Skip to content

Commit 632ed03

Browse files
luca-vogelsluca-vogels
committed
JWT-Session returns in any case stdClass object instead of sometimes an empty array
1 parent 88ec83b commit 632ed03

File tree

1 file changed

+6
-6
lines changed

1 file changed

+6
-6
lines changed

scripts/jwt-session.php

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -143,14 +143,14 @@ function jwt_decode($jwt, $secretKey=null, $currentTime=null, $algorithms=null){
143143
$algorithms = !empty($algorithms) ? (is_array($algorithms) ? $algorithms : array($algorithms)) : JWT_SUPPORTED_ALGORITHMS;
144144

145145
$parts = explode(".", $jwt);
146-
if(count($parts) != 3) return array();
146+
if(count($parts) != 3) return new stdClass();
147147

148148
list($head64, $payload64, $sig64) = $parts;
149149
if(!($header = _jwt_decode($head64)) || !($payload = _jwt_decode($payload64)) || !($sig = _jwt_decode($sig64, false)))
150-
return array();
150+
return new stdClass();
151151

152152
if(empty($header->alg) || !isset($algorithms[$header->alg]))
153-
return array();
153+
return new stdClass();
154154

155155
if ($header->alg === 'ES256' || $header->alg === 'ES384') {
156156
// OpenSSL expects an ASN.1 DER sequence for ES256/ES384 signatures
@@ -163,7 +163,7 @@ function jwt_decode($jwt, $secretKey=null, $currentTime=null, $algorithms=null){
163163
}
164164

165165
// Check the signature
166-
if(!jwt_verify($head64.".".$payload64, $sig, $secretKey, $header->alg)) return array();
166+
if(!jwt_verify($head64.".".$payload64, $sig, $secretKey, $header->alg)) return new stdClass();
167167

168168
// Check if token can already be used (if set)
169169
$leeway = isset($_ENV['JWT_LEEWAY_SEC']) ? intval($_ENV['JWT_LEEWAY_SEC']) : 0;
@@ -250,10 +250,10 @@ function jwt_encode($payload, $secretKey=null, $alg='HS256', $keyId=null, $head=
250250
* @param String $secretKey Private key to verify integrity of session data (if null then $_ENV['JWT_SECRET_KEY'])
251251
* @param Int $currentTime Current UTC time seconds (optional, can be used for unit tests)
252252
* @param Array $algorithms Map of allowed algorithms (optional, if null or empty then JWT_SUPPORTED_ALGORITHMS will be used)
253-
* @return Array containing loaded session values or empty array if no valid session
253+
* @return Object JSON object containing loaded session values or empty object if no valid session
254254
*/
255255
function jwt_session_load($cookieName="jwt", $secretKey=null, $currentTime=null, $algorithms=array()){
256-
if(!isset($_COOKIE[$cookieName])) return array();
256+
if(!isset($_COOKIE[$cookieName])) return new stdClass();
257257
return jwt_decode($_COOKIE[$cookieName], $secretKey, $currentTime, $algorithms);
258258
}
259259

0 commit comments

Comments
 (0)