Firebase\JWT\JWT Class Reference

Collaboration diagram for Firebase\JWT\JWT:

Static Public Member Functions
static	decode (string $jwt, $keyOrKeyArray, stdClass &$headers=null)
	Decodes a JWT string into a PHP object. More...
static	encode (array $payload, $key, string $alg, string $keyId=null, array $head=null)
	Converts and signs a PHP array into a JWT string. More...
static	sign (string $msg, $key, string $alg)
	Sign a string with a given key and algorithm. More...
static	jsonDecode (string $input)
	Decode a JSON string into a PHP object. More...
static	jsonEncode (array $input)
	Encode a PHP array into a JSON string. More...
static	urlsafeB64Decode (string $input)
	Decode a string with URL-safe Base64. More...
static	convertBase64UrlToBase64 (string $input)
	Convert a string in the base64url (URL-safe Base64) encoding to standard base64. More...
static	urlsafeB64Encode (string $input)
	Encode a string with URL-safe Base64. More...
static	constantTimeEquals (string $left, string $right)

Static Public Attributes
static int	$leeway = 0
static int	$timestamp = null
static array	$supported_algs

Static Private Member Functions
static	verify (string $msg, string $signature, $keyMaterial, string $alg)
	Verify a signature with the message, key and method. More...
static	getKey ( $keyOrKeyArray, ?string $kid)
	Determine if an algorithm has been provided for each Key. More...
static	handleJsonError (int $errno)
	Helper method to create a JSON error. More...
static	safeStrlen (string $str)
	Get the number of bytes in cryptographic strings. More...
static	signatureToDER (string $sig)
	Convert an ECDSA signature to an ASN.1 DER sequence. More...
static	encodeDER (int $type, string $value)
	Encodes a value into a DER object. More...
static	signatureFromDER (string $der, int $keySize)
	Encodes signature from a DER object. More...
static	readDER (string $der, int $offset=0)
	Reads binary DER-encoded data and decodes into a single object. More...

Private Attributes
const	ASN1_INTEGER = 0x02
const	ASN1_SEQUENCE = 0x10
const	ASN1_BIT_STRING = 0x03

Detailed Description

Definition at line 28 of file JWT.php.

Member Function Documentation

constantTimeEquals()

static Firebase\JWT\JWT::constantTimeEquals ( string  $left, string  $right  )

static

Parameters

string	$left	The string of known length to compare against
string	$right	The user-supplied string

Returns

bool

Definition at line 489 of file JWT.php.

                                                                          : bool
    {
        if (\function_exists('hash_equals')) {
            return \hash_equals($left, $right);
        }
        $len = \min(self::safeStrlen($left), self::safeStrlen($right));
 
        $status = 0;
        for ($i = 0; $i < $len; $i++) {
            $status |= (\ord($left[$i]) ^ \ord($right[$i]));
        }
        $status |= (self::safeStrlen($left) ^ self::safeStrlen($right));
 
        return ($status === 0);
    }

References $i.

convertBase64UrlToBase64()

static Firebase\JWT\JWT::convertBase64UrlToBase64 ( string  $input )

static

Convert a string in the base64url (URL-safe Base64) encoding to standard base64.

Parameters

string

$input

A Base64 encoded string with URL-safe characters (-_ and no padding)

Returns

string A Base64 encoded string with standard characters (+/) and padding (=), when needed.

See also

https://www.rfc-editor.org/rfc/rfc4648

Definition at line 427 of file JWT.php.

                                                                  : string
    {
        $remainder = \strlen($input) % 4;
        if ($remainder) {
            $padlen = 4 - $remainder;
            $input .= \str_repeat('=', $padlen);
        }
        return \strtr($input, '-_', '+/');
    }

decode()

static Firebase\JWT\JWT::decode ( string  $jwt,   $keyOrKeyArray, stdClass &  $headers = null  )

static

Decodes a JWT string into a PHP object.

Parameters

string	$jwt	The JWT
	Key|ArrayAccess<string,Key>|array<string,Key>	$keyOrKeyArray The Key or associative array of key IDs (kid) to Key objects. If the algorithm used is asymmetric, this is the public key. Each Key object contains an algorithm and matching key. Supported algorithms are 'ES384','ES256', 'HS256', 'HS384', 'HS512', 'RS256', 'RS384' and 'RS512'.
stdClass	$headers	Optional. Populates stdClass with headers.

