zandor300/php-jwt-apns

一个简单的PHP库,用于对JSON Web Tokens (JWT)进行编码和解码。应符合当前规范。

维护者

详细信息

github.com/Zandor300/php-jwt-apns

主页

源代码

安装: 23

依赖关系: 0

建议者: 0

安全: 0

星标: 0

关注者: 2

分支: 1,408

v5.0.3 2019-08-09 09:36 UTC

Requires

  • php: >=5.3.0

Requires (Dev)

BSD-3-Clause f694daad8610d9da4622198ce8b3c3da95d4c0fc

  • Neuman Vong <neuman+pear.woop@twilio.com>
  • Anant Narayanan <anant.woop@php.net>
  • Zandor Smith <info.woop@zsinfo.nl>

This package is auto-updated.

Last update: 2024-09-09 20:24:42 UTC

README

Build Status Latest Stable Version Total Downloads License

PHP-JWT-APNS

一个简单的PHP库,用于编码和解码JSON Web Tokens (JWT),符合RFC 7519规范。

安装

使用composer管理依赖关系并下载PHP-JWT

composer require zandor300/php-jwt-apns

示例

<?php
use \Firebase\JWT\JWT;

$key = "example_key";
$token = array(
    "iss" => "http://example.org",
    "aud" => "http://example.com",
    "iat" => 1356999524,
    "nbf" => 1357000000
);

/**
 * IMPORTANT:
 * You must specify supported algorithms for your application. See
 * https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40
 * for a list of spec-compliant algorithms.
 */
$jwt = JWT::encode($token, $key);
$decoded = JWT::decode($jwt, $key, array('HS256'));

print_r($decoded);

/*
 NOTE: This will now be an object instead of an associative array. To get
 an associative array, you will need to cast it as such:
*/

$decoded_array = (array) $decoded;

/**
 * You can add a leeway to account for when there is a clock skew times between
 * the signing and verifying servers. It is recommended that this leeway should
 * not be bigger than a few minutes.
 *
 * Source: http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#nbfDef
 */
JWT::$leeway = 60; // $leeway in seconds
$decoded = JWT::decode($jwt, $key, array('HS256'));

?>

RS256 (openssl) 示例

<?php
use \Firebase\JWT\JWT;

$privateKey = <<<EOD
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQC8kGa1pSjbSYZVebtTRBLxBz5H4i2p/llLCrEeQhta5kaQu/Rn
vuER4W8oDH3+3iuIYW4VQAzyqFpwuzjkDI+17t5t0tyazyZ8JXw+KgXTxldMPEL9
5+qVhgXvwtihXC1c5oGbRlEDvDF6Sa53rcFVsYJ4ehde/zUxo6UvS7UrBQIDAQAB
AoGAb/MXV46XxCFRxNuB8LyAtmLDgi/xRnTAlMHjSACddwkyKem8//8eZtw9fzxz
bWZ/1/doQOuHBGYZU8aDzzj59FZ78dyzNFoF91hbvZKkg+6wGyd/LrGVEB+Xre0J
Nil0GReM2AHDNZUYRv+HYJPIOrB0CRczLQsgFJ8K6aAD6F0CQQDzbpjYdx10qgK1
cP59UHiHjPZYC0loEsk7s+hUmT3QHerAQJMZWC11Qrn2N+ybwwNblDKv+s5qgMQ5
5tNoQ9IfAkEAxkyffU6ythpg/H0Ixe1I2rd0GbF05biIzO/i77Det3n4YsJVlDck
ZkcvY3SK2iRIL4c9yY6hlIhs+K9wXTtGWwJBAO9Dskl48mO7woPR9uD22jDpNSwe
k90OMepTjzSvlhjbfuPN1IdhqvSJTDychRwn1kIJ7LQZgQ8fVz9OCFZ/6qMCQGOb
qaGwHmUK6xzpUbbacnYrIM6nLSkXgOAwv7XXCojvY614ILTK3iXiLBOxPu5Eu13k
eUz9sHyD6vkgZzjtxXECQAkp4Xerf5TGfQXGXhxIX52yH+N2LtujCdkQZjXAsGdm
B2zNzvrlgRmgBrklMTrMYgm1NPcW+bRLGcwgW2PTvNM=
-----END RSA PRIVATE KEY-----
EOD;

$publicKey = <<<EOD
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8kGa1pSjbSYZVebtTRBLxBz5H
4i2p/llLCrEeQhta5kaQu/RnvuER4W8oDH3+3iuIYW4VQAzyqFpwuzjkDI+17t5t
0tyazyZ8JXw+KgXTxldMPEL95+qVhgXvwtihXC1c5oGbRlEDvDF6Sa53rcFVsYJ4
ehde/zUxo6UvS7UrBQIDAQAB
-----END PUBLIC KEY-----
EOD;

$token = array(
    "iss" => "example.org",
    "aud" => "example.com",
    "iat" => 1356999524,
    "nbf" => 1357000000
);

$jwt = JWT::encode($token, $privateKey, 'RS256');
echo "Encode:\n" . print_r($jwt, true) . "\n";

$decoded = JWT::decode($jwt, $publicKey, array('RS256'));

/*
 NOTE: This will now be an object instead of an associative array. To get
 an associative array, you will need to cast it as such:
*/

$decoded_array = (array) $decoded;
echo "Decode:\n" . print_r($decoded_array, true) . "\n";
?>

变更日志

5.0.0 / 2017-06-26

4.0.0 / 2016-07-17

  • 添加对延迟静态绑定的支持。参见#88以获取详细信息。感谢@chappy84
  • 使用静态的$timestamp而不是time()以改进单元测试。参见#93以获取详细信息。感谢@josephmcdermott
  • 修复异常类。参见#81以获取详细信息。感谢@Maks3w
  • 修复PHPDoc。参见#76以获取详细信息。感谢@akeeman

3.0.0 / 2015-07-22

  • 最低PHP版本更新为 5.3.0,从 5.2.0 升级。
  • 添加 \Firebase\JWT 命名空间。详情见 #59。感谢 @Dashron 的贡献!
  • 解码和验证JWT时需要非空密钥。详情见 #60。感谢 @sjones608 的贡献!
  • 代码中的文档块更简洁。详情见 #62。感谢 @johanderuijter 的贡献!

2.2.0 / 2015-06-22

  • 添加对在 JWT::encode() 中添加自定义、可选JWT头部的支持。详情见 #53。感谢 @mcocaro 的贡献!

2.1.0 / 2015-05-20

  • 添加对在 JWT:decode() 中添加宽容度以考虑签名和验证实体之间的时钟偏差的支持。感谢 @lcabral 的贡献!
  • 添加对在 JWT::decode() 中传递实现 ArrayAccess 接口的对象作为 $keys 参数的支持。感谢 @aztech-dev 的贡献!

2.0.0 / 2015-04-01

  • 注意:强烈建议您更新到 > v2.0.0 以解决先前版本中对称和非对称密钥同时使用时已知的漏洞。
  • 更新 JWT::decode(...) 的签名,要求提供一个支持算法的数组,用于验证令牌签名。

测试

使用phpunit运行测试

$ pear install PHPUnit
$ phpunit --configuration phpunit.xml.dist
PHPUnit 3.7.10 by Sebastian Bergmann.
.....
Time: 0 seconds, Memory: 2.50Mb
OK (5 tests, 5 assertions)

私有密钥中的新行

如果您的私有密钥包含 \n 字符,请确保将其用双引号 "" 括起来,而不是用单引号 '',以便正确解释转义字符。

许可证

3-Clause BSD.