SignatureInvalidException not available on line 150 in JWT.php

[tbobker123]

When passing an invalid token, I am getting a PHP error. The current line is:

        if (!self::verify("{$headb64}.{$bodyb64}", $sig, $key->getKeyMaterial(), $header->alg)) {
            throw new SignatureInvalidException('Signature verification failed');
        }

But as far as I can see, SignatureInvalidException is not available in this file I updated to use the included UnexpectedValueException.

Please let me know if I have this wrong or if there really is some code error.

[Krisell]

The SignatureInvalidException class does exist in the same folder and namespace. What is the exact error you are seeing?

[tbobker123]

I get this error in my log:

PHP Fatal error: Uncaught Error: Class "Firebase\JWT\SignatureInvalidException" not found in /var/www/..../includes/php-jwt-main/src/JWT.php:150

[paolo-blocklabs]

on top of this if the signature $sig contains an extra char like " or ", at the end of the token it's still considering it valid, will you be able to add some validation that the signature is a valid base64 string?