README

使用firebase/php-jwt简化方式生成JWT的助手。

安装

composer require controlabs/jwt-helper

使用方法

加载私钥和公钥

define('PRIVATE_KEY', file_get_contents('path-to-private-key.pem'));
define('PUBLIC_KEY', file_get_contents('path-to-public-key.pem'));

生成JWT字符串

use Controlabs\Helper\JWT as JWTHelper;

$iss = 'https://controlabs.github.io'; // issuer
$aud = 'https://controlabs.github.io'; // audition string
$sub = 'controlabs'; // subject
$exp = '+ 10 days'; // 'expiration constraint'

$claims = [ //public claims
    'user_id' => '7b1ded55-67bb-4c42-971d-814e15ba8c05',
    'group_id' => '2065b625-3f0e-4dda-98ed-5d48956f5ee6',
    'user_agent' => $_SERVER['HTTP_USER_AGENT'],
    'remote_addr' => $_SERVER['REMOTE_ADDR']
];

$helper = new JWTHelper(PRIVATE_KEY, PUBLIC_KEY);

$token = $helper->encode($iss, $aud, $sub, $exp, $claims);

echo json_encode([
    'token' => $token
]);

解码JWT字符串

use Controlabs\Http\Exception\Unauthorized; // composer require controlabs/http-exceptions (optional)
use Controlabs\Helper\JWT as JWTHelper;

$helper = new JWTHelper(PRIVATE_KEY, PUBLIC_KEY);

try {
    $payload = $helper->decode($_POST['token']);
} catch(ExpiredToken $exception) {
    throw new Unauthorized('Inalid token');
}

// or use $helper->decode($_POST['token'], true) to supress errors

if($payload['user_agent'] !== $_SERVER['HTTP_USER_AGENT']) {
    throw new Unauthorized('User agent is invalid.');
}

echo json_encode([
    'user_id' => $payload['user_id'],
    'group_id' => $payload['group_id']
]);

提取负载而无需解码验证

use Controlabs\Helper\JWT as JWTHelper;

$helper = new JWTHelper(PRIVATE_KEY, PUBLIC_KEY);

// Use only for logs or specific purposes because it extracts content without validating the token.
$payload = $helper->payload($_POST['token']);

echo json_encode([
    'user_id' => $payload['user_id'],
    'group_id' => $payload['group_id']
]);

许可证

本软件为开源软件，使用MIT许可证（MIT）授权。有关详细信息，请参阅LICENSE。