php-jwt
php-jwt copied to clipboard
firebase
PHP package for JWT
I am trying to use this library to verify a JWS token that is generated and supplied by a 3rd party for which I have no control over the generation...
I retrieved JWKs for Google public keys from https://www.googleapis.com/oauth2/v3/certs including this one: ``` { "alg": "RS256", "kty": "RSA", "n": "hsYvCPtkUV7SIxwkOkJsJfhwV_CMdXU5i0UmY2QEs-Pa7v0-0y-s4EjEDtsQ8Yow6hc670JhkGBcMzhU4DtrqNGROXebyOse5FX0m0UvWo1qXqNTf28uBKB990mY42Icr8sGjtOw8ajyT9kufbmXi3eZKagKpG0TDGK90oBEfoGzCxoFT87F95liNth_GoyU5S8-G3OqIqLlQCwxkI5s-g2qvg_aooALfh1rhvx2wt4EJVMSrdnxtPQSPAtZBiw5SwCnVglc6OnalVNvAB2JArbqC9GAzzz9pApAk28SYg5a4hPiPyqwRv-4X1CXEK8bO5VesIeRX0oDf7UoM-pVAw", "use": "sig", "e": "AQAB", "kid": "838c06c62046c2d948affe137dd5310129f4d5d1" } ``` JWT::createPemFromModulusAndExponent(n, e)...
Does this library support DPoP (Demonstration of Proof-of-Procession)? If so, any sample code?
in src/Controller/AppController.php ```php $this->loadComponent('Auth', [ 'storage' => 'Memory', 'authenticate' => [ 'Form' => [ 'scope' => ['Users.active' => 1] ], 'ADmad/JwtAuth.Jwt' => [ 'parameter' => 'token', 'userModel' => 'Users', 'scope'...
I am trying to decode a JWT with a JWK set and get the error `"kid" invalid, unable to lookup correct key` from JWT::getKey() for the following code: ``` $jwt...
There is no code available which can tell how can we destroy JWT token on server in PHP.
step reproduce : ``` public function decode(string $token) { // The URI for the JWKS you wish to cache the results from $jwksUri = "https://player-auth.services.api.unity.com/.well-known/jwks.json"; // Create an HTTP client...
Hello together, first of all I wanted to say thank you for developing this great library. I used the library very very much. Our company has a problem at the...
I tried using the auth keys published on Apple's website: ``` $signedTransactionJWT = $response['signedTransactions'][0]; $appleKeysText = file_get_contents('https://appleid.apple.com/auth/keys'); $jwks = json_decode($appleKeysText, true); $keyset = JWK::parseKeySet($jwks); $decodedTransactionPayload = JWT::decode($signedTransactionJWT, $keyset); ``` ...but...
See https://github.com/firebase/php-jwt/issues/488 and https://github.com/firebase/php-jwt/pull/492 use `microtime` instead of `time` for JWT validation. We MAY want to do this in a minor version because it's possible that `gettimeofday` (which is required...