Returns

stdClass The JWT's payload as a PHP object

Exceptions

InvalidArgumentException	Provided key/key-array was empty or malformed
DomainException	Provided JWT is malformed
UnexpectedValueException	Provided JWT was invalid
SignatureInvalidException	Provided JWT was invalid because the signature verification failed
BeforeValidException	Provided JWT is trying to be used before it's eligible as defined by 'nbf'
BeforeValidException	Provided JWT is trying to be used before it's been created as defined by 'iat'
ExpiredException	Provided JWT has since expired, as defined by the 'exp' claim

@uses jsonDecode @uses urlsafeB64Decode

Definition at line 96 of file JWT.php.

     : stdClass {
        // Validate JWT
        $timestamp = \is_null(static::$timestamp) ? \time() : static::$timestamp;
 
        if (empty($keyOrKeyArray)) {
            throw new InvalidArgumentException('Key may not be empty');
        }
        $tks = \explode('.', $jwt);
        if (\count($tks) !== 3) {
            throw new UnexpectedValueException('Wrong number of segments');
        }
        list($headb64, $bodyb64, $cryptob64) = $tks;
        $headerRaw = static::urlsafeB64Decode($headb64);
        if (null === ($header = static::jsonDecode($headerRaw))) {
            throw new UnexpectedValueException('Invalid header encoding');
        }
        if ($headers !== null) {
            $headers = $header;
        }
        $payloadRaw = static::urlsafeB64Decode($bodyb64);
        if (null === ($payload = static::jsonDecode($payloadRaw))) {
            throw new UnexpectedValueException('Invalid claims encoding');
        }
        if (\is_array($payload)) {
            // prevent PHP Fatal Error in edge-cases when payload is empty array
            $payload = (object) $payload;
        }
        if (!$payload instanceof stdClass) {
            throw new UnexpectedValueException('Payload must be a JSON object');
        }
        $sig = static::urlsafeB64Decode($cryptob64);
        if (empty($header->alg)) {
            throw new UnexpectedValueException('Empty algorithm');
        }
        if (empty(static::$supported_algs[$header->alg])) {
            throw new UnexpectedValueException('Algorithm not supported');
        }
 
        $key = self::getKey($keyOrKeyArray, property_exists($header, 'kid') ? $header->kid : null);
 
        // Check the algorithm
        if (!self::constantTimeEquals($key->getAlgorithm(), $header->alg)) {
            // See issue #351
            throw new UnexpectedValueException('Incorrect key for this algorithm');
        }
        if (\in_array($header->alg, ['ES256', 'ES256K', 'ES384'], true)) {
            // OpenSSL expects an ASN.1 DER sequence for ES256/ES256K/ES384 signatures
            $sig = self::signatureToDER($sig);
        }
        if (!self::verify("{$headb64}.{$bodyb64}", $sig, $key->getKeyMaterial(), $header->alg)) {
            throw new SignatureInvalidException('Signature verification failed');
        }
 
        // Check the nbf if it is defined. This is the time that the
        // token can actually be used. If it's not yet that time, abort.
        if (isset($payload->nbf) && floor($payload->nbf) > ($timestamp + static::$leeway)) {
            $ex = new BeforeValidException(
                'Cannot handle token with nbf prior to ' . \date(DateTime::ISO8601, (int) $payload->nbf)
            );
            $ex->setPayload($payload);
            throw $ex;
        }
 
        // Check that this token has been created before 'now'. This prevents
        // using tokens that have been created for later use (and haven't
        // correctly used the nbf claim).
        if (!isset($payload->nbf) && isset($payload->iat) && floor($payload->iat) > ($timestamp + static::$leeway)) {
            $ex = new BeforeValidException(
                'Cannot handle token with iat prior to ' . \date(DateTime::ISO8601, (int) $payload->iat)
            );
            $ex->setPayload($payload);
            throw $ex;
        }
 
        // Check if this token has expired.
        if (isset($payload->exp) && ($timestamp - static::$leeway) >= $payload->exp) {
            $ex = new ExpiredException('Expired token');
            $ex->setPayload($payload);
            throw $ex;
        }
 
        return $payload;
    }

Referenced by ilObjLTIConsumerGUI\saveContentSelection(), and ILIAS\LTI\ToolProvider\Jwt\FirebaseClient\verify().

