controlabs/jwt-helper

Helper to generate JWT using firebase/php-jwt in a simplified way

v1.0.2 2018-10-26 16:33 UTC

This package is auto-updated.

Last update: 2024-10-27 06:54:25 UTC


README

Build Status Scrutinizer Code Quality Code Coverage Build Status Code Intelligence Status PHPStan

License Latest Stable Version Latest Unstable Version composer.lock Total Downloads

Helper to generate JWT using firebase/php-jwt in a simplified way.

Installation

composer require controlabs/jwt-helper

Usage

Load private and public keys
define('PRIVATE_KEY', file_get_contents('path-to-private-key.pem'));
define('PUBLIC_KEY', file_get_contents('path-to-public-key.pem'));
Generating JWT string
use Controlabs\Helper\JWT as JWTHelper;

$iss = 'https://controlabs.github.io'; // issuer
$aud = 'https://controlabs.github.io'; // audition string
$sub = 'controlabs'; // subject
$exp = '+ 10 days'; // 'expiration constraint'

$claims = [ //public claims
    'user_id' => '7b1ded55-67bb-4c42-971d-814e15ba8c05',
    'group_id' => '2065b625-3f0e-4dda-98ed-5d48956f5ee6',
    'user_agent' => $_SERVER['HTTP_USER_AGENT'],
    'remote_addr' => $_SERVER['REMOTE_ADDR']
];

$helper = new JWTHelper(PRIVATE_KEY, PUBLIC_KEY);

$token = $helper->encode($iss, $aud, $sub, $exp, $claims);

echo json_encode([
    'token' => $token
]);
Decoding JWT string
use Controlabs\Http\Exception\Unauthorized; // composer require controlabs/http-exceptions (optional)
use Controlabs\Helper\JWT as JWTHelper;

$helper = new JWTHelper(PRIVATE_KEY, PUBLIC_KEY);

try {
    $payload = $helper->decode($_POST['token']);
} catch(ExpiredToken $exception) {
    throw new Unauthorized('Inalid token');
}

// or use $helper->decode($_POST['token'], true) to supress errors

if($payload['user_agent'] !== $_SERVER['HTTP_USER_AGENT']) {
    throw new Unauthorized('User agent is invalid.');
}

echo json_encode([
    'user_id' => $payload['user_id'],
    'group_id' => $payload['group_id']
]);
Extracting payload without decode validations
use Controlabs\Helper\JWT as JWTHelper;

$helper = new JWTHelper(PRIVATE_KEY, PUBLIC_KEY);

// Use only for logs or specific purposes because it extracts content without validating the token.
$payload = $helper->payload($_POST['token']);

echo json_encode([
    'user_id' => $payload['user_id'],
    'group_id' => $payload['group_id']
]);

License

This software is open source, licensed under the The MIT License (MIT). See LICENSE for details.