From 70c569dc931bd2b85c843b28160706854bf87130 Mon Sep 17 00:00:00 2001
From: Ivan Zorin <creator@localzet.com>
Date: Mon, 10 Jun 2024 19:07:04 +0300
Subject: [PATCH 1/4] =?UTF-8?q?=D0=90=D0=B4=D0=B0=D0=BF=D1=82=D0=B0=D1=86?=
 =?UTF-8?q?=D0=B8=D1=8F=20=D0=B4=D0=BB=D1=8F=20PHP=20v7.4?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .idea/php.xml |   2 +-
 composer.json |   5 ++-
 src/LWT.php   | 119 ++++++++++++++++++++++++++++----------------------
 3 files changed, 72 insertions(+), 54 deletions(-)

diff --git a/.idea/php.xml b/.idea/php.xml
index b71fa0d..ded655b 100644
--- a/.idea/php.xml
+++ b/.idea/php.xml
@@ -87,7 +87,7 @@
       </interpreter>
     </phpInfoCache>
   </component>
-  <component name="PhpProjectSharedConfiguration" php_language_level="8.0" />
+  <component name="PhpProjectSharedConfiguration" php_language_level="7.4" />
   <component name="PhpStanOptionsConfiguration">
     <option name="transferred" value="true" />
   </component>
diff --git a/composer.json b/composer.json
index 41335ab..be55f84 100644
--- a/composer.json
+++ b/composer.json
@@ -28,9 +28,10 @@
     "source": "https://github.com/localzet/LWT"
   },
   "require": {
-    "php": "^8.0",
+    "php": "^7.4",
     "ext-openssl": "*",
-    "ext-mbstring": "*"
+    "ext-mbstring": "*",
+    "ext-json": "*"
   },
   "suggest": {
     "ext-sodium": "For EdDSA"
diff --git a/src/LWT.php b/src/LWT.php
index e388658..2c0a2ed 100644
--- a/src/LWT.php
+++ b/src/LWT.php
@@ -158,17 +158,31 @@ final class LWT
      */
     protected static function getEncryption(): string
     {
-        $encryption = match (self::getClaim('alg')) {
-            'HS1', 'HS256', 'HS256/64', 'HS384', 'HS512' => 'HMAC',
-            'RS1', 'RS256', 'RS384', 'RS512' => 'RSA-PKCS#1',
-            'ES256', 'ES256K', 'ES384', 'ES512' => 'ECDSA',
-            'EdDSA' => 'EdDSA',
-
-            default => throw new UnexpectedValueException('Недопустимый алгоритм шифрования'),
-        };
-
-        if (!$encryption) {
-            throw new RuntimeException('Ошибка получения алгоритма шифрования');
+        switch (self::getClaim('alg')) {
+            case 'HS1':
+            case 'HS256':
+            case 'HS256/64':
+            case 'HS384':
+            case 'HS512':
+                $encryption = 'HMAC';
+                break;
+            case 'RS1':
+            case 'RS256':
+            case 'RS384':
+            case 'RS512':
+                $encryption = 'RSA-PKCS#1';
+                break;
+            case 'ES256':
+            case 'ES256K':
+            case 'ES384':
+            case 'ES512':
+                $encryption = 'ECDSA';
+                break;
+            case 'EdDSA':
+                $encryption = 'EdDSA';
+                break;
+            default:
+                throw new UnexpectedValueException('Недопустимый алгоритм шифрования');
         }
 
