Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 00:58
    dependabot-preview[bot] synchronize #456
  • 00:58

    dependabot-preview[bot] on composer

    Bump infection/infection from 0… (compare)

  • 00:58
    dependabot-preview[bot] edited #456
  • 00:56
    dependabot-preview[bot] edited #456
  • 00:56

    dependabot-preview[bot] on composer

    (compare)

  • 00:56

    dependabot-preview[bot] on master

    Bump phpunit/phpunit from 9.4.1… Merge pull request #458 from lc… (compare)

  • 00:56
    dependabot-preview[bot] closed #458
  • 00:55
    dependabot-preview[bot] review_requested #458
  • 00:55
    dependabot-preview[bot] milestoned #458
  • 00:55
    dependabot-preview[bot] labeled #458
  • 00:55
    dependabot-preview[bot] opened #458
  • 00:55

    dependabot-preview[bot] on composer

    Bump phpunit/phpunit from 9.4.1… (compare)

  • Oct 18 12:33
    dependabot-preview[bot] synchronize #456
  • Oct 18 12:33

    dependabot-preview[bot] on composer

    Bump infection/infection from 0… (compare)

  • Oct 18 12:33
    dependabot-preview[bot] edited #456
  • Oct 17 16:09
    dependabot-preview[bot] edited #456
  • Oct 17 16:09

    dependabot-preview[bot] on composer

    (compare)

  • Oct 17 16:09

    dependabot-preview[bot] on master

    Bump phpstan/phpstan from 0.12.… Merge pull request #457 from lc… (compare)

  • Oct 17 16:09
    dependabot-preview[bot] closed #457
  • Oct 17 16:08
    dependabot-preview[bot] commented #456
Marco Pivetta
@Ocramius
Well, $container is not defined anywhere in your script :)
Abuabdellah
@Abuabdelah
@Ocramius I don't know about it I'm new in using the library
@Ocramius also the following gives error when trying to get some info from the OIDC response?
$tok = 'signature code';
$token = (new Parser())->parse((string) $tok); // Parses from a string
$token->getHeaders(); // Retrieves the token header
$token->getClaims(); // Retrieves the token claims

echo $token->getHeader('name'); // will print "4f1g23a12aa"
echo $token->getClaim('iss'); // will print "http://example.com"
echo $token->getClaim('aud'); // will print "1"

Uncaught Error: Cannot instantiate interface Fatal

Marco Pivetta
@Ocramius
You want to use Lcobucci\JWT\Token\Parser, not Lcobucci\JWT\Parser, which is the interface
Abuabdellah
@Abuabdelah
@Ocramius , that gives the following error:

Uncaught ArgumentCountError: Too few arguments to function Lcobucci\JWT\Token\Parser::__construct(), 0 passed in

Marco Pivetta
@Ocramius
Seems about right: I think you need to do more PHP class/object-based programming before jumping at a library though?
copy-pasting from the docs, especially in security-sensitive contexts like this one, won't get you far, and will only get you in trouble :|
Harish Durga
@harishdurga
How to add custom data to the token?
Marco Pivetta
@Ocramius
@harishdurga that's what "claims" are: some are reserved keys, but any keys defined on your end are up for grabs
Abuabdellah
@Abuabdelah
@Ocramius , I see that I asked for how to use not how extend the library!
Luís Cobucci
@lcobucci
biggunn
@biggunn
Hope this has a simple answer. Using V3.3.1. Trying to create a token per instructions here: https://github.com/lcobucci/jwt/blob/3.3/README.md#token-signature (using hmac signature) . When I try to return $token from my function all I get is {}. When I var_dump($token) it is giving me the entire object in string form, rather than just a JWT. Should it be necessary to parse out $token in order to get the JWT, or am I just misunderstanding how this is to be used? Obviously I am missing something basic. Thanks.
Marco Pivetta
@Ocramius
Can you show what you wrote?
biggunn
@biggunn
$signer = new Sha256();
$time = time();
    $token = (new Builder())->issuedBy('http://example.com') // Configures the issuer (iss claim)
    ->permittedFor('http://example.org') // Configures the audience (aud claim)
    ->identifiedBy('4f1g23a12aa', true) // Configures the id (jti claim), replicating as a header item
    ->issuedAt($time) // Configures the time that the token was issue (iat claim)
    ->canOnlyBeUsedAfter($time + 60) // Configures the time that the token can be used (nbf claim)
    ->expiresAt($time + 3600) // Configures the expiration time of the token (exp claim)
    ->withClaim('uid', 1) // Configures a new claim, called "uid"
    ->getToken($signer, new Key(AZURE_PRIMARY_KEY_AUTH)); // Retrieves the generated token

    var_dump($token->getToken());

    return $token;
biggunn
@biggunn
Sorry, just realized the var_dump was the last thing i tried and not the actual issue I am having. so the above should be var_dump($token)
biggunn
@biggunn
So I am able to get the token if I do: $token->__toString(); is that how we are supposed to get it? or is there a better way?
Luís Cobucci
@lcobucci
@biggunn that's the current API. It's simpler if you cast it to string: (string) $token
mega94
@mega94
hi
mega94
@mega94
How do I extract data from the header? e.g. title: authorization
Luís Cobucci
@lcobucci
Hey @mega94, if you're using the stable version (v3. E
You can use the method Token#getHeader()
Bernard Longho
@blongho

