通过
搜索
搜索blockchaininstitute / jwttools
此包的最新版本(dev-master)没有可用的许可证信息。
此库提供了处理JWT和uPort去中心化ID的工具。
dev-master
2019-06-28 16:14 UTC
Requires
- kornrunner/secp256k1: ^0.1.2
- mdanter/ecc: ^0.5.2
- tuupola/base58: ^0.4.0
Requires (Dev)
- kornrunner/secp256k1: ^0.1.2
- mdanter/ecc: ^0.5.2
- tuupola/base58: ^0.4.0
Suggests
- ext-gmp: Must install php-gmp before using validation function.
This package is auto-updated.
Last update: 2024-09-27 04:48:41 UTC
README
JSON Web Tokens (JWTs) 是一种方便的方式,通过HTTP传递签名的数据请求。更详细的信息可以在jwt.io找到。
此模块期望按照uPort文档在docs.uport.me中所述,使用secp256k1签名的有效载荷。
用法
可以使用以下命令将此仓库安装为composer模块:
composer require blockchaininstitute/jwttools
功能
verify_jwt( $jwt ) 此函数提供了此模块的核心用途。$jwt参数期望一个如下示例中所示的十进制分隔的字符串。
resolve_public_key_from_jwt($jwt) 此函数通过解析uPort MNID通过infura网关,返回给定jwt的适当编码的公钥。$jwt参数期望一个有效的jwt对象,如jwt.io。
generate_infura_payload_from_jwt($jwt) 此函数通过解析uPort MNID通过infura网关,返回一个php对象,其中包含给定jwt的完整IPFS DID。$jwt参数期望一个有效的jwt对象,如jwt.io。
create_jwt($jwt_header_json, $jwt_body_json, $signing_key) 此函数使用十六进制编码的签名密钥返回一个有效的签名JWT。有关详细信息,请参阅jwtComposer.php示例文件。
依赖项
PHP GMP 数学工具
apt-get install php7.0-gmp
PHP CURL 工具
apt-get install php-curl
故障排除
如果您收到类似“CURLOPT_URL未定义”的错误消息,那么您可能需要安装如上所示的php curl。
如果您收到类似“GMP未定义”的错误,您可能需要安装如上所示的GMP工具。
有效载荷格式
JWT
$jwt = "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NksifQ.eyJpYXQiOjE1NTM4MDE4OTYsImV4cCI6MTU1Mzg4ODI5NiwiYXVkIjoiMm9qRXRVWEJLMko3NWVDQmF6ejR0bmNFV0UxOG9GV3JuZkoiLCJ0eXBlIjoic2hhcmVSZXNwIiwibmFkIjoiMm90MWhDdVZBTDZuUTNOUXJ5amtCQVJHdHNqNHJzYW81NzUiLCJvd24iOnsibmFtZSI6IkFsZXgifSwicmVxIjoiZXlKMGVYQWlPaUpLVjFRaUxDSmhiR2NpT2lKRlV6STFOa3NpZlEuZXlKcFlYUWlPakUxTlRNNE1ERTRPVEFzSW5KbGNYVmxjM1JsWkNJNld5SnVZVzFsSWwwc0ltTmhiR3hpWVdOcklqb2lhSFIwY0hNNkx5OWphR0Z6Y1hWcExuVndiM0owTG0xbEwyRndhUzkyTVM5MGIzQnBZeTlvTURoelRVODBOMjVYY1VzMVYyOVRJaXdpYm1WMElqb2lNSGcwSWl3aWRIbHdaU0k2SW5Ob1lYSmxVbVZ4SWl3aWFYTnpJam9pTW05cVJYUlZXRUpMTWtvM05XVkRRbUY2ZWpSMGJtTkZWMFV4T0c5R1YzSnVaa29pZlEuaURoNWZ4UjZDdEpHV0VBcjg1VzBpd0JXMmhxOTl5UnE2T0ZQbUxpVGxlRmNoclItd3VYcWlGTmI1R203SUQ4VGxsR2RMRGpzSlU4NkV3U0E2dFU2b3ciLCJpc3MiOiIyb3QxaEN1VkFMNm5RM05Rcnlqa0JBUkd0c2o0cnNhbzU3NSJ9.vFslRV7OGpfCAwQ9HDqr1BoBYNXlzyHjZiJrT4_0exgbrVXTYjbvJ3_6GGtI2yKATxjOUuX5EToNBcTXyPLBUg"
格式为 < 编码的头部字符串 >.< 编码的负载字符串 >.< 编码的签名字符串 >,用十进制点作为分隔符。
解码的JWT (JSON):} 上面的JWT的头部和负载必须能够被url解码和base 68解码,以产生以下所示的JSON有效载荷
jwt : {
header: ,
body:
{
"iat":1553801896,
"exp":1553888296,
"aud":"2ojEtUXBK2J75eCBazz4tncEWE18oFWrnfJ",
"type":"shareResp",
"nad":"2ot1hCuVAL6nQ3NQryjkBARGtsj4rsao575",
"own": {
"name":"Alex"
},
"req":"eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NksifQ.eyJpYXQiOjE1NTM4MDE4OTAsInJlcXVlc3RlZCI6WyJuYW1lIl0sImNhbGxiYWNrIjoiaHR0cHM6Ly9jaGFzcXVpLnVwb3J0Lm1lL2FwaS92MS90b3BpYy9oMDhzTU80N25XcUs1V29TIiwibmV0IjoiMHg0IiwidHlwZSI6InNoYXJlUmVxIiwiaXNzIjoiMm9qRXRVWEJLMko3NWVDQmF6ejR0bmNFV0UxOG9GV3JuZkoifQ.iDh5fxR6CtJGWEAr85W0iwBW2hq99yRq6OFPmLiTleFchrR-wuXqiFNb5Gm7ID8TllGdLDjsJU86EwSA6tU6ow",
