thamtech/yii2-jws

JWS Token Manager

Fund package maintenance!
Liberapay

Installs: 358

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 2

Forks: 0

Open Issues: 0

Type:yii2-extension

v1.1 2018-04-13 16:50 UTC

This package is auto-updated.

Last update: 2024-12-10 04:26:29 UTC


README

An extension to manage signed JWS tokens

This library interfaces with namshi/jose to generate signed JWS tokens.

For license information check the LICENSE-file.

Installation

The preferred way to install this extensions is through composer.

Either run

php composer.phar require --prefer-dist thamtech/yii2-jws

or add

"thamtech/yii2-jws": "*"

to the require section of your composer.json file.

Integration

  1. Generate a kepair using OpenSSL and store the keys in public.pem and private.pem.

  2. Add the JwsManager application component in your site configuration:

    return [
      'components' => [
        'jwsManager' => [
          'class' => 'thamtech\jws\components\JwsManager',
          'pubkey' => '@app/config/keys/jws/public.pem',
          'pvtkey' => '@app/config/keys/jws/private.pem',
          
          // The settings below are optional. Defaults will be used if not set here.
          //'encoder' => 'Namshi\JOSE\Base64\Base64UrlSafeEncoder',
          //'exp' => '1 hour',
          //'alg' => 'RS256',
          //'jwsClass' => 'Namshi\JOSE\SimpleJWS',
        ],
      ]
    ]

Usage

Generate a new token:

$payload = [
  "user_id": 23,
  "foo": "bar",
];
$tokenString = Yii::$app->jwsManager->newToken($payload);

Verify that this string is a token that we signed:

$token = Yii::$app->jwsManager->load($tokenString);
$result = Yii::$app->jwsManager->verify($token);

Verify that this string is a token that we signed AND (if it is an instance of \Namshi\JOSE\SimpleJWS wih an expiration) that it is not expired:

$token = Yii::$app->jwsManager->load($tokenString);
$result = Yii::$app->jwsManager->isValid($token);

See Also