gamegos/jwt

Json Web Token (JWT) PHP implementation

0.1.1 2015-04-09 09:39 UTC

This package is not auto-updated.

Last update: 2024-11-05 08:27:14 UTC


README

JSON Web Token (JWT) implementation based on draft-ietf-oauth-json-web-token-25.

Installation

The recommended way to install gamegos/jws is through Composer.

{
    "require": {
        "gamegos/jwt": "~0.1"
    }
}

Basic Usage

Encoding

$key = 'some-secret-for-hmac';
$alg = 'HS256';

$token = new \Gamegos\JWT\Token();
$token->setClaim('sub', 'someone@example.com'); // alternatively you can use $token->setSubject('someone@example.com') method
$token->setClaim('exp', time() + 60*5);

$encoder = new \Gamegos\JWT\Encoder();
$encoder->encode($token, $key, $alg);

printf("JWT TOKEN: %s\n", $token->getJWT()); //eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJzb21lb25lQGV4YW1wbGUuY29tIiwiZXhwIjoxNDA4NDUzNzkwfQ.2Fk5-UUMhOAcQH812LL0sdaf29zuf293nLhHp_VKBDg

Validation

$jwtString = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJzb21lb25lQGV4YW1wbGUuY29tIiwiZXhwIjoxNDA4NDUyMzcxfQ.Fy1DLdfZBiR_khyTsghItDW3_1rM7osz_IxjiaiRto0';

$key = 'some-secret-for-hmac';


try {
    $validator = new \Gamegos\JWT\Validator();
    $token = $validator->validate($jwtString, $key);

    print_r($token->getClaims());
    print_r($token->getHeaders());
} catch (\Gamegos\JWT\Exception\JWTException $e) {
    printf("Invalid Token:\n  %s\n", $e->getMessage());
    //$e->getToken();
}

See examples folder for sample code.

Supported Signature Algorithms

This package uses gamegos/jws for signing tokens. Currently supported signature and mac algorithms:

  • HS256, HS384, HS512 (HMAC using SHA-XXX)
  • RS256, RS384, RS512 (RSASSA-PKCS-v1_5 using SHA-XXX)

Details can be found here.