Here is the caller graph for this function:

encode()

static Firebase\JWT\JWT::encode ( array  $payload,   $key, string  $alg, string  $keyId = null, array  $head = null  )

static

Converts and signs a PHP array into a JWT string.

Parameters

	array<mixed>	$payload PHP array
string | resource | OpenSSLAsymmetricKey | OpenSSLCertificate	$key	The secret key.
string	$alg	Supported algorithms are 'ES384','ES256', 'ES256K', 'HS256', 'HS384', 'HS512', 'RS256', 'RS384', and 'RS512'
string	$keyId
	array<string,string>	$head An array with header elements to attach

Returns

string A signed JWT

@uses jsonEncode @uses urlsafeB64Encode

Definition at line 199 of file JWT.php.

     : string {
        $header = ['typ' => 'JWT', 'alg' => $alg];
        if ($keyId !== null) {
            $header['kid'] = $keyId;
        }
        if (isset($head) && \is_array($head)) {
            $header = \array_merge($head, $header);
        }
        $segments = [];
        $segments[] = static::urlsafeB64Encode((string) static::jsonEncode($header));
        $segments[] = static::urlsafeB64Encode((string) static::jsonEncode($payload));
        $signing_input = \implode('.', $segments);
 
        $signature = static::sign($signing_input, $key, $alg);
        $segments[] = static::urlsafeB64Encode($signature);
 
        return \implode('.', $segments);
    }

Referenced by ilObjLTIConsumer\LTISignJWT().

Here is the caller graph for this function:

encodeDER()

static Firebase\JWT\JWT::encodeDER ( int  $type, string  $value  )

staticprivate

Encodes a value into a DER object.

Parameters

int	$type	DER tag
string	$value	the value to encode

Returns

string the encoded object

Definition at line 585 of file JWT.php.

                                                               : string
    {
        $tag_header = 0;
        if ($type === self::ASN1_SEQUENCE) {
            $tag_header |= 0x20;
        }
 
        // Type
        $der = \chr($tag_header | $type);
 
        // Length
        $der .= \chr(\strlen($value));
 
        return $der . $value;
    }

References $type.

getKey()

static Firebase\JWT\JWT::getKey (   $keyOrKeyArray, ?string  $kid  )

staticprivate

Determine if an algorithm has been provided for each Key.

Parameters

	Key|ArrayAccess<string,Key>|array<string,Key>	$keyOrKeyArray
string | null	$kid

Exceptions

UnexpectedValueException

Returns

Key

Definition at line 460 of file JWT.php.

     : Key {
        if ($keyOrKeyArray instanceof Key) {
            return $keyOrKeyArray;
        }
 
        if (empty($kid) && $kid !== '0') {
            throw new UnexpectedValueException('"kid" empty, unable to lookup correct key');
        }
 
        if ($keyOrKeyArray instanceof CachedKeySet) {
            // Skip "isset" check, as this will automatically refresh if not set
            return $keyOrKeyArray[$kid];
        }
 
        if (!isset($keyOrKeyArray[$kid])) {
            throw new UnexpectedValueException('"kid" invalid, unable to lookup correct key');
        }
 
        return $keyOrKeyArray[$kid];
    }

handleJsonError()

static Firebase\JWT\JWT::handleJsonError ( int  $errno )

staticprivate

Helper method to create a JSON error.

Parameters

int

$errno

An error number from json_last_error()

Exceptions

DomainException

Returns

void

Definition at line 514 of file JWT.php.

                                                       : void
    {
        $messages = [
            JSON_ERROR_DEPTH => 'Maximum stack depth exceeded',
            JSON_ERROR_STATE_MISMATCH => 'Invalid or malformed JSON',
            JSON_ERROR_CTRL_CHAR => 'Unexpected control character found',
            JSON_ERROR_SYNTAX => 'Syntax error, malformed JSON',
            JSON_ERROR_UTF8 => 'Malformed UTF-8 characters' //PHP >= 5.3.3
        ];
        throw new DomainException(
            isset($messages[$errno])
            ? $messages[$errno]
            : 'Unknown JSON error: ' . $errno
        );
    }

References $messages.

jsonDecode()

static Firebase\JWT\JWT::jsonDecode ( string  $input )

static

Decode a JSON string into a PHP object.

