LiveChat – WP live chat plugin for WordPress - Version 4.5.3

Version Description

  • fixed loading custom fonts in Elementor
Download this release

Release Info

Developer livechat
Plugin Icon 128x128 LiveChat – WP live chat plugin for WordPress
Version 4.5.3
Comparing to
See all releases

Code changes from version 4.5.2 to 4.5.3

Files changed (12) hide show
  1. changelog.txt +3 -0
  2. composer.lock +19 -19
  3. livechat.php +1 -1
  4. plugin_files/Services/Elementor/ElementorWidgetsProvider.class.php +18 -16
  5. readme.txt +4 -1
  6. vendor/autoload.php +1 -1
  7. vendor/composer/autoload_real.php +4 -4
  8. vendor/composer/autoload_static.php +4 -4
  9. vendor/composer/installed.json +6 -6
  10. vendor/firebase/php-jwt/README.md +13 -6
  11. vendor/firebase/php-jwt/src/JWT.php +98 -31
  12. vendor/firebase/php-jwt/src/Key.php +59 -0
changelog.txt CHANGED
@@ -1,5 +1,8 @@
1
  == Changelog ==
2
 
 
 
 
3
  = 4.5.2 =
4
  * introduced prefixes to avoid naming collisions
5
 
1
  == Changelog ==
2
 
3
+ = 4.5.3 =
4
+ * fixed loading custom fonts in Elementor
5
+
6
  = 4.5.2 =
7
  * introduced prefixes to avoid naming collisions
8
 
