Jitendra Adhikari

ok then 😁 leeway is to be used in a way it is advantageous to the jwt token client (and yes nbf should be plus) edit: however because of the...

iat is, like you said, confusing. some implementations use it the same way as nbf. the rfc is at: https://tools.ietf.org/html/rfc7519#section-4.1.6 i will compare with other impls and see what we...

we can go for 1 but the dependency should be optional and in suggestions.

my thinking was to have a `Signature` class that works with either of them (whichever is available) but not having these packages as deps, but in `suggests`

> Is ECDSA still wanted for this? hi @Lewiscowles1986, maybe yes but not must-have > I noticed that currently you direct-bind to php functions. Perhaps one or more interfaces would...

closing for now

i think you can directly set the resource as key. ```php $key = openssl_pkey_get_private('your rsa key as string from database'); $jwt = new JWT($key, 'RS256'); // ... ```

closing for now

will be ported from https://github.com/adhocore/gronx :D

i have tried to fix it in the base phpfpm https://github.com/adhocore/docker-phpfpm/issues/81#issuecomment-1500765128, if that works out, i will update here for lemp as well