JSON Web Token implementation, based on this spec: https://tools.ietf.org/html/rfc7519

PHP version 5

CloneableInstantiable
Constants
public Firebase\JWT\JWT::ASN1_BIT_STRING = 3
public Firebase\JWT\JWT::ASN1_INTEGER = 2
public Firebase\JWT\JWT::ASN1_SEQUENCE = 16
Properties
public static $leeway
 
When checking nbf, iat or expiration times, we want to provide some extra leeway time to account for clock skew.

public static $supported_algs
public static $timestamp
 
Allow the current timestamp to be specified.

Useful for fixing a value within unit testing.

Will default to PHP time() value if null.

Methods
public static decode( $jwt, $key, array $allowed_algs = [])
 
Decodes a JWT string into a PHP object.

public static encode( $payload, $key, $alg = 'HS256', $keyId = NULL, $head = NULL)
 
Converts and signs a PHP object or array into a JWT string.

  • return string A signed JWT
  • uses \jsonEncode
  • uses \urlsafeB64Encode
public static jsonDecode( $input)
 
Decode a JSON string into a PHP object.

  • return object Object representation of JSON string
  • throws DomainException Provided string was invalid JSON
public static jsonEncode( $input)
 
Encode a PHP object into a JSON string.

  • return string JSON representation of the PHP object or array
  • throws DomainException Provided object could not be encoded to valid JSON
public static sign( $msg, $key, $alg = 'HS256')
 
Sign a string with a given key and algorithm.

  • return string An encrypted message
  • throws DomainException Unsupported algorithm was specified
public static urlsafeB64Decode( $input)
 
Decode a string with URL-safe Base64.

  • return string A decoded string
public static urlsafeB64Encode( $input)
 
Encode a string with URL-safe Base64.

  • return string The base64 encode of what you passed in
Methods
private static encodeDER( $type, $value)
 
Encodes a value into a DER object.

  • return string the encoded object
private static handleJsonError( $errno)
 
Helper method to create a JSON error.

  • return void
private static readDER( $der, $offset = 0)
 
Reads binary DER-encoded data and decodes into a single object

  • return array [$offset, $data] the new offset and the decoded object
private static safeStrlen( $str)
 
Get the number of bytes in cryptographic strings.

  • return int
private static signatureFromDER( $der, $keySize)
 
Encodes signature from a DER object.

  • return string the signature
private static signatureToDER( $sig)
 
Convert an ECDSA signature to an ASN.1 DER sequence

  • return string The encoded DER object
private static verify( $msg, $signature, $key, $alg)
 
Verify a signature with the message, key and method. Not all methods are symmetric, so we must have a separate verify and sign method.

  • return bool
  • throws DomainException Invalid Algorithm or OpenSSL failure
Properties
public static $leeway
 
When checking nbf, iat or expiration times, we want to provide some extra leeway time to account for clock skew.

public static $supported_algs
public static $timestamp
 
Allow the current timestamp to be specified.

Useful for fixing a value within unit testing.

Will default to PHP time() value if null.

Methods
public static decode( $jwt, $key, array $allowed_algs = [])
 
Decodes a JWT string into a PHP object.

public static encode( $payload, $key, $alg = 'HS256', $keyId = NULL, $head = NULL)
 
Converts and signs a PHP object or array into a JWT string.

  • return string A signed JWT
  • uses \jsonEncode
  • uses \urlsafeB64Encode
private static encodeDER( $type, $value)
 
Encodes a value into a DER object.

  • return string the encoded object
private static handleJsonError( $errno)
 
Helper method to create a JSON error.

  • return void
public static jsonDecode( $input)
 
Decode a JSON string into a PHP object.

  • return object Object representation of JSON string
  • throws DomainException Provided string was invalid JSON
public static jsonEncode( $input)
 
Encode a PHP object into a JSON string.

  • return string JSON representation of the PHP object or array
  • throws DomainException Provided object could not be encoded to valid JSON
private static readDER( $der, $offset = 0)
 
Reads binary DER-encoded data and decodes into a single object

  • return array [$offset, $data] the new offset and the decoded object
private static safeStrlen( $str)
 
Get the number of bytes in cryptographic strings.

  • return int
public static sign( $msg, $key, $alg = 'HS256')
 
Sign a string with a given key and algorithm.

  • return string An encrypted message
  • throws DomainException Unsupported algorithm was specified
private static signatureFromDER( $der, $keySize)
 
Encodes signature from a DER object.

  • return string the signature
private static signatureToDER( $sig)
 
Convert an ECDSA signature to an ASN.1 DER sequence

  • return string The encoded DER object
public static urlsafeB64Decode( $input)
 
Decode a string with URL-safe Base64.

  • return string A decoded string
public static urlsafeB64Encode( $input)
 
Encode a string with URL-safe Base64.

  • return string The base64 encode of what you passed in
private static verify( $msg, $signature, $key, $alg)
 
Verify a signature with the message, key and method. Not all methods are symmetric, so we must have a separate verify and sign method.

  • return bool
  • throws DomainException Invalid Algorithm or OpenSSL failure
© 2020 Bruce Wells
Search Namespaces \ Classes
ConfigurationNumbers (0-9.) only