A simple and flexible wrapper around the Firebase JWT library that makes JWT token handling easy and intuitive in PHP applications.
- Simple API: Create and validate JWT tokens with minimal code
- Flexible Signing: Support for both HMAC (shared secret) and RSA/ECDSA (public/private key) methods
- Automatic Claims: Built-in handling of standard JWT claims (iat, exp, nbf)
- HTTP Integration: Helper methods for extracting tokens from HTTP headers
- Key Management: Intuitive interfaces for different key types
composer require "byjg/jwt-wrapper"// Create a JWT token using HMAC
$server = "example.com";
$secret = new \ByJG\JwtWrapper\JwtHashHmacSecret(base64_encode("your_secret_key"));
$jwtWrapper = new \ByJG\JwtWrapper\JwtWrapper($server, $secret);
// Add custom data and set expiration
$token = $jwtWrapper->generateToken(
$jwtWrapper->createJwtData(["userId" => 123], 3600)
);
// Validate and extract data
try {
$jwtData = $jwtWrapper->extractData($token);
$userId = $jwtData->data->userId;
} catch (\ByJG\JwtWrapper\JwtWrapperException $e) {
// Handle invalid token
}Detailed documentation:
| Document | Description |
|---|---|
| Overview | Introduction and core concepts |
| Key Types | HMAC and OpenSSL key configuration |
| Creating Tokens | Token generation and customization |
| Validating Tokens | Token validation and data extraction |
| API Reference | Complete class and method documentation |
The library includes complete examples in the example directory showing:
- Token creation with login.php
- Token validation with api.php
- Client-side usage with client.html
sequenceDiagram
participant LOCAL
participant CLIENT
participant SERVER
participant PRIVATE_RESOURCE
LOCAL->>CLIENT: Retrieve Local Token
CLIENT->>SERVER: Pass Token
SERVER->>PRIVATE_RESOURCE: Validate Token
PRIVATE_RESOURCE->>CLIENT: Return Result if token is valid
CLIENT->>LOCAL: Store Token
vendor/bin/phpunitflowchart TD
byjg/jwt-wrapper --> firebase/php-jwt
byjg/jwt-wrapper --> ext-openssl