{"id":15560936,"url":"https://github.com/psecio/jwt","last_synced_at":"2025-04-07T11:07:56.956Z","repository":{"id":18515494,"uuid":"21712588","full_name":"psecio/jwt","owner":"psecio","description":"A JWT (JSON Web Token) Encoder \u0026 Decoder","archived":false,"fork":false,"pushed_at":"2015-11-30T02:39:51.000Z","size":392,"stargazers_count":110,"open_issues_count":10,"forks_count":13,"subscribers_count":11,"default_branch":"master","last_synced_at":"2024-04-25T09:21:52.399Z","etag":null,"topics":["jwt","php","security","security-tools"],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/psecio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-07-10T22:33:21.000Z","updated_at":"2022-07-23T11:43:13.000Z","dependencies_parsed_at":"2022-09-25T00:02:14.167Z","dependency_job_id":null,"html_url":"https://github.com/psecio/jwt","commit_stats":null,"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/psecio%2Fjwt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/psecio%2Fjwt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/psecio%2Fjwt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/psecio%2Fjwt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/psecio","download_url":"https://codeload.github.com/psecio/jwt/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247640463,"owners_count":20971557,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["jwt","php","security","security-tools"],"created_at":"2024-10-02T16:04:10.462Z","updated_at":"2025-04-07T11:07:56.938Z","avatar_url":"https://github.com/psecio.png","language":"PHP","readme":"JWT (JSON Web Token) Creation and Decoding Library\n====================\n\n[![Build Status](https://travis-ci.org/psecio/jwt.svg?branch=master)](http://travis-ci.org/psecio/jwt)\n\nThis library allows for the creation and decoding of JWT (JSON Web Tokens).\n\n### Installation\n\nThis tool can be installed via Composer:\n\n```\n{\n\t\"require\": {\n\t\t\"psecio/jwt\": \"1.*\"\n\t}\n}\n```\n\n### Example Usage\n\nIn the example below, the `JWT` object is created and a `Header` instance is assigned (required). The `JWt` object is then\nassigned several claims: issuer, audience, issued at and not before to define data and how it could be processed. The `encode`\nmethod is then called with the `key` and a resulting JWT-formatted string is returned.\n\n**NOTE:** The JWT token will be generated in the order the claims are provided. No sorting is done in the background.\n\nThe `decode` method can then be called on the data along with the `key` to return an object matching the state of the `jwt` object.\n\n```php\n\u003c?php\n\nrequire_once 'vendor/autoload.php';\n\n$key = \"example_key\";\n\n$header = new \\Psecio\\Jwt\\Header($key);\n$jwt = new \\Psecio\\Jwt\\Jwt($header);\n\n$jwt\n    -\u003eissuer('http://example.org')\n    -\u003eaudience('http://example.com')\n\t-\u003eissuedAt(1356999524)\n\t-\u003enotBefore(1357000000)\n\t-\u003eexpireTime(time()+3600)\n\t-\u003ejwtId('id123456')\n\t-\u003etype('https://example.com/register');\n\n$result = $jwt-\u003eencode();\necho 'ENCODED: '.print_r($result).\"\\n\\n\";\necho 'DECODED: '.var_export($jwt-\u003edecode($result), true);\n\n?\u003e\n```\n\n### Encryption via OpenSSL\n\nThe JWT Library also supports encryption of the resulting JWT-formatted string. Here's an example of it in use:\n\n```php\n\u003c?php\n\nrequire_once 'vendor/autoload.php';\n\n$key = 'example_key';\n$encryptKey = 'my-encryption-key';\n\n$header = new \\Psecio\\Jwt\\Header($key);\n$jwt = new \\Psecio\\Jwt\\Jwt($header);\n\n$jwt\n    -\u003eissuer('http://example.org')\n    -\u003eaudience('http://example.com')\n\t-\u003eissuedAt(1356999524)\n\t-\u003enotBefore(1357000000)\n\t-\u003eexpireTime(time()+3600)\n\t-\u003ejwtId('id123456')\n\t-\u003etype('https://example.com/register');\n\n$result = $jwt-\u003eencrypt('AES-256-CBC', '1234567812345678', $encryptKey);\n\necho 'ENCRYPTED: '.var_export($result, true).\"\\n\";\necho \"DECRYPTED: \".var_export($jwt-\u003edecrypt($result, 'AES-256-CBC', '1234567812345678', $encryptKey), true).\"\\n\";\n\n?\u003e\n```\n\n### Custom Claim values\n\nYou can also add your own custom claim values to the JWT payload using the `custom` method. The first paramater is the value and the second is the claim \"type\" (key):\n\n```php\n\u003c?php\nrequire_once 'vendor/autoload.php';\n\n$key = \"example_key\";\n\n$header = new \\Psecio\\Jwt\\Header($key);\n\n$jwt = new \\Psecio\\Jwt\\Jwt($header);\n$jwt-\u003ecustom('foobar', 'custom-claim');\n\n// Or, you can add more than one at the same time with an array\n$jwt-\u003ecustom(array(\n    'custom-claim' =\u003e 'foorbar',\n    'key1' =\u003e 'value1'\n));\n\n$result = $jwt-\u003eencode();\necho 'ENCODED: '.print_r($result).\"\\n\\n\";\necho 'DECODED: '.var_export($jwt-\u003edecode($result), true);\n?\u003e\n```\n\nYou can use any of the OpenSSL cypher methods provided by the [openssl_get_cipher_methods](http://us3.php.net/openssl_get_cipher_methods) on your system.\n\n### Supported Claim Types\n\n- Audience (aud)\n- Expire Time (exp)\n- Issued At (iat)\n- Issuer (iss)\n- JwtId (jit)\n- Not Before (nbf)\n- Subject (sub)\n- Private\n\n### Hashing types\n\nBy default this JWT tool uses `HMAC` hashing (HS256) to generate the signature for the request. There are other options for this that will use the OpenSSL functionality to let you use public and private keys for these methods:\n\n- HS256\n- HS384\n- HS512\n- ES256\n- ES384\n- ES512\n- RS256\n- RS384\n- RS512\n\nYou cannot use a simple text string for the key like you can with `HMAC` hashing, so you must provide a valid key instance for the library to use. Here's an example using a `.pem` private key file and the `RS256` hashing:\n\n```php\n\u003c?php\n$key = openssl_pkey_get_private('file://'.__DIR__.'/private.pem', 'test1234');\n\n$header = new \\Psecio\\Jwt\\Header($key);\n$header-\u003esetAlgorithm('RS256');\n\n// or you can define the hash algorithm on the init too:\n$header = new \\Psecio\\Jwt\\Header($key, 'RS256');\n?\u003e\n```\n\nAn exception (`\\Psecio\\Jwt\\Exception\\InvalidKeyException`) will be thrown if the key is invalid and cannot be used in signing the request. If there is an error during the actual signing of the message, you will be thrown a `\\Psecio\\Jwt\\Exception\\SignatureErrorException`.\n\n### Documentation for JSON Web Tokens\n\n- [JWT Draft IETF](http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html)\n- [JWS Draft](https://tools.ietf.org/html/draft-ietf-jose-json-web-signature)\n- [JWE Draft](https://tools.ietf.org/html/draft-ietf-jose-json-web-encryption)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpsecio%2Fjwt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpsecio%2Fjwt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpsecio%2Fjwt/lists"}