protected function getJsonWebTokensUserInfo()

in modules/quanthub_core/src/Plugin/OpenidConnectRealm/QuantHubOpenidConnectRealm.php [154:199]

• 30 lines of code
• 5 McCabe index (conditional complexity)

  protected function getJsonWebTokensUserInfo($response, $claim_data = TRUE) {
    // Ensure we have all the data we need to continue.
    if (!isset($response['token'], $response['expiresOn'], $response['tokenId'])) {
      throw new \RuntimeException('Some data is missing in the token response');
    }

    // Create the tokens object.
    $expires = strtotime($response['expiresOn']);
    $id_token = new Token($response['tokenId'], strtotime('+1 day', $expires));
    $access_token = new Token($response['token'], $expires);

    $tokens = new JsonWebTokens('user_info_token', $id_token, $access_token);

    if (isset($response['tokenId'], $response['expiresOn'])) {
      $tokens->setRefreshToken($id_token);
    }

    if ($claim_data) {
      // Parse the ID token.
      $jwt = new JWT($response['token']);

      // Get the key.
      $kid = $jwt->header()->keyID()->value();
      $key = JWK::fromArray($this->getJwk($kid));

      // Create the validation context.
      $context = ValidationContext::fromJWK($key)
        ->withIssuer($this->getIssuer())
        ->withAudience($this->configuration[self::AUDIENCE_TOKEN_KEY]);

      // Validate and get the claims.
      $claims = $jwt->claims($context);

      foreach ($claims->all() as $claim) {
        $tokens->setClaim($claim->name(), $claim->value());
      }

      $tokens->setIdClaim($this->configuration['id_claim'])
        ->setUsernameClaim($this->configuration['username_claim'])
        ->setEmailClaim($this->configuration['email_claim'])
        ->setGivenNameClaim($this->configuration['given_name_claim'])
        ->setFamilyNameClaim($this->configuration['family_name_claim']);
    }

    return $tokens;
  }