composer.lock CHANGED
@@ -8,16 +8,16 @@
8
  "packages": [
9
  {
10
  "name": "firebase/php-jwt",
11
- "version": "v5.4.0",
12
  "source": {
13
  "type": "git",
14
  "url": "https://github.com/firebase/php-jwt.git",
15
- "reference": "d2113d9b2e0e349796e72d2a63cf9319100382d2"
16
  },
17
  "dist": {
18
  "type": "zip",
19
- "url": "https://api.github.com/repos/firebase/php-jwt/zipball/d2113d9b2e0e349796e72d2a63cf9319100382d2",
20
- "reference": "d2113d9b2e0e349796e72d2a63cf9319100382d2",
21
  "shasum": ""
22
  },
23
  "require": {
@@ -57,7 +57,7 @@
57
  "jwt",
58
  "php"
59
  ],
60
- "time": "2021-06-23T19:00:23+00:00"
61
  }
62
  ],
63
  "packages-dev": [
@@ -107,27 +107,27 @@
107
  },
108
  {
109
  "name": "brain/monkey",
110
- "version": "2.6.0",
111
  "source": {
112
  "type": "git",
113
  "url": "https://github.com/Brain-WP/BrainMonkey.git",
114
- "reference": "7042140000b4b18034c0c0010d86274a00f25442"
115
  },
116
  "dist": {
117
  "type": "zip",
118
- "url": "https://api.github.com/repos/Brain-WP/BrainMonkey/zipball/7042140000b4b18034c0c0010d86274a00f25442",
119
- "reference": "7042140000b4b18034c0c0010d86274a00f25442",
120
  "shasum": ""
121
  },
122
  "require": {
123
- "antecedent/patchwork": "^2.0",
124
- "mockery/mockery": ">=0.9 <2",
125
  "php": ">=5.6.0"
126
  },
127
  "require-dev": {
128
- "dealerdirect/phpcodesniffer-composer-installer": "^0.6 || ^0.7",
129
  "phpcompatibility/php-compatibility": "^9.3.0",
130
- "phpunit/phpunit": "^5.7.9 || ^6.0 || ^7.0 || ^8.0 || ^9.0"
131
  },
132
  "type": "library",
133
  "extra": {
@@ -169,7 +169,7 @@
169
  "test",
170
  "testing"
171
  ],
172
- "time": "2020-10-13T17:56:14+00:00"
173
  },
174
  {
175
  "name": "dealerdirect/phpcodesniffer-composer-installer",
@@ -1730,16 +1730,16 @@
1730
  },
1731
  {
1732
  "name": "squizlabs/php_codesniffer",
1733
- "version": "3.6.1",
1734
  "source": {
1735
  "type": "git",
1736
  "url": "https://github.com/squizlabs/PHP_CodeSniffer.git",
1737
- "reference": "f268ca40d54617c6e06757f83f699775c9b3ff2e"
1738
  },
1739
  "dist": {
1740
  "type": "zip",
1741
- "url": "https://api.github.com/repos/squizlabs/PHP_CodeSniffer/zipball/f268ca40d54617c6e06757f83f699775c9b3ff2e",
1742
- "reference": "f268ca40d54617c6e06757f83f699775c9b3ff2e",
1743
  "shasum": ""
1744
  },
1745
  "require": {
@@ -1777,7 +1777,7 @@
1777
  "phpcs",
1778
  "standards"
1779
  ],
1780
- "time": "2021-10-11T04:00:11+00:00"
1781
  },
1782
  {
1783
  "name": "symfony/polyfill-ctype",
8
  "packages": [
9
  {
10
  "name": "firebase/php-jwt",
11
+ "version": "v5.5.1",
12
  "source": {
13
  "type": "git",
14
  "url": "https://github.com/firebase/php-jwt.git",
15
+ "reference": "83b609028194aa042ea33b5af2d41a7427de80e6"
16
  },
17
  "dist": {
18
  "type": "zip",
19
+ "url": "https://api.github.com/repos/firebase/php-jwt/zipball/83b609028194aa042ea33b5af2d41a7427de80e6",
20
+ "reference": "83b609028194aa042ea33b5af2d41a7427de80e6",
21
  "shasum": ""
22
  },
23
  "require": {
57
  "jwt",
58
  "php"
59
  ],
60
+ "time": "2021-11-08T20:18:51+00:00"
61
  }
62
  ],
63
  "packages-dev": [
107
  },
108
  {
109
  "name": "brain/monkey",
110
+ "version": "2.6.1",
111
  "source": {
112
  "type": "git",
113
  "url": "https://github.com/Brain-WP/BrainMonkey.git",
114
+ "reference": "a31c84515bb0d49be9310f52ef1733980ea8ffbb"
115
  },
116
  "dist": {
117
  "type": "zip",
118
+ "url": "https://api.github.com/repos/Brain-WP/BrainMonkey/zipball/a31c84515bb0d49be9310f52ef1733980ea8ffbb",
119
+ "reference": "a31c84515bb0d49be9310f52ef1733980ea8ffbb",
120
  "shasum": ""
121
  },
122
  "require": {
123
+ "antecedent/patchwork": "^2.1.17",
124
+ "mockery/mockery": "^1.3.5 || ^1.4.4",
125
  "php": ">=5.6.0"
126
  },
127
  "require-dev": {
128
+ "dealerdirect/phpcodesniffer-composer-installer": "^0.7.1",
129
  "phpcompatibility/php-compatibility": "^9.3.0",
130
+ "phpunit/phpunit": "^5.7.26 || ^6.0 || ^7.0 || >=8.0 <8.5.12 || ^8.5.14 || ^9.0"
131
  },
132
  "type": "library",
133
  "extra": {
169
  "test",
170
  "testing"
171
  ],
172
+ "time": "2021-11-11T15:53:55+00:00"
173
  },
174
  {
175
  "name": "dealerdirect/phpcodesniffer-composer-installer",
1730
  },
1731
  {
1732
  "name": "squizlabs/php_codesniffer",
1733
+ "version": "3.6.2",
1734
  "source": {
1735
  "type": "git",
1736
  "url": "https://github.com/squizlabs/PHP_CodeSniffer.git",
1737
+ "reference": "5e4e71592f69da17871dba6e80dd51bce74a351a"
1738
  },
1739
  "dist": {
1740
  "type": "zip",
1741
+ "url": "https://api.github.com/repos/squizlabs/PHP_CodeSniffer/zipball/5e4e71592f69da17871dba6e80dd51bce74a351a",
1742
+ "reference": "5e4e71592f69da17871dba6e80dd51bce74a351a",
1743
  "shasum": ""
1744
  },
1745
  "require": {
1777
  "phpcs",
1778
  "standards"
1779
  ],
1780
+ "time": "2021-12-12T21:44:58+00:00"
1781
  },
1782
  {
1783
  "name": "symfony/polyfill-ctype",
livechat.php CHANGED
@@ -3,7 +3,7 @@
3
  * Plugin Name: LiveChat
4
  * Plugin URI: https://www.livechat.com/marketplace/apps/wordpress/
5
  * Description: Live chat software for live help, online sales and customer support. This plugin allows to quickly install LiveChat on any WordPress website.
6
- * Version: 4.5.2
7
  * Author: LiveChat
8
  * Author URI: https://www.livechat.com
9
  * Text Domain: wp-live-chat-software-for-wordpress
3
  * Plugin Name: LiveChat
4
  * Plugin URI: https://www.livechat.com/marketplace/apps/wordpress/
5
  * Description: Live chat software for live help, online sales and customer support. This plugin allows to quickly install LiveChat on any WordPress website.
6
+ * Version: 4.5.3
7
  * Author: LiveChat
8
  * Author URI: https://www.livechat.com
9
  * Text Domain: wp-live-chat-software-for-wordpress
plugin_files/Services/Elementor/ElementorWidgetsProvider.class.php CHANGED
@@ -100,9 +100,11 @@ class ElementorWidgetsProvider {
100
  /**
101
  * Returns custom LiveChat icons.
102
  *
 
