switon/jwt

HMAC JWT issue, validation, and optional kid-based key routing for Switon Framework

Maintainers

Package info

github.com/switon-php/jwt

Documentation

pkg:composer/switon/jwt

Statistics

Installs: 2

Dependents: 1

Suggesters: 0

Stars: 0

Open Issues: 0

Security

Advisories: 0

Aikido package health analysis

v1.0.0 2026-06-06 13:43 UTC

Requires

Requires (Dev)

MIT c3c2a021d45ab39269670606b91773c01f669cb5

  • switon <admin.woop@switon.dev>

Authenticationjwttokensswiton

This package is auto-updated.

Last update: 2026-06-07 05:12:32 UTC

README

JWT CI PHP 8.3+

Switon's JWT contract for application services that want HMAC-signed tokens, kid-based key selection, and exp/nbf checks.

Highlights

  • Token issuing and validation: JwtInterface covers both sides of the JWT flow.
  • Per-token signing keys: tokens can carry a key ID, and decode can use it to select the matching signing key.
  • Claim policy: issued tokens get consistent exp and nbf claims.
  • Validation policy: signatures and standard claim checks are enforced together.
  • Clear failure types: invalid tokens surface as specific exceptions.

Installation

composer require switon/jwt

Quick Start

use Switon\Core\Attribute\Autowired;
use Switon\Jwt\JwtInterface;

class AuthService
{
    #[Autowired] protected JwtInterface $jwt;

    public function issueForTenant(int $userId, string $kid): string
    {
        return $this->jwt->encode(['user_id' => $userId], 3600, $kid);
    }

    public function authenticate(string $token, string $kid): array
    {
        return $this->jwt->decode($token, $kid);
    }
}

Docs: https://docs.switon.dev/latest/jwt

License

MIT.