通过以下方式搜索:
x_mier / think-jwt
该包最新版本(v1.0.0)没有提供许可证信息。
在PHP中实现jsonweb令牌(JWT)编码和解码的简单库。
v1.0.0
2021-03-17 09:08 UTC
Requires
- php: >=5.3.0
Requires (Dev)
- phpunit/phpunit: >=4.8 <=9
This package is not auto-updated.
Last update: 2024-09-27 01:00:57 UTC
README
composer require x_mier/think-jwt
示例
$user = self::signToken($id);
dd($user);
$token = Request::instance()->header('token');
$res = self::checkToken($token);
//生成验签
static function signToken($uid)
{
$key = '!@#$%*&'; //这里是自定义的一个随机字串,应该写在config文件中的,解密时也会用,相当 于加密中常用的 盐 salt
$token = array(
"iss" => $key, //签发者 可以为空
"aud" => '', //面象的用户,可以为空
"iat" => time(), //签发时间
"nbf" => time() + 3, //在什么时候jwt开始生效 (这里表示生成100秒后才生效)
"exp" => time() + 200, //token 过期时间
"data" => [ //记录的userid的信息,这里是自已添加上去的,如果有其它信息,可以再添加数组的键值对
'uid' => $uid,
]
);
// print_r($token);
$jwt = JWT::encode($token, $key, "HS256"); //根据参数生成了 token
return $jwt;
}
//验证token
static function checkToken($token)
{
$key = '!@#$%*&';
$status = array("code" => 2);
try {
JWT::$leeway = 60; //当前时间减去60,把时间留点余地
$decoded = JWT::decode($token, $key, array('HS256')); //HS256方式,这里要和签发的时候对应
$arr = (array)$decoded;
$res['code'] = 1;
$res['data'] = $arr['data'];
return $res;
} catch (\Firebase\JWT\SignatureInvalidException $e) { //签名不正确
$status['msg'] = "签名不正确";
return $status;
} catch (\Firebase\JWT\BeforeValidException $e) { // 签名在某个时间点之后才能用
$status['msg'] = "token失效";
return $status;
} catch (\Firebase\JWT\ExpiredException $e) { // token过期
$status['msg'] = "token失效";
return $status;
} catch (\Exception $e) { //其他错误
$status['msg'] = "未知错误";
return $status;
}
}
<?php
use \x_mier\JWT\JWT;
$key = "example_key";
$payload = array(
"iss" => "http://example.org",
"aud" => "http://example.com",
"iat" => 1356999524,
"nbf" => 1357000000
);
/**
* IMPORTANT:
* You must specify supported algorithms for your application. See
* https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40
* for a list of spec-compliant algorithms.
*/
$jwt = JWT::encode($payload, $key);
$decoded = JWT::decode($jwt, $key, array('HS256'));
print_r($decoded);
/*
NOTE: This will now be an object instead of an associative array. To get
an associative array, you will need to cast it as such:
*/
$decoded_array = (array) $decoded;
/**
* You can add a leeway to account for when there is a clock skew times between
* the signing and verifying servers. It is recommended that this leeway should
* not be bigger than a few minutes.
*
* Source: http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#nbfDef
*/
JWT::$leeway = 60; // $leeway in seconds
$decoded = JWT::decode($jwt, $key, array('HS256'));
?>
使用RS256(openssl)的示例
<?php
use \Firebase\JWT\JWT;
$privateKey = <<<EOD
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQC8kGa1pSjbSYZVebtTRBLxBz5H4i2p/llLCrEeQhta5kaQu/Rn
vuER4W8oDH3+3iuIYW4VQAzyqFpwuzjkDI+17t5t0tyazyZ8JXw+KgXTxldMPEL9
5+qVhgXvwtihXC1c5oGbRlEDvDF6Sa53rcFVsYJ4ehde/zUxo6UvS7UrBQIDAQAB
AoGAb/MXV46XxCFRxNuB8LyAtmLDgi/xRnTAlMHjSACddwkyKem8//8eZtw9fzxz
bWZ/1/doQOuHBGYZU8aDzzj59FZ78dyzNFoF91hbvZKkg+6wGyd/LrGVEB+Xre0J
