thamtech / yii2-jws
JWS Token Manager
Fund package maintenance!
Liberapay
Installs: 358
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 2
Forks: 0
Open Issues: 0
Type:yii2-extension
Requires
- php: >=5.6.0
- namshi/jose: ^6.0
- yiisoft/yii2: >=2.0.14 <2.1
This package is auto-updated.
Last update: 2024-12-10 04:26:29 UTC
README
An extension to manage signed JWS tokens
This library interfaces with namshi/jose to generate signed JWS tokens.
For license information check the LICENSE-file.
Installation
The preferred way to install this extensions is through composer.
Either run
php composer.phar require --prefer-dist thamtech/yii2-jws
or add
"thamtech/yii2-jws": "*"
to the require
section of your composer.json
file.
Integration
-
Generate a kepair using OpenSSL and store the keys in public.pem and private.pem.
-
Add the JwsManager application component in your site configuration:
return [ 'components' => [ 'jwsManager' => [ 'class' => 'thamtech\jws\components\JwsManager', 'pubkey' => '@app/config/keys/jws/public.pem', 'pvtkey' => '@app/config/keys/jws/private.pem', // The settings below are optional. Defaults will be used if not set here. //'encoder' => 'Namshi\JOSE\Base64\Base64UrlSafeEncoder', //'exp' => '1 hour', //'alg' => 'RS256', //'jwsClass' => 'Namshi\JOSE\SimpleJWS', ], ] ]
Usage
Generate a new token:
$payload = [ "user_id": 23, "foo": "bar", ]; $tokenString = Yii::$app->jwsManager->newToken($payload);
Verify that this string is a token that we signed:
$token = Yii::$app->jwsManager->load($tokenString); $result = Yii::$app->jwsManager->verify($token);
Verify that this string is a token that we signed AND (if it is an instance
of \Namshi\JOSE\SimpleJWS
wih an expiration) that it is not expired:
$token = Yii::$app->jwsManager->load($tokenString); $result = Yii::$app->jwsManager->isValid($token);
See Also
-
cranetm/yii2-json-rpc-2.0 - Yii 2 extension that helps turn your Controllers into JSON RPC 2.0 APIs.
-
namshi/jose - PHP implementation of the JWS (JSON Web Signature) specification.
-
JSON Web Token (JWT) - JWT specifications
-
JSON Web Signature (JWS) - JWS specifications