牛刀小试~php Jwt的应用
<?php
namespace app\api\controller;
class Jwt
{
private $alg = 'sha256';
private $secret = "zaq1xsw2cde3vfr4bgt5nhy6mju7";
public function getHeader()
{
$header = [
'alg' => $this->alg,
'typ' => 'JWT'
];
return $this->base64urlEncode(json_encode($header, JSON_UNESCAPED_UNICODE));
}
public function getPayload($uid)
{
$time = time();
$payload = [
'iss' => 'admin',
'exp' => $time + 600,
'sub' => 'test',
'aud' => 'every',
'nbf' => $time,
'iat' => $time,
'jti' => 10001,
'uid' => $uid,
];
return $this->base64urlEncode(json_encode($payload, JSON_UNESCAPED_UNICODE));
}
public function genToken($uid)
{
$header = $this->getHeader();
$payload = $this->getPayload($uid);
$raw = $header . '.' . $payload;
$token = $raw . '.' . hash_hmac($this->alg, $raw, $this->secret);
return $token;
}
public function verifyToken($token)
{
if (!$token) {
return false;
}
$tokenArr = explode('.', $token);
if (count($tokenArr) != 3) {
return false;
}
$header = $tokenArr[0];
$payload = $tokenArr[1];
$signature = $tokenArr[2];
$payloadArr = json_decode($this->base64urlDecode($payload), true);
if (!$payloadArr) {
return false;
}
if (isset($payloadArr['exp']) && $payloadArr['exp'] < time()) {
return false;
}
$expected = hash_hmac($this->alg, $header . '.' . $payload, $this->secret);
if ($expected !== $signature) {
return false;
}
return $payloadArr['uid'];
}
private function base64urlEncode($data)
{
return rtrim(strtr(base64_encode($data), '+/', '-_'), '=');
}
private function base64urlDecode($data)
{
return base64_decode(str_pad(strtr($data, '-_', '+/'), strlen($data) % 4, '=', STR_PAD_RIGHT));
}
}