"iss":"2ot1hCuVAL6nQ3NQryjkBARGtsj4rsao575"
}
signature: "vFslRV7OGpfCAwQ9HDqr1BoBYNXlzyHjZiJrT4_0exgbrVXTYjbvJ3_6GGtI2yKATxjOUuX5EToNBcTXyPLBUg
}
完整文档可以在以下位置找到: https://github.com/uport-project/specs/blob/develop/messages/index.md#json-web-token
有关DID解析的更多信息,请访问 https://github.com/uport-project/specs/blob/develop/pki/index.md
回调函数:} 要将DID解析为公钥,必须调用infura API。为了确保与WordPress插件和其他受限制的环境(如Drupel、Laravel或Magento)的互操作性,didResolver函数将返回一个可以在回调函数中执行的HTTP GET请求。这可以在下面的DidResolver示例中看到。
示例
解析DID
<?php
require 'vendor/autoload.php';
require __DIR__ . '/vendor/autoload.php';
use Blockchaininstitute\jwtTools as jwtTools;
$jwtTools = new jwtTools('make_http_call');
$jwt = "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NksifQ.eyJpYXQiOjE1NTYyMTQ5MzcsImV4cCI6MTU1NjMwMTMzNywiYXVkIjoiMm9qRXRVWEJLMko3NWVDQmF6ejR0bmNFV0UxOG9GV3JuZkoiLCJ0eXBlIjoic2hhcmVSZXNwIiwibmFkIjoiMm90MWhDdVZBTDZuUTNOUXJ5amtCQVJHdHNqNHJzYW81NzUiLCJvd24iOnsibmFtZSI6IkFsZXgifSwicmVxIjoiZXlKMGVYQWlPaUpLVjFRaUxDSmhiR2NpT2lKRlV6STFOa3NpZlEuZXlKcFlYUWlPakUxTlRZeU1UUTVNak1zSW5KbGNYVmxjM1JsWkNJNld5SnVZVzFsSWwwc0ltTmhiR3hpWVdOcklqb2lhSFIwY0hNNkx5OWphR0Z6Y1hWcExuVndiM0owTG0xbEwyRndhUzkyTVM5MGIzQnBZeTkwTUVsVmNtcEdjVEIzTjNkMlVsWnVJaXdpYm1WMElqb2lNSGcwSWl3aWRIbHdaU0k2SW5Ob1lYSmxVbVZ4SWl3aWFYTnpJam9pTW05cVJYUlZXRUpMTWtvM05XVkRRbUY2ZWpSMGJtTkZWMFV4T0c5R1YzSnVaa29pZlEuWTVtMTFKZmR1UG9hNW1fdm4zYkI4TUlqTHktUWdETHI3YTVMREhJcjgxclBkQWVrcmNKTzJra2UxQmJOOVVaSlVrNUQzZzVCRldqNW81RHM4cWQ0bUEiLCJpc3MiOiIyb3QxaEN1VkFMNm5RM05Rcnlqa0JBUkd0c2o0cnNhbzU3NSJ9.dhS6KNpA21NJUmxtNmOCBv8ewBIwyOgqak9eXpUKZS8Hk-zpxjbbnkhLaOVHCENFjK2zzm9OxVekgGlwlNoIbw";
$DID = $jwtTools->generate_infura_payload_from_JWT($jwt);
print_r($DID);
/**
* make_http_call - example of http callback format
*
* @param string $url Accepts a URL to call to retrieve a result
*
* @param string $body JSON Encoded payload (if POST = true)
*
* @param string $is_post Passes a Bool -> true means this is a post call
*
* @return string Returns the resulting HTTP payload
*/
function make_http_call ($url, $body, $is_post) {
$options = array(CURLOPT_URL => $url,
CURLOPT_HEADER => false,
CURLOPT_FRESH_CONNECT => true,
CURLOPT_POSTFIELDS => $body,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => $is_post,
CURLOPT_HTTPHEADER => array( 'Content-Type: application/json')
);
$ch = curl_init();
curl_setopt_array($ch, $options);
$result = curl_exec($ch);
curl_close($ch);
return $result;
}
组合并签名JWT
<?php
require 'vendor/autoload.php';
require __DIR__ . '/vendor/autoload.php';
use Blockchaininstitute\jwtTools as jwtTools;
$jwtTools = new jwtTools('make_http_call');
// Input Data
$topicName = "Blockchain Institute Login Request";