 
103
  * @return array
104
  */
105
- public function register_common_icons() {
106
  $icons_url = $this->module_configuration->get_plugin_url() . 'css/livechat-icons.css';
107
  $plugin_version = $this->module_configuration->get_plugin_version();
108
 
@@ -114,23 +116,23 @@ class ElementorWidgetsProvider {
114
  );
115
  wp_enqueue_style( 'livechat-icons-style' );
116
 
117
- return array(
118
- 'livechat-icons' => array(
119
- 'name' => 'livechat-icons',
120
- 'label' => __( 'LiveChat Icons', 'wp-live-chat-software-for-wordpress' ),
121
- 'labelIcon' => 'lc lc-livechat',
122
- 'prefix' => 'lc-',
123
- 'displayPrefix' => 'lc',
124
- 'url' => $icons_url,
125
- 'icons' => array(
126
- 'livechat',
127
- 'contact-button',
128
- 'quality-badge',
129
- ),
130
- 'ver' => $plugin_version,
131
- 'native' => true,
132
  ),
 
 
133
  );
 
 
134
  }
135
 
136
  /**
100
  /**
101
  * Returns custom LiveChat icons.
102
  *
103
+ * @param array $icons Custom icons set.
104
+ *
105
  * @return array
106
  */
107
+ public function register_common_icons( $icons ) {
108
  $icons_url = $this->module_configuration->get_plugin_url() . 'css/livechat-icons.css';
109
  $plugin_version = $this->module_configuration->get_plugin_version();
110
 
116
  );
117
  wp_enqueue_style( 'livechat-icons-style' );
118
 
119
+ $icons['livechat-icons'] = array(
120
+ 'name' => 'livechat-icons',
121
+ 'label' => __( 'LiveChat Icons', 'wp-live-chat-software-for-wordpress' ),
122
+ 'labelIcon' => 'lc lc-livechat',
123
+ 'prefix' => 'lc-',
124
+ 'displayPrefix' => 'lc',
125
+ 'url' => $icons_url,
126
+ 'icons' => array(
127
+ 'livechat',
128
+ 'contact-button',
129
+ 'quality-badge',
 
 
 
 
130
  ),
131
+ 'ver' => $plugin_version,
132
+ 'native' => true,
133
  );
134
+
135
+ return $icons;
136
  }
137
 
138
  /**
readme.txt CHANGED
@@ -1,7 +1,7 @@
1
  === LiveChat - WP live chat plugin for WordPress ===
2
  Contributors: LiveChat
3
  Tags: live chat, chat plugin, live chat plugin, wordpress live chat, wordpress chat,
4
- Stable tag: 4.5.2
5
  Requires PHP: 5.6
6
  Tested up to: 5.8
7
  Requires at least: 4.4
@@ -352,6 +352,9 @@ For more detailed instructions, go to the [live chat plugin page](https://www.li
352
 
353
  == Changelog ==
354
 
 
 
 
355
  = 4.5.2 =
356
  * introduced prefixes to avoid naming collisions
357
 
1
  === LiveChat - WP live chat plugin for WordPress ===
2
  Contributors: LiveChat
3
  Tags: live chat, chat plugin, live chat plugin, wordpress live chat, wordpress chat,
4
+ Stable tag: 4.5.3
5
  Requires PHP: 5.6
6
  Tested up to: 5.8
7
  Requires at least: 4.4
352
 
353
  == Changelog ==
354
 
355
+ = 4.5.3 =
356
+ * fixed loading custom fonts in Elementor
357
+
358
  = 4.5.2 =
359
  * introduced prefixes to avoid naming collisions
360
 
vendor/autoload.php CHANGED
@@ -4,4 +4,4 @@
4
 
5
  require_once __DIR__ . '/composer/autoload_real.php';
6
 
7
- return ComposerAutoloaderInitbe8016d7541d0796303ef7274159d1cd::getLoader();
4
 
5
  require_once __DIR__ . '/composer/autoload_real.php';
6
 
7
+ return ComposerAutoloaderInitd9a18f3f83c2d9faf26de0a95288056e::getLoader();
vendor/composer/autoload_real.php CHANGED
@@ -2,7 +2,7 @@
2
 
3
  // autoload_real.php @generated by Composer
4
 
5
- class ComposerAutoloaderInitbe8016d7541d0796303ef7274159d1cd
6
  {
7
  private static $loader;
8
 
@@ -22,15 +22,15 @@ class ComposerAutoloaderInitbe8016d7541d0796303ef7274159d1cd
22
  return self::$loader;
23
  }
24
 
25
- spl_autoload_register(array('ComposerAutoloaderInitbe8016d7541d0796303ef7274159d1cd', 'loadClassLoader'), true, true);
26
  self::$loader = $loader = new \Composer\Autoload\ClassLoader();
27
- spl_autoload_unregister(array('ComposerAutoloaderInitbe8016d7541d0796303ef7274159d1cd', 'loadClassLoader'));
28
 
