JWT-PHP(json web token-PHP版)解析
/** * 解密 * @param $jwt * @param $key * @return bool|mixed */ public static function decode ($jwt, $key='') { $tokens = explode('.', $jwt); if (count($tokens) != 3) return false; list($header64, $payload64, $sign) = $tokens; $header = json_decode(urlsafeB64Decode($header64), JSON_OBJECT_AS_ARRAY); if (empty($header['alg'])) return false; if (self::signature($header64 . '.' . $payload64, $key, $header['alg']) !== $sign) return false; $payload = json_decode(self::urlsafeB64Decode($payload64), JSON_OBJECT_AS_ARRAY); $time = $_SERVER['REQUEST_TIME']; if (isset($payload['iat']) && $payload['iat'] > $time) return false; if (isset($payload['exp']) && $payload['exp'] < $time) return false; return $payload; } /** * 加密 * @param array $payload * @param $key * @param string $alg * @return string */ public static function encode (array $payload, $key, $alg = 'SHA256') { $key = md5($key); $jwt = self::urlsafeB64Encode(json_encode(['typ' => 'JWT', 'alg' => $alg])) . '.' . self::urlsafeB64Encode(json_encode($payload)); return $jwt . '.' . self::signature($jwt, $key, $alg); } /** * 签名 * @param $input * @param $key * @param $alg * @return string */ public static function signature ($input, $key, $alg) { return hash_hmac($alg, $input, $key); }
详情可参考官网