paragonie / php-jwt-guard
v0.3.0
2021-08-11 21:27 UTC
Requires
- php: >=5.3.0
- firebase/php-jwt: ^5
- paragonie/sodium_compat: ^v1.17
Requires (Dev)
- phpunit/phpunit: >=4.8 <=9
This package is auto-updated.
Last update: 2024-12-14 06:55:18 UTC
README
Protect your code from being impacted by issue 351 in firebase/php-jwt.
Installation
First, install this library with Composer:
composer require paragonie/php-jwt-guard
And then in your PHP namespace imports, swap the namespace:
- use Firebase\JWT\JWT; + use ParagonIE\PhpJwtGuard\JWT;
You're no longer going to provide an array or ArrayAccess object
to JWT
. You will instead need to use the provided KeyRing
class.
<?php use ParagonIE\PhpJwtGuard\KeyRing; use ParagonIE\PhpJwtGuard\JWT; // Setup keyring: $keyring = (new KeyRing()) ->withHS256('key-id-foo', 'raw-key-data-goes-here') ->withHS384('key-id-bar', 'raw-key-data-goes-here-too') // ... ->withPS384('key-id-xyzzy', 'raw-key-data-goes-here-too') ->withPS512('key-id-thud', 'raw-key-data-goes-here-too'); // Pass it to JWT Dcode: JWT::decode($jwt, $keyring, array($allowedAlgs));
Using the KeyRing class
KeyRing->with($alg, $keyId, $rawKeyData)
Parameters:
string
$alg - The algorithm this key is intended forstring
$keyId - Thekid
header that maps to this keystring
$rawKeyData - The actual key material. For asymmetric keys, this is usually PEM-encoded.
Returns the KeyRing object. Chainable.
KeyRing->count()
Returns an integer.
KeyRing->partition($alg)
Parameters:
string
$alg - The algorithm this key is intended for
Returns a new KeyRing object with a subset of all supported keys.