I have a TokenParser class that looks like this:
https://github.com/cgauge/laravel-cognito-provider/blob/master/src/TokenParser.php
My app runs perfectly with L8 (php 7.4) but after upgrading to L9 LTS (php 8.2), the loadAndVerifyWithKeySet() function executes for around 19 seconds. After some digging there’s a signature algorithm verification function that’s causing the slowness:
// file: jwt-signature-algorithm-rsa/RSAPKCS1.php
public function verify(JWK $key, string $input, string $signature): bool
{
$this->checkKey($key);
$pub = RSAKey::createFromJWK($key->toPublic()); // Causes slowness
return openssl_verify($input, $signature, $pub->toPEM(), $this->getAlgorithm()) === 1;
}
Can someone help me fix this? What could be causing the slowness in parsing the token?