Works great with LexikJWTAuthenticationBundle
composer require eljam/guzzle-jwt-middleware
<?php
use Eljam\GuzzleJwt\JwtMiddleware;
use Eljam\GuzzleJwt\Manager\JwtManager;
use Eljam\GuzzleJwt\Strategy\Auth\QueryAuthStrategy;
use GuzzleHttp\Client;
use GuzzleHttp\HandlerStack;
require_once 'vendor/autoload.php';
//Create your auth strategy
$authStrategy = new QueryAuthStrategy(['username' => 'admin', 'password' => 'admin']);
//Optionnal: create your persistence strategy
$persistenceStrategy = null;
$baseUri = 'http://api.example.org/';
// Create authClient
$authClient = new Client(['base_uri' => $baseUri]);
//Create the JwtManager
$jwtManager = new JwtManager(
$authClient,
$authStrategy,
$persistenceStrategy,
[
'token_url' => '/api/token',
]
);
// Create a HandlerStack
$stack = HandlerStack::create();
// Add middleware
$stack->push(new JwtMiddleware($jwtManager));
$client = new Client(['handler' => $stack, 'base_uri' => $baseUri]);
try {
$response = $client->get('/api/ping');
echo($response->getBody());
} catch (TransferException $e) {
echo $e->getMessage();
}
//response
//{"data":"pong"}
$authStrategy = new QueryAuthStrategy(
[
'username' => 'admin',
'password' => 'admin',
'query_fields' => ['username', 'password'],
]
);
$authStrategy = new FormAuthStrategy(
[
'username' => 'admin',
'password' => 'admin',
'form_fields' => ['username', 'password'],
]
);
$authStrategy = new HttpBasicAuthStrategy(
[
'username' => 'admin',
'password' => 'password',
]
);
$authStrategy = new JsonAuthStrategy(
[
'username' => 'admin',
'password' => 'admin',
'json_fields' => ['username', 'password'],
]
);
To avoid requesting a token everytime php runs, you can pass to JwtManager
an implementation of TokenPersistenceInterface
.
By default NullTokenPersistence
will be used.
If you have any PSR-16 compatible cache, you can use it as a persistence handler:
<?php
use Eljam\GuzzleJwt\Persistence\SimpleCacheTokenPersistence;
use Psr\SimpleCache\CacheInterface;
/**
* @var CacheInterface
*/
$psr16cache;
$persistenceStrategy = new SimpleCacheTokenPersistence($psr16cache);
Optionnally you can specify the TTL and cache key used:
<?php
use Eljam\GuzzleJwt\Persistence\SimpleCacheTokenPersistence;
use Psr\SimpleCache\CacheInterface;
/**
* @var CacheInterface
*/
$psr16cache;
$ttl = 1800;
$cacheKey = 'myUniqueKey';
$persistenceStrategy = new SimpleCacheTokenPersistence($psr16cache, $ttl, $cacheKey);
You may create you own persistence handler by implementing the TokenPersistenceInterface
:
namespace App\Jwt\Persistence;
use Eljam\GuzzleJwt\Persistence\TokenPersistenceInterface;
class MyCustomPersistence implements TokenPersistenceInterface
{
/**
* Save the token data.
*
* @param JwtToken $token
*/
public function saveToken(JwtToken $token)
{
// Use APCu, Redis or whatever fits your needs.
return;
}
/**
* Retrieve the token from storage and return it.
* Return null if nothing is stored.
*
* @return JwtToken Restored token
*/
public function restoreToken()
{
return null;
}
/**
* Delete the saved token data.
*/
public function deleteToken()
{
return;
}
/**
* Returns true if a token exists (although it may not be valid)
*
* @return bool
*/
public function hasToken()
{
return false;
}
}
By default this library assumes your json response has a key token
, something like this:
{
token: "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9..."
}
but now you can change the token_key in the JwtManager options:
$jwtManager = new JwtManager(
$authClient,
$authStrategy,
$persistenceStrategy,
[
'token_url' => '/api/token',
'token_key' => 'access_token',
]
);
Some endpoints use different Authorization header types (Bearer, JWT, etc...).
The default is Bearer, but another type can be supplied in the middleware:
$stack->push(new JwtMiddleware($jwtManager, 'JWT'));
To avoid too many calls between multiple request, there is a cache system.
Json example:
{
token: "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9...",
expires_in: "3600"
}
$jwtManager = new JwtManager(
$authClient,
$authStrategy,
$persistenceStrategy,
[
'token_url' => '/api/token',
'token_key' => 'access_token',
'expire_key' => 'expires_in', # default is expires_in if not set
]
);
The bundle natively supports the exp field in the JWT payload.