ridibooks / internal-auth
Ridibooks 内部认证
v0.0.1
2020-02-27 06:52 UTC
Requires
Requires (Dev)
- mockery/mockery: ^1.3
- phpunit/phpunit: ^7
This package is auto-updated.
Last update: 2024-09-27 17:07:06 UTC
README
简介
- 这是一个用于内部服务通信认证的PHP库。
- 它遵循Ridi风格指南(内部服务间的SSO)编写。
- 可选支持JWK缓存。通过向JwtTokenValidator注入psr-6的实现,可以启用缓存功能。
需求
PHP 7.2
或更高版本- 为了使用
php7.2-gmp
web-token decryption 模块,需要在操作系统内安装php7.2-gmp。因此,请在客户端的操作系统或Docker镜像内务必安装。请参考PR。
安装
composer require ridibooks/internal-auth
用法
JwtGenerator
use Ridibooks\InternalAuth\Authorization\Generator\JwtGenerator; $key_config = [ '... issuer service name ...' => [ 'kid' => '... key id ...', 'key' => '... rsa private key ...', ] ]; $jwt_generator = new JwtGenerator($key_config); $token = $jwt_generator->generate( '... issuer service name ...', '... audience service name ...' )
Authorizer, JwtValidator(无缓存)
use Ridibooks\InternalAuth\Authorization\Validator\JwtValidator; use Ridibooks\InternalAuth\Authorizer; $internal_auth_token = '...'; try { $jwk_url = $this->configs['jwk_url']; $validator = new JwtValidator($jwk_url); $authorizer = new Authorizer($validator); $authorizer->authorize($internal_auth_token, [InterService.Account]); } catch (AuthorizationException $e) { // handle exception }
Authorizer, JwtValidator(带缓存)
use Ridibooks\InternalAuth\Authorization\Validator\JwtValidator; use Ridibooks\InternalAuth\Authorizer; $internal_auth_token = '...'; try { $jwk_url = $this->configs['jwk_url']; $cache_item_pool = new FilesystemAdapter(); // [psr-6](https://www.php-fig.org/psr/psr-6/) Implementation Adaptor $validator = new JwtValidator($jwk_url, $cache_item_pool); $authorizer = new Authorizer($validator); $authorizer->authorize($internal_auth_token, [InterService.Account]); } catch (AuthorizationException $e) { // handle exception }