oauth2/provider/jwk.php

   1 <?php
   2
   3 use OpenEMR\Common\Session\SessionUtil;
   4
   5 if ($oauthjwk !== true) {
   6     $message = xlt("Error. Not authorized");
   7     SessionUtil::oauthSessionCookieDestroy();
   8     echo $message;
   9     exit();
  10 }
  11
  12 $public = file_get_contents($gbl::$publicKey);
  13 $keyPublic = openssl_pkey_get_details(openssl_pkey_get_public($public));
  14 $key_info = [
  15     'kty' => 'RSA',
  16     'n' => base64url_encode($keyPublic['rsa']['n']),
  17     'e' => base64url_encode($keyPublic['rsa']['e']),
  18 ];
  19 $key_info['use'] = 'sig';
  20
  21 $jsonData = ['keys' => [$key_info]];
  22
  23 SessionUtil::oauthSessionCookieDestroy();
  24
  25 try {
  26     header('Content-type: application/json');
  27     echo json_encode($jsonData, JSON_THROW_ON_ERROR | JSON_PRETTY_PRINT) . PHP_EOL;
  28     exit;
  29 } catch (Exception $e) {
  30     http_response_code(400);
  31     exit;
  32 }
  33
  34 function base64url_encode($input)
  35 {
  36     return rtrim(strtr(base64_encode($input), '+/', '-_'), '=');
  37 }