1. Home > programming >

PHP uses JWT to create a detailed instance of Token


iss (issuer)issuerrequest entity, It can be the information of the user who initiated the request or the issuer of jwtsub (Subject)Set the subject, similar to the subject when sending an email tr>aud (audience)The party receiving the jwtexp (expire)tokenExpired time periodnbf (not before)The current time is before the time set by nbf, this token cannot be usediat (issued at)to kenCreated timejti (JWT ID)Set a unique mark for the current token

Pre-instance preparation

The main dependency reference is recorded below:

define('DS', DIRECTORY_SEPARATOR);
 define('JWTPath', dirname(__FILE__). DS);
 include_once JWTPath.'Builder.php';
 include_once JWTPath.'Signer.php';
 include_once JWTPath.'Signer'. DS.'Keychain.php';
 include_once JWTPath.'Signer'. DS.'Rsa.php';
 include_once JWTPath.'Signer'. DS.'Rsa'. DS.'Sha256.php';

Of course, there are more references in them that you need to add yourself. This will be prompted according to the error when you debug Just make up one by one, so I won’t write more here.

Example

There are two ways to use [lcobucci/JWT] to generate tokens. Here I only tried the second one.

The first type: use secret key signature to generate token

use Lcobucci\JWT\Builder;
 use Lcobucci\JWT\Signer\Hmac\Sha256;
 $builder = new Builder();
 $signer = new Sha256();
 // set issuer
 $builder->setIssuer('http://example.com');
 // set recipient
 $builder->setAudience('http://example.org');
 // set id
 $builder->setId('4f1g23a12aa', true);
 // Set the time to generate the token
 $builder->setIssuedAt(time());
 // Set the token to be unusable within 60 seconds
 $builder->setNotBefore(time() + 60);
 // Set expiration time
 $builder->setExpiration(time() + 3600);
 // Set an id for the token
 $builder->set('uid', 1);
 // Use sha256 algorithm signature for the above information
 $builder->sign($signer,'signature key');
 // Get the generated token
 $token = $builder->getToken();

Verify Token

use Lcobucci\JWT\Signer\Hmac\Sha256;
 $parse = (new Parser())->parse($token);
 $signer = new Sha256();
 $parse->verify($signer,'signature key');// If the verification succeeds, it returns true and fails false.

The second type: use RSA and ECDSA signatures

RSA and ECDSA signatures are based on public and private keys, so private keys must be used for generation and verification

use Lcobucci\JWT\Signer\Keychain;
 // Note the sha256 used here
 use Lcobucci\JWT\Signer\Rsa\Sha256;
 $signer = new Sha256();
 $keychain = new Keychain();
 $builder = new Builder();
 $builder->setIssuer('http://example.com');
 $builder->setAudience('http://example.org');
 $builder->setId('4f1g23a12aa', true);
 $builder->setIssuedAt(time());
 $builder->setNotBefore(time() + 60);
 $builder->setExpiration(time() + 3600);
 $builder->set('uid', 1);
 // The difference from the above is that your private key is used here, and the address of the private key is provided
 $builder->sign($signer, $keychain->getPrivateKey('file://{private key address}'));
 $toekn = $builder->getToken();

Finally, you can also get the pure string Token you want through the form of forced conversion

$toekn = (string ) $builder->getToken();

The interaction with the front end can be placed in the returned JSON format and passed through parameters, or it can be stored in the header Authorization.

Verify Token

$signer = new \Lcobucci\JWT\Signer\Rsa\Sha256();
 $keychain = new \Lcobucci\JWT\Signer\Keychain();
 $parse = new \Lcobucci\JWT\Parser();
 $parse->parse((string)$token);
 var_dump($token->verify($signer, $keychain->getPublicKey(self::$dir.'/public.key')));
 ))

Get data

Because the data part can be obtained directly without decryption. Therefore, you can read it directly after verifying that the token is legal, which is why you should not store sensitive information in the carrier.

$parse = (new Parser())->parse($token);
 // Get all the information, return an array,
 var_dump($parse->getClaims());
 // Get a single message
 var_dump($parse->getClaim('aud'));

Recommended tutorial: "PHP Video Tutorial"

The above is the detailed content of the detailed explanation of the instance of PHP using JWT to create Token, please pay attention to more Other related articles in the first PHP community!

Content recommendation: free high-definition PNG material download

This article is published by www.internetweblist.com and does not represent the position of www.internetweblist.com/:http://www.internetweblist.com/programming/31367.html

Contact Us

Online consultation:click here to give a message