Automattic\WooCommerce\StoreApi\Utilities
JsonWebToken::shallow_validate
Shallow validate a token, it does not check the signature or expiration, but it checks the structure and expiry.
Method of the class: JsonWebToken{}
No Hooks.
Returns
true|false.
Usage
$result = JsonWebToken::shallow_validate( $token );
- $token(string) (required)
- Full token string.
JsonWebToken::shallow_validate() JsonWebToken::shallow validate code WC 10.7.0
public static function shallow_validate( string $token ) {
if ( ! $token ) {
return false;
}
/**
* Confirm the structure of a JSON Web Token, it has three parts separated
* by dots and complies with Base64URL standards.
*/
if ( preg_match( '/^[a-zA-Z\d\-_=]+\.[a-zA-Z\d\-_=]+\.[a-zA-Z\d\-_=]+$/', $token ) !== 1 ) {
return false;
}
$parts = self::get_parts( $token );
/**
* Check if header declares a supported JWT by this class.
*/
if (
! is_object( $parts->header ) ||
! property_exists( $parts->header, 'typ' ) ||
! property_exists( $parts->header, 'alg' ) ||
self::$type !== $parts->header->typ ||
self::$algorithm !== $parts->header->alg
) {
return false;
}
/**
* Check if token is expired.
*/
if ( ! property_exists( $parts->payload, 'exp' ) || time() > (int) $parts->payload->exp ) {
return false;
}
return true;
}