Closed bwaidelich closed 3 years ago
FYI: I created this PR against the 2
branch in case you want to release bugfix versions. It probably has to be upmerged to master
for a new 3.x release
Still, if $keyIdentifier is not null but the array key 'kid' does not exist in $key, PHP might fail with an "invalid array offset" error, or?
@robertlemke doh, you're right of course.. Sorry for that, now it should be fine!?
Doh, I think I rebased to master
and this was originally a bugfix against branch 2
:-/
OK, fixed it..
In
IdentityToken::hasValidSignature()
the methodgetMatchingKeyForJws()
can be invoked with a$keyIdentifier
parameter ofnull
. But the signature and implementation didn't support that case.