29
  $useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded());
30
  if ($useStaticLoader) {
31
  require_once __DIR__ . '/autoload_static.php';
32
 
33
- call_user_func(\Composer\Autoload\ComposerStaticInitbe8016d7541d0796303ef7274159d1cd::getInitializer($loader));
34
  } else {
35
  $map = require __DIR__ . '/autoload_namespaces.php';
36
  foreach ($map as $namespace => $path) {
2
 
3
  // autoload_real.php @generated by Composer
4
 
5
+ class ComposerAutoloaderInitd9a18f3f83c2d9faf26de0a95288056e
6
  {
7
  private static $loader;
8
 
22
  return self::$loader;
23
  }
24
 
25
+ spl_autoload_register(array('ComposerAutoloaderInitd9a18f3f83c2d9faf26de0a95288056e', 'loadClassLoader'), true, true);
26
  self::$loader = $loader = new \Composer\Autoload\ClassLoader();
27
+ spl_autoload_unregister(array('ComposerAutoloaderInitd9a18f3f83c2d9faf26de0a95288056e', 'loadClassLoader'));
28
 
29
  $useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded());
30
  if ($useStaticLoader) {
31
  require_once __DIR__ . '/autoload_static.php';
32
 
33
+ call_user_func(\Composer\Autoload\ComposerStaticInitd9a18f3f83c2d9faf26de0a95288056e::getInitializer($loader));
34
  } else {
35
  $map = require __DIR__ . '/autoload_namespaces.php';
36
  foreach ($map as $namespace => $path) {
vendor/composer/autoload_static.php CHANGED
@@ -4,7 +4,7 @@
4
 
5
  namespace Composer\Autoload;
6
 
7
- class ComposerStaticInitbe8016d7541d0796303ef7274159d1cd
8
  {
9
  public static $prefixLengthsPsr4 = array (
10
  'L' =>
@@ -130,9 +130,9 @@ class ComposerStaticInitbe8016d7541d0796303ef7274159d1cd
130
  public static function getInitializer(ClassLoader $loader)
131
  {
132
  return \Closure::bind(function () use ($loader) {
133
- $loader->prefixLengthsPsr4 = ComposerStaticInitbe8016d7541d0796303ef7274159d1cd::$prefixLengthsPsr4;
134
- $loader->prefixDirsPsr4 = ComposerStaticInitbe8016d7541d0796303ef7274159d1cd::$prefixDirsPsr4;
135
- $loader->classMap = ComposerStaticInitbe8016d7541d0796303ef7274159d1cd::$classMap;
136
 
137
  }, null, ClassLoader::class);
138
  }
4
 
5
  namespace Composer\Autoload;
6
 
7
+ class ComposerStaticInitd9a18f3f83c2d9faf26de0a95288056e
8
  {
9
  public static $prefixLengthsPsr4 = array (
10
  'L' =>
130
  public static function getInitializer(ClassLoader $loader)
131
  {
132
  return \Closure::bind(function () use ($loader) {
133
+ $loader->prefixLengthsPsr4 = ComposerStaticInitd9a18f3f83c2d9faf26de0a95288056e::$prefixLengthsPsr4;
134
+ $loader->prefixDirsPsr4 = ComposerStaticInitd9a18f3f83c2d9faf26de0a95288056e::$prefixDirsPsr4;
135
+ $loader->classMap = ComposerStaticInitd9a18f3f83c2d9faf26de0a95288056e::$classMap;
136
 
