musa11971/php-jwt-decoder

A lightweight and flexible library to decode JWTs.

Maintainers

Details

github.com/musa11971/php-jwt-decoder

Homepage

Source

Issues

Installs: 65

Dependents: 0

Suggesters: 0

Security: 0

Stars: 3

Watchers: 2

Forks: 2

Open Issues: 1

1.0 2020-02-27 21:57 UTC

Requires

  • php: ^7.3

Requires (Dev)

MIT a9ef7508e10ac7f0c539c2b084a8e0296e114991

  • musa11971 <mussesemou99.woop@gmail.com>

php-jwt-decoder

This package is auto-updated.

Last update: 2024-04-28 06:54:09 UTC

README

logo.png

Latest version on packagist GitHub Tests Action Status Total downloads

lightweight and easy to use. what more could you want

Easily decode JWT

This lightweight PHP library helps you decode and verify JSON Web Tokens easily.

$payload = JWTDecoder::token($jwt)
                ->withKey($publicKey)
                ->decode();

Installation

You can install the library via composer:

composer require musa11971/php-jwt-decoder

Usage

Basic decoding

Pass on your JWT and (public) key (e.g. PEM) as strings.

$payload = JWTDecoder::token($jwt)
                ->withKey($key)
                ->decode();

Decoding with multiple keys

You may have multiple potential keys, one of which is the correct one for the JWT. This library allows you to simply pass on all the keys, and it will try every key until the signature is verified.
Do note that if none of the keys are correct, you will be met with an exception.

$keys = [...]; // Array of keys

$payload = JWTDecoder::token($jwt)
                ->withKeys($keys)
                ->decode();

Ignoring the token expiry time

By default, the library will check the token's expiry time (exp) if it is present. However, if (for whatever reason) you wish to ignore the expiry time, you can use the following option.

$payload = JWTDecoder::token($jwt)
                ->withKey($key)
                ->ignoreExpiry()
                ->decode();

Ignoring the token 'not valid before' time

Similarly to the ignoreExpiry option, you can also ignore the 'not valid before' time of the token (nbf).

$payload = JWTDecoder::token($jwt)
                ->withKey($key)
                ->ignoreNotValidBefore()
                ->decode();

Working with the payload

The decoder always returns a JWTPayload instance. Use this object to access the data in the payload.

Check if payload has a value

$payload->has('username'); // true
$payload->has('date_of_birth'); // false

Get a value from the payload

$payload->get('username'); // 'John'

Convert a payload to an array

$payload->toArray();

/*
 * [
 *   'username'     => 'John',
 *   'email'        => 'john@example.com',
 *   'sub'          => '1234567890',
 *   'iat'          => 1516239022,
 *   'exp'          => 1516243210
 * ]
 */

Testing

composer test

Contributing

Please see CONTRIBUTING for details.

Security

If you discover any security related issues, please email mussesemou99@gmail.com instead of using the issue tracker.

Credits

Credits go to musa11971 for creating and maintaining the library.

Special thanks

Support me

I am a full-time software engineering student and work on this library in my free time. If you find the library useful, please consider making a donation! Every little bit helps. 💜

License

The MIT License (MIT). Please see License File for more information.