ClientInterface Interface Reference

Interface to represent an HWT client. More...

Inheritance diagram for ClientInterface:

Public Member Functions
bool	hasJwt ()
	Check if a JWT is defined.
bool	isEncrypted ()
	Check if a JWT's content is encrypted.
bool	load (string $jwtString, ?string $privateKey=null)
	Load a JWT from a string.
array	getJweHeaders ()
	Get the value of the JWE headers.
bool	hasHeader (string $name)
	Check whether a JWT has a header with the specified name.
string null	getHeader (string $name, ?string $defaultValue=null)
	Get the value of the header with the specified name.
array	getHeaders ()
	Get the value of the headers.
bool	hasClaim (string $name)
	Check whether a JWT has a claim with the specified name.
int float string bool array object null	getClaim (string $name, int|float|string|bool|array|object|null $defaultValue=null)
	Get the value of the claim with the specified name.
array	getPayload ()
	Get the value of the payload.
bool	verify (?string $publicKey, ?string $jku=null)
	Verify the signature of the JWT.
bool	verifySignature (?string &$publicKey, ?string $jku=null)
	Verify the signature of the JWT.

Static Public Member Functions
static string[]	getSupportedAlgorithms ()
	Return an array of supported signature algorithms.
static array	getLastHeaders ()
	Get the value of the headers for the last signed JWT (before any encryption).
static array	getLastPayload ()
	Get the value of the payload for the last signed JWT (before any encryption).
static string	sign (array $payload, string $signatureMethod, string $privateKey, ?string $kid=null, ?string $jku=null, ?string $encryptionMethod=null, ?string $publicKey=null)
	Sign the JWT.
static string null	generateKey (string $signatureMethod='RS256')
	Generate a new private key in PEM format.
static string null	getPublicKey (string $privateKey)
	Get the public key for a private key.
static array	getJWKS (string $pemKey, string $signatureMethod, ?string $kid=null)
	Get the public JWKS from a key in PEM format.

Detailed Description

Interface to represent an HWT client.

Author

Stephen P Vickers steph.nosp@m.en@s.nosp@m.pvsof.nosp@m.twar.nosp@m.eprod.nosp@m.ucts.nosp@m..com

Copyright

SPV Software Products

Licence: GNU Lesser General Public License, version 3 (<http://www.gnu.org/licenses/lgpl.html>)

Member Function Documentation

generateKey()

static string null generateKey ( string $signatureMethod = 'RS256' )

static

Generate a new private key in PEM format.

Parameters

string

$signatureMethod

Signature method

Returns

string|null Key in PEM format

Implemented in FirebaseClient, and WebTokenClient.

getClaim()

int float string bool array object null getClaim	(	string	$name,
		int|float|string|bool|array|object|null	$defaultValue = null )

Get the value of the claim with the specified name.

Parameters

string	$name	Claim name
int | float | string | bool | array | object | null	$defaultValue	Default value

Returns

int|float|string|bool|array|object|null The value of the claim with the specified name, or the default value if it does not exist

Implemented in FirebaseClient, and WebTokenClient.

getHeader()

string null getHeader	(	string	$name,
		?string	$defaultValue = null )

Get the value of the header with the specified name.

Parameters

string	$name	Header name
string | null	$defaultValue	Default value

Returns

string|null The value of the header with the specified name, or the default value if it does not exist

Implemented in FirebaseClient, and WebTokenClient.

getHeaders()

array getHeaders

(

)

Get the value of the headers.

Returns

array The value of the headers

Implemented in FirebaseClient, and WebTokenClient.

getJweHeaders()

array getJweHeaders

(

)

Get the value of the JWE headers.

Returns

array The value of the JWE headers

Implemented in FirebaseClient, and WebTokenClient.

getJWKS()

static array getJWKS ( string $pemKey, string $signatureMethod, ?string $kid = null )

static

Get the public JWKS from a key in PEM format.