137
  }, null, ClassLoader::class);
138
  }
vendor/composer/installed.json CHANGED
@@ -1,17 +1,17 @@
1
  [
2
  {
3
  "name": "firebase/php-jwt",
4
- "version": "v5.4.0",
5
- "version_normalized": "5.4.0.0",
6
  "source": {
7
  "type": "git",
8
  "url": "https://github.com/firebase/php-jwt.git",
9
- "reference": "d2113d9b2e0e349796e72d2a63cf9319100382d2"
10
  },
11
  "dist": {
12
  "type": "zip",
13
- "url": "https://api.github.com/repos/firebase/php-jwt/zipball/d2113d9b2e0e349796e72d2a63cf9319100382d2",
14
- "reference": "d2113d9b2e0e349796e72d2a63cf9319100382d2",
15
  "shasum": ""
16
  },
17
  "require": {
@@ -23,7 +23,7 @@
23
  "suggest": {
24
  "paragonie/sodium_compat": "Support EdDSA (Ed25519) signatures when libsodium is not present"
25
  },
26
- "time": "2021-06-23T19:00:23+00:00",
27
  "type": "library",
28
  "installation-source": "dist",
29
  "autoload": {
1
  [
2
  {
3
  "name": "firebase/php-jwt",
4
+ "version": "v5.5.1",
5
+ "version_normalized": "5.5.1.0",
6
  "source": {
7
  "type": "git",
8
  "url": "https://github.com/firebase/php-jwt.git",
9
+ "reference": "83b609028194aa042ea33b5af2d41a7427de80e6"
10
  },
11
  "dist": {
12
  "type": "zip",
13
+ "url": "https://api.github.com/repos/firebase/php-jwt/zipball/83b609028194aa042ea33b5af2d41a7427de80e6",
14
+ "reference": "83b609028194aa042ea33b5af2d41a7427de80e6",
15
  "shasum": ""
16
  },
17
  "require": {
23
  "suggest": {
24
  "paragonie/sodium_compat": "Support EdDSA (Ed25519) signatures when libsodium is not present"
25
  },
26
+ "time": "2021-11-08T20:18:51+00:00",
27
  "type": "library",
28
  "installation-source": "dist",
29
  "autoload": {
vendor/firebase/php-jwt/README.md CHANGED
@@ -27,6 +27,7 @@ Example
27
  -------
28
  ```php
29
  use Firebase\JWT\JWT;
 
30
 
31
  $key = "example_key";
32
  $payload = array(
@@ -42,8 +43,8 @@ $payload = array(
42
  * https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40
43
  * for a list of spec-compliant algorithms.
44
  */
45
- $jwt = JWT::encode($payload, $key);
46
- $decoded = JWT::decode($jwt, $key, array('HS256'));
47
 
48
  print_r($decoded);
49
 
@@ -62,12 +63,13 @@ $decoded_array = (array) $decoded;
62
  * Source: http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#nbfDef
63
  */
64
  JWT::$leeway = 60; // $leeway in seconds
65
- $decoded = JWT::decode($jwt, $key, array('HS256'));
66
  ```
67
  Example with RS256 (openssl)
68
  ----------------------------
69
  ```php
70
  use Firebase\JWT\JWT;
 
71
 
72
  $privateKey = <<<EOD
73
  -----BEGIN RSA PRIVATE KEY-----
@@ -106,7 +108,7 @@ $payload = array(
106
  $jwt = JWT::encode($payload, $privateKey, 'RS256');
107
  echo "Encode:\n" . print_r($jwt, true) . "\n";
108
 
109
- $decoded = JWT::decode($jwt, $publicKey, array('RS256'));
110
 
111
  /*
112
  NOTE: This will now be an object instead of an associative array. To get
@@ -121,6 +123,9 @@ Example with a passphrase
121
  -------------------------
122
 
123
  ```php
 
 
 
124
  // Your passphrase
125
  $passphrase = '[YOUR_PASSPHRASE]';
126
 
@@ -147,7 +152,7 @@ echo "Encode:\n" . print_r($jwt, true) . "\n";
147
  // Get public key from the private key, or pull from from a file.
148
  $publicKey = openssl_pkey_get_details($privateKey)['key'];
149
 
150
- $decoded = JWT::decode($jwt, $publicKey, array('RS256'));
151
  echo "Decode:\n" . print_r((array) $decoded, true) . "\n";
152
  ```
153
 
@@ -155,6 +160,7 @@ Example with EdDSA (libsodium and Ed25519 signature)
155
  ----------------------------
156
  ```php
157
  use Firebase\JWT\JWT;
 
158
 
159
  // Public and private keys are expected to be Base64 encoded. The last
160
  // non-empty line is used so that keys can be generated with
@@ -177,7 +183,7 @@ $payload = array(
177
  $jwt = JWT::encode($payload, $privateKey, 'EdDSA');
178
  echo "Encode:\n" . print_r($jwt, true) . "\n";
179
 
180
- $decoded = JWT::decode($jwt, $publicKey, array('EdDSA'));
181
  echo "Decode:\n" . print_r((array) $decoded, true) . "\n";
182
  ````
183
 
@@ -194,6 +200,7 @@ $jwks = ['keys' => []];
194
 
195
  // JWK::parseKeySet($jwks) returns an associative array of **kid** to private
196
  // key. Pass this as the second parameter to JWT::decode.
 
197
  JWT::decode($payload, JWK::parseKeySet($jwks), $supportedAlgorithm);
198
  ```
199
 
