public function load($assertion, Object\JWKSetInterface $encryption_key_set = null, $is_encryption_required = false)
{
Assertion::string($assertion);
Assertion::boolean($is_encryption_required);
$jwt = $this->loader->load($assertion);
if ($jwt instanceof Object\JWEInterface) {
Assertion::notNull($encryption_key_set, 'Encryption key set is not available.');
Assertion::true($this->isDecryptionSupportEnabled(), 'Encryption support is not enabled.');
Assertion::inArray($jwt->getSharedProtectedHeader('alg'), $this->getSupportedKeyEncryptionAlgorithms(), sprintf('The key encryption algorithm "%s" is not allowed.', $jwt->getSharedProtectedHeader('alg')));
Assertion::inArray($jwt->getSharedProtectedHeader('enc'), $this->getSupportedContentEncryptionAlgorithms(), sprintf('The content encryption algorithm "%s" is not allowed or not supported.', $jwt->getSharedProtectedHeader('enc')));
$jwt = $this->decryptAssertion($jwt, $encryption_key_set);
} elseif (true === $is_encryption_required) {
throw new \InvalidArgumentException('The assertion must be encrypted.');
}
return $jwt;
}