kalibora / google-cloud-iap-jwt-validator
Google Cloud Identity-Aware Proxy JWT (Json Web Token) Validator
Installs: 1 969
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 2
Forks: 0
Open Issues: 0
Requires
- php: ^7.1
- php-http/client-implementation: ^1.0
- php-http/httplug: ^1.0
- php-http/message-factory: ^1.0
- psr/http-message: ^1.0
- web-token/jwt-checker: ^1.2
- web-token/jwt-core: ^1.2
- web-token/jwt-key-mgmt: ^1.2
- web-token/jwt-signature: ^1.2
Requires (Dev)
- friendsofphp/php-cs-fixer: ^2.13
- guzzlehttp/psr7: ^1.0
- php-http/message: ^1.0
- php-http/mock-client: ^1.0
- phpstan/phpstan: ^0.10
- phpunit/phpunit: ^7.3
This package is auto-updated.
Last update: 2024-10-29 05:28:30 UTC
README
See: https://cloud.google.com/iap/docs/signed-headers-howto
Installation
Example using curl client.
$ composer require kalibora/google-cloud-iap-jwt-validator php-http/curl-client guzzlehttp/psr7 php-http/message
You can also select other clients listed below link.
http://docs.php-http.org/en/latest/clients.html
Usage
<?php require __DIR__ . '/vendor/autoload.php'; use Kalibora\GoogleCloud\IdentityAwareProxy\TokenValidator\{TokenValidator, InvalidTokenException}; use Http\Client\Curl\Client; use Http\Message\MessageFactory\GuzzleMessageFactory; $audience = '/projects/{YOUR_PROJECT_NUMBER}/apps/{YOUR_PROJECT_ID}; $tokenValidator = new TokenValidator(new Client(), new GuzzleMessageFactory(), $audience); $jwt = 'FOO.BAR.BAZ'; // HTTP request header `x-goog-iap-jwt-assertion` try { $claims = $tokenValidator->validate($jwt); } catch (InvalidTokenException $e) { // Invalid or expired token die($e->getMessage() . PHP_EOL); } echo $claims['sub'], PHP_EOL; echo $claims['email'], PHP_EOL;