27
  -------
28
  ```php
29
  use Firebase\JWT\JWT;
30
+ use Firebase\JWT\Key;
31
 
32
  $key = "example_key";
33
  $payload = array(
43
  * https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40
44
  * for a list of spec-compliant algorithms.
45
  */
46
+ $jwt = JWT::encode($payload, $key, 'HS256');
47
+ $decoded = JWT::decode($jwt, new Key($key, 'HS256'));
48
 
49
  print_r($decoded);
50
 
63
  * Source: http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#nbfDef
64
  */
65
  JWT::$leeway = 60; // $leeway in seconds
66
+ $decoded = JWT::decode($jwt, new Key($key, 'HS256'));
67
  ```
68
  Example with RS256 (openssl)
69
  ----------------------------
70
  ```php
71
  use Firebase\JWT\JWT;
72
+ use Firebase\JWT\Key;
73
 
74
  $privateKey = <<<EOD
75
  -----BEGIN RSA PRIVATE KEY-----
108
  $jwt = JWT::encode($payload, $privateKey, 'RS256');
109
  echo "Encode:\n" . print_r($jwt, true) . "\n";
110
 
111
+ $decoded = JWT::decode($jwt, new Key($publicKey, 'RS256'));
112
 
113
  /*
114
  NOTE: This will now be an object instead of an associative array. To get
123
  -------------------------
124
 
125
  ```php
126
+ use Firebase\JWT\JWT;
127
+ use Firebase\JWT\Key;
128
+
129
  // Your passphrase
130
  $passphrase = '[YOUR_PASSPHRASE]';
131
 
152
  // Get public key from the private key, or pull from from a file.
153
  $publicKey = openssl_pkey_get_details($privateKey)['key'];
154
 
155
+ $decoded = JWT::decode($jwt, new Key($publicKey, 'RS256'));
156
  echo "Decode:\n" . print_r((array) $decoded, true) . "\n";
157
  ```
158
 
160
  ----------------------------
161
  ```php
162
  use Firebase\JWT\JWT;
163
+ use Firebase\JWT\Key;
164
 
165
  // Public and private keys are expected to be Base64 encoded. The last
166
  // non-empty line is used so that keys can be generated with
183
  $jwt = JWT::encode($payload, $privateKey, 'EdDSA');
184
  echo "Encode:\n" . print_r($jwt, true) . "\n";
185
 
186
+ $decoded = JWT::decode($jwt, new Key($publicKey, 'EdDSA'));
187
  echo "Decode:\n" . print_r((array) $decoded, true) . "\n";
188
  ````
189
 
200
 
201
  // JWK::parseKeySet($jwks) returns an associative array of **kid** to private
202
  // key. Pass this as the second parameter to JWT::decode.
203
+ // NOTE: The deprecated $supportedAlgorithm must be supplied when parsing from JWK.
204
  JWT::decode($payload, JWK::parseKeySet($jwks), $supportedAlgorithm);
205
  ```
206
 
vendor/firebase/php-jwt/src/JWT.php CHANGED
@@ -2,9 +2,11 @@
2
 
3
  namespace Firebase\JWT;
4
 
 
5
  use DomainException;
6
  use Exception;
7
  use InvalidArgumentException;
 
8
  use UnexpectedValueException;
9
  use DateTime;
10
 
@@ -58,11 +60,13 @@ class JWT
58
  * Decodes a JWT string into a PHP object.
59
  *
60
  * @param string $jwt The JWT
61
- * @param string|array|resource $key The key, or map of keys.
62
  * If the algorithm used is asymmetric, this is the public key
63
- * @param array $allowed_algs List of supported verification algorithms
64
  * Supported algorithms are 'ES384','ES256', 'HS256', 'HS384',
65
  * 'HS512', 'RS256', 'RS384', and 'RS512'
 
 
66
  *
67
  * @return object The JWT's payload as a PHP object
68
  *
@@ -76,11 +80,11 @@ class JWT
76
  * @uses jsonDecode
77
  * @uses urlsafeB64Decode
78
  */
79
- public static function decode($jwt, $key, array $allowed_algs = array())
80
  {
81
  $timestamp = \is_null(static::$timestamp) ? \time() : static::$timestamp;
82
 
83
- if (empty($key)) {
84
  throw new InvalidArgumentException('Key may not be empty');
85
  }
86
  $tks = \explode('.', $jwt);
@@ -103,27 +107,32 @@ class JWT
103
  if (empty(static::$supported_algs[$header->alg])) {
104
  throw new UnexpectedValueException('Algorithm not supported');
105
  }
106
- if (!\in_array($header->alg, $allowed_algs)) {
107
- throw new UnexpectedValueException('Algorithm not allowed');
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
108
  }
109
  if ($header->alg === 'ES256' || $header->alg === 'ES384') {
110
  // OpenSSL expects an ASN.1 DER sequence for ES256/ES384 signatures
111
  $sig = self::signatureToDER($sig);
112
  }
113
 
