<?php
namespace tools\jwt;
use Lcobucci\JWT\Builder;
use Lcobucci\JWT\Parser;
use Lcobucci\JWT\Signer\Hmac\Sha256;
use Lcobucci\JWT\ValidationData;
class Token{
protected static $_config = [
'audience'=>'',//接收人
'id'=>'1',
'sign'=>'guohaotian',
'issuer'=>'www.ght.com',//签发人
'expire'=>3306*24 //有效期
];
//生成Token (加密)
public static function getToken($user_id){
$signer = new Sha256();
$time = time();
//设置签发人、接收人、唯一标识、签发时间、立即生效、过期时间、用户id、签名
$token = (new Builder())->issuedBy(self::$_config['issuer']) // Configures the issuer (iss claim)
->canOnlyBeUsedBy(self::$_config['audience']) // Configures the audience (aud claim)
->identifiedBy(self::$_config['id'], true) // Configures the id (jti claim), replicating as a header item
->issuedAt($time) // Configures the time that the token was issue (iat claim)
->canOnlyBeUsedAfter($time -1) // Configures the time that the token can be used (nbf claim)
->expiresAt($time + self::$_config['expire']) // Configures the expiration time of the token (exp claim)
->with('user_id', $user_id)->sign($signer,self::$_config['sign']) // Configures a new claim, called "uid"
->getToken(); // Retrieves the generated token
return (string)$token;
//签名对象
// $signer = new Sha256();
// //获取当前时间戳
// $time = time();
// //设置签发人、接收人、唯一标识、签发时间、立即生效、过期时间、用户id、签名
// $token = (new Builder())->issuedBy(self::$_config['issuer'])
// ->canOnlyBeUsedBy(self::$_config['audience'])
// ->identifiedBy(self::$_config['id'], true)
// ->issuedAt($time)
// ->canOnlyBeUsedAfter($time-1)
// ->expiresAt($time + self::$_config['expire'])
// ->with('user_id', $user_id)
// ->sign($signer, self::$_config['sign'])
// ->getToken();
// return (string)$token;
}
//获取Token
public static function getRequestToken(){
$header = $_SERVER['HTTP_AUTHORIZATION'];
$mothed = 'bearer';
return trim(str_ireplace($mothed,'',$header));
}
//从请求信息中获取token令牌
// public static function getRequestToken()
// {
// if (empty($_SERVER['HTTP_AUTHORIZATION'])) {
// return false;
// }
//
// $header = $_SERVER['HTTP_AUTHORIZATION'];
// $method = 'bearer';
// //去除token中可能存在的bearer标识
// return trim(str_ireplace($method, '', $header));
// }
//解密
// public static function getUserId($token = null){
// $user_id = null;
// $token = empty($token)?self::getRequestToken():$token;
// $token = (new Parser())->parse((string) $token);
// //验证
// $data = new ValidationData(); // It will use the current time to validate (iat, nbf and exp)
// $data->setIssuer(self::$_config['issuer']);
// $data->setAudience(self::$_config['audience']);
// $data->setId(self::$_config['id']);
// if (!$token->validate($data)){
// //token验证失败
// return $user_id;
// }
// $sing = new Sha256();
// if ($token->verify($sing,self::$_config['sign'])){
// //签名验证失败
// return $user_id;
// }
// $user_id = $token->getClaim('user_id');
// return $user_id;
// }
public static function getUserId($token = null)
{
$user_id = null;
$token = empty($token)?self::getRequestToken():$token;
if (!empty($token)) {
//为了注销token 加以下if判断代码
$delete_token = cache('delete_token') ?: [];
if(in_array($token, $delete_token)){
//token已被删除(注销)
return $user_id;
}
$token = (new Parser())->parse((string) $token);
//验证token
$data = new ValidationData();
$data->setIssuer(self::$_config['issuer']);//验证的签发人
$data->setAudience(self::$_config['audience']);//验证的接收人
$data->setId(self::$_config['id']);//验证token标识
if (!$token->validate($data)) {
//token验证失败
return $user_id;
}
//验证签名
$signer = new Sha256();
if (!$token->verify($signer, self::$_config['sign'])) {
//签名验证失败
return $user_id;
}
//从token中获取用户id
$user_id = $token->getClaim('user_id');
}
return $user_id;
}
}
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
