Wallogit.com
2017 © Pedro Peláez
PHP7 library for JSON Web Tokens (JWT).
PHP7 library for JSON Web Tokens (JWT)., (*1)
[Standard]https://en.wikipedia.org/wiki/JSON_Web_Token#Standard_fields, (*2)
composer require artisangang/jwt
Requires PHP 7., (*3)
<?php
// create token
$token = Token::make([
'key' => 'secret',
'issuer' => 'artisangang',
'expiry' => strtotime('+1 hour'),
'issuedAt' => time(),
'algorithm' => 'HS256'
])->get();
try {
Token::validate($token, 'secret');
} catch (\Exception $e) {
//InvalidArgumentException|UnexpectedValueException
//InvalidSignatureException|BeforeValidException|TokenExpiredException
}
/**
* or
* Token::check($token, 'secret')
* this will return true or false only
*/
// decode token
// (new Token)->decode('token', 'key')
// token string to token object
// Token::break('token', 'key')
// jwt claims maping with Token Class
/**
* [
* 'iss' => 'issuer',
* 'sub' => 'subject',
* 'aud' => 'audience',
* 'exp' => 'expiry',
* 'nbf' => 'notBefore',
* 'iat' => 'issuedAt',
* 'jti' => 'identify',
* 'typ' => 'type',
* 'alg' => 'algorithm'
*]
*/
Using methods, (*4)
$token = new Token; $token->setKey('secret); $token->setIssuer('who issued this token'); $token->setSubject('subject of token'); $token->setAudience('recipients'); // of in case of multiple audience //$token->setAudience('recipient1', 'recipient2', 'recipient3'); // this will work with unix timestamp $token->setExpiry(time() + 60); // this token cannot be used before $token->setNotBefore(time() + 10); // token issued at unix time stamp // Note: token cannot be used before issued at time $token->setIssuedAt(time()); $token->setIdentity('this must be unique'); $token->setType('jwt'); // suported algorithm: HS256,HS512,HS384 // for oppen ssl : RS256,RS384,RS512 $token->setAlgorithm('HS256'); // add custom claims to token $token->setClaim('user_id', 1); $token->setClaim('email', 'user@example.com'); // generate token based on claims $tokenString = $token->get();
Validating a token, (*5)
// use one from below methods try { // this will return array of claims $token = Token::validate('token string', 'your key'); // you may validate custom claims here } catch(\Exception $e) { //InvalidArgumentException -> some required argument is missing //UnexpectedValueException -> argument or segment value is malformed //InvalidSignatureException -> token signature not matched , Token is invalid //BeforeValidException -> token is used before issued at or not before time //TokenExpiredException -> token is expired } // or by using check, this will return bool if (!Token::check('token string', 'your key')) { // token is not valid }
For more information explorer JWT\Token.php., (*6)
Use openssl_pkcs12_read,openssl_get_privatekey to read key., (*7)
PHP7 library for JSON Web Tokens (JWT).
MIT
api json jwt token
PHP7 library for JSON Web Tokens (JWT).
MIT
api json jwt token
PHP7 library for JSON Web Tokens (JWT).
MIT
api json jwt token