On my server I am running a few PHP files that read my Firebase Realtime Database. According to Firebase's documents I need to set up custom token to get my Firebase PHP Client running. The Firebase document says I need to return this;
return JWT::encode($payload, $private_key, "RS256");
How exactly do I reference the JWT class? I downloaded a JWT library but I am not sure how to implement this into my project. Any help would be great, I am mainly a mobile developer and have little experience with PHP.
A simple library to encode and decode JSON Web Tokens (JWT) in PHP, conforming to RFC 7519.
Here, you'll use the PHP-JWT package's encode() method. This method helps transform your data array into a JSON object. Following the conversion to a JSON object, the encode function produces JWT headers and signs the received payload with a cryptographic combination of all the information and the given secret key.
Use JWTs for Access Tokens in PHPRetrieve and parse your Okta JSON Web Keys (JWK), which should be checked periodically and cached by your application. Decode the access token, which is in JSON Web Token format. Verify the signature used to sign the access token. Verify the claims found inside the access token.
firebase/php-jwt
library uses Composer. Composer is a dependency manager for PHP similar to Maven in Java if you come from Android development background. You would need to know how to import classes in PHP using require/include functions of PHP. You would need some experience with php to use composer.
In order to use firebase/php-jwt
library without composer you could use the following sample code: (I downloaded the library inside jwt
folder)
require_once 'jwt/src/BeforeValidException.php';
require_once 'jwt/src/ExpiredException.php';
require_once 'jwt/src/SignatureInvalidException.php';
require_once 'jwt/src/JWT.php';
use \Firebase\JWT\JWT;
$key = "example_key";
$token = array(
"iss" => "http://example.org",
"aud" => "http://example.com",
"iat" => 1356999524,
"nbf" => 1357000000
);
/**
* IMPORTANT:
* You must specify supported algorithms for your application. See
* https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40
* for a list of spec-compliant algorithms.
*/
$jwt = JWT::encode($token, $key);
$decoded = JWT::decode($jwt, $key, array('HS256'));
print_r($decoded);
/*
NOTE: This will now be an object instead of an associative array. To get
an associative array, you will need to cast it as such:
*/
$decoded_array = (array) $decoded;
/**
* You can add a leeway to account for when there is a clock skew times between
* the signing and verifying servers. It is recommended that this leeway should
* not be bigger than a few minutes.
*
* Source: http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#nbfDef
*/
JWT::$leeway = 60; // $leeway in seconds
$decoded = JWT::decode($jwt, $key, array('HS256'));
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With