https://github.com/byjg/php-jwt-wrapper
A very simple wrapper for create, encode, decode JWT Tokens and abstract the PHP JWT Component
https://github.com/byjg/php-jwt-wrapper
Last synced: 3 months ago
JSON representation
A very simple wrapper for create, encode, decode JWT Tokens and abstract the PHP JWT Component
- Host: GitHub
- URL: https://github.com/byjg/php-jwt-wrapper
- Owner: byjg
- License: mit
- Created: 2016-05-03T17:53:39.000Z (over 9 years ago)
- Default Branch: master
- Last Pushed: 2025-03-25T15:02:00.000Z (7 months ago)
- Last Synced: 2025-06-24T07:40:11.959Z (4 months ago)
- Language: PHP
- Homepage:
- Size: 87.9 KB
- Stars: 4
- Watchers: 2
- Forks: 4
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
README
# Jwt-Wrapper for Firebase Jwt
[](https://github.com/byjg/php-jwt-wrapper/actions/workflows/phpunit.yml)
[](http://opensource.byjg.com)
[](https://github.com/byjg/php-jwt-wrapper/)
[](https://opensource.byjg.com/opensource/licensing.html)
[](https://github.com/byjg/php-jwt-wrapper/releases/)
A very simple wrapper for create, encode, decode JWT Tokens and abstract the PHP JWT Component
## How it works
This library is intented to be located at server side.
The flow is
### Without Token:
```mermaid
sequenceDiagram
participant LOCAL
participant CLIENT
participant SERVER
CLIENT->>SERVER: Request Token
SERVER->>CLIENT: Generate Token
CLIENT->>LOCAL: Store Token
```
Generate Token:
* JwtWrapper::createJwtData
* JwtWrapper::generateToken
### With token
```mermaid
sequenceDiagram
participant LOCAL
participant CLIENT
participant SERVER
participant PRIVATE_RESOURCE
LOCAL->>CLIENT: Retrieve Local Token
CLIENT->>SERVER: Pass Token
SERVER->>PRIVATE_RESOURCE: Validate Token
PRIVATE_RESOURCE->>CLIENT: Return Result if token is valid
CLIENT->>LOCAL: Store Token
```
Validate Token:
* JwtWrapper::extractData
## Create your Jwt Secret Key
You can use two type of secret keys. A Hash (HS512) that is faster, or a RSA (RS512) that is more secure.
### Hash Key
```bash
openssl rand -base64 64 # set here the size of your key
```
### RSA
```bash
ssh-keygen -t rsa -C "Jwt RSA Key" -b 2048 -f private.pem
openssl rsa -in private.pem -outform PEM -pubout -out public.pem
```
**Note**: Save without password
## Create JWT Token (Hash Encoding)
```php
createJwtData([
"key" => "value",
"key2" => "value2"
]);
```
## Create JWT Token (OpenSSL Encoding)
```php
createJwtData([
"key" => "value",
"key2" => "value2"
]);
```
## Extracting
```php
extractData();
# If you want to decode directly:
$data = $jwtWrapper->extractData($token);
```
### Issuer validation
By default the issuer is validated against the server name. If you want to disable this validation you can call the method below:
```php
$data = $jwtWrapper->extractData($token, false); // Setting false disables the issuer validation
```
### Adding a Leeway
You can add a leeway to account for when there is a clock skew times between
the signing and verifying servers. It is recommended that this leeway should
not be bigger than a few minutes.
```php
$jwtWrapper->setLeeway(60)
```
Important: Since the Firebase JWT class set the leeway value as a "static" property
once you call the method above it will set up the same value to all JwtWrapper instances
## Install
```bash
composer require "byjg/jwt-wrapper"
```
## Running the tests
```bash
vendor/bin/phpunit
```
## Running a sample test
Start a local server:
```bash
php -S localhost:8080
```
Access from you web browser the client.html
```bash
http://localhost:8080/client.html
```
## Dependencies
```mermaid
flowchart TD
byjg/jwt-wrapper --> firebase/php-jwt
byjg/jwt-wrapper --> ext-openssl
```
----
[Open source ByJG](http://opensource.byjg.com)