JSON Web Token is now in authentication process

git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@5288 bf3deb0d-5f1a-0410-827f-c0cc1f45334c

authparams.php

@@ -11,8 +11,6 @@ class authparams
   public $email = null;
   /** The password of the user when provided */
   public $password = null;
-  /** The JSON Web Token Server key if used */
-  public $jwtServerKey = null;
 
   /** Parse the different authentication processes to found the email/password
     * of the user.
@@ -116,22 +114,19 @@ class authparams
   /** Get the information from a JSON Web Token
     * The token MUST be set in HTTP Header :
     *     Authorization: Bearer <token>
+    * The real verification are done in authjwt, as we can not have the
+    * jwtServerKey defined in property
     */
   public function jwt ()
   // {{{
   {
     if (! isset ($_SERVER["HTTP_AUTHENTICATION"]))
       throw new \Exception ("No Authentication available", 401);
-    if (substr ($_SERVER["HTTP_AUTHENTICATION"], 0, 7) !== "Bearer")
+    if (substr ($_SERVER["HTTP_AUTHENTICATION"], 0, 7) !== "Bearer ")
       throw new \Exception ("No Bearer Authentication available", 401);
     $token = substr ($_SERVER["HTTP_AUTHENTICATION"], 7);
-    require_once ("domframework/jwt.php");
-    $jwt = new jwt ();
-    $payload = decode ($token, $this->jwtServerKey);
-    if (! key_exists ("email", $payload))
-      throw new \Exception ("Invalid JSON Web Token : no email provided", 403);
-    return array ("email"    => $payload["email"],
-                  "password" => "NONE IN JWT");
+    return ["email" => "NOT YET VALID : TOKEN IN JWT",
+            "password" => "NONE IN JWT"];
   }
   // }}}
 }