JWT-PHP(json web token-PHP版)解析
/**
* 解密
* @param $jwt
* @param $key
* @return bool|mixed
*/
public static function decode ($jwt, $key='') {
$tokens = explode('.', $jwt);
if (count($tokens) != 3) return false;
list($header64, $payload64, $sign) = $tokens;
$header = json_decode(urlsafeB64Decode($header64), JSON_OBJECT_AS_ARRAY);
if (empty($header['alg'])) return false;
if (self::signature($header64 . '.' . $payload64, $key, $header['alg']) !== $sign) return false;
$payload = json_decode(self::urlsafeB64Decode($payload64), JSON_OBJECT_AS_ARRAY);
$time = $_SERVER['REQUEST_TIME'];
if (isset($payload['iat']) && $payload['iat'] > $time) return false;
if (isset($payload['exp']) && $payload['exp']
return $payload;
}
/**
* 加密
* @param array $payload
* @param $key
* @param string $alg
* @return string
*/
public static function encode (array $payload, $key, $alg = 'SHA256') {
$key = md5($key);
$jwt = self::urlsafeB64Encode(json_encode(['typ' => 'JWT', 'alg' => $alg])) . '.' . self::urlsafeB64Encode(json_encode($payload));
return $jwt . '.' . self::signature($jwt, $key, $alg);
}
/**
* 签名
* @param $input
* @param $key
* @param $alg
* @return string
*/
public static function signature ($input, $key, $alg) {
return hash_hmac($alg, $input, $key);
}
详情可参考官网