PHP Firebase 帮助 - 设置 JWT

Question

在我的服务器上，我正在运行一些读取 Firebase 实时数据库的 PHP 文件。根据Firebase's documents，我需要设置自定义令牌才能让我的Firebase PHP Client 运行。 Firebase 文件说我需要退还这个；

  return JWT::encode($payload, $private_key, "RS256");

我究竟如何引用 JWT 类？我下载了一个 JWT 库，但我不确定如何在我的项目中实现它。任何帮助都会很棒，我主要是一名移动开发人员，对 PHP 的经验很少。

Answer 1

firebase/php-jwt 库使用Composer。如果你有 Android 开发背景，Composer 是一个 PHP 的依赖管理器，类似于 Java 中的 Maven。您需要知道如何使用 PHP 的 require/include 函数在 PHP 中导入类。您需要一些 php 经验才能使用 composer。

为了在没有作曲家的情况下使用firebase/php-jwt 库，您可以使用以下示例代码：（我在jwt 文件夹中下载了库）

require_once 'jwt/src/BeforeValidException.php';
require_once 'jwt/src/ExpiredException.php';
require_once 'jwt/src/SignatureInvalidException.php';
require_once 'jwt/src/JWT.php';


use \Firebase\JWT\JWT;

$key = "example_key";
$token = array(
   "iss" => "http://example.org",
   "aud" => "http://example.com",
   "iat" => 1356999524,
   "nbf" => 1357000000
);

/**
 * IMPORTANT:
 * You must specify supported algorithms for your application. See
 * https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40
 * for a list of spec-compliant algorithms.
*/
$jwt = JWT::encode($token, $key);
$decoded = JWT::decode($jwt, $key, array('HS256'));

print_r($decoded);

/*
 NOTE: This will now be an object instead of an associative array. To get
 an associative array, you will need to cast it as such:
*/

$decoded_array = (array) $decoded;

/**
* You can add a leeway to account for when there is a clock skew times   between
* the signing and verifying servers. It is recommended that this leeway should
* not be bigger than a few minutes.
*
* Source: http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#nbfDef
*/
   JWT::$leeway = 60; // $leeway in seconds
   $decoded = JWT::decode($jwt, $key, array('HS256'));

Answer 2

firebase/php-jwt

来源Link和Angular App

<?php

 // Allow from any origin
    if (isset($_SERVER['HTTP_ORIGIN'])) {
        header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
        header('Access-Control-Allow-Credentials: true');
        header('Access-Control-Max-Age: 86400');    // cache for 1 day
    }

    // Access-Control headers are received during OPTIONS requests
    if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {

        if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
            header("Access-Control-Allow-Methods: GET, POST, OPTIONS");         

        if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
            header("Access-Control-Allow-Headers:        {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");

        exit(0);
    }


require_once('vendor/autoload.php');
use \Firebase\JWT\JWT; 
define('SECRET_KEY','Super-Secret-Key');  // secret key can be a random string and keep in secret from anyone
define('ALGORITHM','HS256');   // Algorithm used to sign the token



$postdata = file_get_contents("php://input");
$request = json_decode($postdata);


$action = $request->action;


// Login section
if ($action == 'login') {

    $email = $request->email;
    $password = $request->password; 

        //A dummy credential match.. you should have some SQl queries to match from databases
        if($email == "freaky@jolly.com" && $password == "12345678")
        {
            $iat = time(); // time of token issued at
            $nbf = $iat + 10; //not before in seconds
            $exp = $iat + 60; // expire time of token in seconds

            $token = array(
                "iss" => "http://example.org",
                "aud" => "http://example.com",
                "iat" => $iat,
                "nbf" => $nbf,
                "exp" => $exp,
                "data" => array(
                        "id" => 11,
                        "email" => $email
                )
            );

            http_response_code(200);

            $jwt = JWT::encode($token, SECRET_KEY);


            $data_insert=array(
                'access_token' => $jwt,                                 
                'id'   => '007',
                'name' => 'Jolly',
                'time' => time(),
                'username' => 'FreakyJolly', 
                'email' => 'contact@freakyjolly.com', 
                'status' => "success",
                'message' => "Successfully Logged In"
            );


        }else{
            $data_insert=array(
                "data" => "0",
                "status" => "invalid",
                "message" => "Invalid Request"
            );  
        }   

}
// Get Dashboard stuff
else if($action == 'stuff'){

    $authHeader = $_SERVER['HTTP_AUTHORIZATION'];
    $temp_header = explode(" ", $authHeader);
    $jwt = $temp_header[1];

    try {
        JWT::$leeway = 10;
        $decoded = JWT::decode($jwt, SECRET_KEY, array(ALGORITHM));

        // Access is granted. Add code of the operation here 

        $data_from_server = '{"Coords":[{"Accuracy":"65","Latitude":"53.277720488429026","Longitude":"-9.012038778269686","Timestamp":"Fri Jul 05 2013 11:59:34 GMT+0100 (IST)"},{"Accuracy":"65","Latitude":"53.277720488429026","Longitude":"-9.012038778269686","Timestamp":"Fri Jul 05 2013 11:59:34 GMT+0100 (IST)"},{"Accuracy":"65","Latitude":"53.27770755361785","Longitude":"-9.011979642121824","Timestamp":"Fri Jul 05 2013 12:02:09 GMT+0100 (IST)"},{"Accuracy":"65","Latitude":"53.27769091555766","Longitude":"-9.012051410095722","Timestamp":"Fri Jul 05 2013 12:02:17 GMT+0100 (IST)"},{"Accuracy":"65","Latitude":"53.27769091555766","Longitude":"-9.012051410095722","Timestamp":"Fri Jul 05 2013 12:02:17 GMT+0100 (IST)"}]}';


        $data_insert=array(
            "data" => json_decode($data_from_server),
            "status" => "success",
            "message" => "Request authorized"
        );  

    }catch (Exception $e){

        http_response_code(401);

        $data_insert=array(
            //"data" => $data_from_server,
            "jwt" => $jwt,
            "status" => "error",
            "message" => $e->getMessage()
        );

    }   
}

echo json_encode($data_insert);
?>