Parameters

string

$input

JSON string

Returns

mixed The decoded JSON string

Exceptions

DomainException

Provided string was invalid JSON

Definition at line 363 of file JWT.php.

    {
        $obj = \json_decode($input, false, 512, JSON_BIGINT_AS_STRING);
 
        if ($errno = \json_last_error()) {
            self::handleJsonError($errno);
        } elseif ($obj === null && $input !== 'null') {
            throw new DomainException('Null result with non-null input');
        }
        return $obj;
    }

jsonEncode()

static Firebase\JWT\JWT::jsonEncode ( array  $input )

static

Encode a PHP array into a JSON string.

Parameters

array<mixed>

$input A PHP array

Returns

string JSON representation of the PHP array

Exceptions

DomainException

Provided object could not be encoded to valid JSON

Definition at line 384 of file JWT.php.

                                                   : string
    {
        if (PHP_VERSION_ID >= 50400) {
            $json = \json_encode($input, \JSON_UNESCAPED_SLASHES);
        } else {
            // PHP 5.3 only
            $json = \json_encode($input);
        }
        if ($errno = \json_last_error()) {
            self::handleJsonError($errno);
        } elseif ($json === 'null') {
            throw new DomainException('Null result with non-null input');
        }
        if ($json === false) {
            throw new DomainException('Provided object could not be encoded to valid JSON');
        }
        return $json;
    }

readDER()

static Firebase\JWT\JWT::readDER ( string  $der, int  $offset = 0  )

staticprivate

Reads binary DER-encoded data and decodes into a single object.

Parameters

string	$der	the binary data in DER format
int	$offset	the offset of the data stream containing the object to decode

Returns

array{int, string|null} the new offset and the decoded object

Definition at line 637 of file JWT.php.

                                                                 : array
    {
        $pos = $offset;
        $size = \strlen($der);
        $constructed = (\ord($der[$pos]) >> 5) & 0x01;
        $type = \ord($der[$pos++]) & 0x1f;
 
        // Length
        $len = \ord($der[$pos++]);
        if ($len & 0x80) {
            $n = $len & 0x1f;
            $len = 0;
            while ($n-- && $pos < $size) {
                $len = ($len << 8) | \ord($der[$pos++]);
            }
        }
 
        // Value
        if ($type === self::ASN1_BIT_STRING) {
            $pos++; // Skip the first contents octet (padding indicator)
            $data = \substr($der, $pos, $len - 1);
            $pos += $len - 1;
        } elseif (!$constructed) {
            $data = \substr($der, $pos, $len);
            $pos += $len;
        } else {
            $data = null;
        }
 
        return [$pos, $data];
    }

References $data, and $type.

safeStrlen()

static Firebase\JWT\JWT::safeStrlen ( string  $str )

staticprivate

Get the number of bytes in cryptographic strings.

Parameters

string

$str

Returns

int

Definition at line 537 of file JWT.php.

                                                   : int
    {
        if (\function_exists('mb_strlen')) {
            return \mb_strlen($str, '8bit');
        }
        return \strlen($str);
    }

sign()

static Firebase\JWT\JWT::sign ( string  $msg,   $key, string  $alg  )

static

Sign a string with a given key and algorithm.

Parameters

string	$msg	The message to sign
string | resource | OpenSSLAsymmetricKey | OpenSSLCertificate	$key	The secret key.
string	$alg	Supported algorithms are 'EdDSA', 'ES384', 'ES256', 'ES256K', 'HS256', 'HS384', 'HS512', 'RS256', 'RS384', and 'RS512'

Returns

string An encrypted message

Exceptions

DomainException

Unsupported algorithm or bad key was specified

Definition at line 236 of file JWT.php.

