mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-03-14 04:30:15 +01:00
Code Issues Projects Releases Wiki Activity

MDL-71712 lib: Set Moodle files after PHP-JWT upgrade

Browse Source
This commit is contained in:
Amaia Anabitarte 2022-02-01 12:49:07 +01:00
parent af1401bc76
commit 4c7fac1957
5 changed files with 14 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/thirdpartylibs.xml
View File

@ -299,7 +299,7 @@
<location>php-jwt</location>
<name>A simple library to encode and decode JSON Web Tokens (JWT) in PHP, conforming to RFC 7519</name>
<license>BSD</license>
<version>5.2.0</version>
<version>6.0.0</version>
<licenseversion>3-Clause</licenseversion>
</library>
<library>

4
mod/bigbluebuttonbn/classes/broker.php
View File

@ -18,6 +18,7 @@ namespace mod_bigbluebuttonbn;
use Exception;
use Firebase\JWT\JWT;
use Firebase\JWT\Key;
use mod_bigbluebuttonbn\local\config;
/**
@ -88,8 +89,7 @@ class broker {
try {
$decodedparameters = JWT::decode(
$params['signed_parameters'],
config::get('shared_secret'),
['HS256']
new Key(config::get('shared_secret'), 'HS256')
);
} catch (Exception $e) {
$error = 'Caught exception: ' . $e->getMessage();

4
mod/bigbluebuttonbn/classes/meeting.php
View File

@ -21,6 +21,7 @@ use cache_store;
use context_course;
use core_tag_tag;
use Exception;
use Firebase\JWT\Key;
use mod_bigbluebuttonbn\local\config;
use mod_bigbluebuttonbn\local\exceptions\bigbluebutton_exception;
use mod_bigbluebuttonbn\local\exceptions\meeting_join_exception;
@ -432,8 +433,7 @@ class meeting {
// Verify the authenticity of the request.
$token = \Firebase\JWT\JWT::decode(
$authorization[1],
config::get('shared_secret'),
['HS512']
new Key(config::get('shared_secret'), 'HS512')
);
// Get JSON string from the body.

4
mod/lti/classes/local/ltiopenid/registration_helper.php
View File

@ -28,6 +28,7 @@ defined('MOODLE_INTERNAL') || die;
require_once($CFG->dirroot . '/mod/lti/locallib.php');
use Firebase\JWT\JWK;
use Firebase\JWT\JWT;
use Firebase\JWT\Key;
use stdClass;
/**
@ -371,8 +372,9 @@ class registration_helper {
*/
public function validate_registration_token(string $registrationtokenjwt): array {
global $DB;
// JWK::parseKeySet uses RS256 algorithm by default.
$keys = JWK::parseKeySet(jwks_helper::get_jwks());
$registrationtoken = JWT::decode($registrationtokenjwt, $keys, ['RS256']);
$registrationtoken = JWT::decode($registrationtokenjwt, $keys);
$response = [];
// Get clientid from registrationtoken.
$clientid = $registrationtoken->sub;

9
mod/lti/locallib.php
View File

@ -55,6 +55,7 @@ use mod_lti\helper;
use moodle\mod\lti as lti;
use Firebase\JWT\JWT;
use Firebase\JWT\JWK;
use Firebase\JWT\Key;
use mod_lti\local\ltiopenid\jwks_helper;
use mod_lti\local\ltiopenid\registration_helper;
@ -1360,14 +1361,16 @@ function lti_verify_with_keyset($jwtparam, $keyseturl, $clientid) {
throw new moodle_exception('errornocachedkeysetfound', 'mod_lti');
}
$keysetarr = json_decode($keyset, true);
// JWK::parseKeySet uses RS256 algorithm by default.
$keys = JWK::parseKeySet($keysetarr);
$jwt = JWT::decode($jwtparam, $keys, ['RS256']);
$jwt = JWT::decode($jwtparam, $keys);
} catch (Exception $e) {
// Something went wrong, so attempt to update cached keyset and then try again.
$keyset = file_get_contents($keyseturl);
$keysetarr = json_decode($keyset, true);
// JWK::parseKeySet uses RS256 algorithm by default.
$keys = JWK::parseKeySet($keysetarr);
$jwt = JWT::decode($jwtparam, $keys, ['RS256']);
$jwt = JWT::decode($jwtparam, $keys);
// If sucessful, updates the cached keyset.
$cache->set($clientid, $keyset);
}
@ -1414,7 +1417,7 @@ function lti_verify_jwt_signature($typeid, $consumerkey, $jwtparam) {
throw new moodle_exception('No public key configured');
}
// Attemps to verify jwt with RSA key.
JWT::decode($jwtparam, $publickey, ['RS256']);
JWT::decode($jwtparam, new Key($publickey, 'RS256'));
} else if ($typeconfig['keytype'] === LTI_JWK_KEYSET) {
$keyseturl = $typeconfig['publickeyset'] ?? '';
if (empty($keyseturl)) {