPoolInterface $cache
Definition: CachedKeySet.php:36
Firebase\JWT\CachedKeySet\$httpClient
ClientInterface $httpClient
Definition: CachedKeySet.php:28
+ Here is the call graph for this function:

Member Function Documentation

◆ formatJwksForCache()

Firebase\JWT\CachedKeySet::formatJwksForCache ( string  $jwks)
private
Returns
array<mixed>

Definition at line 138 of file CachedKeySet.php.

References $keys, and ILIAS\LTI\ToolProvider\$kid.

Referenced by Firebase\JWT\CachedKeySet\keyIdExists().

138  : array
139  {
140  $jwks = json_decode($jwks, true);
141 
142  if (!isset($jwks['keys'])) {
143  throw new UnexpectedValueException('"keys" member must exist in the JWK Set');
144  }
145 
146  if (empty($jwks['keys'])) {
147  throw new InvalidArgumentException('JWK Set did not contain any keys');
148  }
149 
150  $keys = [];
151  foreach ($jwks['keys'] as $k => $v) {
152  $kid = isset($v['kid']) ? $v['kid'] : $k;
153  $keys[(string) $kid] = $v;
154  }
155 
156  return $keys;
157  }
ILIAS\LTI\ToolProvider\$kid
string $kid
Key ID.
Definition: System.php:88
$keys
$keys
Definition: metadata.php:204
+ Here is the caller graph for this function:

◆ getCacheItem()

Firebase\JWT\CachedKeySet::getCacheItem ( )
private

Definition at line 229 of file CachedKeySet.php.

References Firebase\JWT\CachedKeySet\$cacheItem.

Referenced by Firebase\JWT\CachedKeySet\keyIdExists().

229  : CacheItemInterface
230  {
231  if (\is_null($this->cacheItem)) {
232  $this->cacheItem = $this->cache->getItem($this->cacheKey);
233  }
234 
235  return $this->cacheItem;
236  }
Firebase\JWT\CachedKeySet\$cacheItem
CacheItemInterface $cacheItem
Definition: CachedKeySet.php:44
+ Here is the caller graph for this function:

◆ keyIdExists()

Firebase\JWT\CachedKeySet::keyIdExists ( string  $keyId)
private

Definition at line 159 of file CachedKeySet.php.

References Firebase\JWT\CachedKeySet\$jwksUri, Firebase\JWT\CachedKeySet\formatJwksForCache(), Firebase\JWT\CachedKeySet\getCacheItem(), and Firebase\JWT\CachedKeySet\rateLimitExceeded().

Referenced by Firebase\JWT\CachedKeySet\offsetExists(), and Firebase\JWT\CachedKeySet\offsetGet().

159  : bool
160  {
161  if (null === $this->keySet) {
162  $item = $this->getCacheItem();
163  // Try to load keys from cache
164  if ($item->isHit()) {
165  // item found! retrieve it
166  $this->keySet = $item->get();
167  // If the cached item is a string, the JWKS response was cached (previous behavior).
168  // Parse this into expected format array<kid, jwk> instead.
169  if (\is_string($this->keySet)) {
170  $this->keySet = $this->formatJwksForCache($this->keySet);
171  }
172  }
173  }
174 
175  if (!isset($this->keySet[$keyId])) {
176  if ($this->rateLimitExceeded()) {
177  return false;
178  }
179  $request = $this->httpFactory->createRequest('GET', $this->jwksUri);
180  $jwksResponse = $this->httpClient->sendRequest($request);
181  if ($jwksResponse->getStatusCode() !== 200) {
182  throw new UnexpectedValueException(
183  sprintf(
184  'HTTP Error: %d %s for URI "%s"',
185  $jwksResponse->getStatusCode(),
186  $jwksResponse->getReasonPhrase(),
187  $this->jwksUri,
188  ),
189  $jwksResponse->getStatusCode()
190  );
191  }
192  $this->keySet = $this->formatJwksForCache((string) $jwksResponse->getBody());
193 
194  if (!isset($this->keySet[$keyId])) {
195  return false;
196  }
197 
198  $item = $this->getCacheItem();
199  $item->set($this->keySet);
200  if ($this->expiresAfter) {
201  $item->expiresAfter($this->expiresAfter);
202  }
203  $this->cache->save($item);
204  }
205 
206  return true;
207  }
Firebase\JWT\CachedKeySet\formatJwksForCache
formatJwksForCache(string $jwks)
Definition: CachedKeySet.php:138
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ offsetExists()

