ngochip/micro-jwt

Yii2微服务认证组件

维护者

详细信息

github.com/ngochip/micro-jwt

源代码

问题

安装: 171

依赖项: 0

建议者: 0

安全性: 0

星标: 0

关注者: 1

分支: 0

开放问题: 0

1.0.2 2017-11-11 08:32 UTC

Requires

MIT 1e94b357074288cab3132bb727ff13578e50d748

jwtyii2ngochip

This package is not auto-updated.

Last update: 2024-09-29 04:49:28 UTC

README

jwt for Yii2

此扩展为JWT提供Yii框架 2.0的集成(需要PHP 5.5+)。它包括基本的HTTP认证支持。

安装

该包可在Packagist上获取,您可以使用Composer进行安装。

composer require ngochip/micro-jwt

依赖项

基本用法

  1. 创建RSA密钥
openssl genrsa -des3 -out private.pem 2048

Enter pass phrase for private.pem: [YOUR_PASSPARSE]
Verifying - Enter pass phrase for private.pem:[YOUR_PASSPARSE]

将RSA公钥导出到文件

openssl rsa -in private.pem -outform PEM -pubout -out public.pem

将私钥导出到PEM文件

openssl rsa -in private.pem -out private_unencrypted.pem -outform PEM

2.将 jwt 组件添加到配置文件中,

在授权服务器中

'jwt' => [
      'class' => 'ngochip\jwt\Jwt',
      'privateKey'  => __DIR__.'/../certificate/private.pem', //private key for sign (only setup in authorization server)
      'publicKey'   => __DIR__.'/../certificate/public.pem', //public key for verify in client.
      'passparse'   => '1234', //pass parse private key
      'ttl'       => 60 * 60, //time to live for token
      'ttl_refresh'   => 60 * 90, //time to live for refreshToken
      'redis_config'  => [
        'host'  => '127.0.0.1', // blacklist server address (redis server)
        'port'    => 6379, //redis port
        'database'  => 10,
        'password'  => NULL //password for AUTH redis server
      ]
  ],

在客户端(其他服务器)

'jwt' => [
      'class' => 'ngochip\jwt\Jwt',
      'publicKey'   => __DIR__.'/../certificate/public.pem', //public key for verify in client.
      'ttl'       => 60 * 60, //time to live for token
      'ttl_refresh'   => 60 * 90, //time to live for refreshToken
      'issuer'        => 'http://auth.domain.com/api/', //Auth Server Address.
      'redis_config'  => [
        'host'  => '127.0.0.1', // blacklist server address (redis server)
        'port'    => 6379, //redis port
        'database'  => 10,
        'password'  => NULL //password for AUTH redis server
      ]
  ],

创建(在授权服务器中)

仅使用构建器创建新的JWT/JWS令牌

$userInfo = [
  'id' => 1,
  'username' => 'admin',
  'email' => 'admin@domain.com',
  'roles' => ['create_post','delete_user']
];
$token = Yii::$app->jwt->getToken($userInfo); //create token
Yii::$app->jwt->setToken($token); //assign Token
$newToken = Yii::$app->jwt->refreshToken(); //refresh token when expried

在其他服务器中使用(仅公钥)

Yii::$app->jwt->getTokenFromHeader(); //get token from Header and set to Object;
Yii::$app->jwt->verify(); //verify token, return bool;
Yii::$app->jwt->getInfo(); //get all info in tokenKey (not verify, only get from token). should be call after verified.
Yii::$app->jwt->getInfo('exp'); //extract claim from token, will return expiry time;
Yii::$app->jwt->getHeader(); //get all header in token.

验证

我们可以轻松地验证令牌是否有效(使用之前的令牌为例)

Yii::$app->jwt->getTokenFromHeader(); //get token from Header Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9....
Yii::$app->jwt->verify(); //verify token, return true if verify success;