WebTokenClient Class Reference

Class to implement the JWT interface using the Web Token JWT Framework library from https://web-token.spomky-labs.com. More...

Inheritance diagram for WebTokenClient:

Public Member Functions
bool	hasJwt ()
	Check if a JWT is defined.
bool	isEncrypted ()
	Check if a JWT's content is encrypted.
bool	load (string $jwtString, ?string $privateKey=null)
	Load a JWT from a string.
array	getJweHeaders ()
	Get the value of the JWE headers.
bool	hasHeader (string $name)
	Check whether a JWT has a header with the specified name.
string null	getHeader (string $name, ?string $defaultValue=null)
	Get the value of the header with the specified name.
array object null	getHeaders ()
	Get the value of the headers.
bool	hasClaim (string $name)
	Check whether a JWT has a claim with the specified name.
int float string bool array object null	getClaim (string $name, int|float|string|bool|array|object|null $defaultValue=null)
	Get the value of the claim with the specified name.
array object null	getPayload ()
	Get the value of the payload.
bool	verify (?string $publicKey, ?string $jku=null)
	Verify the signature of the JWT.
bool	verifySignature (?string &$publicKey, ?string $jku=null)
	Verify the signature of the JWT.
Public Member Functions inherited from ClientInterface

Static Public Member Functions
static string[]	getSupportedAlgorithms ()
	Return an array of supported signature algorithms.
static array object null	getLastHeaders ()
	Get the value of the headers for the last signed JWT (before any encryption).
static array object null	getLastPayload ()
	Get the value of the payload for the last signed JWT (before any encryption).
static string	sign (array $payload, string $signatureMethod, string $privateKey, ?string $kid=null, ?string $jku=null, ?string $encryptionMethod=null, ?string $publicKey=null)
	Sign the JWT.
static string null	generateKey (string $signatureMethod='RS256')
	Generate a new private key in PEM format.
static string null	getPublicKey (string $privateKey)
	Get the public key for a private key.
static array	getJWKS (string $pemKey, string $signatureMethod, ?string $kid=null)
	Get the public JWKS from a key in PEM format.
Static Public Member Functions inherited from ClientInterface

Public Attributes
const	SUPPORTED_ALGORITHMS = ['RS256', 'RS384', 'RS512']
	Supported signature algorithms.

Detailed Description

Class to implement the JWT interface using the Web Token JWT Framework library from https://web-token.spomky-labs.com.

Author

Stephen P Vickers steph.nosp@m.en@s.nosp@m.pvsof.nosp@m.twar.nosp@m.eprod.nosp@m.ucts.nosp@m..com

Copyright

SPV Software Products

Licence: GNU Lesser General Public License, version 3 (<http://www.gnu.org/licenses/lgpl.html>)

Member Function Documentation

generateKey()

static string null generateKey ( string $signatureMethod = 'RS256' )

static

Generate a new private key in PEM format.

Parameters

string

$signatureMethod

Signature method

Returns

string|null Key in PEM format

Implements ClientInterface.

getClaim()

int float string bool array object null getClaim	(	string	$name,
		int|float|string|bool|array|object|null	$defaultValue = null )

Get the value of the claim with the specified name.

Parameters

string	$name	Claim name
int | float | string | bool | array | object | null	$defaultValue	Default value

Returns

int|float|string|bool|array|object|null The value of the claim with the specified name, or the default value if it does not exist

Implements ClientInterface.

getHeader()

string null getHeader	(	string	$name,
		?string	$defaultValue = null )

Get the value of the header with the specified name.

Parameters

string	$name	Header name
string | null	$defaultValue	Default value

Returns

string|null The value of the header with the specified name, or the default value if it does not exist

Implements ClientInterface.

getHeaders()

array object null getHeaders

(

)

Get the value of the headers.

Returns

array|object|null The value of the headers

Implements ClientInterface.

getJweHeaders()

array getJweHeaders

(

)

Get the value of the JWE headers.