Parameters

string	$pemKey	Private or public key in PEM format
string	$signatureMethod	Signature method
string | null	$kid	Key ID (optional)

Returns

array JWKS keys

Implemented in FirebaseClient, and WebTokenClient.

getLastHeaders()

static array getLastHeaders ( )

static

Get the value of the headers for the last signed JWT (before any encryption).

Returns

array The value of the headers

Implemented in FirebaseClient, and WebTokenClient.

getLastPayload()

static array getLastPayload ( )

static

Get the value of the payload for the last signed JWT (before any encryption).

Returns

array The value of the payload

Implemented in FirebaseClient, and WebTokenClient.

getPayload()

array getPayload

(

)

Get the value of the payload.

Returns

array The value of the payload

Implemented in FirebaseClient, and WebTokenClient.

getPublicKey()

static string null getPublicKey ( string $privateKey )

static

Get the public key for a private key.

Parameters

string

$privateKey

Private key in PEM format

Returns

string|null Public key in PEM format

Implemented in FirebaseClient, and WebTokenClient.

getSupportedAlgorithms()

static string[] getSupportedAlgorithms ( )

static

Return an array of supported signature algorithms.

Returns

string[] Array of algorithm names

Implemented in FirebaseClient, and WebTokenClient.

hasClaim()

bool hasClaim

(

string

$name

)

Check whether a JWT has a claim with the specified name.

Parameters

string

$name

Claim name

Returns

bool True if the JWT has a claim of the specified name

Implemented in FirebaseClient, and WebTokenClient.

hasHeader()

bool hasHeader

(

string

$name

)

Check whether a JWT has a header with the specified name.

Parameters

string

$name

Header name

Returns

bool True if the JWT has a header of the specified name

Implemented in FirebaseClient, and WebTokenClient.

hasJwt()

bool hasJwt

(

)

Check if a JWT is defined.

Returns

bool True if a JWT is defined

Implemented in FirebaseClient, and WebTokenClient.

isEncrypted()

bool isEncrypted

(

)

Check if a JWT's content is encrypted.

Returns

bool True if a JWT is encrypted

Implemented in FirebaseClient, and WebTokenClient.

load()

bool load	(	string	$jwtString,
		?string	$privateKey = null )

Load a JWT from a string.

Parameters

string	$jwtString	JWT string
string | null	$privateKey	Private key in PEM format for decrypting encrypted tokens (optional)

Returns

bool True if the JWT was successfully loaded

Implemented in FirebaseClient, and WebTokenClient.

sign()

static string sign ( array $payload, string $signatureMethod, string $privateKey, ?string $kid = null, ?string $jku = null, ?string $encryptionMethod = null, ?string $publicKey = null )

static

Sign the JWT.

Parameters

array	$payload	Payload
string	$signatureMethod	Signature method
string	$privateKey	Private key in PEM format
string | null	$kid	Key ID (optional)
string | null	$jku	JSON Web Key URL (optional)
string | null	$encryptionMethod	Encryption method (optional)
string | null	$publicKey	Public key of recipient for content encryption (optional)

Returns

string Signed JWT

Implemented in FirebaseClient, and WebTokenClient.

verify()

bool verify	(	?string	$publicKey,
		?string	$jku = null )

Verify the signature of the JWT.

Deprecated

Use verifySignature() instead

Parameters

string | null	$publicKey	Public key of issuer
string | null	$jku	JSON Web Key URL of issuer (optional)

Returns

bool True if the JWT has a valid signature

Implemented in FirebaseClient, and WebTokenClient.

verifySignature()

bool verifySignature	(	?string &	$publicKey,
		?string	$jku = null )

Verify the signature of the JWT.

If a new public key is fetched and used to successfully verify the signature, the value of the publicKey parameter is updated.

Parameters

string | null	$publicKey	Public key of issuer (passed by reference)
string | null	$jku	JSON Web Key URL of issuer (optional)

Returns

bool True if the JWT has a valid signature

Implemented in FirebaseClient, and WebTokenClient.