Php Jwt
Ultra lightweight, dependency free and standalone JSON web token (JWT) library for PHP5.6 to PHP8.1. This library makes JWT a cheese.
| Project Name | Stars | Downloads | Repos Using This | Packages Using This | Most Recent Commit | Total Releases | Latest Release | Open Issues | License | Language |
|---|---|---|---|---|---|---|---|---|---|---|
| Next Auth | 15,322 |  | 21 | 73 | 4 hours ago | 567 | August 01, 2022 | 210 | isc | TypeScript |
| Authentication for the Web. | ||||||||||
| Jwt | 6,911 |  | 6,817 | 535 | a day ago | 51 | August 19, 2022 | 7 | bsd-3-clause | PHP |
| A simple library to work with JSON Web Token and JSON Web Signature | ||||||||||
| Java Jwt | 5,148 | 1,902 | 289 | 6 days ago | 50 | June 24, 2022 | 4 | mit | Java | |
| Java implementation of JSON Web Token (JWT) | ||||||||||
| Pyjwt | 4,518 |  | 9,443 | 1,606 | 3 days ago | 45 | May 12, 2022 | 22 | mit | Python |
| JSON Web Token implementation in Python | ||||||||||
| Express Jwt | 4,320 |  | 12,538 | 724 | a month ago | 59 | May 31, 2022 | 44 | mit | TypeScript |
| connect/express middleware that validates a JsonWebToken (JWT) and set the req.user with the attributes | ||||||||||
| Learn Json Web Tokens | 4,164 | a month ago | 3 | April 15, 2019 | 20 | mit | JavaScript | |||
| :closed_lock_with_key: Learn how to use JSON Web Token (JWT) to secure your next Web App! (Tutorial/Example with Tests!!) | ||||||||||
| Jwt_tool | 3,878 | 15 days ago | 47 | gpl-3.0 | Python | |||||
| :snake: A toolkit for testing, tweaking and cracking JSON Web Tokens | ||||||||||
| Guardian | 3,254 |  | 685 | 27 | 4 months ago | 50 | September 02, 2022 | 6 | mit | Elixir |
| Elixir Authentication | ||||||||||
| Paseto | 3,098 |  | 7 | 6 | a month ago | 24 | June 20, 2022 | 1 | other | PHP |
| Platform-Agnostic Security Tokens | ||||||||||
| Iot Technical Guide | 3,002 | 6 months ago | 10 | apache-2.0 | Java | |||||
| :honeybee: IoT Technical Guide --- 从零搭建高性能物联网平台及物联网解决方案和Thingsboard源码分析 :sparkles: :sparkles: :sparkles: (IoT Platform, SaaS, MQTT, CoAP, HTTP, Modbus, OPC, WebSocket, 物模型,Protobuf, PostgreSQL, MongoDB, Spring Security, OAuth2, RuleEngine, Kafka, Docker) | ||||||||||
Alternatives To Php JwtSelect To Compare
Alternative Project Comparisons
Readme
adhocore/jwt
If you are new to JWT or want to refresh your familiarity with it, please check jwt.io
- Lightweight JSON Web Token (JWT) library for PHP7.
- Zero dependency (no vendor bloat).
- If you still use PHP5.6, use version 0.1.2
Installation
# PHP7.0+
composer require adhocore/jwt
# PHP5.6
composer require adhocore/jwt:0.1.2
# For PHP5.4-5.5, use version 0.1.2 with a polyfill for https://php.net/hash_equals
Features
- Six algorithms supported:
'HS256', 'HS384', 'HS512', 'RS256', 'RS384', 'RS512'
-
kidsupport. - Leeway support 0-120 seconds.
- Timestamp spoofing for tests.
- Passphrase support for
RS*algos.
Usage
use Ahc\Jwt\JWT;
// Instantiate with key, algo, maxAge and leeway.
$jwt = new JWT('secret', 'HS256', 3600, 10);
Only the key is required. Defaults will be used for the rest:
$jwt = new JWT('secret');
// algo = HS256, maxAge = 3600, leeway = 0
For
RS*algo, the key should be either a resource like below:
$key = openssl_pkey_new([
'digest_alg' => 'sha256',
'private_key_bits' => 1024,
'private_key_type' => OPENSSL_KEYTYPE_RSA,
]);
OR, a string with full path to the RSA private key like below:
$key = '/path/to/rsa.key';
// Then, instantiate JWT with this key and RS* as algo:
$jwt = new JWT($key, 'RS384');
Pro You dont need to specify pub key path, that is deduced from priv key.
Generate JWT token from payload array:
$token = $jwt->encode([
'uid' => 1,
'aud' => 'http://site.com',
'scopes' => ['user'],
'iss' => 'http://api.mysite.com',
]);
Retrieve the payload array:
$payload = $jwt->decode($token);
Oneliner:
$token = (new JWT('topSecret', 'HS512', 1800))->encode(['uid' => 1, 'scopes' => ['user']]);
$payload = (new JWT('topSecret', 'HS512', 1800))->decode($token);
Pro
Can pass extra headers into encode() with second parameter:
$token = $jwt->encode($payload, ['hdr' => 'hdr_value']);
Test mocking
Spoof time() for testing token expiry:
$jwt->setTestTimestamp(time() + 10000);
// Throws Exception.
$jwt->parse($token);
Call again without parameter to stop spoofing time():
$jwt->setTestTimestamp();
Examples with kid
$jwt = new JWT(['key1' => 'secret1', 'key2' => 'secret2']);
// Use key2
$token = $jwt->encode(['a' => 1, 'exp' => time() + 1000], ['kid' => 'key2']);
$payload = $jwt->decode($token);
$token = $jwt->encode(['a' => 1, 'exp' => time() + 1000], ['kid' => 'key3']);
// -> Exception with message Unknown key ID key3
Stabillity
The library is now marked at version 1.*.* as being stable in functionality and API.
Integration
Phalcon
Check adhocore/phalcon-ext.
Laravel/Lumen
Coming soon laravel-jwt.
Consideration
Be aware of some security related considerations as outlined here which can be valid for any JWT implementations.
Popular Jwt Projects
Popular Token Projects
Popular Security Categories
Related Searches
Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Php
Token
Oauth
Jwt
Jwt Authentication
Phalcon