// For chasqui, this should be generated from an existing uportJs library for consistancy
// Prepare the JWT Header
// 1. Initialize JWT Values
$jwtHeader = (object)[];
$jwtHeader->typ = 'JWT'; // ""
$jwtHeader->alg = 'ES256K'; // ""
// 2. Create JWT Object
$jwtheader_json = json_encode($jwtHeader, JSON_UNESCAPED_SLASHES);
// Prepare the JWT Body
// 1. Initialize JWT Values
$jwtBody = (object)[];
// "Client ID"
$signingKey = 'cb89a98b53eec9dc58213e67d04338350e7c15a7f7643468d8081ad2c5ce5480'; // "Private Key"
// 776e591d9674b1c0fc8182f8574f24734cdeb4dc7ef8c4643d0fda33f4f8e0d6
$jwtBody->iat = 1556912833;
$jwtBody->requested = ['name'];
$jwtBody->callback = 'https://chasqui.uport.me/api/v1/topic/1OzSjQRFrF948LLk';
// $jwtBody->callback = $jwtTools->chasquiFactory($topicName);
$jwtBody->net = "0x4";
$jwtBody->type = "shareReq";
$jwtBody->iss = '2ojEtUXBK2J75eCBazz4tncEWE18oFWrnfJ';
// 2. Create JWT Object
$jwtbody_json = json_encode($jwtBody, JSON_UNESCAPED_SLASHES);
echo "\r\n\r\njson_body:\r\n";
print_r($jwtbody_json);
echo "\r\n\r\n";
$jwt = $jwtTools->create_jwt($jwtheader_json, $jwtbody_json, $signingKey);
echo "\r\n\r\n======== BEGINNING VERIFICATION =======\r\n\r\n";
$isVerified = $jwtTools->verifyJWT($jwt);
echo "\r\n\r\nisVerified:\r\n" , $isVerified;
echo "\r\n\r\n";
function spEncodeAndTrim ($payload) {
$encoded = base64_encode($payload);
if ( sizeof(explode("=", $encoded)) > 1 ) {
$trimmed = explode("=", $encoded)[0];
} else {
$trimmed = $encoded;
}
return $trimmed;
}
/**
* make_http_call - example of http callback format
*
* @param string $url Accepts a URL to call to retrieve a result
*
* @param string $body JSON Encoded payload (if POST = true)
*
* @param string $is_post Passes a Bool -> true means this is a post call
*
* @return string Returns the resulting HTTP payload
*/
function make_http_call ($url, $body, $is_post) {
$options = array(CURLOPT_URL => $url,
CURLOPT_HEADER => false,
CURLOPT_FRESH_CONNECT => true,
CURLOPT_POSTFIELDS => $body,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => $is_post,
CURLOPT_HTTPHEADER => array( 'Content-Type: application/json')
);
$ch = curl_init();
curl_setopt_array($ch, $options);
$result = curl_exec($ch);
curl_close($ch);
return $result;
}
从JWT解析公钥
<?php
require 'vendor/autoload.php';
require __DIR__ . '/vendor/autoload.php';
use Blockchaininstitute\jwtTools as jwtTools;
$jwtTools = new jwtTools('make_http_call');