114
- if (\is_array($key) || $key instanceof \ArrayAccess) {
115
- if (isset($header->kid)) {
116
- if (!isset($key[$header->kid])) {
117
- throw new UnexpectedValueException('"kid" invalid, unable to lookup correct key');
118
- }
119
- $key = $key[$header->kid];
120
- } else {
121
- throw new UnexpectedValueException('"kid" empty, unable to lookup correct key');
122
- }
123
- }
124
-
125
- // Check the signature
126
- if (!static::verify("$headb64.$bodyb64", $sig, $key, $header->alg)) {
127
  throw new SignatureInvalidException('Signature verification failed');
128
  }
129
 
@@ -285,18 +294,7 @@ class JWT
285
  case 'hash_hmac':
286
  default:
287
  $hash = \hash_hmac($algorithm, $msg, $key, true);
288
- if (\function_exists('hash_equals')) {
289
- return \hash_equals($signature, $hash);
290
- }
291
- $len = \min(static::safeStrlen($signature), static::safeStrlen($hash));
292
-
293
- $status = 0;
294
- for ($i = 0; $i < $len; $i++) {
295
- $status |= (\ord($signature[$i]) ^ \ord($hash[$i]));
296
- }
297
- $status |= (static::safeStrlen($signature) ^ static::safeStrlen($hash));
298
-
299
- return ($status === 0);
300
  }
301
  }
302
 
@@ -384,6 +382,75 @@ class JWT
384
  return \str_replace('=', '', \strtr(\base64_encode($input), '+/', '-_'));
385
  }
386
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
387
  /**
388
  * Helper method to create a JSON error.
389
  *
2
 
3
  namespace Firebase\JWT;
4
 
5
+ use ArrayAccess;
6
  use DomainException;
7
  use Exception;
8
  use InvalidArgumentException;
9
+ use OpenSSLAsymmetricKey;
10
  use UnexpectedValueException;
11
  use DateTime;
12
 
60
  * Decodes a JWT string into a PHP object.
61
  *
62
  * @param string $jwt The JWT
63
+ * @param Key|array<Key>|mixed $keyOrKeyArray The Key or array of Key objects.
64
  * If the algorithm used is asymmetric, this is the public key
65
+ * Each Key object contains an algorithm and matching key.
66
  * Supported algorithms are 'ES384','ES256', 'HS256', 'HS384',
67
  * 'HS512', 'RS256', 'RS384', and 'RS512'
68
+ * @param array $allowed_algs [DEPRECATED] List of supported verification algorithms. Only
69
+ * should be used for backwards compatibility.
70
  *
71
  * @return object The JWT's payload as a PHP object
72
  *
80
  * @uses jsonDecode
81
  * @uses urlsafeB64Decode
82
  */
83
+ public static function decode($jwt, $keyOrKeyArray, array $allowed_algs = array())
84
  {
85
  $timestamp = \is_null(static::$timestamp) ? \time() : static::$timestamp;
86
 
87
+ if (empty($keyOrKeyArray)) {
88
  throw new InvalidArgumentException('Key may not be empty');
89
  }
90
  $tks = \explode('.', $jwt);
107
  if (empty(static::$supported_algs[$header->alg])) {
108
  throw new UnexpectedValueException('Algorithm not supported');
109
  }
110
+
111
+ list($keyMaterial, $algorithm) = self::getKeyMaterialAndAlgorithm(
112
+ $keyOrKeyArray,
113
+ empty($header->kid) ? null : $header->kid
114
+ );
115
+
116
+ if (empty($algorithm)) {
117
+ // Use deprecated "allowed_algs" to determine if the algorithm is supported.
118
+ // This opens up the possibility of an attack in some implementations.
119
+ // @see https://github.com/firebase/php-jwt/issues/351
120
+ if (!\in_array($header->alg, $allowed_algs)) {
121
+ throw new UnexpectedValueException('Algorithm not allowed');
122
+ }
123
+ } else {
124
+ // Check the algorithm
125
+ if (!self::constantTimeEquals($algorithm, $header->alg)) {
126
+ // See issue #351
127
+ throw new UnexpectedValueException('Incorrect key for this algorithm');
128
+ }
129
  }
130
  if ($header->alg === 'ES256' || $header->alg === 'ES384') {
131
  // OpenSSL expects an ASN.1 DER sequence for ES256/ES384 signatures
132
  $sig = self::signatureToDER($sig);
133
  }
134
 
135
+ if (!static::verify("$headb64.$bodyb64", $sig, $keyMaterial, $header->alg)) {
 
 
 
 
 
 
 
 
 
 
 
 
136
  throw new SignatureInvalidException('Signature verification failed');
137
  }
138
 
294
  case 'hash_hmac':
295
  default:
296
  $hash = \hash_hmac($algorithm, $msg, $key, true);
297
+ return self::constantTimeEquals($signature, $hash);
 
 
 
 
 
 
 
 
 
 
 
298
  }
299
  }
300
 
382
  return \str_replace('=', '', \strtr(\base64_encode($input), '+/', '-_'));
383
  }
384
 