Firebase\JWT\CachedKeySet::offsetExists (   $keyId)
Parameters
string$keyId
Returns
bool

Definition at line 113 of file CachedKeySet.php.

References Firebase\JWT\CachedKeySet\keyIdExists().

113  : bool
114  {
115  return $this->keyIdExists($keyId);
116  }
Firebase\JWT\CachedKeySet\keyIdExists
keyIdExists(string $keyId)
Definition: CachedKeySet.php:159
+ Here is the call graph for this function:

◆ offsetGet()

Firebase\JWT\CachedKeySet::offsetGet (   $keyId)
Parameters
string$keyId
Returns
Key

Definition at line 101 of file CachedKeySet.php.

References Firebase\JWT\CachedKeySet\keyIdExists(), and Firebase\JWT\JWK\parseKey().

101  : Key
102  {
103  if (!$this->keyIdExists($keyId)) {
104  throw new OutOfBoundsException('Key ID not found');
105  }
106  return JWK::parseKey($this->keySet[$keyId], $this->defaultAlg);
107  }
Firebase\JWT\JWK\parseKey
static parseKey(array $jwk, string $defaultAlg=null)
Parse a JWK key.
Definition: JWK.php:96
Firebase\JWT\CachedKeySet\keyIdExists
keyIdExists(string $keyId)
Definition: CachedKeySet.php:159
+ Here is the call graph for this function:

◆ offsetSet()

Firebase\JWT\CachedKeySet::offsetSet (   $offset,
  $value 
)
Parameters
string$offset
Key$value

Definition at line 122 of file CachedKeySet.php.

122  : void
123  {
124  throw new LogicException('Method not implemented');
125  }

◆ offsetUnset()

Firebase\JWT\CachedKeySet::offsetUnset (   $offset)
Parameters
string$offset

Definition at line 130 of file CachedKeySet.php.

130  : void
131  {
132  throw new LogicException('Method not implemented');
133  }

◆ rateLimitExceeded()

Firebase\JWT\CachedKeySet::rateLimitExceeded ( )
private

Definition at line 209 of file CachedKeySet.php.

References ILIAS\Repository\int().

Referenced by Firebase\JWT\CachedKeySet\keyIdExists().

209  : bool
210  {
211  if (!$this->rateLimit) {
212  return false;
213  }
214 
215  $cacheItem = $this->cache->getItem($this->rateLimitCacheKey);
216  if (!$cacheItem->isHit()) {
217  $cacheItem->expiresAfter(1); // # of calls are cached each minute
218  }
219 
220  $callsPerMinute = (int) $cacheItem->get();
221  if (++$callsPerMinute > $this->maxCallsPerMinute) {
222  return true;
223  }
224  $cacheItem->set($callsPerMinute);
225  $this->cache->save($cacheItem);
226  return false;
227  }
Firebase\JWT\CachedKeySet\$cacheItem
CacheItemInterface $cacheItem
Definition: CachedKeySet.php:44
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ setCacheKeys()

Firebase\JWT\CachedKeySet::setCacheKeys ( )
private

Definition at line 238 of file CachedKeySet.php.

References ILIAS\LTI\ToolProvider\$key.

Referenced by Firebase\JWT\CachedKeySet\__construct().