     : string {
        if (empty(static::$supported_algs[$alg])) {
            throw new DomainException('Algorithm not supported');
        }
        list($function, $algorithm) = static::$supported_algs[$alg];
        switch ($function) {
            case 'hash_hmac':
                if (!\is_string($key)) {
                    throw new InvalidArgumentException('key must be a string when using hmac');
                }
                return \hash_hmac($algorithm, $msg, $key, true);
            case 'openssl':
                $signature = '';
                $success = \openssl_sign($msg, $signature, $key, $algorithm); // @phpstan-ignore-line
                if (!$success) {
                    throw new DomainException('OpenSSL unable to sign data');
                }
                if ($alg === 'ES256' || $alg === 'ES256K') {
                    $signature = self::signatureFromDER($signature, 256);
                } elseif ($alg === 'ES384') {
                    $signature = self::signatureFromDER($signature, 384);
                }
                return $signature;
            case 'sodium_crypto':
                if (!\function_exists('sodium_crypto_sign_detached')) {
                    throw new DomainException('libsodium is not available');
                }
                if (!\is_string($key)) {
                    throw new InvalidArgumentException('key must be a string when using EdDSA');
                }
                try {
                    // The last non-empty line is used as the key.
                    $lines = array_filter(explode("\n", $key));
                    $key = base64_decode((string) end($lines));
                    if (\strlen($key) === 0) {
                        throw new DomainException('Key cannot be empty string');
                    }
                    return sodium_crypto_sign_detached($msg, $key);
                } catch (Exception $e) {
                    throw new DomainException($e->getMessage(), 0, $e);
                }
        }
 
        throw new DomainException('Algorithm not supported');
    }

signatureFromDER()

static Firebase\JWT\JWT::signatureFromDER ( string  $der, int  $keySize  )

staticprivate

Encodes signature from a DER object.

Parameters

string	$der	binary signature in DER format
int	$keySize	the number of bits in the key

Returns

string the signature

Definition at line 609 of file JWT.php.

                                                                       : string
    {
        // OpenSSL returns the ECDSA signatures as a binary ASN.1 DER SEQUENCE
        list($offset, $_) = self::readDER($der);
        list($offset, $r) = self::readDER($der, $offset);
        list($offset, $s) = self::readDER($der, $offset);
 
        // Convert r-value and s-value from signed two's compliment to unsigned
        // big-endian integers
        $r = \ltrim($r, "\x00");
        $s = \ltrim($s, "\x00");
 
        // Pad out r and s so that they are $keySize bits long
        $r = \str_pad($r, $keySize / 8, "\x00", STR_PAD_LEFT);
        $s = \str_pad($s, $keySize / 8, "\x00", STR_PAD_LEFT);
 
        return $r . $s;
    }

signatureToDER()

static Firebase\JWT\JWT::signatureToDER ( string  $sig )

staticprivate

Convert an ECDSA signature to an ASN.1 DER sequence.

Parameters

string

$sig

The ECDSA signature to convert

Returns

string The encoded DER object

Definition at line 551 of file JWT.php.

                                                       : string
    {
        // Separate the signature into r-value and s-value
        $length = max(1, (int) (\strlen($sig) / 2));
        list($r, $s) = \str_split($sig, $length);
 
        // Trim leading zeros
        $r = \ltrim($r, "\x00");
        $s = \ltrim($s, "\x00");
 
        // Convert r-value and s-value from unsigned big-endian integers to
        // signed two's complement
        if (\ord($r[0]) > 0x7f) {
            $r = "\x00" . $r;
        }
        if (\ord($s[0]) > 0x7f) {
            $s = "\x00" . $s;
        }
 
        return self::encodeDER(
            self::ASN1_SEQUENCE,
            self::encodeDER(self::ASN1_INTEGER, $r) .
            self::encodeDER(self::ASN1_INTEGER, $s)
        );
    }

urlsafeB64Decode()

static Firebase\JWT\JWT::urlsafeB64Decode ( string  $input )

static

Decode a string with URL-safe Base64.

Parameters

string

$input

A Base64 encoded string

Returns

string A decoded string

Exceptions

InvalidArgumentException

invalid base64 characters

Definition at line 412 of file JWT.php.

                                                          : string
    {
        return \base64_decode(self::convertBase64UrlToBase64($input));
    }

Referenced by Firebase\JWT\JWK\createPemFromCrvAndXYCoordinates(), and ILIAS\LTI\ToolProvider\Jwt\FirebaseClient\load().

Here is the caller graph for this function:

urlsafeB64Encode()

static Firebase\JWT\JWT::urlsafeB64Encode ( string  $input )

static

Encode a string with URL-safe Base64.

Parameters

string

$input

The string you want encoded

Returns

string The base64 encode of what you passed in

Definition at line 444 of file JWT.php.

                                                          : string
    {
        return \str_replace('=', '', \strtr(\base64_encode($input), '+/', '-_'));
    }

Referenced by ILIAS\LTI\ToolProvider\Jwt\FirebaseClient\getJWKS().