Hello, i am trying to use this library to decrypt some information that that i encrypted in my application. I used C++ in encrypting the data and i want to decrypt same using PHP in the server. This is how the encryption was done. I use https://github.com/Thalhammer/jwt-cpp for encryption

string encrypt(const std::string& input, const std::string& issuer, const std::string& key)
{
    auto token = jwt::create()
        .set_issuer(issuer)
        .set_type("JWS")
        .set_payload_claim("data", jwt::claim(input))
        .sign(jwt::algorithm::hs256{ key });
    return token;
}

I try to decrypt it using https://github.com/lcobucci/jwt/tree/3.3 in PHP

$file_data = file_get_contents("php://input");
try {
    var_dump("Creating a new parser from the received data");
    $token = (new Parser())->parse((string) $file_data); // Parses from a
    // string
    var_dump($token);
    $headers = $token->getHeaders(); // Retrieves the token header
    $claims = $token->getClaims(); // Retrieves the token claims
    var_dump($headers);
    echo $headers;
    var_dump("After decoding");
    $json_decoded = json_decode($token, true);
    var_dump("After json decoding");
    $file = fopen("decrypted.json", "wb");
    fwrite($file, $json_decoded);
    var_dump("After writing to file");
    fclose($file);
    echo $json_decoded;
}
catch (Exception | InvalidArgumentException $e) {
    error_log("Error parsing the encoded data " . $e->getMessage(), 0);
    var_dump("There was an error" . $e->getMessage());
}

I get There was an error The JWT string must have two dots. Can someone help me out with the decrypting. I can confirm that the encrypted data is received in the server.

Is there anything i am missing or not doing rightly?

Luís Cobucci
@lcobucci
It seems like the data you're sending to the parser is not a jwt... Are you sure you want to read from php://input?
Bernard Longho
@blongho

From the source code link here, i understand that the Parser can parse both JWS and JWT?

Anyway, the snippet above worked. I had to specify the claims key inorder to get the tokens claims

...
$claims = $token->getClaims(); // Retrieves the token claims
$claimsData =$claims["claims key"]; // This was the line i was missing. 
...

Thanks for the great work.

Bbun Yua
@bbunyua_twitter

This very basic test returns false for me on the verify-call. I'm on "lcobucci/jwt": "^3.3".
Am I doing something wrong?

$token = (new Builder())
    ->gettoken(
        new Sha256(),
        new Key(file_get_contents('../jwtRS256.key'))
    );

dump($token->verify(
    new Sha256(),
    new Key(file_get_contents('../jwtRS256.key.pub'))
));

The public/private key were generated with:

ssh-keygen -t rsa -b 4096 -m PEM -f jwtRS256.key
# no passphrase entered
openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.key.pub
Bbun Yua
@bbunyua_twitter
Apparently I imported the wrong Sha256.. duh. Had the symmetric signer copy-pasted in accidently:
use Lcobucci\JWT\Signer\Hmac\Sha256; => use Lcobucci\JWT\Signer\Rsa\Sha256;
For the record if anyone comes here from Google.
Nicolai Cornelis
@nickdnk
Hey guys
I'm trying to implement Apples sign in, but I keep getting error:09FFF06C:PEM routines:CRYPTO_internal:no start line when I try to sign the JWT using the private key I downloaded from Apple. I set the Signer to Lcobucci\JWT\Signer\Ecdsa\Sha256 which seems to be in line with https://developer.apple.com/documentation/sign_in_with_apple/generate_and_validate_tokens, but I simply can't get it to work
Tried both the key in a file using file:// and heredoc-inlining it, which gives the same result
$key = <<< PRIVATE_KEY
----BEGIN PRIVATE KEY-----
 // private key here
-----END PRIVATE KEY-----
PRIVATE_KEY;

$signer = new \Lcobucci\JWT\Signer\Ecdsa\Sha256();
$time = time();

return (new Builder())->issuedBy(self::TEAM_ID) // iss claim
->permittedFor('https://appleid.apple.com') // aud claim
->expiresAt($time + 3600) // exp claim
->issuedAt($time) // iat claim
->relatedTo(self::APP_ID) // sub claim
->withHeader('kid', self::PRIVATE_KEY_ID) // kid header
->getToken($signer, new Key($key));
Nicolai Cornelis
@nickdnk
It works if I pass in file_get_contents('key.p8') using the file I get from Apple, but I don't understand what the difference is
The new key I generated also works inline. I have no idea why. I suppose I somehow removed some line breaks or whitespace that messed up the format.
Roman Korobeynikov
@rkorobeynikov

Hey guys, just tried to use v4 branch and got error:
Uncaught exception: The header "typ" must be present
According to standard: https://tools.ietf.org/html/rfc7519#page-11

5.1. "typ" (Type) Header Parameter
...
Use of this Header Parameter is OPTIONAL.

In this case shouldn't it be removed?
if (! isset($header['typ'])) { throw new InvalidArgumentException('The header "typ" must be present'); }

Marco Pivetta
@Ocramius
@rkorobeynikov where is that specifically?
@rkorobeynikov and could you maybe have a code snippet that leads to this failure? We can then write a test around it :)
Dyesi Arevalo
@DyesiArevalo_twitter
Im newbie for oauth2. I wanna implement jwt token registration and authentication also my CRUD request with token. Could you please give a good article/tutorial?
Luís Cobucci
@lcobucci
@DyesiArevalo_twitter can you share a bit on your use case and why do you need oauth2? Bear in mind that oauth2 is an authorisation protocol
https://oauth.net/2/ should give some info