Download the PHP package phithi92/json-web-token without Composer

On this page you can find all versions of the php package phithi92/json-web-token. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package json-web-token

⚠️ Attention: This project is still in active development. Unexpected changes and errors may occur. ⚠️


JsonWebToken PHP Library

PHP Version Latest Version

The JsonWebToken class is a PHP library that facilitates the creation, signing, and validation of JSON Web Tokens (JWT), supporting both JSON Web Signature (JWS) and JSON Web Encryption (JWE). It provides a secure framework for generating tokens using various cryptographic algorithms to ensure data integrity and confidentiality.

Prerequisites

Before using this library, ensure your environment meets the following requirements:

How the Library Works

This library operates according to key standards such as RFC 7519 (JWT), RFC 7515 (JWS), and RFC 7516 (JWE). During token signing (JWS), the library uses the HMAC algorithm (e.g., HS256) to create a signature by combining the token's header and payload with a secret key. This signature ensures the token's integrity, following the specifications in RFC 7515.

For token encryption (JWE), the payload is encrypted using algorithms like AES, as defined in RFC 7516, ensuring that only authorized recipients can decrypt and access the token's data. The entire process relies on Base64URL encoding (RFC 4648) to safely transmit the token over the web.

You can find more information about the JWT RFC here.

Installation

To integrate this library into your project, clone the repository or download the necessary files. It is recommended to use Composer for managing dependencies.

Step 1: Clone the Repository

Clone the project to your local environment:

or

You can install the library directly through Composer by running:

Step 2: Install Dependencies

Ensure Composer is installed, and run the following command to install the required dependencies:

The project uses the following dependencies (defined in composer.json):

Usage Guide

Generating a JSON Web Token (JWT)

To generate a JWT, instantiate the JsonWebToken class and call the create() method. This method can generate either a signed (JWS) or encrypted (JWE) token.

For RSA Algorithm

For Hmac Algorithm

Error Handling

When using the library, several exceptions may be thrown in cases of invalid input, such as:

You can catch these exceptions and handle them accordingly in your application:

Supported Algorithms

The JsonWebToken class supports a variety of cryptographic algorithms for both JSON Web Signature (JWS) and JSON Web Encryption (JWE). Below are the lists of supported algorithms:

JSON Web Signature (JWS) Algorithms
Algorithm Description Support
HS256 HMAC with SHA-256
HS384 HMAC with SHA-384
HS512 HMAC with SHA-512
RS256 RSA Signature with SHA-256
RS384 RSA Signature with SHA-384
RS512 RSA Signature with SHA-512
ES256 ECDSA Signature with SHA-256
ES384 ECDSA Signature with SHA-384
ES512 ECDSA Signature with SHA-512
JSON Web Encryption (JWE) Algorithms
Algorithm Description Support
RSA-OAEP RSA with Optimal Asymmetric Encryption Padding
RSA-OAEP+A192GCM RSA-OAEP for key encryption with AES Galois/Counter Mode (GCM) encryption using a 192-bit key
RSA-OAEP+A256GCM RSA-OAEP for key encryption with AES Galois/Counter Mode (GCM) encryption using a 256-bit key
RSA1_5 RSAES-PKCS1-v1_5: RSA Encryption Scheme using PKCS#1 v1.5 padding
A128KW AES Key Wrap with 128-bit key
A192KW AES Key Wrap with 192-bit key
A256KW AES Key Wrap with 256-bit key
A128GCM AES in Galois/Counter Mode with 128-bit key
A192GCM AES in Galois/Counter Mode with 192-bit key
A256GCM AES in Galois/Counter Mode with 256-bit key

This allows for proper error handling and ensures your application can respond appropriately to invalid or unsupported tokens.

Running Tests

Unit tests are included in the project to ensure the reliability of the library. These tests cover token creation, validation, and error handling. To run the tests, execute the following command:

All test cases are located in the tests/ directory and ensure that the class functions correctly under various scenarios.

Donation

Donations are a great way to support creators and their work. Every contribution helps sustain projects and shows appreciation for their efforts, making a real difference.

ko-fi image

All versions of json-web-token with dependencies

PHP Build Version
Package Version
Requires php Version >=8.2
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package phithi92/json-web-token contains the following files

Loading the files please wait ....