From c8cb6f05f5bbfa4164511d77bf8e629ed438dcf1 Mon Sep 17 00:00:00 2001
From: Brooke Bryan <brooke@bajb.net>
Date: Fri, 1 Feb 2019 14:38:23 +0000
Subject: [PATCH] Use library urlSafe base64 decode

---
 composer.json  |  4 ++--
 src/Fident.php | 24 +++++++-----------------
 2 files changed, 9 insertions(+), 19 deletions(-)

diff --git a/composer.json b/composer.json
index 83dbb3a..7f0c185 100644
--- a/composer.json
+++ b/composer.json
@@ -9,10 +9,10 @@
     }
   ],
   "require": {
-    "php": ">=7.0",
+    "php": ">=7.1",
     "ext-json": "*",
     "ext-openssl": "*",
-    "packaged/helpers": "~1.0"
+    "packaged/helpers": "^1.0||^2.0"
   },
   "require-dev": {
     "phpunit/phpunit": "~7.0"
diff --git a/src/Fident.php b/src/Fident.php
index 30ee6a7..79cb8ce 100644
--- a/src/Fident.php
+++ b/src/Fident.php
@@ -4,6 +4,7 @@
 use Fident\Web\Notifications\FidentNotification;
 use Fident\Web\UserData\FidentJwtData;
 use Packaged\Helpers\Objects;
+use Packaged\Helpers\Strings;
 
 class Fident
 {
@@ -27,14 +28,14 @@ public function getConfig(): FidentConfiguration
 
   public function verifyJwt(string $rawJwt): bool
   {
-    list($header64, $payload64, $sig64) = explode('.', $rawJwt, 3);
-    $header = json_decode(self::urlsafeB64Decode($header64));
+    list($head64, $payload64, $sig64) = explode('.', $rawJwt, 3);
+    $header = json_decode(Strings::urlsafeBase64Decode($head64));
     if(!$header || !isset($header->typ) || $header->typ !== 'JWT')
     {
       return false;
     }
     $key = $this->_configuration->getPublicKey();
-    return openssl_verify("$header64.$payload64", self::urlsafeB64Decode($sig64), $key, OPENSSL_ALGO_SHA256) === 1;
+    return openssl_verify("$head64.$payload64", Strings::urlsafeBase64Decode($sig64), $key, OPENSSL_ALGO_SHA256) === 1;
   }
 
   public function decodeJwtPayload(string $rawJwt): ?FidentJwtData
@@ -42,8 +43,8 @@ public function decodeJwtPayload(string $rawJwt): ?FidentJwtData
     $data = new FidentJwtData();
 
     list(, $payload64,) = explode('.', $rawJwt, 3);
-    $payload = json_decode(self::urlsafeB64Decode($payload64));
-    $payload->payload = self::urlsafeB64Decode($payload->payload);
+    $payload = json_decode(Strings::urlsafeBase64Decode($payload64));
+    $payload->payload = Strings::urlsafeBase64Decode($payload->payload);
 
     $method = 'AES-256-CFB';
     $ivlen = openssl_cipher_iv_length($method);
@@ -68,22 +69,11 @@ public function decodeNotification($requestBody): ?FidentNotification
   {
     $notification = json_decode($requestBody);
     $data = Objects::property($notification, 'Data', '');
-    $sig = self::urlsafeB64Decode(Objects::property($notification, 'Signature', ''));
+    $sig = Strings::urlsafeBase64Decode(Objects::property($notification, 'Signature', ''));
     if(openssl_verify($data, $sig, $this->getConfig()->getPublicKey(), OPENSSL_ALGO_SHA256))
     {
       return FidentNotification::generate(Objects::property($notification, 'DataType', 1), $data);
     }
     return null;
   }
-
-  public static function urlsafeB64Decode($input)
-  {
-    $remainder = strlen($input) % 4;
-    if($remainder)
-    {
-      $padlen = 4 - $remainder;
-      $input .= str_repeat('=', $padlen);
-    }
-    return base64_decode(strtr($input, '-_', '+/'));
-  }
 }