@@ -25,7 +25,7 @@ class JWK
25
25
*
26
26
* @param array $jwks The JSON Web Key Set as an associative array
27
27
*
28
- * @return array An associative array that represents the set of keys
28
+ * @return array<string, Key> An associative array of key IDs (kid) to Key objects
29
29
*
30
30
* @throws InvalidArgumentException Provided JWK Set is empty
31
31
* @throws UnexpectedValueException Provided JWK Set was invalid
@@ -47,15 +47,7 @@ public static function parseKeySet(array $jwks)
47
47
foreach ($ jwks ['keys ' ] as $ k => $ v ) {
48
48
$ kid = isset ($ v ['kid ' ]) ? $ v ['kid ' ] : $ k ;
49
49
if ($ key = self ::parseKey ($ v )) {
50
- if (isset ($ v ['alg ' ])) {
51
- $ keys [$ kid ] = new Key ($ key , $ v ['alg ' ]);
52
- } else {
53
- // The "alg" parameter is optional in a KTY, but is required
54
- // for parsing in this library. Add it manually to your JWK
55
- // array if it doesn't already exist.
56
- // @see https://datatracker.ietf.org/doc/html/rfc7517#section-4.4
57
- throw new InvalidArgumentException ('JWK key is missing "alg" ' );
58
- }
50
+ $ keys [$ kid ] = $ key ;
59
51
}
60
52
}
61
53
@@ -71,7 +63,7 @@ public static function parseKeySet(array $jwks)
71
63
*
72
64
* @param array $jwk An individual JWK
73
65
*
74
- * @return resource|array An associative array that represents the key
66
+ * @return Key The key object for the JWK
75
67
*
76
68
* @throws InvalidArgumentException Provided JWK is empty
77
69
* @throws UnexpectedValueException Provided JWK was invalid
@@ -87,6 +79,12 @@ public static function parseKey(array $jwk)
87
79
if (!isset ($ jwk ['kty ' ])) {
88
80
throw new UnexpectedValueException ('JWK must contain a "kty" parameter ' );
89
81
}
82
+ if (!isset ($ jwk ['alg ' ])) {
83
+ // The "alg" parameter is optional in a KTY, but is required for parsing in
84
+ // this library. Add it manually to your JWK array if it doesn't already exist.
85
+ // @see https://datatracker.ietf.org/doc/html/rfc7517#section-4.4
86
+ throw new UnexpectedValueException ('JWK must contain an "alg" parameter ' );
87
+ }
90
88
91
89
switch ($ jwk ['kty ' ]) {
92
90
case 'RSA ' :
@@ -104,7 +102,7 @@ public static function parseKey(array $jwk)
104
102
'OpenSSL error: ' . \openssl_error_string ()
105
103
);
106
104
}
107
- return $ publicKey ;
105
+ return new Key ( $ publicKey, $ jwk [ ' alg ' ]) ;
108
106
default :
109
107
// Currently only RSA is supported
110
108
break ;
0 commit comments