Download the PHP package token/jwt without Composer

On this page you can find all versions of the php package token/jwt. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of token/jwt

Informations about the package jwt

JSON Web Token and JSON Web Signature

A simple library to work with JSON Web Token and JSON Web Signature based on the RFC 7519.

GitHub Tag Total Downloads Packagist Version Packagist PHP Version Support Packagist License

Installation

You can install the package via Composer:

Documentation

The documentation is available at https://dependencies-packagist.github.io/jwt/zh/.

Supported Algorithms

This library supports signing and verifying tokens with both symmetric and asymmetric algorithms. Encryption is not yet supported.

Each algorithm will produce signature with different length. If you have constraints regarding the length of the issued tokens, choose the algorithms that generate shorter output (HS256, RS256, and ES256).

Symmetric algorithms

Symmetric algorithms perform signature creation and verification using the very same key/secret. They're usually recommended for scenarios where these operations are handled by the very same component.

Name Description Class Key length req.
HS256 HMAC using SHA-256 \Token\JWT\Signature\Hmac\HS256 >= 256 bits
HS384 HMAC using SHA-384 \Token\JWT\Signature\Hmac\HS384 >= 384 bits
HS512 HMAC using SHA-512 \Token\JWT\Signature\Hmac\HS512 >= 512 bits

Asymmetric algorithms

Asymmetric algorithms perform signature creation with private/secret keys and verification with public keys. They're usually recommended for scenarios where creation is handled by a component and verification by many others.

Name Description Class Key length req.
ES256 ECDSA using P-256 and SHA-256 \Token\JWT\Signature\Ecdsa\ES256 == 256 bits
ES384 ECDSA using P-384 and SHA-384 \Token\JWT\Signature\Ecdsa\ES384 == 384 bits
ES512 ECDSA using P-521 and SHA-512 \Token\JWT\Signature\Ecdsa\ES512 == 521 bits
RS256 RSASSA-PKCS1-v1_5 using SHA-256 \Token\JWT\Signature\Rsa\RS256 >= 2048 bits
RS384 RSASSA-PKCS1-v1_5 using SHA-384 \Token\JWT\Signature\Rsa\RS384 >= 2048 bits
RS512 RSASSA-PKCS1-v1_5 using SHA-512 \Token\JWT\Signature\Rsa\RS512 >= 2048 bits
EdDSA EdDSA signature algorithms \Token\JWT\Signature\Eddsa >= 256 bits

none algorithm

The none algorithm as described by JWT standard is intentionally not implemented and not supported. The risk of misusing it is too high, and even where other means guarantee the token validity a symmetric algorithm shouldn't represent a computational bottleneck with modern hardware.

Usage

Issuing tokens

Parsing tokens

To parse a token you must create a new parser and ask it to parse a string:

Validating tokens

This method goes through every single constraint in the set, groups all the violations, and throws an exception with the grouped violations:

Available constraints

This library provides the following constraints:

Acknowledgements

This project is heavily inspired by and refactored from @lcobucci's excellent work on lcobucci/jwt.

We appreciate the clean architecture and thoughtful design of the original implementation, which made it much easier to build upon and extend with our own features.

Original Project License: BSD-3-Clause license
Please refer to the original repository for detailed history and contributions.

License

Nacosvel Contracts is made available under the MIT License (MIT). Please see License File for more information.

All versions of jwt with dependencies

PHP Build Version
Package Version
Requires php Version ^7.4 || ^8.0
ext-mbstring Version *
ext-openssl Version *
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package token/jwt contains the following files

Loading the files please wait ....