The Reserved Claims Object - fachsimpeln/EasyJWT GitHub Wiki

Description

This class provides all reserved claims. These claims can be used to share information with other libraries - as they are mostly understood by any library - and, of course, to organize, validate and handle the JWTs.

These claims can not be set in an array of a JWTData object.

Reserved Claims

Claim Type Long claim name Description
iss string issuer Issuer of the JWT
sub string subject Subject of the JWT (the user)
aud array audience Recipient for which the JWT is intended
exp int expiration time Time after which the JWT expires
nbf int not before time Time before which the JWT must not be accepted for processing
iat int issued at time Time at which the JWT was issued; can be used to determine age of the JWT
jti string JWT ID Unique identifier; can be used to prevent the JWT from being replayed (allows a token to be used only once)

~ Source: Auth0 JSON Web Token Claims after the RFC Standard RFC 7519.

Parameters for creating a new JWTReservedClaims Object

Create a new JWTReservedClaims Object

When creating a reserved claims object, the time is automatically set in the iat claim. If you want to set your own issue time, just pass the timestamp as an integer to the constructor.

How to set a claim

Use the function SetClaim() to set a claim.

Parameter Description
$claim_name Name of the claim you want to set (possible values: iss, sub, aud, exp, nbf, jti)
$claim_value Value for the claim

The $claim_name is case-insensitive

If a wrong data type was given for the claim, the function returns false. Throws an InvalidArgumentException if claim name is not a reserved one.

Enable or Disable the issue at (IAT) timestamp

Enable / Update

To enable the IAT timestamp (enabled by default) or update the timestamp, call EnableIAT()

Disable

To disable the IAT timestamp, call DisableIAT()

Example Code

// Create reserved claims object
$jwt_r_claims = new EasyJWT\JWTReservedClaims();

// Expire in 30 seconds
$jwt_r_claims->SetClaim('EXP', time() + 30);
// Be valid in 5 seconds, not immediately
$jwt_r_claims->SetClaim('NBF', time() + 5);
// Issuer name
$jwt_r_claims->SetClaim('iss', 'localhost');

// Pass it to the JWTOptions constructor
$jwt_options = new EasyJWT\JWTOptions('HS512', $jwt_r_claims);