controlabs/jwt-helper

Helper to generate JWT using firebase/php-jwt in a simplified way

Maintainers

Details

github.com/controlabs/php-jwt-helper

Source

Issues

Installs: 129

Dependents: 1

Suggesters: 0

Security: 0

Stars: 2

Watchers: 2

Forks: 0

Open Issues: 0

v1.0.2 2018-10-26 16:33 UTC

Requires

Requires (Dev)

MIT 209187def07f42e9150825599af2ffb4bd7396df

This package is auto-updated.

Last update: 2024-04-27 05:26:33 UTC

README

Build Status Scrutinizer Code Quality Code Coverage Build Status Code Intelligence Status PHPStan

License Latest Stable Version Latest Unstable Version composer.lock Total Downloads

Helper to generate JWT using firebase/php-jwt in a simplified way.

Installation

composer require controlabs/jwt-helper

Usage

Load private and public keys
define('PRIVATE_KEY', file_get_contents('path-to-private-key.pem'));
define('PUBLIC_KEY', file_get_contents('path-to-public-key.pem'));
Generating JWT string
use Controlabs\Helper\JWT as JWTHelper;

$iss = 'https://controlabs.github.io'; // issuer
$aud = 'https://controlabs.github.io'; // audition string
$sub = 'controlabs'; // subject
$exp = '+ 10 days'; // 'expiration constraint'

$claims = [ //public claims
    'user_id' => '7b1ded55-67bb-4c42-971d-814e15ba8c05',
    'group_id' => '2065b625-3f0e-4dda-98ed-5d48956f5ee6',
    'user_agent' => $_SERVER['HTTP_USER_AGENT'],
    'remote_addr' => $_SERVER['REMOTE_ADDR']
];

$helper = new JWTHelper(PRIVATE_KEY, PUBLIC_KEY);

$token = $helper->encode($iss, $aud, $sub, $exp, $claims);

echo json_encode([
    'token' => $token
]);
Decoding JWT string
use Controlabs\Http\Exception\Unauthorized; // composer require controlabs/http-exceptions (optional)
use Controlabs\Helper\JWT as JWTHelper;

$helper = new JWTHelper(PRIVATE_KEY, PUBLIC_KEY);

try {
    $payload = $helper->decode($_POST['token']);
} catch(ExpiredToken $exception) {
    throw new Unauthorized('Inalid token');
}

// or use $helper->decode($_POST['token'], true) to supress errors

if($payload['user_agent'] !== $_SERVER['HTTP_USER_AGENT']) {
    throw new Unauthorized('User agent is invalid.');
}

echo json_encode([
    'user_id' => $payload['user_id'],
    'group_id' => $payload['group_id']
]);
Extracting payload without decode validations
use Controlabs\Helper\JWT as JWTHelper;

$helper = new JWTHelper(PRIVATE_KEY, PUBLIC_KEY);

// Use only for logs or specific purposes because it extracts content without validating the token.
$payload = $helper->payload($_POST['token']);

echo json_encode([
    'user_id' => $payload['user_id'],
    'group_id' => $payload['group_id']
]);

License

This software is open source, licensed under the The MIT License (MIT). See LICENSE for details.