Here is the caller graph for this function:

verify()

static Firebase\JWT\JWT::verify ( string  $msg, string  $signature,   $keyMaterial, string  $alg  )

staticprivate

Verify a signature with the message, key and method.

Not all methods are symmetric, so we must have a separate verify and sign method.

Parameters

string	$msg	The original message (header and body)
string	$signature	The original signature
string | resource | OpenSSLAsymmetricKey | OpenSSLCertificate	$keyMaterial	For Ed*, ES*, HS*, a string key works. for RS*, must be an instance of OpenSSLAsymmetricKey
string	$alg	The algorithm

Returns

bool

Exceptions

DomainException

Invalid Algorithm, bad key, or OpenSSL failure

Definition at line 299 of file JWT.php.

     : bool {
        if (empty(static::$supported_algs[$alg])) {
            throw new DomainException('Algorithm not supported');
        }
 
        list($function, $algorithm) = static::$supported_algs[$alg];
        switch ($function) {
            case 'openssl':
                $success = \openssl_verify($msg, $signature, $keyMaterial, $algorithm); // @phpstan-ignore-line
                if ($success === 1) {
                    return true;
                }
                if ($success === 0) {
                    return false;
                }
                // returns 1 on success, 0 on failure, -1 on error.
                throw new DomainException(
                    'OpenSSL error: ' . \openssl_error_string()
                );
            case 'sodium_crypto':
                if (!\function_exists('sodium_crypto_sign_verify_detached')) {
                    throw new DomainException('libsodium is not available');
                }
                if (!\is_string($keyMaterial)) {
                    throw new InvalidArgumentException('key must be a string when using EdDSA');
                }
                try {
                    // The last non-empty line is used as the key.
                    $lines = array_filter(explode("\n", $keyMaterial));
                    $key = base64_decode((string) end($lines));
                    if (\strlen($key) === 0) {
                        throw new DomainException('Key cannot be empty string');
                    }
                    if (\strlen($signature) === 0) {
                        throw new DomainException('Signature cannot be empty string');
                    }
                    return sodium_crypto_sign_verify_detached($signature, $msg, $key);
                } catch (Exception $e) {
                    throw new DomainException($e->getMessage(), 0, $e);
                }
            case 'hash_hmac':
            default:
                if (!\is_string($keyMaterial)) {
                    throw new InvalidArgumentException('key must be a string when using hmac');
                }
                $hash = \hash_hmac($algorithm, $msg, $keyMaterial, true);
                return self::constantTimeEquals($hash, $signature);
        }
    }

Field Documentation

$leeway

int Firebase\JWT\JWT::$leeway = 0

static

Definition at line 41 of file JWT.php.

Referenced by ILIAS\LTI\ToolProvider\Jwt\FirebaseClient\verify().

$supported_algs

array Firebase\JWT\JWT::$supported_algs

static

Initial value:

= [
        'ES384' => ['openssl', 'SHA384'],
        'ES256' => ['openssl', 'SHA256'],
        'ES256K' => ['openssl', 'SHA256'],
        'HS256' => ['hash_hmac', 'SHA256'],
        'HS384' => ['hash_hmac', 'SHA384'],
        'HS512' => ['hash_hmac', 'SHA512'],
        'RS256' => ['openssl', 'SHA256'],
        'RS384' => ['openssl', 'SHA384'],
        'RS512' => ['openssl', 'SHA512'],
        'EdDSA' => ['sodium_crypto', 'EdDSA'],
    ]

Definition at line 55 of file JWT.php.

$timestamp

int Firebase\JWT\JWT::$timestamp = null

static

Definition at line 50 of file JWT.php.

ASN1_BIT_STRING

const Firebase\JWT\JWT::ASN1_BIT_STRING = 0x03

private

Definition at line 32 of file JWT.php.

ASN1_INTEGER

const Firebase\JWT\JWT::ASN1_INTEGER = 0x02

private

Definition at line 30 of file JWT.php.

ASN1_SEQUENCE

const Firebase\JWT\JWT::ASN1_SEQUENCE = 0x10

private

Definition at line 31 of file JWT.php.

---

The documentation for this class was generated from the following file:

• Services/LTI/src/Firebase/JWT.php