我正在尝试使用此库生成PHP令牌, https://github.com/lcobucci/jwt/blob/3.2/README.md ,我执行了以下代码:
$signer = new Sha256();
$token = (new Builder())->setIssuer('http://example.com') // Configures the issuer (iss claim)
->setAudience('http://example.org') // Configures the audience (aud claim)
->setId('4f1g23a12aa', true) // Configures the id (jti claim), replicating as a header item
->setIssuedAt(time()) // Configures the time that the token was issue (iat claim)
->setNotBefore(time() + 60) // Configures the time that the token can be used (nbf claim)
->setExpiration(time() + 3600) // Configures the expiration time of the token (exp claim)
->set('uid', 1) // Configures a new claim, called "uid"
->sign($signer, 'testing') // creates a signature using "testing" as key
->getToken(); // Retrieves the generated token
如何检查请求是否带有以下符号:->sign($signer, 'testing')
var_dump($token->verify($signer, 'testing 1')); // false, because the key is different
var_dump($token->verify($signer, 'testing')); // true, because the key is the same
此功能可检查符号是否正确,但是,我需要检查带有来自请求的符号的令牌。
答案 0 :(得分:0)
我使用此库解决了这个问题:
https://github.com/firebase/php-jwt
生成新令牌:
$key = "example_key";
$token = array(
"iss" => "http://example.org",
"aud" => "http://example.com",
"iat" => 1356999524,
"nbf" => 1357000000
);
/**
* IMPORTANT:
* You must specify supported algorithms for your application. See
* https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40
* for a list of spec-compliant algorithms.
*/
$jwt = JWT::encode($token, $key);
$decoded = JWT::decode($jwt, $key, array('HS256'));
print_r($decoded);
$ jwt = JWT :: encode($ token,$ key); //用您的密钥生成新令牌($ key =“ example_key”;)
要输出令牌,请使用此行:
echo $jwt ;
检查此令牌是否在您的密钥中使用了。
$decoded = JWT::decode($coming_token , $key, array('HS256'));