         return $encryption;
@@ -182,18 +196,31 @@ protected static function getEncryption(): string
      */
     protected static function getHashAlgorithm(): string
     {
-        $hashAlgorithm = match (self::getClaim('alg')) {
-            'HS1', 'RS1' => 'SHA1',
-            'HS256', 'RS256', 'ES256',
-            'ES256K', 'HS256/64', 'EdDSA' => 'SHA256',
-            'HS384', 'RS384', 'ES384' => 'SHA384',
-            'HS512', 'RS512', 'ES512' => 'SHA512',
-
-            default => throw new UnexpectedValueException('Недопустимый алгоритм шифрования'),
-        };
-
-        if (!$hashAlgorithm) {
-            throw new RuntimeException('Ошибка получения алгоритма хеширования');
+        switch (self::getClaim('alg')) {
+            case 'HS1':
+            case 'RS1':
+            $hashAlgorithm = 'SHA1';
+                break;
+            case 'HS256':
+            case 'RS256':
+            case 'ES256':
+            case 'ES256K':
+            case 'HS256/64':
+            case 'EdDSA':
+            $hashAlgorithm = 'SHA256';
+                break;
+            case 'HS384':
+            case 'RS384':
+            case 'ES384':
+            $hashAlgorithm = 'SHA384';
+                break;
+            case 'HS512':
+            case 'RS512':
+            case 'ES512':
+            $hashAlgorithm = 'SHA512';
+                break;
+            default:
+                throw new UnexpectedValueException('Недопустимый алгоритм шифрования');
         }
 
         return $hashAlgorithm;
@@ -201,24 +228,14 @@ protected static function getHashAlgorithm(): string
 
     protected static function getClaim($claim): ?string
     {
-        return match ($claim) {
-            // Утверждения заголовка
-            'typ' => self::TYPE,
-            'cty' => self::$DATA_KEY ? 'LZX' : 'JWS',
-            'alg' => self::$ALGORITHM,
-            'kid' => self::$CLAIM_KID,
-            'enc' => self::$DATA_KEY ? self::$DATA_SYMMETRIC_ENCRYPTION . '+' . self::DATA_ASYMMETRIC_ENCRYPTION : null,
-
-            // Утверждения полезной нагрузки
-            // 'iss' => 'Issuer',
-            // 'sub' => 'Subject',
-            // 'aud' => 'Audience',
-            // 'nbf' => 'Not Before',
-            // 'iat' => 'Issued At',
-            // 'jti' => 'JWT ID',
-
-            default => throw new UnexpectedValueException('Незарегистрированное утверждение JWT')
-        };
+        switch ($claim) {
+            case 'typ': return self::TYPE;
+            case 'cty': return self::$DATA_KEY ? 'LZX' : 'JWS';
+            case 'alg': return self::$ALGORITHM;
+            case 'kid': return self::$CLAIM_KID;
+            case 'enc': return self::$DATA_KEY ? self::$DATA_SYMMETRIC_ENCRYPTION . '+' . self::DATA_ASYMMETRIC_ENCRYPTION : null;
+            default: throw new UnexpectedValueException('Незарегистрированное утверждение JWT');
+        }
     }
 