238  : void
239  {
240  if (empty($this->jwksUri)) {
241  throw new RuntimeException('JWKS URI is empty');
242  }
243 
244  // ensure we do not have illegal characters
245  $key = preg_replace('|[^a-zA-Z0-9_\.!]|', '', $this->jwksUri);
246 
247  // add prefix
248  $key = $this->cacheKeyPrefix . $key;
249 
250  // Hash keys if they exceed $maxKeyLength of 64
251  if (\strlen($key) > $this->maxKeyLength) {
252  $key = substr(hash('sha256', $key), 0, $this->maxKeyLength);
253  }
254 
255  $this->cacheKey = $key;
256 
257  if ($this->rateLimit) {
258  // add prefix
259  $rateLimitKey = $this->cacheKeyPrefix . 'ratelimit' . $key;
260 
261  // Hash keys if they exceed $maxKeyLength of 64
262  if (\strlen($rateLimitKey) > $this->maxKeyLength) {
263  $rateLimitKey = substr(hash('sha256', $rateLimitKey), 0, $this->maxKeyLength);
264  }
265 
266  $this->rateLimitCacheKey = $rateLimitKey;
267  }
268  }
ILIAS\LTI\ToolProvider\$key
string $key
Consumer key/client ID value.
Definition: System.php:193
+ Here is the caller graph for this function:

Field Documentation

◆ $cache

CacheItemPoolInterface Firebase\JWT\CachedKeySet::$cache
private

Definition at line 36 of file CachedKeySet.php.

Referenced by Firebase\JWT\CachedKeySet\__construct().

◆ $cacheItem

CacheItemInterface Firebase\JWT\CachedKeySet::$cacheItem
private

Definition at line 44 of file CachedKeySet.php.

Referenced by Firebase\JWT\CachedKeySet\getCacheItem().

◆ $cacheKey

string Firebase\JWT\CachedKeySet::$cacheKey
private

Definition at line 52 of file CachedKeySet.php.

◆ $cacheKeyPrefix

string Firebase\JWT\CachedKeySet::$cacheKeyPrefix = 'jwks'
private

Definition at line 56 of file CachedKeySet.php.

◆ $defaultAlg

string Firebase\JWT\CachedKeySet::$defaultAlg
private

Definition at line 76 of file CachedKeySet.php.

Referenced by Firebase\JWT\CachedKeySet\__construct().

◆ $expiresAfter

int Firebase\JWT\CachedKeySet::$expiresAfter
private

Definition at line 40 of file CachedKeySet.php.

Referenced by Firebase\JWT\CachedKeySet\__construct().

◆ $httpClient

ClientInterface Firebase\JWT\CachedKeySet::$httpClient
private

Definition at line 28 of file CachedKeySet.php.

Referenced by Firebase\JWT\CachedKeySet\__construct().

◆ $httpFactory

RequestFactoryInterface Firebase\JWT\CachedKeySet::$httpFactory
private

Definition at line 32 of file CachedKeySet.php.

Referenced by Firebase\JWT\CachedKeySet\__construct().

◆ $jwksUri

string Firebase\JWT\CachedKeySet::$jwksUri
private

Definition at line 24 of file CachedKeySet.php.

Referenced by Firebase\JWT\CachedKeySet\__construct(), and Firebase\JWT\CachedKeySet\keyIdExists().

◆ $keySet

array Firebase\JWT\CachedKeySet::$keySet
private

Definition at line 48 of file CachedKeySet.php.

◆ $maxCallsPerMinute

int Firebase\JWT\CachedKeySet::$maxCallsPerMinute = 10
private

Definition at line 72 of file CachedKeySet.php.

◆ $maxKeyLength

int Firebase\JWT\CachedKeySet::$maxKeyLength = 64
private

Definition at line 60 of file CachedKeySet.php.

◆ $rateLimit

bool Firebase\JWT\CachedKeySet::$rateLimit
private

Definition at line 64 of file CachedKeySet.php.

Referenced by Firebase\JWT\CachedKeySet\__construct().

◆ $rateLimitCacheKey

string Firebase\JWT\CachedKeySet::$rateLimitCacheKey
private

Definition at line 68 of file CachedKeySet.php.

The documentation for this class was generated from the following file: