public function decode($str)
{
$parts = explode('.', strtr($str, '-_', '+/'));
if (count($parts) !== 3) {
throw new MwtException('`:token` is not contain 3 parts', ['token' => $str]);
}
$type = $parts[0];
$payload = $parts[1];
/** @noinspection MultiAssignmentUsageInspection */
$hash = $parts[2];
$success = false;
foreach ($this->_keys as $key) {
if (rtrim(base64_encode(md5($type . $payload . $key, true)), '=') === $hash) {
$success = true;
break;
}
}
if (!$success) {
throw new MwtException('hash is not corrected: :hash', ['hash' => $hash]);
}
/** @noinspection TypeUnsafeComparisonInspection */
if ($type != $this->_type) {
throw new MwtException('type is not correct: :type', ['type' => $type]);
}
$data = json_decode(base64_decode($payload), true);
if (!is_array($data)) {
throw new MwtException('payload is not array.');
}
if (!isset($data['EXP']) || time() > $data['EXP']) {
throw new MwtException('token is expired.', Exception::CODE_EXPIRE);
}
foreach ($this->_fields as $k => $v) {
$this->{is_int($k) ? $v : $k} = $data[$v];
}
return $this;
}