If we dont have enough jwt parts, jwt is invalid

bajb · bajb · commit a6aaa4a9e2e8 · 2020-04-28T11:31:03.000+01:00
diff --git a/src/Fident.php b/src/Fident.php
@@ -28,7 +28,12 @@ public function getConfig(): FidentConfiguration
 
   public function verifyJwt(string $rawJwt): bool
   {
-    [$head64, $payload64, $sig64] = explode('.', $rawJwt, 3);
+    $parts = explode('.', $rawJwt, 3);
+    if(count($parts) != 3)
+    {
+      return false;
+    }
+    [$head64, $payload64, $sig64] = $parts;
     $header = json_decode(Strings::urlsafeBase64Decode($head64));
     if(!$header || !isset($header->typ) || $header->typ !== 'JWT')
     {

Original file line number	Diff line number	Diff line change
`@@ -28,7 +28,12 @@ public function getConfig(): FidentConfiguration`
`28`	`28`
`29`	`29`	`public function verifyJwt(string $rawJwt): bool`
`30`	`30`	`{`
`31`		`- [$head64, $payload64, $sig64] = explode('.', $rawJwt, 3);`
	`31`	`+ $parts = explode('.', $rawJwt, 3);`
	`32`	`+ if(count($parts) != 3)`
	`33`	`+ {`
	`34`	`+ return false;`
	`35`	`+ }`
	`36`	`+ [$head64, $payload64, $sig64] = $parts;`
`32`	`37`	`$header = json_decode(Strings::urlsafeBase64Decode($head64));`
`33`	`38`	`if(!$header \|\| !isset($header->typ) \|\| $header->typ !== 'JWT')`
`34`	`39`	`{`