artisangang/jwt

PHP7 library for JSON Web Tokens (JWT).

Maintainers

Details

github.com/artisangang/jwt

Source

Issues

Installs: 6 947

Dependents: 0

Suggesters: 0

Security: 0

Stars: 5

Watchers: 2

Forks: 0

v0.2 2018-07-05 15:28 UTC

Requires

  • php: >=7.2

Requires (Dev)

MIT de9dfb905521facff0d5c4d6724101ceba93a105

  • Harcharan Singh <artisangang.woop@gmail.com>

jsonapitokenjwt

This package is not auto-updated.

Last update: 2024-11-15 22:48:49 UTC

README

PHP7 library for JSON Web Tokens (JWT).

[Standard]https://en.wikipedia.org/wiki/JSON_Web_Token#Standard_fields

Installation

composer require artisangang/jwt

Requires PHP 7.

Usage

<?php


// create token

$token = Token::make([
    	'key' => 'secret',
    	'issuer' => 'artisangang',
    	'expiry' => strtotime('+1 hour'),
    	'issuedAt' => time(),
    	'algorithm' => 'HS256'
    ])->get();


try {
	Token::validate($token, 'secret');
} catch (\Exception $e) {
	//InvalidArgumentException|UnexpectedValueException
	//InvalidSignatureException|BeforeValidException|TokenExpiredException
}

/**
 * or
 * Token::check($token, 'secret')
 * this will return true or false only
 */

//  decode token
// (new Token)->decode('token', 'key')

// token string to token object
// Token::break('token', 'key')

// jwt claims maping with Token Class
/**
 * [
 *    'iss' => 'issuer',
 *    'sub' => 'subject',
 *    'aud' => 'audience',
 *    'exp' => 'expiry',
 *    'nbf' => 'notBefore',
 *    'iat' => 'issuedAt',
 *    'jti' => 'identify',
 *    'typ' => 'type',
 *    'alg' => 'algorithm'
 *]
 */

Using methods

$token = new Token;

$token->setKey('secret);

$token->setIssuer('who issued this token');

$token->setSubject('subject of token');

$token->setAudience('recipients');

// of in case of multiple audience
//$token->setAudience('recipient1', 'recipient2', 'recipient3');

// this will work with unix timestamp
$token->setExpiry(time() + 60);

// this token cannot be used before
$token->setNotBefore(time() + 10);

// token issued at unix time stamp
// Note: token cannot be used before issued at time
$token->setIssuedAt(time());

$token->setIdentity('this must be unique');

$token->setType('jwt');

// suported algorithm: HS256,HS512,HS384
// for oppen ssl : RS256,RS384,RS512 
$token->setAlgorithm('HS256');

// add custom claims to token
$token->setClaim('user_id', 1);
$token->setClaim('email', 'user@example.com');

// generate token based on claims
$tokenString = $token->get();

Validating a token

// use one from below methods

try {
    
    // this will return array of claims
    $token = Token::validate('token string', 'your key');
    
    // you may validate custom claims here
    
   } catch(\Exception $e) 
   {
        //InvalidArgumentException -> some required argument is missing
        //UnexpectedValueException -> argument or segment value is malformed
        //InvalidSignatureException -> token signature not matched , Token is invalid
        //BeforeValidException -> token is used before issued at or not before time
        //TokenExpiredException -> token is expired
   }
   
// or by using check, this will return bool

if (!Token::check('token string', 'your key'))
{
    // token is not valid
}

For more information explorer JWT\Token.php.

Use openssl_pkcs12_read,openssl_get_privatekey to read key.