/**
* This method takes the required VAPID parameters and returns the required
* header to be added to a Web Push Protocol Request.
*
* @param string $audience This must be the origin of the push service
* @param string $subject This should be a URL or a 'mailto:' email address
* @param string $publicKey The decoded VAPID public key
* @param string $privateKey The decoded VAPID private key
* @param int $expiration The expiration of the VAPID JWT. (UNIX timestamp)
*
* @return array Returns an array with the 'Authorization' and 'Crypto-Key' values to be used as headers
*/
public static function getVapidHeaders($audience, $subject, $publicKey, $privateKey, $expiration = null)
{
$expirationLimit = time() + 43200;
// equal margin of error between 0 and 24h
if (!isset($expiration) || $expiration > $expirationLimit) {
$expiration = $expirationLimit;
}
$header = array('typ' => 'JWT', 'alg' => 'ES256');
$jwtPayload = json_encode(array('aud' => $audience, 'exp' => $expiration, 'sub' => $subject), JSON_UNESCAPED_SLASHES | JSON_NUMERIC_CHECK);
$generator = EccFactory::getNistCurves()->generator256();
$privateKeyObject = $generator->getPrivateKeyFrom(gmp_init(bin2hex($privateKey), 16));
$pemSerialize = new PemPrivateKeySerializer(new DerPrivateKeySerializer());
$pem = $pemSerialize->serialize($privateKeyObject);
$jwk = JWKFactory::createFromKey($pem, null);
$jws = JWSFactory::createJWSToCompactJSON($jwtPayload, $jwk, $header);
return array('Authorization' => 'WebPush ' . $jws, 'Crypto-Key' => 'p256ecdsa=' . Base64Url::encode($publicKey));
}