     /**
@@ -237,10 +254,10 @@ protected static function getClaim($claim): ?string
      * @throws Exception
      */
     public static function encode(
-        mixed  $lwtTokenData,
+        $lwtTokenData,
         string $signatureKey = null,
         string $tokenEncryption = null,
-        string $encryptionKey = null,
+        string $encryptionKey = null
     ): string
     {
         self::$ALGORITHM = $tokenEncryption;
@@ -289,8 +306,8 @@ public static function decode(
         string $encodedToken,
         string $signatureKey = null,
         string $tokenEncryption = null,
-        string $encryptionKey = null,
-    ): mixed
+        string $encryptionKey = null
+    )
     {
         self::$ALGORITHM = $tokenEncryption;
         self::$SIGN_KEY = $signatureKey;
@@ -407,7 +424,7 @@ protected static function verifyHeaderSegment(string $lwtTokenHeaderSegment): vo
      * @see https://www.php.net/manual/en/function.openssl-cipher-iv-length.php
      * @see https://www.php.net/manual/en/function.openssl-encrypt.php
      */
-    protected static function generatePayloadSegment(mixed $lwtTokenData): string
+    protected static function generatePayloadSegment($lwtTokenData): string
     {
         // Кодируем данные в формате JSON
         $payloadData = self::jsonEncode($lwtTokenData);
@@ -487,7 +504,7 @@ protected static function generatePayloadSegment(mixed $lwtTokenData): string
      * @see https://www.php.net/manual/en/function.openssl-cipher-iv-length.php
      * @see https://www.php.net/manual/en/function.openssl-decrypt.php
      */
-    protected static function verifyPayloadSegment(string $lwtTokenPayloadSegment): mixed
+    protected static function verifyPayloadSegment(string $lwtTokenPayloadSegment)
     {
         // Декодируем тело из base64url
         $payloadData = self::base64UrlDecode($lwtTokenPayloadSegment);
@@ -727,7 +744,7 @@ protected static function generateHmacKeyFromSignKey(): string
      *
      * @see https://www.php.net/manual/en/function.base64-encode.php
      */
-    public static function base64UrlEncode(mixed $inputData): string
+    public static function base64UrlEncode($inputData): string
     {
         // Кодируем данные в формате base64
         $base64EncodedData = base64_encode($inputData);
@@ -760,7 +777,7 @@ public static function base64UrlEncode(mixed $inputData): string
      *
      * @see https://www.php.net/manual/en/function.base64-decode.php
      */
-    public static function base64UrlDecode(string $inputData): false|string
+    public static function base64UrlDecode(string $inputData)
     {
         // Вычисляем остаток от деления длины строки на 4
         $remainder = strlen($inputData) % self::BASE64_GROUP_SIZE;
@@ -799,7 +816,7 @@ public static function base64UrlDecode(string $inputData): false|string
      * @see https://www.php.net/manual/en/function.json-decode.php
      * @see https://www.php.net/manual/en/function.json-last-error.php
      */
-    protected static function jsonDecode(string $jsonString): mixed
+    protected static function jsonDecode(string $jsonString)
     {
         // Декодируем JSON-строку с использованием указанных флагов
         $decodedData = json_decode($jsonString, true, self::JSON_MAX_DEPTH, JSON_BIGINT_AS_STRING);
@@ -849,7 +866,7 @@ protected static function jsonDecode(string $jsonString): mixed
      * @see https://www.php.net/manual/en/function.json-encode.php
      * @see https://www.php.net/manual/en/function.json-last-error.php
      */
-    protected static function jsonEncode(mixed $inputData): string
+    protected static function jsonEncode($inputData): string
     {
         // Кодируем данные в формате JSON с использованием указанных флагов
         $encodedData = json_encode($inputData, JSON_UNESCAPED_SLASHES);

From b0aa51d05a332a97d361772f0760e72253e447c4 Mon Sep 17 00:00:00 2001
From: Ivan Zorin <creator@localzet.com>
Date: Mon, 10 Jun 2024 19:07:08 +0300
Subject: [PATCH 2/4] Update LWT.iml

---
 .idea/LWT.iml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/.idea/LWT.iml b/.idea/LWT.iml
index 6a221a1..292b4e1 100644
--- a/.idea/LWT.iml
+++ b/.idea/LWT.iml
@@ -2,9 +2,7 @@
 <module type="WEB_MODULE" version="4">
   <component name="NewModuleRootManager">
     <content url="file://$MODULE_DIR$">
-      <sourceFolder url="file://$MODULE_DIR$/spec" isTestSource="true" />
       <sourceFolder url="file://$MODULE_DIR$/src" isTestSource="false" packagePrefix="localzet\" />
-      <sourceFolder url="file://$MODULE_DIR$/tests" isTestSource="true" />
       <excludeFolder url="file://$MODULE_DIR$/vendor/composer" />
     </content>
     <orderEntry type="inheritedJdk" />

From d7bd6a1c45820602dbdc860e53b6acd3d134d205 Mon Sep 17 00:00:00 2001
From: Ivan Zorin <creator@localzet.com>
Date: Mon, 10 Jun 2024 19:08:04 +0300
Subject: [PATCH 3/4] Update LWT.php

