From 491ab3a80566cd1427549994ee7a07d9154311c4 Mon Sep 17 00:00:00 2001 From: Tim Stamp Date: Mon, 12 Dec 2016 12:14:10 +0000 Subject: [PATCH 1/2] bugfix: 'kid' not in given key list if 'kid' value is not found in the given key map, should throw an exception. Instead, it was outputting a php warning for using an undefined index, resulting in a null key. --- src/JWT.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/JWT.php b/src/JWT.php index 6d30e941..8170dba2 100644 --- a/src/JWT.php +++ b/src/JWT.php @@ -98,6 +98,9 @@ public static function decode($jwt, $key, $allowed_algs = array()) } if (is_array($key) || $key instanceof \ArrayAccess) { if (isset($header->kid)) { + if(!isset($key[$header->kid])) { + throw new UnexpectedValueException('"kid" not found in key map, unable to lookup correct key'); + } $key = $key[$header->kid]; } else { throw new UnexpectedValueException('"kid" empty, unable to lookup correct key'); From 64d7eb06134058728fae1c8027c8ebe4e61bdfc6 Mon Sep 17 00:00:00 2001 From: Tim Stamp Date: Tue, 24 Jan 2017 10:56:53 +0000 Subject: [PATCH 2/2] cosmetic updates --- src/JWT.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/JWT.php b/src/JWT.php index 8170dba2..d45052cf 100644 --- a/src/JWT.php +++ b/src/JWT.php @@ -98,8 +98,8 @@ public static function decode($jwt, $key, $allowed_algs = array()) } if (is_array($key) || $key instanceof \ArrayAccess) { if (isset($header->kid)) { - if(!isset($key[$header->kid])) { - throw new UnexpectedValueException('"kid" not found in key map, unable to lookup correct key'); + if (!isset($key[$header->kid])) { + throw new UnexpectedValueException('"kid" invalid, unable to lookup correct key'); } $key = $key[$header->kid]; } else {