Skip to content

Commit aeb89b7

Browse files
cicnavicicnavi
committed
Add SignatureKeyPair factories
1 parent 0dab51d commit aeb89b7

File tree

2 files changed

+83
-0
lines changed

2 files changed

+83
-0
lines changed

src/ValueAbstracts/Factories/SignatureKeyPairBagFactory.php

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,31 @@
1+
<?php
2+
3+
declare(strict_types=1);
4+
5+
namespace SimpleSAML\OpenID\ValueAbstracts\Factories;
6+
7+
use SimpleSAML\OpenID\ValueAbstracts\SignatureKeyPair;
8+
use SimpleSAML\OpenID\ValueAbstracts\SignatureKeyPairBag;
9+
use SimpleSAML\OpenID\ValueAbstracts\SignatureKeyPairConfig;
10+
use SimpleSAML\OpenID\ValueAbstracts\SignatureKeyPairConfigBag;
11+
12+
class SignatureKeyPairBagFactory
13+
{
14+
public function __construct(
15+
protected readonly SignatureKeyPairFactory $signatureKeyPairFactory,
16+
) {
17+
}
18+
19+
20+
public function fromConfig(SignatureKeyPairConfigBag $signatureKeyPairConfigBag): SignatureKeyPairBag
21+
{
22+
return new SignatureKeyPairBag(
23+
...array_map(
24+
fn(
25+
SignatureKeyPairConfig $signatureKeyPairConfig,
26+
): SignatureKeyPair => $this->signatureKeyPairFactory->fromConfig($signatureKeyPairConfig),
27+
$signatureKeyPairConfigBag->getAll(),
28+
),
29+
);
30+
}
31+
}

src/ValueAbstracts/Factories/SignatureKeyPairFactory.php

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
<?php
2+
3+
declare(strict_types=1);
4+
5+
namespace SimpleSAML\OpenID\ValueAbstracts\Factories;
6+
7+
use SimpleSAML\OpenID\Codebooks\ClaimsEnum;
8+
use SimpleSAML\OpenID\Codebooks\HashAlgorithmsEnum;
9+
use SimpleSAML\OpenID\Codebooks\PublicKeyUseEnum;
10+
use SimpleSAML\OpenID\Jwk;
11+
use SimpleSAML\OpenID\ValueAbstracts\KeyPair;
12+
use SimpleSAML\OpenID\ValueAbstracts\SignatureKeyPair;
13+
use SimpleSAML\OpenID\ValueAbstracts\SignatureKeyPairConfig;
14+
15+
class SignatureKeyPairFactory
16+
{
17+
public function __construct(
18+
protected readonly Jwk $jwk = new Jwk(),
19+
) {
20+
}
21+
22+
23+
public function fromConfig(
24+
SignatureKeyPairConfig $signatureKeyPairConfig,
25+
HashAlgorithmsEnum $jwkThumbprintHashAlgo = HashAlgorithmsEnum::SHA_256,
26+
): SignatureKeyPair {
27+
$publicKeyJwkDecorator = $this->jwk->jwkDecoratorFactory()->fromPkcs1Or8Key(
28+
$signatureKeyPairConfig->getKeyPairConfig()->getPublicKeyString(),
29+
additionalData: [
30+
ClaimsEnum::Use->value => PublicKeyUseEnum::Signature->value,
31+
ClaimsEnum::Alg->value => $signatureKeyPairConfig->getSignatureAlgorithm()->value,
32+
],
33+
);
34+
35+
$keyId = $signatureKeyPairConfig->getKeyPairConfig()->getKeyId() ??
36+
$publicKeyJwkDecorator->jwk()->thumbprint($jwkThumbprintHashAlgo->phpName());
37+
38+
$publicKeyJwkDecorator->addAdditionalData(ClaimsEnum::Kid->value, $keyId);
39+
40+
return new SignatureKeyPair(
41+
$signatureKeyPairConfig->getSignatureAlgorithm(),
42+
new KeyPair(
43+
$this->jwk->jwkDecoratorFactory()->fromPkcs1Or8Key(
44+
$signatureKeyPairConfig->getKeyPairConfig()->getPrivateKeyString(),
45+
),
46+
$publicKeyJwkDecorator,
47+
$keyId,
48+
$signatureKeyPairConfig->getKeyPairConfig()->getPrivateKeyPassword(),
49+
),
50+
);
51+
}
52+
}

0 commit comments

Comments
 (0)