klsoft/yii2-jwt-auth

The package provides a Yii 2 authentication method based on a JWT token.

Maintainers

Details

github.com/klsoft-web/yii2-jwt-auth

Homepage

Source

Issues

Installs: 0

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 0

Forks: 0

Open Issues: 0

pkg:composer/klsoft/yii2-jwt-auth

1.0.0 2026-01-11 13:34 UTC

Requires

MIT c80152294d4106e2f15d98861bba72833ed50be8

yii2 jwt auth

This package is auto-updated.

Last update: 2026-01-11 13:36:28 UTC

README

The package provides a Yii 2 authentication method based on a JWT token.

See also:

  • YII2-KEYCLOAK-AUTHZ - The package provides Keycloak authorization for the web service APIs of Yii 2
  • PHP-KEYCLOAK-CLIENT - A PHP library that can be used to secure web applications with Keycloak

Requirement

  • PHP 8.0 or higher.

Installation

composer require klsoft/yii2-jwt-auth

How to use

The package requires the implementation of the findIdentityByAccessToken method of Yii\Web\IdentityInterface.

1. Implement Klsoft\Yii2JwtAuth\JwksRepositoryInterface

Example:

namespace MyNamespace;

use Yii;
use Klsoft\Yii2JwtAuth\JwksRepositoryInterface;

class JwksRepository implements JwksRepositoryInterface
{
    private const JWKS = 'jwks';

    public function __construct(
        private string $jwksUrl,
        private int    $jwksCacheDuration)
    {
    }

    function getKeys(): ?array
    {
        $keys = Yii::$app->cache->getOrSet(JwksRepository::JWKS, function () {
            $options = [
                'http' => [
                    'method' => 'GET'
                ],
            ];
            $responseData = file_get_contents($this->jwksUrl, false, stream_context_create($options));
            if (!empty($responseData)) {
                return json_decode($responseData, true);
            }
            return [];
        }, $this->jwksCacheDuration);

        if (empty($keys)) {
            Yii::$app->cache->delete(JwksRepository::JWKS);
            return null;
        } else {
            return $keys;
        }
    }
}

2. Add the JWKS URL to param.php

Example:

return [
    'jwksUrl' => 'http://localhost:8080/realms/myrealm/protocol/openid-connect/certs',
    'jwksCacheDuration' => 60 * 3
];

3. Register dependencies

Example of registering dependencies using the application configuration:

'container' => [
        'definitions' => [
            'Klsoft\Yii2JwtAuth\HttpJwtAuth' => [
                'Klsoft\Yii2JwtAuth\HttpJwtAuth',
                [Instance::of('Klsoft\Yii2JwtAuth\JwksRepositoryInterface')]
            ],
        ],
        'singletons' => [
            'Klsoft\Yii2JwtAuth\JwksRepositoryInterface' => [
                'MyNamespace\JwksRepository',
                [
                    $params['jwksUrl'],
                    $params['jwksCacheDuration']
                ]
            ]
        ]
    ]

4. Configure the authenticator behavior

Example:

use yii\rest\Controller;
use Klsoft\Yii2JwtAuth\HttpJwtAuth;

class MyController extends Controller
{
    public function __construct(private HttpJwtAuth $httpJwtAuth)
    {
    }

    public function behaviors()
    {
        $behaviors = parent::behaviors();
        $behaviors['authentication'] = $this->httpJwtAuth;
        return $behaviors;
    }
}