Nil0GReM2AHDNZUYRv+HYJPIOrB0CRczLQsgFJ8K6aAD6F0CQQDzbpjYdx10qgK1
cP59UHiHjPZYC0loEsk7s+hUmT3QHerAQJMZWC11Qrn2N+ybwwNblDKv+s5qgMQ5
5tNoQ9IfAkEAxkyffU6ythpg/H0Ixe1I2rd0GbF05biIzO/i77Det3n4YsJVlDck
ZkcvY3SK2iRIL4c9yY6hlIhs+K9wXTtGWwJBAO9Dskl48mO7woPR9uD22jDpNSwe
k90OMepTjzSvlhjbfuPN1IdhqvSJTDychRwn1kIJ7LQZgQ8fVz9OCFZ/6qMCQGOb
qaGwHmUK6xzpUbbacnYrIM6nLSkXgOAwv7XXCojvY614ILTK3iXiLBOxPu5Eu13k
eUz9sHyD6vkgZzjtxXECQAkp4Xerf5TGfQXGXhxIX52yH+N2LtujCdkQZjXAsGdm
B2zNzvrlgRmgBrklMTrMYgm1NPcW+bRLGcwgW2PTvNM=
-----END RSA PRIVATE KEY-----
EOD;
$publicKey = <<<EOD
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8kGa1pSjbSYZVebtTRBLxBz5H
4i2p/llLCrEeQhta5kaQu/RnvuER4W8oDH3+3iuIYW4VQAzyqFpwuzjkDI+17t5t
0tyazyZ8JXw+KgXTxldMPEL95+qVhgXvwtihXC1c5oGbRlEDvDF6Sa53rcFVsYJ4
ehde/zUxo6UvS7UrBQIDAQAB
-----END PUBLIC KEY-----
EOD;
$payload = array(
"iss" => "example.org",
"aud" => "example.com",
"iat" => 1356999524,
"nbf" => 1357000000
);
$jwt = JWT::encode($payload, $privateKey, 'RS256');
echo "Encode:\n" . print_r($jwt, true) . "\n";
$decoded = JWT::decode($jwt, $publicKey, array('RS256'));
/*
NOTE: This will now be an object instead of an associative array. To get
an associative array, you will need to cast it as such:
*/
$decoded_array = (array) $decoded;
echo "Decode:\n" . print_r($decoded_array, true) . "\n";
?>
使用JWKs
// Set of keys. The "keys" key is required. For example, the JSON response to
// this endpoint: https://www.gstatic.com/iap/verify/public_key-jwk
$jwks = ['keys' => []];
// JWK::parseKeySet($jwks) returns an associative array of **kid** to private
// key. Pass this as the second parameter to JWT::decode.
JWT::decode($payload, JWK::parseKeySet($jwks), $supportedAlgorithm);
更新日志
5.0.0 / 2017-06-26
- 支持RS384和RS512。参见#117。感谢@joostfaassen!
- 为RS256 openssl添加示例。参见#125。感谢@akeeman!
- 检测签名中的无效Base64编码。参见#162。感谢@psignoret!
- 更新
JWT::verify以处理OpenSSL错误。参见#159。感谢@bshaffer! - 为
decode方法添加array类型提示。参见#101。感谢@hywak! - 添加所有JSON错误类型。参见#110。感谢@gbalduzzi!
- 修复'kid'不在给定密钥列表中的错误。参见#129。感谢@stampycode!
- 杂项清理、文档和测试修复。参见#107、#115、#160、#161和#165。感谢@akeeman、@chinedufn和@bshaffer!
4.0.0 / 2016-07-17
- 添加对延迟静态绑定的支持。有关详细信息,请参见#88。感谢@chappy84!
- 使用静态
$timestamp代替time()以改进单元测试。有关详细信息,请参见#93。感谢@josephmcdermott! - 修复异常类。有关详细信息,请参见#81。感谢@Maks3w!
- 修复PHPDoc。有关详细信息,请参见#76。感谢@akeeman!
3.0.0 / 2015-07-22
- 最低PHP版本从
5.2.0更新到5.3.0。 - 添加
\Firebase\JWT命名空间。有关详细信息,请参见#59。感谢@Dashron! - 解码和验证JWT时需要非空密钥。有关详细信息,请参见#60。感谢@sjones608!
- 清理代码中的文档块。有关详情,请参阅 #62。感谢 @johanderuijter!
2.2.0 / 2015-06-22
2.1.0 / 2015-05-20
- 为
JWT:decode()添加支持添加一个宽容度,以考虑签名和验证实体之间的时钟偏移。感谢 @lcabral! - 为
JWT::decode()中的$keys参数添加支持传递实现了ArrayAccess接口的对象。感谢 @aztech-dev!
2.0.0 / 2015-04-01
- 注意:强烈建议您更新到 > v2.0.0,以解决在使用对称和非对称密钥同时使用时,先前版本中已知的漏洞。
- 更新
JWT::decode(...)的签名,要求提供一个支持算法数组以验证令牌签名。
测试
使用 phpunit 运行测试
$ pear install PHPUnit
$ phpunit --configuration phpunit.xml.dist
PHPUnit 3.7.10 by Sebastian Bergmann.
.....
Time: 0 seconds, Memory: 2.50Mb
OK (5 tests, 5 assertions)
私钥中的新行
如果您的私钥包含 \n 字符,请确保将其用双引号 "" 而不是单引号 '' 括起来,以便正确解释转义字符。