385
+
386
+ /**
387
+ * Determine if an algorithm has been provided for each Key
388
+ *
389
+ * @param Key|array<Key>|mixed $keyOrKeyArray
390
+ * @param string|null $kid
391
+ *
392
+ * @throws UnexpectedValueException
393
+ *
394
+ * @return array containing the keyMaterial and algorithm
395
+ */
396
+ private static function getKeyMaterialAndAlgorithm($keyOrKeyArray, $kid = null)
397
+ {
398
+ if (
399
+ is_string($keyOrKeyArray)
400
+ || is_resource($keyOrKeyArray)
401
+ || $keyOrKeyArray instanceof OpenSSLAsymmetricKey
402
+ ) {
403
+ return array($keyOrKeyArray, null);
404
+ }
405
+
406
+ if ($keyOrKeyArray instanceof Key) {
407
+ return array($keyOrKeyArray->getKeyMaterial(), $keyOrKeyArray->getAlgorithm());
408
+ }
409
+
410
+ if (is_array($keyOrKeyArray) || $keyOrKeyArray instanceof ArrayAccess) {
411
+ if (!isset($kid)) {
412
+ throw new UnexpectedValueException('"kid" empty, unable to lookup correct key');
413
+ }
414
+ if (!isset($keyOrKeyArray[$kid])) {
415
+ throw new UnexpectedValueException('"kid" invalid, unable to lookup correct key');
416
+ }
417
+
418
+ $key = $keyOrKeyArray[$kid];
419
+
420
+ if ($key instanceof Key) {
421
+ return array($key->getKeyMaterial(), $key->getAlgorithm());
422
+ }
423
+
424
+ return array($key, null);
425
+ }
426
+
427
+ throw new UnexpectedValueException(
428
+ '$keyOrKeyArray must be a string|resource key, an array of string|resource keys, '
429
+ . 'an instance of Firebase\JWT\Key key or an array of Firebase\JWT\Key keys'
430
+ );
431
+ }
432
+
433
+ /**
434
+ * @param string $left
435
+ * @param string $right
436
+ * @return bool
437
+ */
438
+ public static function constantTimeEquals($left, $right)
439
+ {
440
+ if (\function_exists('hash_equals')) {
441
+ return \hash_equals($left, $right);
442
+ }
443
+ $len = \min(static::safeStrlen($left), static::safeStrlen($right));
444
+
445
+ $status = 0;
446
+ for ($i = 0; $i < $len; $i++) {
447
+ $status |= (\ord($left[$i]) ^ \ord($right[$i]));
448
+ }
449
+ $status |= (static::safeStrlen($left) ^ static::safeStrlen($right));
450
+
451
+ return ($status === 0);
452
+ }
453
+
454
  /**
455
  * Helper method to create a JSON error.
456
  *
vendor/firebase/php-jwt/src/Key.php ADDED
@@ -0,0 +1,59 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ namespace Firebase\JWT;
4
+
5
+ use InvalidArgumentException;
6
+ use OpenSSLAsymmetricKey;
7
+
8
+ class Key
9
+ {
10
+ /** @var string $algorithm */
11
+ private $algorithm;
12
+
13
+ /** @var string|resource|OpenSSLAsymmetricKey $keyMaterial */
14
+ private $keyMaterial;
15
+
16
+ /**
17
+ * @param string|resource|OpenSSLAsymmetricKey $keyMaterial
18
+ * @param string $algorithm
19
+ */
20
+ public function __construct($keyMaterial, $algorithm)
21
+ {
22
+ if (
23
+ !is_string($keyMaterial)
24
+ && !is_resource($keyMaterial)
25
+ && !$keyMaterial instanceof OpenSSLAsymmetricKey
26
+ ) {
27
+ throw new InvalidArgumentException('Type error: $keyMaterial must be a string, resource, or OpenSSLAsymmetricKey');
28
+ }
29
+
30
+ if (empty($keyMaterial)) {
31
+ throw new InvalidArgumentException('Type error: $keyMaterial must not be empty');
32
+ }
33
+
34
+ if (!is_string($algorithm)|| empty($keyMaterial)) {
35
+ throw new InvalidArgumentException('Type error: $algorithm must be a string');
36
+ }
37
+
38
+ $this->keyMaterial = $keyMaterial;
39
+ $this->algorithm = $algorithm;
40
+ }
41
+
42
+ /**
43
+ * Return the algorithm valid for this key
44
+ *
45
+ * @return string
46
+ */
47
+ public function getAlgorithm()
48
+ {
49
+ return $this->algorithm;
50
+ }
51
+
52
+ /**
53
+ * @return string|resource|OpenSSLAsymmetricKey
54
+ */
55
+ public function getKeyMaterial()
56
+ {
57
+ return $this->keyMaterial;
58
+ }
59
+ }