token/jwk

A simple library to work with JSON Web Key.

Maintainers

Details

github.com/dependencies-packagist/jwk

Homepage

Source

Issues

Installs: 9 795

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

pkg:composer/token/jwk

v1.0.1 2025-05-22 16:14 UTC

Requires

MIT 58e55bf5fa233f1d1e4898c47711196e48936839

  • jundayw <jundayw.woop@126.com>

jwtJSON Web TokenJSON Web SignatureJWSJWKjson web key

This package is auto-updated.

Last update: 2025-10-28 15:33:31 UTC

README

A simple library to work with JSON Web Key based on the RFC 7517.

GitHub Tag Total Downloads Packagist Version Packagist PHP Version Support Packagist License

Installation

You can install the package via Composer:

composer require token/jwk

Usage

Create a key

use Token\JWK\Key;

$key = new Key();
$key->setKeyId('key-1');
$key->setKeyType('RSA');
$key->setPublicKeyUse('sig');
$key->push([
    "n" => "z24W4Hs...",
    "e" => "AQAB",
]);
$key->put('other', 'other-value');

echo $key->jsonSerialize();

Output:

{
    "kid": "key-1",
    "use": "sig",
    "kty": "RSA",
    "n": "z24W4Hs...",
    "e": "AQAB",
    "other": "other-value"
}

Create a KeySet from a publicKey

use Token\JWK\KeyFactory;
use Token\JWK\KeySet;

$publicKey = file_get_contents('public.pem');
$key       = KeyFactory::createFromPem($publicKey);
$keys      = new KeySet();
$keys->addKey($key);
echo $keys->jsonSerialize();

Output:

{
    "keys": [
        {
            "use": "sig",
            "kty": "RSA",
            "n": "...",
            "e": "...",
            "kid": "urn:ietf:params:oauth:jwk-thumbprint:sha-256:ef-cEOUom1NztLRBBWGQjmRyaYCK4NwggwOdw-CXfAc"
        }
    ]
}

Parse a KeySet

use Token\JWK\KeySetFactory;

$keys = $keys->jsonSerialize();
foreach (KeySetFactory::createFromJSON($keys) as $key) {
    var_dump($key->getKeyId());
    var_dump($key->getPrivateKey());
    var_dump($key->getPublicKey());
}
var_dump(KeySetFactory::createFromJSON($keys)->toArray());
var_dump(KeySetFactory::createFromJSON($keys)->jsonSerialize());
var_dump(KeySetFactory::createFromJSON($keys)->toString());
var_dump(KeySetFactory::createFromJSON($keys)->getKeyById('S7_qdQ')->getKeyType());
var_dump(KeySetFactory::createFromJSON($keys)->getKeyById('S7_qdQ')->getPublicKey());

Customizing Key Thumbprint Calculation

The Key::computeThumbprint() static method allows you to customize how a JWK (JSON Web Key) thumbprint is computed. This is useful when you want to define your own logic for generating a unique key identifier.

Example 1: Use a Custom Closure

You can define your own thumbprint logic using a closure:

use Token\JWK\Key;

Key::computeThumbprint(function (array $keyData) {
    return md5(json_encode($keyData));
});

This will override the default thumbprint behavior, using an MD5 hash of the serialized key data.

Example 2: Use a Static Method as Callable

You can also use a static method from a custom class:

use Token\JWK\Key;
use Token\JWK\Thumbprint\ThumbprintURI;

Key::computeThumbprint([ThumbprintURI::class, 'computeThumbprintURI']);

This approach delegates the thumbprint generation to the computeThumbprintURI() method inside the ThumbprintURI class.

Note

  • The callback must be a callable that receives an array representing the JWK and returns a string thumbprint.

License

Nacosvel Contracts is made available under the MIT License (MIT). Please see License File for more information.