转自 https://blog.csdn.net/bdl13588302605/article/details/81391003
1.JWT存放在ThinkPHP类库中的路径(截图所示即为需要用到的2个php文件)
2.JWT文件夹下的文件说明:
1).JWT.php
功能①:根据用户基本信息、过期时间、秘钥生成时间等信息生成一个加密字符串(token)
功能②:根据客户端提交过来的加密字符串token,进行解码,验证用户信息真实性、token是否在有效期内,成功之后返回一个对象,包含用户基本信息、过期时间、秘钥等信息
文件内容:
<?php
vendor('phpJWT.Firebase.JWT.BlarDateTime');
/**
* JSON Web Token implementation, based on this spec:
* https://tools.ietf.org/html/rfc7519
*
* PHP version 5
*
* @category Authentication
* @package Authentication_JWT
* @author Neuman Vong <neuman@twilio.com>
* @author Anant Narayanan <anant@php.net>
* @license http://opensource.org/licenses/BSD-3-Clause 3-clause BSD
* @link https://github.com/firebase/php-jwt
*/
class JWT
{
/**
* When checking nbf, iat or expiration times,
* we want to provide some extra leeway time to
* account for clock skew.
*/
public static $leeway = 0;
/**
* Allow the current timestamp to be specified.
* Useful for fixing a value within unit testing.
*
* Will default to PHP time() value if null.
*/
public static $timestamp = null;
public static $supported_algs = array(
'HS256' => array('hash_hmac', 'SHA256'),
'HS512' => array('hash_hmac', 'SHA512'),
'HS384' => array('hash_hmac', 'SHA384'),
'RS256' => array('openssl', 'SHA256'),
'RS384' => array('openssl', 'SHA384'),
'RS512' => array('openssl', 'SHA512'),
);
/**
* Decodes a JWT string into a PHP object.
*
* @param string $jwt The JWT
* @param string|array $key The key, or map of keys.
* If the algorithm used is asymmetric, this is the public key
* @param array $allowed_algs List of supported verification algorithms
* Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
*
* @return object The JWT's payload as a PHP object
*
* @throws UnexpectedValueException Provided JWT was invalid
* @throws SignatureInvalidException Provided JWT was invalid because the signature verification failed
* @throws BeforeValidException Provided JWT is trying to be used before it's eligible as defined by 'nbf'
* @throws BeforeValidException Provided JWT is trying to be used before it's been created as defined by 'iat'
* @throws ExpiredException Provided JWT has since expired, as defined by the 'exp' claim
*
* @uses jsonDecode
* @uses urlsafeB64Decode
*/
public static function decode($jwt, $key, array $allowed_algs = array())
{
$bdtObj = new \BlarDateTime();
$timestamp = is_null(static::$timestamp) ? time() : static::$timestamp;
if (empty($key)) {
logs('phpJWT | Firebase | JWT | JWT | decode | Key is empty');
return false;
}
$tks = explode('.', $jwt);
if (count($tks) != 3) {
logs('phpJWT | Firebase | JWT | JWT | decode | Wrong number of segments');
return false;
}
list($headb64, $bodyb64, $cryptob64) = $tks;
if (null === ($header = static::jsonDecode(static::urlsafeB64Decode($headb64)))) {
logs('phpJWT | Firebase | JWT | JWT | decode | Invalid header encoding');
return f