README

PHP JWT Wrapper

A simple and flexible wrapper around the Firebase JWT library that makes JWT token handling easy and intuitive in PHP applications.

Features

• Simple API: Create and validate JWT tokens with minimal code
• Flexible Signing: Support for both HMAC (shared secret) and RSA/ECDSA (public/private key) methods
• Automatic Claims: Built-in handling of standard JWT claims (iat, exp, nbf)
• HTTP Integration: Helper methods for extracting tokens from HTTP headers
• Key Management: Intuitive interfaces for different key types

Installation

composer require "byjg/jwt-wrapper"

Quick Example

// Create a JWT token using HMAC
$server = "example.com";
$secret = new \ByJG\JwtWrapper\JwtHashHmacSecret(base64_encode("your_secret_key"));
$jwtWrapper = new \ByJG\JwtWrapper\JwtWrapper($server, $secret);

// Add custom data and set expiration
$token = $jwtWrapper->generateToken(
    $jwtWrapper->createJwtData(["userId" => 123], 3600)
);

// Validate and extract data
try {
    $jwtData = $jwtWrapper->extractData($token);
    $userId = $jwtData->data->userId;
} catch (\ByJG\JwtWrapper\JwtWrapperException $e) {
    // Handle invalid token
}

Documentation

Detailed documentation:

Examples

The library includes complete examples in the example directory showing:

• Token creation with login.php
• Token validation with api.php
• Client-side usage with client.html

sequenceDiagram
    participant LOCAL
    participant CLIENT
    participant SERVER
    participant PRIVATE_RESOURCE
    LOCAL->>CLIENT: Retrieve Local Token
    CLIENT->>SERVER: Pass Token
    SERVER->>PRIVATE_RESOURCE: Validate Token
    PRIVATE_RESOURCE->>CLIENT: Return Result if token is valid
    CLIENT->>LOCAL: Store Token

Running the tests

vendor/bin/phpunit

Dependencies

flowchart TD  
    byjg/jwt-wrapper --> firebase/php-jwt
    byjg/jwt-wrapper --> ext-openssl

Open source ByJG