Download the PHP package remessage/json-web-token without Composer
On this page you can find all versions of the php package remessage/json-web-token. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download remessage/json-web-token
More information about remessage/json-web-token
Files in remessage/json-web-token
Package json-web-token
Short Description A JSON Web Token (RFC 7519) implementation library
License Apache-2.0
Homepage https://dev.remessage.ru/packages/json-web-token
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package json-web-token
Json Web Token Implementation
This library implements a series of standards related with JSON Web Token and is used by others Re: Message libraries and services like remessage/client and API server.
Installation
You will need Composer to install. Run this command:
composer require remessage/json-web-token
Usage
Algorithms
All tokens and services uses algorithms to sign, verify, encrypt and decrypt the token data. Each algorithm MUST implement RM\Standard\Jwt\Algorithm\AlgorithmInterface.
At this moment, we provide only HMAC-based algorithms:
RM\Standard\Jwt\Algorithm\Signature\HMAC\HS256for HMAC with SHA-256RM\Standard\Jwt\Algorithm\Signature\HMAC\HS512for HMAC with SHA-512RM\Standard\Jwt\Algorithm\Signature\HMAC\HS3256for HMAC with SHA3-256 (or Keccak256)RM\Standard\Jwt\Algorithm\Signature\HMAC\HS3512for HMAC with SHA3-512 (or Keccak512)
Also, you can implement your own algorithm. You need implement the RM\Standard\Jwt\Algorithm\AlgorithmInterface interface.
Keys
Each key must implement the RM\Standard\Jwt\Key\Factory\KeyInterface interface.
At the moment, we provide support for:
- Octet key
- RSA keys (PSS and PKCS1) (only signing)
Also, you can implement your own key. You need implement the RM\Standard\Jwt\Key\Factory\KeyFactoryInterface interface to create your key from array. If your key contains a property that is not implemented in this library, then you also need to implement the RM\Standard\Jwt\Key\Parameter\KeyParameterInterface interface and use RM\Standard\Jwt\Key\Parameter\Factory\ParameterFactory with your key parameter class.
Tokens
To create new token you can use the RM\Standard\Jwt\Signature\SignatureToken class. The class constructor have 3 arguments: header parameters, payload claims and signature. The header parameters must include the algorithm parameter. Other arguments is optional.
Example:
Via secondary constructor:
Properties
The token has parameters called properties, these are important sensitive data that are needed for authorization and verification. They are separated respectively in the header and in the payload of the token. Header parameters contains the common token data: the signing or encryption algorithm and the type of token. Payload claims contain the data necessary for verification: the token sign/encrypt time, the action time, who signed and for whom. The payload can also include business logic data like permissions or something else.
Header parameters defined in the RM\Standard\Jwt\Property\Header\ namespace. Payload claims defined in the RM\Standard\Jwt\Property\Payload\ namespace.
You can use custom properties. To create your custom property you need implement one of these interfaces:
RM\Standard\Jwt\Property\Header\HeaderParameterInterfaceto create custom header parameterRM\Standard\Jwt\Property\Payload\ClaimInterfaceto create custom claim
According to the standard, property names must be concise enough. We use 3-character names, but there are no restrictions.
Serialization
Serialization of tokens provided by some services implemented the RM\Standard\Jwt\Serializer\SerializerInterface interface.
Example:
Signing
To sign the token you should use the RM\Standard\Jwt\Signature\Signer. Signer only depends on the serializer, but the default is RM\Standard\Jwt\Serializer\SignatureCompactSerializer.
Serializer is necessary for the service to sign the token, since the signature is the header and the payload signed by the key.
Also, you can use decorators for Signer to provide some token handling:
RM\Standard\Jwt\Signature\GeneratedSignerprovides ability to generate token property before signingRM\Standard\Jwt\Signature\EventfulSignercreates eventsRM\Standard\Jwt\Signature\LoggableSignerallows collecting logs about the signing process
Example:
Implementation
This library implements only the necessary minimum for the correct operation of the service platform.
Will not implemented
All versions of json-web-token with dependencies
ext-json Version *
ext-sodium Version *
ext-mbstring Version *
psr/log Version ^3.0
psr/http-client Version ^1.0.0
psr/http-factory Version ^1.0.0
psr/event-dispatcher Version ^1.0.0
doctrine/collections Version ^2.1.4
symfony/deprecation-contracts Version ^3.0
symfony/serializer Version ^7.0
symfony/event-dispatcher Version ^7.0
laminas/laminas-math Version ^3.2
phpseclib/phpseclib Version ^3.0
paragonie/constant_time_encoding Version ^2.3