An extension to manage signed JWS tokens
This library interfaces with namshi/jose to generate signed JWS tokens.
For license information check the LICENSE-file.
The preferred way to install this extensions is through composer.
Either run
php composer.phar require --prefer-dist thamtech/yii2-jws
or add
"thamtech/yii2-jws": "*"
to the require section of your composer.json file.
-
Generate a kepair using OpenSSL and store the keys in public.pem and private.pem.
-
Add the JwsManager application component in your site configuration:
return [ 'components' => [ 'jwsManager' => [ 'class' => 'thamtech\jws\components\JwsManager', 'pubkey' => '@app/config/keys/jws/public.pem', 'pvtkey' => '@app/config/keys/jws/private.pem', // The settings below are optional. Defaults will be used if not set here. //'encoder' => 'Namshi\JOSE\Base64\Base64UrlSafeEncoder', //'exp' => '1 hour', //'alg' => 'RS256', //'jwsClass' => 'Namshi\JOSE\SimpleJWS', ], ] ]
Generate a new token:
$payload = [
"user_id": 23,
"foo": "bar",
];
$tokenString = Yii::$app->jwsManager->newToken($payload);Verify that this string is a token that we signed:
$token = Yii::$app->jwsManager->load($tokenString);
$result = Yii::$app->jwsManager->verify($token);Verify that this string is a token that we signed AND (if it is an instance
of \Namshi\JOSE\SimpleJWS wih an expiration) that it is not expired:
$token = Yii::$app->jwsManager->load($tokenString);
$result = Yii::$app->jwsManager->isValid($token);-
cranetm/yii2-json-rpc-2.0 - Yii 2 extension that helps turn your Controllers into JSON RPC 2.0 APIs.
-
namshi/jose - PHP implementation of the JWS (JSON Web Signature) specification.
-
JSON Web Token (JWT) - JWT specifications
-
JSON Web Signature (JWS) - JWS specifications
