$jwsVerifier =
new JWSVerifier(new AlgorithmManager([$this->signatureAlgorithm
]));
$serializerManager =
new JWSSerializerManager([new CompactSerializer()]);
$jws =
$serializerManager->
unserialize($accessToken);
$claims =
json_decode($jws->
getPayload(), true
);
// Verify the signature
if (!
$jwsVerifier->
verifyWithKey($jws,
$this->jwk, 0
)) { throw new InvalidSignatureException();
} // Verify the headers
$headerCheckerManager =
new Checker\
HeaderCheckerManager([ new Checker\
AlgorithmChecker([$this->signatureAlgorithm->
name()]),
],
[ new JWSTokenSupport(),
]);
// if this check fails, an InvalidHeaderException is thrown
$headerCheckerManager->
check($jws, 0
);
// Verify the claims
$checkers =
[ new Checker\
IssuedAtChecker(0, false,
$this->clock
),
new Checker\
NotBeforeChecker(0, false,
$this->clock
),