php实现jwt的rs256加密算法
时间: 2023-11-05 11:50:33 浏览: 58
实现JWT的RS256加密算法需要使用PHP的openssl扩展,以下是一个简单的示例代码:
```php
<?php
// 生成JWT Token
function generateToken($payload, $privateKey)
{
// JWT 头部
$header = array(
"alg" => "RS256",
"typ" => "JWT"
);
// JWT 载荷
$payload = json_encode($payload);
// JWT 签名
$headerEncoded = base64UrlEncode(json_encode($header));
$payloadEncoded = base64UrlEncode($payload);
$data = $headerEncoded . '.' . $payloadEncoded;
$signature = '';
openssl_sign($data, $signature, $privateKey, OPENSSL_ALGO_SHA256);
$signatureEncoded = base64UrlEncode($signature);
// JWT Token
$jwtToken = $headerEncoded . '.' . $payloadEncoded . '.' . $signatureEncoded;
return $jwtToken;
}
// 验证JWT Token
function verifyToken($jwtToken, $publicKey)
{
$jwtParts = explode('.', $jwtToken);
if (count($jwtParts) != 3) {
return false;
}
$headerEncoded = $jwtParts[0];
$payloadEncoded = $jwtParts[1];
$signatureEncoded = $jwtParts[2];
$header = json_decode(base64UrlDecode($headerEncoded), true);
if (!isset($header['alg']) || $header['alg'] !== 'RS256') {
return false;
}
$payload = json_decode(base64UrlDecode($payloadEncoded), true);
if (!$payload) {
return false;
}
$data = $headerEncoded . '.' . $payloadEncoded;
$signature = base64UrlDecode($signatureEncoded);
// 验证签名
$verifyResult = openssl_verify($data, $signature, $publicKey, OPENSSL_ALGO_SHA256);
if ($verifyResult === 1) {
return true;
} else {
return false;
}
}
// Base64 URL 编码
function base64UrlEncode($data)
{
$urlsafe = strtr(base64_encode($data), '+/', '-_');
return rtrim($urlsafe, '=');
}
// Base64 URL 解码
function base64UrlDecode($data)
{
$data = strtr($data, '-_', '+/');
$dataLen = strlen($data) % 4;
if ($dataLen) {
$data .= str_repeat('=', 4 - $dataLen);
}
return base64_decode($data);
}
// 读取私钥
$privateKey = openssl_pkey_get_private("file://path/to/private_key.pem");
// 读取公钥
$publicKey = openssl_pkey_get_public("file://path/to/public_key.pem");
// 生成Token
$payload = array(
"sub" => "1234567890",
"name" => "John Doe",
"iat" => 1516239022
);
$jwtToken = generateToken($payload, $privateKey);
echo "JWT Token: " . $jwtToken . "\n";
// 验证Token
$verifyResult = verifyToken($jwtToken, $publicKey);
if ($verifyResult) {
echo "Token 验证成功\n";
} else {
echo "Token 验证失败\n";
}
```
在以上示例代码中,`generateToken` 函数用于生成JWT Token,`verifyToken` 函数用于验证JWT Token。`base64UrlEncode` 和 `base64UrlDecode` 分别用于进行Base64 URL编码和解码。请注意,需要将私钥和公钥保存在文件中,并且需要指定正确的文件路径。