package and depencies

vendor/lcobucci/jwt/src/Validation/Constraint/SignedWith.php

@@ -0,0 +1,37 @@
+<?php
+declare(strict_types=1);
+
+namespace Lcobucci\JWT\Validation\Constraint;
+
+use Lcobucci\JWT\Signer;
+use Lcobucci\JWT\Token;
+use Lcobucci\JWT\UnencryptedToken;
+use Lcobucci\JWT\Validation\ConstraintViolation;
+use Lcobucci\JWT\Validation\SignedWith as SignedWithInterface;
+
+final class SignedWith implements SignedWithInterface
+{
+    private Signer $signer;
+    private Signer\Key $key;
+
+    public function __construct(Signer $signer, Signer\Key $key)
+    {
+        $this->signer = $signer;
+        $this->key    = $key;
+    }
+
+    public function assert(Token $token): void
+    {
+        if (! $token instanceof UnencryptedToken) {
+            throw ConstraintViolation::error('You should pass a plain token', $this);
+        }
+
+        if ($token->headers()->get('alg') !== $this->signer->algorithmId()) {
+            throw ConstraintViolation::error('Token signer mismatch', $this);
+        }
+
+        if (! $this->signer->verify($token->signature()->hash(), $token->payload(), $this->key)) {
+            throw ConstraintViolation::error('Token signature mismatch', $this);
+        }
+    }
+}