Returns

array The value of the JWE headers

Implements ClientInterface.

getJWKS()

static array getJWKS ( string $pemKey, string $signatureMethod, ?string $kid = null )

static

Get the public JWKS from a key in PEM format.

Parameters

string	$pemKey	Private or public key in PEM format
string	$signatureMethod	Signature method
string | null	$kid	Key ID (optional)

Returns

array JWKS keys

Implements ClientInterface.

getLastHeaders()

static array object null getLastHeaders ( )

static

Get the value of the headers for the last signed JWT (before any encryption).

Returns

array|object|null The value of the headers

Implements ClientInterface.

getLastPayload()

static array object null getLastPayload ( )

static

Get the value of the payload for the last signed JWT (before any encryption).

Returns

array|object|null The value of the payload

Implements ClientInterface.

getPayload()

array object null getPayload

(

)

Get the value of the payload.

Returns

array|object|null The value of the payload

Implements ClientInterface.

getPublicKey()

static string null getPublicKey ( string $privateKey )

static

Get the public key for a private key.

Parameters

string

$privateKey

Private key in PEM format

Returns

string|null Public key in PEM format

Implements ClientInterface.

getSupportedAlgorithms()

static string[] getSupportedAlgorithms ( )

static

Return an array of supported signature algorithms.

Returns

string[] Array of algorithm names

Implements ClientInterface.

hasClaim()

bool hasClaim

(

string

$name

)

Check whether a JWT has a claim with the specified name.

Parameters

string

$name

Claim name

Returns

bool True if the JWT has a claim of the specified name

Implements ClientInterface.

hasHeader()

bool hasHeader

(

string

$name

)

Check whether a JWT has a header with the specified name.

Parameters

string

$name

Header name

Returns

bool True if the JWT has a header of the specified name

Implements ClientInterface.

hasJwt()

bool hasJwt

(

)

Check if a JWT is defined.

Returns

bool True if a JWT is defined

Implements ClientInterface.

isEncrypted()

bool isEncrypted

(

)

Check if a JWT's content is encrypted.

Returns

bool True if a JWT is encrypted

Implements ClientInterface.

load()

bool load	(	string	$jwtString,
		?string	$privateKey = null )

Load a JWT from a string.

Parameters

string	$jwtString	JWT string
string | null	$privateKey	Private key in PEM format for decrypting encrypted tokens (optional)

Returns

bool True if the JWT was successfully loaded

Implements ClientInterface.

sign()

static string sign ( array $payload, string $signatureMethod, string $privateKey, ?string $kid = null, ?string $jku = null, ?string $encryptionMethod = null, ?string $publicKey = null )

static

Sign the JWT.

Parameters

array	$payload	Payload
string	$signatureMethod	Signature method
string	$privateKey	Private key in PEM format
string | null	$kid	Key ID (optional)
string | null	$jku	JSON Web Key URL (optional)
string | null	$encryptionMethod	Encryption method (optional)
string | null	$publicKey	Public key of recipient for content encryption (optional)

Returns

string Signed JWT

Exceptions

Exception

Implements ClientInterface.

verify()

bool verify	(	?string	$publicKey,
		?string	$jku = null )

Verify the signature of the JWT.

Deprecated

Use verifySignature() instead

Parameters

string | null	$publicKey	Public key of issuer
string | null	$jku	JSON Web Key URL of issuer (optional)

Returns

bool True if the JWT has a valid signature

Implements ClientInterface.

verifySignature()

bool verifySignature	(	?string &	$publicKey,
		?string	$jku = null )

Verify the signature of the JWT.

If a new public key is fetched and used to successfully verify the signature, the value of the publicKey parameter is updated.

Parameters

string | null	$publicKey	Public key of issuer (passed by reference)
string | null	$jku	JSON Web Key URL of issuer (optional)

Returns

bool True if the JWT has a valid signature

Implements ClientInterface.