PHP download

Download the PHP package phithi92/json-web-token without Composer

On this page you can find all versions of the php package phithi92/json-web-token. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

Table of contents
Download phithi92/json-web-token
More information about phithi92/json-web-token
Files in phithi92/json-web-token

Vendor phithi92
Package json-web-token
Short Description Handles the generation of JSON Web Tokens (JWT), including both JWS (JSON Web Signature) and JWE (JSON Web Encryption). Provides methods for creating and validating tokens.
License MIT

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Example code of phithi92/json-web-token

Informations about the package json-web-token

⚠️ Attention: This project is still in active development. Unexpected changes and errors may occur. ⚠️

JsonWebToken PHP Library

The JsonWebToken class is a PHP library that facilitates the creation, signing, and validation of JSON Web Tokens (JWT), supporting both JSON Web Signature (JWS) and JSON Web Encryption (JWE). It provides a secure framework for generating tokens using various cryptographic algorithms to ensure data integrity and confidentiality.

Prerequisites

Before using this library, ensure your environment meets the following requirements:

PHP Version: 8.1 or higher
PHP Extensions: openssl
Composer: For managing dependencies

How the Library Works

This library operates according to key standards such as RFC 7519 (JWT), RFC 7515 (JWS), and RFC 7516 (JWE). During token signing (JWS), the library uses the HMAC algorithm (e.g., HS256) to create a signature by combining the token's header and payload with a secret key. This signature ensures the token's integrity, following the specifications in RFC 7515.

For token encryption (JWE), the payload is encrypted using algorithms like AES, as defined in RFC 7516, ensuring that only authorized recipients can decrypt and access the token's data. The entire process relies on Base64URL encoding (RFC 4648) to safely transmit the token over the web.

You can find more information about the JWT RFC here.

Installation

To integrate this library into your project, clone the repository or download the necessary files. It is recommended to use Composer for managing dependencies.

Step 1: Clone the Repository

Clone the project to your local environment:

You can install the library directly through Composer by running:

Step 2: Install Dependencies

Ensure Composer is installed, and run the following command to install the required dependencies:

The project uses the following dependencies (defined in composer.json):

PHPUnit: Used for unit testing to ensure robustness.

Usage Guide

Generating a JSON Web Token (JWT)

To generate a JWT, instantiate the JsonWebToken class and call the create() method. This method can generate either a signed (JWS) or encrypted (JWE) token.

For RSA Algorithm

For Hmac Algorithm

Error Handling

When using the library, several exceptions may be thrown in cases of invalid input, such as:

InvalidTokenException: Thrown when the token provided is malformed or invalid, as per the JWT specifications in RFC 7519.
InvalidArgumentException: Raised when an invalid argument is passed to one of the methods, such as an unsupported algorithm or an empty payload.
HashErrorException: Triggered when an issue occurs during the HMAC signing process, ensuring that hashing operations conform to RFC 7515.
UnexpectedErrorException: A general exception that is raised when an unexpected error occurs during encoding, decoding, or encryption processes.
CipherErrorException: Raised when a problem occurs during token encryption or decryption, ensuring compliance with the JWE standard in RFC 7516.

You can catch these exceptions and handle them accordingly in your application:

Supported Algorithms

The JsonWebToken class supports a variety of cryptographic algorithms for both JSON Web Signature (JWS) and JSON Web Encryption (JWE). Below are the lists of supported algorithms:

JSON Web Signature (JWS) Algorithms

Algorithm	Description	Support
`HS256`	HMAC with SHA-256	✅
`HS384`	HMAC with SHA-384	✅
`HS512`	HMAC with SHA-512	✅
`RS256`	RSA Signature with SHA-256	✅
`RS384`	RSA Signature with SHA-384	✅
`RS512`	RSA Signature with SHA-512	✅
`ES256`	ECDSA Signature with SHA-256	✅
`ES384`	ECDSA Signature with SHA-384	✅
`ES512`	ECDSA Signature with SHA-512	✅

JSON Web Encryption (JWE) Algorithms

Algorithm	Description	Support
`RSA-OAEP`	RSA with Optimal Asymmetric Encryption Padding	✅
`RSA-OAEP+A192GCM`	RSA-OAEP for key encryption with AES Galois/Counter Mode (GCM) encryption using a 192-bit key	✅
`RSA-OAEP+A256GCM`	RSA-OAEP for key encryption with AES Galois/Counter Mode (GCM) encryption using a 256-bit key	✅
`RSA1_5`	RSAES-PKCS1-v1_5: RSA Encryption Scheme using PKCS#1 v1.5 padding	✅
`A128KW`	AES Key Wrap with 128-bit key	❌
`A192KW`	AES Key Wrap with 192-bit key	❌
`A256KW`	AES Key Wrap with 256-bit key	❌
`A128GCM`	AES in Galois/Counter Mode with 128-bit key	❌
`A192GCM`	AES in Galois/Counter Mode with 192-bit key	❌
`A256GCM`	AES in Galois/Counter Mode with 256-bit key	❌

This allows for proper error handling and ensures your application can respond appropriately to invalid or unsupported tokens.

Running Tests

Unit tests are included in the project to ensure the reliability of the library. These tests cover token creation, validation, and error handling. To run the tests, execute the following command:

All test cases are located in the tests/ directory and ensure that the class functions correctly under various scenarios.

Donation

Donations are a great way to support creators and their work. Every contribution helps sustain projects and shows appreciation for their efforts, making a real difference.

All versions of json-web-token with dependencies

PHP Build Version

Package Version

Version 0.2.7 Release 21. Nov 2024
create-project require 0 people choosed require and
0 people choosed create-project.

Download

Download latest version of json-web-token from vendor phithi92

Requires php Version >=8.2

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package phithi92/json-web-token contains the following files

Loading the files please wait ....