The Reserved Claims Object - fachsimpeln/EasyJWT GitHub Wiki
Description
This class provides all reserved claims. These claims can be used to share information with other libraries - as they are mostly understood by any library - and, of course, to organize, validate and handle the JWTs.
These claims can not be set in an array of a JWTData object.
Reserved Claims
| Claim | Type | Long claim name | Description |
|---|---|---|---|
iss |
string | issuer | Issuer of the JWT |
sub |
string | subject | Subject of the JWT (the user) |
aud |
array | audience | Recipient for which the JWT is intended |
exp |
int | expiration time | Time after which the JWT expires |
nbf |
int | not before time | Time before which the JWT must not be accepted for processing |
iat |
int | issued at time | Time at which the JWT was issued; can be used to determine age of the JWT |
jti |
string | JWT ID | Unique identifier; can be used to prevent the JWT from being replayed (allows a token to be used only once) |
~ Source: Auth0 JSON Web Token Claims after the RFC Standard RFC 7519.
Parameters for creating a new JWTReservedClaims Object
Create a new JWTReservedClaims Object
When creating a reserved claims object, the time is automatically set in the iat claim. If you want to set your own issue time, just pass the timestamp as an integer to the constructor.
How to set a claim
Use the function SetClaim() to set a claim.
| Parameter | Description |
|---|---|
$claim_name |
Name of the claim you want to set (possible values: iss, sub, aud, exp, nbf, jti) |
$claim_value |
Value for the claim |
The
$claim_nameis case-insensitive
If a wrong data type was given for the claim, the function returns false. Throws an InvalidArgumentException if claim name is not a reserved one.
Enable or Disable the issue at (IAT) timestamp
Enable / Update
To enable the IAT timestamp (enabled by default) or update the timestamp, call EnableIAT()
Disable
To disable the IAT timestamp, call DisableIAT()
Example Code
// Create reserved claims object
$jwt_r_claims = new EasyJWT\JWTReservedClaims();
// Expire in 30 seconds
$jwt_r_claims->SetClaim('EXP', time() + 30);
// Be valid in 5 seconds, not immediately
$jwt_r_claims->SetClaim('NBF', time() + 5);
// Issuer name
$jwt_r_claims->SetClaim('iss', 'localhost');
// Pass it to the JWTOptions constructor
$jwt_options = new EasyJWT\JWTOptions('HS512', $jwt_r_claims);