2017 © Pedro Peláez
 

library jose-jwt

Javascript Object Signing and Encryption JOSE PHP library, supporting JSON Web Tokens JWT and JSON Web Encryption JWE

image

tmilos/jose-jwt

Javascript Object Signing and Encryption JOSE PHP library, supporting JSON Web Tokens JWT and JSON Web Encryption JWE

  • Thursday, January 26, 2017
  • by tmilos
  • Repository
  • 1 Watchers
  • 3 Stars
  • 1,269 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 0 Forks
  • 1 Open issues
  • 4 Versions
  • 22 % Grown

The README.md

jose-jwt

Javascript Object Signing and Encryption JOSE PHP library, supporting JSON Web Tokens JWT and JSON Web Encryption JWE., (*1)

Author License Build Status Coverage Status HHVM Status Scrutinizer Code Quality, (*2)

JWT algorithms

Supported signing algorithms, (*3)

JWS Algorithm
none
HS256
HS384
HS512
RS256
RS384
RS512

JWE algorithms and encryptions

Supported JWE algorithms, (*4)

JWE Algorithm
RSA1_5
RSA-OAEP
A128KW
A192KW
A256KW
dir

Supported JWE encryption, (*5)

JWE Encryption
A128CBC-HS256
A192CBC-HS384
A256CBC-HS512

JWT API

$factory = new \Tmilos\JoseJwt\Context\DefaultContextFactory();
$context = $factory->get();

$payload = ['msg' => 'Hello!'];
$extraHeader = ['iam'=>'my-id'];

// plain (no signature) token
$token = \Tmilos\JoseJwt\Jwt::encode($context, $payload, null, \Tmilos\JoseJwt\Jws\JwsAlgorithm::NONE, $extraHeader);

// HS256 signature
$secret = '...'; // 256 bits secret
$token = \Tmilos\JoseJwt\Jwt::encode($context, $payload, $secret, \Tmilos\JoseJwt\Jws\JwsAlgorithm::HS256, $extraHeader);

// HS384 signature
$secret = '...'; // 256 bits secret
$token = \Tmilos\JoseJwt\Jwt::encode($context, $payload, $secret, \Tmilos\JoseJwt\Jws\JwsAlgorithm::HS384, $extraHeader);

// HS512 signature
$secret = '...'; // 256 bits secret
$token = \Tmilos\JoseJwt\Jwt::encode($context, $payload, $secret, \Tmilos\JoseJwt\Jws\JwsAlgorithm::HS512, $extraHeader);

// RS256
$privateKey = openssl_get_privatekey($filename);
$token = \Tmilos\JoseJwt\Jwt::encode($context, $payload, $secret, \Tmilos\JoseJwt\Jws\JwsAlgorithm::RS256, $extraHeader);

// RS384
$privateKey = openssl_get_privatekey($filename);
$token = \Tmilos\JoseJwt\Jwt::encode($context, $payload, $secret, \Tmilos\JoseJwt\Jws\JwsAlgorithm::RS384, $extraHeader);

// RS512
$privateKey = openssl_get_privatekey($filename);
$token = \Tmilos\JoseJwt\Jwt::encode($context, $payload, $secret, \Tmilos\JoseJwt\Jws\JwsAlgorithm::RS512, $extraHeader);

// decode
$header = \Tmilos\JoseJwt\Jwt::header($token);
// eventually also use other header data to indicate which key should be used
switch($header['alg']) {
    case \Tmilos\JoseJwt\Jws\JwsAlgorithm::NONE:
        $key = null;
        break;
    case \Tmilos\JoseJwt\Jws\JwsAlgorithm::HS256:
    case \Tmilos\JoseJwt\Jws\JwsAlgorithm::HS384:
    case \Tmilos\JoseJwt\Jws\JwsAlgorithm::HS512:
        $key = $secret;
        break;
    case \Tmilos\JoseJwt\Jws\JwsAlgorithm::RS256:
    case \Tmilos\JoseJwt\Jws\JwsAlgorithm::RS384:
    case \Tmilos\JoseJwt\Jws\JwsAlgorithm::RS512:
        $key = $publicKey;
        break;
}
$payload = \Tmilos\JoseJwt\JWT::decode($context, $token, $key);

