You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
147 lines
4.0 KiB
147 lines
4.0 KiB
<?php
|
|
namespace app\api\service;
|
|
|
|
|
|
use Lcobucci\JWT\Builder;
|
|
use Lcobucci\JWT\Signer\Hmac\Sha256;
|
|
use Lcobucci\JWT\Signer\Key\InMemory;
|
|
use Lcobucci\JWT\Token;
|
|
use DateTimeImmutable;
|
|
|
|
class JWTService
|
|
{
|
|
private $secret;
|
|
|
|
public function __construct()
|
|
{
|
|
$this->secret = config('jwt.secret');
|
|
}
|
|
|
|
public function createToken(array $claims): string
|
|
{
|
|
$signer = new Sha256();
|
|
$key = InMemory::plainText($this->secret);
|
|
|
|
$now = new DateTimeImmutable(); // 当前时间
|
|
|
|
$builder = new Builder();
|
|
|
|
// 设置发行时间和过期时间
|
|
$secondsToAdd = (int) config('jwt.token_ttl');
|
|
$expiresAt = $now->add(new \DateInterval('PT' . $secondsToAdd . 'S'));
|
|
|
|
$token = $builder
|
|
->issuedAt($now) // iat: 发行时间
|
|
->expiresAt($expiresAt) // exp: 过期时间
|
|
|
|
// 使用专用方法设置注册声明
|
|
->withIssuer('your_issuer') // iss: 发行人
|
|
->withSubject('your_subject') // sub: 主题
|
|
->withAudience('your_audience'); // aud: 受众
|
|
|
|
// 添加自定义 Claims
|
|
foreach ($claims as $key => $value) {
|
|
$token = $token->withClaim($key, $value); // 自定义声明仍然可以使用 withClaim
|
|
}
|
|
|
|
// 构建并签名 Token
|
|
$signedToken = $token->sign($signer, $key);
|
|
|
|
return (string) $signedToken;
|
|
}
|
|
|
|
public function verifyToken(string $token): array
|
|
{
|
|
try {
|
|
$parser = new \Lcobucci\JWT\Parser();
|
|
$token = $parser->parse($token);
|
|
|
|
if ($token->verify(new Sha256(), InMemory::plainText($this->secret))) {
|
|
return $token->getClaims();
|
|
}
|
|
} catch (\Exception $e) {
|
|
// 处理异常
|
|
}
|
|
|
|
return [];
|
|
}
|
|
}
|
|
// app/service/JWTService.php
|
|
namespace app\service;
|
|
|
|
use Lcobucci\JWT\Builder;
|
|
use Lcobucci\JWT\Signer\Hmac\Sha256;
|
|
use Lcobucci\JWT\Signer\Key\InMemory;
|
|
use Lcobucci\JWT\Token;
|
|
use DateTimeImmutable;
|
|
|
|
class JWTService
|
|
{
|
|
private $secret;
|
|
|
|
public function __construct()
|
|
{
|
|
$this->secret = config('jwt.secret');
|
|
}
|
|
|
|
public function createToken(array $claims): string
|
|
{
|
|
$signer = new Sha256();
|
|
$key = InMemory::plainText($this->secret);
|
|
|
|
$now = new DateTimeImmutable(); // 当前时间
|
|
|
|
$builder = new Builder();
|
|
|
|
// 设置发行时间和过期时间
|
|
$secondsToAdd = (int) config('jwt.token_ttl');
|
|
$expiresAt = $now->add(new \DateInterval('PT' . $secondsToAdd . 'S'));
|
|
|
|
$token = $builder
|
|
->issuedAt($now) // iat: 发行时间
|
|
->expiresAt($expiresAt) // exp: 过期时间
|
|
|
|
// 使用辅助方法设置注册声明
|
|
->withRegisteredClaim('iss', 'your_issuer') // iss: 发行人
|
|
->withRegisteredClaim('sub', 'your_subject') // sub: 主题
|
|
->withRegisteredClaim('aud', 'your_audience'); // aud: 受众
|
|
|
|
// 添加自定义 Claims
|
|
foreach ($claims as $key => $value) {
|
|
$token = $token->withClaim($key, $value); // 自定义声明仍然可以使用 withClaim
|
|
}
|
|
|
|
// 构建并签名 Token
|
|
$signedToken = $token->sign($signer, $key);
|
|
|
|
return (string) $signedToken;
|
|
}
|
|
|
|
public function verifyToken(string $token): array
|
|
{
|
|
try {
|
|
$parser = new \Lcobucci\JWT\Parser();
|
|
$token = $parser->parse($token);
|
|
|
|
if ($token->verify(new Sha256(), InMemory::plainText($this->secret))) {
|
|
return $token->getClaims();
|
|
}
|
|
} catch (\Exception $e) {
|
|
// 处理异常
|
|
}
|
|
|
|
return [];
|
|
}
|
|
|
|
/**
|
|
* 辅助方法用于设置注册声明。
|
|
*
|
|
* @param string $claimName
|
|
* @param mixed $claimValue
|
|
* @return \Lcobucci\JWT\Builder
|
|
*/
|
|
private function withRegisteredClaim(string $claimName, $claimValue): Builder
|
|
{
|
|
return (new Builder())->withClaim($claimName, $claimValue);
|
|
}
|
|
}
|