Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/decodelabs/cipher
PHP tools and systems to interact with JWTs
https://github.com/decodelabs/cipher
Last synced: 1 day ago
JSON representation
PHP tools and systems to interact with JWTs
- Host: GitHub
- URL: https://github.com/decodelabs/cipher
- Owner: decodelabs
- License: mit
- Created: 2023-11-27T07:53:42.000Z (about 1 year ago)
- Default Branch: develop
- Last Pushed: 2024-09-04T21:00:12.000Z (4 months ago)
- Last Synced: 2024-12-11T03:54:22.000Z (30 days ago)
- Language: PHP
- Size: 19.5 KB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
README
# Cipher
[](https://packagist.org/packages/decodelabs/cipher)
[](https://packagist.org/packages/decodelabs/cipher)
[](https://packagist.org/packages/decodelabs/cipher)
[](https://github.com/decodelabs/cipher/actions/workflows/integrate.yml)
[](https://github.com/phpstan/phpstan)
[](https://packagist.org/packages/decodelabs/cipher)
### Tools and systems to interact with JWTs
Cipher provides an integrated suite of tools for working with JWTs, including a simple interface for creating and verifying tokens, and a set of middleware for use with [Harvest](https://github.com/decodelabs/harvest), [Greenleaf](https://github.com/decodelabs/greenleaf), or any other PSR-15 compatible middleware stack.
_Get news and updates on the [DecodeLabs blog](https://blog.decodelabs.com)._
---
## Installation
Install via Composer:
```bash
composer require decodelabs/cipher
```
## Usage
### Codec
The Codec class provides the means to encode and decode JWTs.
The class requires an instance of DecodeLabs\Cipher\Config to be passed to the constructor - we provide a default Dovetail implementation for this, but you can use your own if you wish.
The config defines what secret and algorithm is used.
```php
use DecodeLabs\Cipher\Codec;
use DecodeLabs\Dovetail;
$codec = new Codec(
Dovetail::load('Cipher')
);
$payload = $codec->decode($token);
```
### Payload
The Payload interface defines a simple wrapper around JWT payload data with ArrayAccess support. The Factory will instantiate a Generic payload for unrecognized issuers, however extended implementations for specific issuers can be created and used instead, providing formal access to custom claim data.
```php
// $payload['iss'] = 'https://abcdefg.supabase.co/auth/v1'
// $payload instance of DecodeLabs\Cipher\Payload\Supabase
$email = $payload->getEmail();
$provider = $payload->getProvider();
```
### Middleware
Cipher provides a set of middleware for use with Harvest or Greenleaf, or any other PSR-15 compatible middleware stack.
With the Middleware in your PSR-15 stack, Cipher will attempt to load a JWT from the request, and if successful, will set the jwt.payload attribute on the request with the decoded payload.
```php
$payload = $request->getAttribute('jwt.payload');
```
If using Greenleaf, the payload can be injected into your action automatically via Slingshot, (below example uses Supabase payload):
```php
use DecodeLabs\Cipher\Payload\Supabase;
use DecodeLabs\Greenleaf\Action;
use DecodeLabs\Greenleaf\Action\ByMethodTrait;
use DecodeLabs\Harvest;
use DecodeLabs\Harvest\Response;
class MySecureAction implements Action
{
use ByMethodTrait;
public const Middleware = [
'Jwt' => [
'required' => true
]
];
public function get(
Supabase $payload
): Response {
return Harvest::json([
'email' => $payload->getEmail()
]);
}
}
```
## Licensing
Cipher is licensed under the MIT License. See [LICENSE](./LICENSE) for the full license text.