<?php
declare (strict_types=1);

namespace app\index\controller;

use Lcobucci\Clock\FrozenClock;
use Lcobucci\JWT\Configuration;
use Lcobucci\JWT\Signer\Hmac\Sha256;
use Lcobucci\JWT\Signer\Key\InMemory;
use Lcobucci\JWT\UnencryptedToken;
use Lcobucci\JWT\Validation\Constraint;

class Jwt
{
    private $config;

    public function __construct()
    {
//        $key = InMemory::plainText('my-key');
//        $key = InMemory::base64Encoded('bXkgdGVzdCB0b2tlbnMK');
        $key = 'bXkgdGVzdCB0b2tlbnMK';
        $this->config = Configuration::forSymmetricSigner(
            new Sha256(),
            InMemory::plainText($key)
        );

    }

    public function createToken()
    {


//        halt($key,$configuration);
//        echo($config instanceof Configuration);
        $now = new \DateTimeImmutable();
        $token = $this->config->builder()
            // jwt签发者
            ->issuedBy('http://example.com')
            // Configures the audience (aud claim)
            ->permittedFor('http://example.org')
            // jwt的唯一身份标识，主要用来作为一次性token,从而回避重放攻击。
            ->identifiedBy('4f1g23a12aa')
            // jwt的签发时间
            ->issuedAt($now)
            // Configures the time that the token can be used (nbf claim)
            ->canOnlyBeUsedAfter($now->modify('+1 minute'))
            // Configures the expiration time of the token (exp claim)
            ->expiresAt($now->modify('+1 minute'))
            // Configures a new claim, called "uid"
            ->withClaim('uid', 10)
            // Configures a new header, called "foo"
            ->withHeader('foo', 'bar')
            // Builds a new token
            ->getToken($this->config->signer(), $this->config->signingKey());

//        halt($token->claims()->get('uid'));
        halt($token->toString());
    }

    public function parseToken()
    {
        $_token = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJhaGJtei5jb20iLCJhdWQiOiJiYXNlLmFoYm16LmNvbSIsImp0aSI6Imx3RWluZ2U0RXk4RXhqeHBVODNrbEtsZmVpYW84TCIsImlhdCI6IjE2MTUyNjkxNDIuOTQ2NDc3IiwibmJmIjoiMTYxNTI2OTE0Mi45NDY0NzciLCJleHAiOiIxNjE1MzQxMTQyLjk0NjQ3NyIsInVzZXJfaWQiOjEsInNpdGVfaWQiOjF9.9bGtgvWH0iredbmuJrfhA2hY0aatEnpX3g-jKY9bLXs';
        $token = $this->config->parser()->parse($_token);
        halt($token->headers(), $token->claims());
    }

    public function checkToken()
    {
        $config = $this->config;
        $_token = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImZvbyI6ImJhciJ9.eyJpc3MiOiJodHRwOi8vZXhhbXBsZS5jb20iLCJhdWQiOiJodHRwOi8vZXhhbXBsZS5vcmciLCJqdGkiOiI0ZjFnMjNhMTJhYSIsImlhdCI6IjE2MTQxNzc0NjkuNDM3NDMwIiwibmJmIjoiMTYxNDE3NzUyOS40Mzc0MzAiLCJleHAiOiIxNjE0MTc3NTI5LjQzNzQzMCIsInVpZCI6MTB9.oC37eJvIsGGNu7X6J7axbH7-Rzs-MJQsI5gvqmpDn-Q';
        $token = $config->parser()->parse($_token);
//        halt($config->parser()->parse($_token));
        $constraint = new Constraint\SignedWith($this->config->signer(), $this->config->verificationKey());
        $config->setValidationConstraints($constraint);
        $constraints = $config->validationConstraints();
        if (!$config->validator()->validate($token, ...$constraints)) {
            exit('no way!');
        }else{
            $now = new \DateTimeImmutable();
//            $clock = new FrozenClock($now);
//            $a = new Constraint\LooseValidAt($clock,new \DateInterval('P2W'));
//            halt($a,$token->isExpired($now));
            halt($token);
            halt($token->isMinimumTimeBefore($now),$token->isPermittedFor('http://example.org'),$token->isExpired($now),$token->hasBeenIssuedBy('http://example.com'));
            exit('验证通过');
        }
    }

}