---
 src/LWT.php | 26 ++++++++++++++++----------
 1 file changed, 16 insertions(+), 10 deletions(-)

diff --git a/src/LWT.php b/src/LWT.php
index 2c0a2ed..ee314b4 100644
--- a/src/LWT.php
+++ b/src/LWT.php
@@ -199,7 +199,7 @@ protected static function getHashAlgorithm(): string
         switch (self::getClaim('alg')) {
             case 'HS1':
             case 'RS1':
-            $hashAlgorithm = 'SHA1';
+                $hashAlgorithm = 'SHA1';
                 break;
             case 'HS256':
             case 'RS256':
@@ -207,17 +207,17 @@ protected static function getHashAlgorithm(): string
             case 'ES256K':
             case 'HS256/64':
             case 'EdDSA':
-            $hashAlgorithm = 'SHA256';
+                $hashAlgorithm = 'SHA256';
                 break;
             case 'HS384':
             case 'RS384':
             case 'ES384':
-            $hashAlgorithm = 'SHA384';
+                $hashAlgorithm = 'SHA384';
                 break;
             case 'HS512':
             case 'RS512':
             case 'ES512':
-            $hashAlgorithm = 'SHA512';
+                $hashAlgorithm = 'SHA512';
                 break;
             default:
                 throw new UnexpectedValueException('Недопустимый алгоритм шифрования');
@@ -229,12 +229,18 @@ protected static function getHashAlgorithm(): string
     protected static function getClaim($claim): ?string
     {
         switch ($claim) {
-            case 'typ': return self::TYPE;
-            case 'cty': return self::$DATA_KEY ? 'LZX' : 'JWS';
-            case 'alg': return self::$ALGORITHM;
-            case 'kid': return self::$CLAIM_KID;
-            case 'enc': return self::$DATA_KEY ? self::$DATA_SYMMETRIC_ENCRYPTION . '+' . self::DATA_ASYMMETRIC_ENCRYPTION : null;
-            default: throw new UnexpectedValueException('Незарегистрированное утверждение JWT');
+            case 'typ':
+                return self::TYPE;
+            case 'cty':
+                return self::$DATA_KEY ? 'LZX' : 'JWS';
+            case 'alg':
+                return self::$ALGORITHM;
+            case 'kid':
+                return self::$CLAIM_KID;
+            case 'enc':
+                return self::$DATA_KEY ? self::$DATA_SYMMETRIC_ENCRYPTION . '+' . self::DATA_ASYMMETRIC_ENCRYPTION : null;
+            default:
+                throw new UnexpectedValueException('Незарегистрированное утверждение JWT');
         }
     }
 

From 6d5282c8367fe203190039f2ab7e18856aadcbc7 Mon Sep 17 00:00:00 2001
From: Ivan Zorin <creator@localzet.com>
Date: Mon, 10 Jun 2024 19:14:42 +0300
Subject: [PATCH 4/4] Update LWT.php

---
 src/LWT.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/LWT.php b/src/LWT.php
index ee314b4..bc9659e 100644
--- a/src/LWT.php
+++ b/src/LWT.php
@@ -777,13 +777,13 @@ public static function base64UrlEncode($inputData): string
      *
      * @param string $inputData Строка в формате base64url для декодирования.
      *
-     * @return false|string Возвращает декодированные данные или false, если произошла ошибка.
+     * @return string Возвращает декодированные данные или false, если произошла ошибка.
      *
      * @throws RuntimeException Ошибка декодирования base64
      *
      * @see https://www.php.net/manual/en/function.base64-decode.php
      */
-    public static function base64UrlDecode(string $inputData)
+    public static function base64UrlDecode(string $inputData): string
     {
         // Вычисляем остаток от деления длины строки на 4
         $remainder = strlen($inputData) % self::BASE64_GROUP_SIZE;