{"id":23671621,"url":"https://github.com/teamgantt/juhwit","last_synced_at":"2025-09-01T23:32:10.301Z","repository":{"id":44886238,"uuid":"239549007","full_name":"teamgantt/juhwit","owner":"teamgantt","description":":lock: AWS Cognito token verification for PHP","archived":false,"fork":false,"pushed_at":"2023-04-13T18:35:44.000Z","size":53,"stargazers_count":6,"open_issues_count":0,"forks_count":3,"subscribers_count":7,"default_branch":"master","last_synced_at":"2024-12-16T15:14:37.101Z","etag":null,"topics":["cognito","jwt","php"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/teamgantt.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-02-10T15:47:19.000Z","updated_at":"2023-10-04T15:43:02.000Z","dependencies_parsed_at":"2022-09-11T02:51:07.791Z","dependency_job_id":null,"html_url":"https://github.com/teamgantt/juhwit","commit_stats":null,"previous_names":[],"tags_count":14,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/teamgantt%2Fjuhwit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/teamgantt%2Fjuhwit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/teamgantt%2Fjuhwit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/teamgantt%2Fjuhwit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/teamgantt","download_url":"https://codeload.github.com/teamgantt/juhwit/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":231723126,"owners_count":18416744,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cognito","jwt","php"],"created_at":"2024-12-29T10:19:13.663Z","updated_at":"2024-12-29T10:19:14.333Z","avatar_url":"https://github.com/teamgantt.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Juhwit\n\nVerify JWT's from AWS Cognito\n\n## Usage\n\nJuhwit ships with a handful of interfaces and their default implementations.\n\nThe main service provided by Juhwit is the `JwtDecoder` which is composed with the complimentary `CognitoClaimVerifier`.\n\n```php\n\u003c?php\n\nuse TeamGantt\\Juhwit\\JwtDecoder;\nuse TeamGantt\\Juhwit\\Models\\UserPool;\nuse TeamGantt\\Juhwit\\CognitoClaimVerifier;\n\n// Create a UserPool to pass to the CognitoClaimVerifier\n$poolId = 'some pool id from cognito';\n$clientIds = ['some client id from cognito'];\n$region = 'us-east-2';\n\n// we need some public keys in the form of a jwk (accessible via cognito)\n$jwk = json_decode(file_get_contents('path/to/jwk.json'), true);\n\n$pool = new UserPool($poolId, $clientIds, $region, $jwk);\n$verifier = new CognitoClaimVerifier($pool);\n$decoder = new JwtDecoder($verifier);\n\n// If all is valid we will get a token back - otherwise a TokenException is thrown\n$token = $decoder-\u003edecode($someTokenFromARequest);\n```\n\n### Requiring extra claims\n\nA token may be required to have certain claims.\n\nIf you want to require claims, such as `custom:foo` or `custom:user`, you can require those by providing a second argument to the `decode` method.\n\n```php\n\u003c?php\n\nuse TeamGantt\\Juhwit\\JwtDecoder;\n\n$decoder = new JwtDecoder($verifier);\n$token = $decoder-\u003edecode($someTokenFromARequest, ['custom:foo', 'custom:user']);\n```\n\nIt is also possible to require claim values to be a specific value.\n\n```php\nuse TeamGantt\\Juhwit\\JwtDecoder;\n\n$decoder = new JwtDecoder($verifier);\n$token = $decoder-\u003edecode($someTokenFromARequest, ['custom:user', 'token_use' =\u003e 'id']);\n```\n\nKeep in mind that instances of `Token` will perform their own checks against required claims. See TeamGantt\\Juhwit\\Models\\Token::getClaimsErrors() for more information.\n\n## Customizing token creation\n\nJuhwit provides a default implementations for id tokens and access tokens. After a jwt is verified against\na public key, the claims and user provided `$requiredClaims` are passed to the `create` method of a `TokenFactoryInterface`.\n\nThe default `CognitoTokenFactory` will return an `IdToken` or `AccessToken` depending on the token type provided. When constructing the `JwtDecoder`\na custom `TokenFactoryInterface` can be passed to the constructor.\n\nThis factory can be used to create custom tokens - the only requirement is that the `create` method returns a `TokenInterface`. Any `TokenException`s thrown\nby the factory will be caught and the token will be considered invalid.\n\n## Leveraging docker\n\nJuhwit is tested and developed against PHP 7.4.11. This project uses a combination of docker and [direnv](https://direnv.net/)\nto keep a consistent environment. To leverage direnv, `cd` into the juhwit project directory and run the following:\n\n```\n$ docker build -t juhwit:dev .\n$ direnv allow\n```\n\nThis will put your current terminal into an environment that uses the dockerized php and composer binaries. You can use them like you normally would\ni.e:\n\n```\n$ php -v\n$ composer list\n```\n\n\n## Running Tests\n\n```\n$ composer test\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fteamgantt%2Fjuhwit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fteamgantt%2Fjuhwit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fteamgantt%2Fjuhwit/lists"}