$jwt = "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NksifQ.eyJpYXQiOjE1NTYyMTQ5MzcsImV4cCI6MTU1NjMwMTMzNywiYXVkIjoiMm9qRXRVWEJLMko3NWVDQmF6ejR0bmNFV0UxOG9GV3JuZkoiLCJ0eXBlIjoic2hhcmVSZXNwIiwibmFkIjoiMm90MWhDdVZBTDZuUTNOUXJ5amtCQVJHdHNqNHJzYW81NzUiLCJvd24iOnsibmFtZSI6IkFsZXgifSwicmVxIjoiZXlKMGVYQWlPaUpLVjFRaUxDSmhiR2NpT2lKRlV6STFOa3NpZlEuZXlKcFlYUWlPakUxTlRZeU1UUTVNak1zSW5KbGNYVmxjM1JsWkNJNld5SnVZVzFsSWwwc0ltTmhiR3hpWVdOcklqb2lhSFIwY0hNNkx5OWphR0Z6Y1hWcExuVndiM0owTG0xbEwyRndhUzkyTVM5MGIzQnBZeTkwTUVsVmNtcEdjVEIzTjNkMlVsWnVJaXdpYm1WMElqb2lNSGcwSWl3aWRIbHdaU0k2SW5Ob1lYSmxVbVZ4SWl3aWFYTnpJam9pTW05cVJYUlZXRUpMTWtvM05XVkRRbUY2ZWpSMGJtTkZWMFV4T0c5R1YzSnVaa29pZlEuWTVtMTFKZmR1UG9hNW1fdm4zYkI4TUlqTHktUWdETHI3YTVMREhJcjgxclBkQWVrcmNKTzJra2UxQmJOOVVaSlVrNUQzZzVCRldqNW81RHM4cWQ0bUEiLCJpc3MiOiIyb3QxaEN1VkFMNm5RM05Rcnlqa0JBUkd0c2o0cnNhbzU3NSJ9.dhS6KNpA21NJUmxtNmOCBv8ewBIwyOgqak9eXpUKZS8Hk-zpxjbbnkhLaOVHCENFjK2zzm9OxVekgGlwlNoIbw";
$address = $jwtTools->resolve_public_key_from_jwt($jwt);
echo $address;
/**
* make_http_call - example of http callback format
*
* @param string $url Accepts a URL to call to retrieve a result
*
* @param string $body JSON Encoded payload (if POST = true)
*
* @param string $is_post Passes a Bool -> true means this is a post call
*
* @return string Returns the resulting HTTP payload
*/
function make_http_call ($url, $body, $is_post) {
$options = array(CURLOPT_URL => $url,
CURLOPT_HEADER => false,
CURLOPT_FRESH_CONNECT => true,
CURLOPT_POSTFIELDS => $body,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => $is_post,
CURLOPT_HTTPHEADER => array( 'Content-Type: application/json')
);
$ch = curl_init();
curl_setopt_array($ch, $options);
$result = curl_exec($ch);
curl_close($ch);
return $result;
}
验证JWT签名
<?php
require __DIR__ . '/vendor/autoload.php';
use Blockchaininstitute\jwtTools as jwtTools;
echo "\r\nStarting verifyJWT.php \r\n";
$jwtTools = new jwtTools('make_http_call');
$jwt = "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NksifQ.eyJpYXQiOjE1NTY5MTI4MzMsInJlcXVlc3RlZCI6WyJuYW1lIl0sImNhbGxiYWNrIjoiaHR0cHM6Ly9jaGFzcXVpLnVwb3J0Lm1lL2FwaS92MS90b3BpYy8xT3pTalFSRnJGOTQ4TExrIiwibmV0IjoiMHg0IiwidHlwZSI6InNoYXJlUmVxIiwiaXNzIjoiMm9qRXRVWEJLMko3NWVDQmF6ejR0bmNFV0UxOG9GV3JuZkoifQ.eeR7QXHZynWehtl7QsLbFSUgegudarGzuT2YqEUFPRUI3VOJwBVL+2zw0/RDz3kJX7sRdpZwdH0ANKdFz2w4UA";
$isVerified = $jwtTools->verify_jwt($jwt);
echo "\r\n\r\nisVerified:\r\n" , $isVerified;
echo "\r\n\r\n";
/**
* make_http_call - example of http callback format
*
* @param string $url Accepts a URL to call to retrieve a result
*
* @param string $body JSON Encoded payload (if POST = true)
*
* @param string $is_post Passes a Bool -> true means this is a post call
*
* @return string Returns the resulting HTTP payload
*/
function make_http_call ($url, $body, $is_post) {
$options = array(CURLOPT_URL => $url,
CURLOPT_HEADER => false,
CURLOPT_FRESH_CONNECT => true,
CURLOPT_POSTFIELDS => $body,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => $is_post,
CURLOPT_HTTPHEADER => array( 'Content-Type: application/json')
);
$ch = curl_init();
curl_setopt_array($ch, $options);
$result = curl_exec($ch);
curl_close($ch);
return $result;
}