jessicaplant/passport-custom-jwt-claims
Composer 安装命令:
composer require jessicaplant/passport-custom-jwt-claims
包简介
Customize JWT claims in Laravel Passport access tokens
README 文档
README
Customize the JWT claims in Laravel/Passport access tokens
What are JWT claims?
All access tokens issued by Laravel/Passport are in fact JSON web tokens (JWT). Each token contains a set of claims consisting of JSON key value pairs. Because the token is cryptographically signed using a public/private RSA key pair we can trust that the claims contained in the token were issued by Laravel/Passport.
Here is an example token containing the default Laravel/Passport claims:
eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjllNzAxMjhmOTkwZTFlZjI0NGFmMDc0YjQzMzA2YTRmNDViZWFiNjU1MzM5NjE2ODIyOGJmODc2Y2UwMTAwNTIyNGZhMTc5MzdkMGYwMTU3In0.eyJhdWQiOiJjOGUxMDRmMC0wNTYyLTExZTctOTA1Yi0zZDc3ZGY5N2YyZjgiLCJqdGkiOiI5ZTcwMTI4Zjk5MGUxZWYyNDRhZjA3NGI0MzMwNmE0ZjQ1YmVhYjY1NTMzOTYxNjgyMjhiZjg3NmNlMDEwMDUyMjRmYTE3OTM3ZDBmMDE1NyIsImlhdCI6MTQ4OTkwMTc1NSwibmJmIjoxNDg5OTAxNzU1LCJleHAiOjE1MjE0Mzc3NTUsInN1YiI6ImM4ZGY5OWEwLTA1NjItMTFlNy05MDgyLWJmZDdhYTMzMTFlOCIsInNjb3BlcyI6W119.qFGwfeWezJZZaxNIZyPfnnGHkUdAPhHvJ3Nf3NYa8Y5Ba2ubfil21KgzeugY1aDSU93oWLMcUzGkoVblT1U79IlPV6JiGhMA4x7jHB5yJPKZeH-maaB8HKzQ8CoFG0YEAc_60G2ZwCDLv-NhuaxgDOXFc7FaX1qc3U1MpyJixEIjZc0xQ_CuRRVf3Kzx1rTXedJpbqFxTDYGDnKx4HLo5l96t8mdlmiToU6TphYDRAIkQjsTZKP9YRRIahm3cZF56nO9qaqpTpANjhiV4IJqejDki53NkBEqnhDLS4ZPJFK2qLD62Aiw7wBxKhmfNyYQJNxeC6D1PaftFzudbAi7RtQikn0xIgzKl1jmMpgjyGmAPQfnqMlE68rMIw-KqICh2nPQJcr5OO8ZsBMzL5EbjBOjemBHAm2sBViijqaU2-Ig3bwCB_kfKLrtumuUPIDbWV3tTMzBBSdY6P9dnVGJZawYiheU4rAqiru1fWZ8WpdGASrAxfRmiRTqDnRMQ82unbi5MC-f-NJhmhRwFN4QAgmxGm2T4gy0uRdKZ3ER_FDE4MEsKGb0qIkkGtjt77eLBq_jA6GXbVP948lbJAKTJsi3KOR5rMhZSAI-MywTMXWUISn5ZwgCAHfwUofPJNpGqRAkm9l5lcjMVTf2-VYCB7VdREizvg-fidZ9HcYUfSo
If we decode the token you get the following JWT payload object:
{
"aud": "c8e104f0-0562-11e7-905b-3d77df97f2f8",
"jti": "9e70128f990e1ef244af074b43306a4f45beab6553396168228bf876ce01005224fa17937d0f0157",
"iat": 1489901755,
"nbf": 1489901755,
"exp": 1521437755,
"sub": "c8df99a0-0562-11e7-9082-bfd7aa3311e8",
"scopes": []
}
For reference, the claim aud is the Laravel/Passport client_id that issued the token and the key sub refers to the
user id in your laravel users table. Note that my client_id and user_id columns are UUID data types.
Why would you need custom claims?
The OpenID Connect protocol requires JWT claims that are not included in Laravel/Passport access tokens. Adding custom claims allows us to use access tokens issued by Laravel/Passport to authenticate with other services using OpenID Connect. For example, with this package it is possible to use a Laravel/Passport access token to authenticate a laravel user on a Couchbase Sync Gateway server.
Installation
Install the package via composer:
composer require benbjurstrom/passport-custom-jwt-claims
Add the service provider to the config/app.php providers array.
// config/app.php 'providers' => [ ... BenBjurstrom\JwtClaims\JwtClaimsServiceProvider::class ];
Do not include Laravel\Passport\PassportServiceProvider in your providers array
as JwtClaimsServiceProvider extends from it.
Configuration
To set your custom claims you must publish the config file:
php artisan vendor:publish --provider="JwtClaimsServiceProvider"
This is the contents of the published file. Add additional claims as needed.
return [ /* |-------------------------------------------------------------------------- | User Claims |-------------------------------------------------------------------------- | | User claims will be loaded from the properties of the auth providers model | specified in the auth config file. | */ 'user_claims' => [ 'name' => 'name', 'email' => 'email', ], /* |-------------------------------------------------------------------------- | App claims |-------------------------------------------------------------------------- | | App claims are static and will be given the specified value across all | tokens issued by the app. | */ 'app_claims' => [ 'iss' => url('') ] ];
jessicaplant/passport-custom-jwt-claims 适用场景与选型建议
jessicaplant/passport-custom-jwt-claims 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 10.91k 次下载、GitHub Stars 达 1, 最近一次更新时间为 2019 年 03 月 05 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「api」 「OpenId」 「laravel」 「passport」 「custom」 「jwt」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 jessicaplant/passport-custom-jwt-claims 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 jessicaplant/passport-custom-jwt-claims 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 jessicaplant/passport-custom-jwt-claims 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Ory-Hydra OAuth 2.0 Client Provider for The PHP League OAuth2-Client
Bare-bones OpenID Connect client
Multi-provider authentication framework for PHP
DreamFactory Oasys(tm) Open Authentication System
A PSR-7 compatible library for making CRUD API endpoints
PHP OpenID Connect Basic Client for MISP OIDC Plugin
统计信息
- 总下载量: 10.91k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 2
- 点击次数: 17
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2019-03-05