JWE API

$factory = new \Tmilos\JoseJwt\Context\DefaultContextFactory();
$context = $factory->get();

// Symmetric
$payload = ['msg' => 'Hello!'];
$extraHeader = ['iam'=>'my-id'];

// DIR - A128CBC-HS256
$secret = '...'; // 256 bits secret
$token = \Tmilos\JoseJwt\Jwe::encode($context, $payload, $secret, \Tmilos\JoseJwt\Jwe\JweAlgorithm::DIR, \Tmilos\JoseJwt\Jwe\JweEncryption::A128CBC_HS256, $extraHeaders);

// DIR - A192CBC-HS384
$secret = '...'; // 384 bits secret
$token = \Tmilos\JoseJwt\Jwe::encode($context, $payload, $secret, \Tmilos\JoseJwt\Jwe\JweAlgorithm::DIR, \Tmilos\JoseJwt\Jwe\JweEncryption::A192CBC_HS384, $extraHeaders);

// DIR - A256CBC-HS512
$secret = '...'; // 512 bits secret
$token = \Tmilos\JoseJwt\Jwe::encode($context, $payload, $secret, \Tmilos\JoseJwt\Jwe\JweAlgorithm::DIR, \Tmilos\JoseJwt\Jwe\JweEncryption::A256CBC_HS512, $extraHeaders);

// decode
$payload = \Tmilos\JoseJwt\Jwe::decode($context, $token, $secret);

// RSA
$myPrivateKey = openssl_get_privatekey();
$partyPublicKey = openssl_get_publickey();

// RSA_OAEP - A128CBC-HS256
$token = \Tmilos\JoseJwt\Jwe::encode($context, $payload, $partyPublicKey, \Tmilos\JoseJwt\Jwe\JweAlgorithm::RSA_OAEP, \Tmilos\JoseJwt\Jwe\JweEncryption::A128CBC_HS256, $extraHeaders);

// RSA_OAEP - A256CBC-HS512
$token = \Tmilos\JoseJwt\Jwe::encode($context, $payload, $partyPublicKey, \Tmilos\JoseJwt\Jwe\JweAlgorithm::RSA_OAEP, \Tmilos\JoseJwt\Jwe\JweEncryption::A256CBC_HS512, $extraHeaders);

// decode
$payload = \Tmilos\JoseJwt\Jwe::decode($context, $token, $myPrivateKey);

// read header w/out decryption
$header = \Tmilos\Tmilos\JoseJwt\Jwe::decode($token); // {"alg": "A192KW", "enc": "A128CBC-HS256", "typ": "JWT", "custom": "X"}

The Versions

26/01 2017

dev-master

9999999-dev https://github.com/tmilos/jose-jwt

Javascript Object Signing and Encryption JOSE PHP library, supporting JSON Web Tokens JWT and JSON Web Encryption JWE

  Sources   Download

MIT

The Requires

  • ext-openssl *
  • php >=5.5

 

The Development Requires

jwt jws json web tokens jwe jose jwa json web encryption javascript object signing and encryption

26/01 2017

2.0.0

2.0.0.0 https://github.com/tmilos/jose-jwt

Javascript Object Signing and Encryption JOSE PHP library, supporting JSON Web Tokens JWT and JSON Web Encryption JWE

  Sources   Download

MIT

The Requires

  • php >=5.5
  • ext-openssl *

 

The Development Requires

jwt jws json web tokens jwe jose jwa json web encryption javascript object signing and encryption

24/01 2016

1.0.1

1.0.1.0

Javascript Object Signing and Encryption JOSE PHP library, supporting JSON Web Tokens JWT and JSON Web Encryption JWE

  Sources   Download

MIT

The Requires

  • php >=5.4
  • ext-openssl *

 

The Development Requires

jwt jws json web tokens jwe jose jwa json web encryption javascript object signing and encryption

22/01 2016

1.0.0

1.0.0.0

Javascript Object Signing and Encryption JOSE PHP library, supporting JSON Web Tokens JWT and JSON Web Encryption JWE

  Sources   Download

MIT

The Requires

  • php >=5.4
  • ext-openssl *

 

The Development Requires

jwt jws json web tokens jwe jose jwa json web encryption javascript object signing and encryption