PHP使用 JWT进行登录
<h3>一、用户认证问题</h3><p>最初互联网用户认证一般流程如下:</p>
<blockquote>
<p>1、用户登录,向服务器发送用户名和密码。</p>
<p>2、服务器验证用户信息通过后,在当前对话(session)里面保存相关数据,比如用户角色、登录时间等等。</p>
<p>3、服务器向用户返回一个 session_id,客户端获取后将这个session_id写入 Cookie。</p>
<p>4、用户随后的每一次请求,都会通过 Cookie,将 session_id 传回服务器。</p>
<p>5、服务器收到 session_id,找到前期保存的数据,由此得知用户的身份。</p>
</blockquote>
<p>这种模式的问题在于:</p>
<p>1.扩展性不好。单机当然没有问题,如果是服务器集群,或者是跨域的服务导向架构,就要求 session 数据共享,每台服务器都能够读取 session</p>
<p>2.服务端为了存贮session同时快速的获取session,一般会选择将其存储在内存中,消耗服务器内存资源。</p>
<p> </p>
<p>JWT 便是这些问题的一个解决方案:服务端不再保存任何客户数据,而是在用户最开始登录时生成一个令牌并返回给客户端,客户端每次请求带上令牌,服务端便知道请求的对象时谁,真正做到了无状态。</p>
<p> </p>
<h3>二、JWT(JSON Web Token)</h3>
<p>JWT 的原理是,服务器认证以后,生成一个 JSON 对象。以后,用户与服务端通信的时候,都要发回这个 JSON 对象。服务器完全只靠这个对象认定用户身份。为了防止用户篡改数据,服务器在生成这个对象的时候,会加上签名并加密。</p>
<p>JWT 的最大缺点是,由于服务器不保存 session 状态,因此无法在使用过程中废止某个 token,或者更改 token 的权限。也就是说,一旦 JWT 签发了,在到期之前就会始终有效,除非服务器部署额外的逻辑。</p>
<p>也是由于这个原因,无法实现动态令牌效果,即在用户持续使用阶段不废止令牌,而在用户停止操作一段时间后废除令牌。</p>
<div class="cnblogs_code">
<pre><?<span style="color: rgba(0, 0, 0, 1)">php
namespace app\home\controller;
</span><span style="color: rgba(0, 0, 255, 1)">use</span><span style="color: rgba(0, 0, 0, 1)"> \DomainException;
</span><span style="color: rgba(0, 0, 255, 1)">use</span><span style="color: rgba(0, 0, 0, 1)"> \InvalidArgumentException;
</span><span style="color: rgba(0, 0, 255, 1)">use</span><span style="color: rgba(0, 0, 0, 1)"> \UnexpectedValueException;
</span><span style="color: rgba(0, 0, 255, 1)">use</span><span style="color: rgba(0, 0, 0, 1)"> \DateTime;
</span><span style="color: rgba(0, 0, 255, 1)">class</span><span style="color: rgba(0, 0, 0, 1)"> Jwt
{
</span><span style="color: rgba(0, 0, 255, 1)">const</span> ASN1_INTEGER = 0x02<span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(0, 0, 255, 1)">const</span> ASN1_SEQUENCE = 0x10<span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(0, 0, 255, 1)">const</span> ASN1_BIT_STRING = 0x03<span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">加密密钥</span>
<span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(128, 0, 128, 1)">$key</span> = 'qwerqwr12341234brqbwbsdafa'<span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">有效期检查</span>
<span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(128, 0, 128, 1)">$leeway</span> = 0<span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">允许指定当前时间戳,默认为PHP的time()</span>
<span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(128, 0, 128, 1)">$timestamp</span> = <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(128, 0, 128, 1)">$supported_algs</span> = <span style="color: rgba(0, 0, 255, 1)">array</span><span style="color: rgba(0, 0, 0, 1)">(
</span>'ES256' => <span style="color: rgba(0, 0, 255, 1)">array</span>('openssl', 'SHA256'),
'HS256' => <span style="color: rgba(0, 0, 255, 1)">array</span>('hash_hmac', 'SHA256'),
'HS384' => <span style="color: rgba(0, 0, 255, 1)">array</span>('hash_hmac', 'SHA384'),
'HS512' => <span style="color: rgba(0, 0, 255, 1)">array</span>('hash_hmac', 'SHA512'),
'RS256' => <span style="color: rgba(0, 0, 255, 1)">array</span>('openssl', 'SHA256'),
'RS384' => <span style="color: rgba(0, 0, 255, 1)">array</span>('openssl', 'SHA384'),
'RS512' => <span style="color: rgba(0, 0, 255, 1)">array</span>('openssl', 'SHA512'),<span style="color: rgba(0, 0, 0, 1)">
);
</span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
* 将字符串编码为PHP对象
* @param string $jwt 原始未加密字串
* @param string|array|resource $key 加密钥匙,如果使用的时非对称加密,这里需要传输公钥
* @param array $allowed_algs 支持的验证算法列表
* @return object The JWT's payload as a PHP object
* @throws UnexpectedValueException Provided JWT was invalid
* @uses jsonDecode
* @uses urlsafeB64Decode
</span><span style="color: rgba(0, 128, 0, 1)">*/</span>
<span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">function</span> decode(<span style="color: rgba(128, 0, 128, 1)">$jwt</span>, <span style="color: rgba(128, 0, 128, 1)">$key</span>, <span style="color: rgba(0, 0, 255, 1)">array</span> <span style="color: rgba(128, 0, 128, 1)">$allowed_algs</span> = <span style="color: rgba(0, 0, 255, 1)">array</span><span style="color: rgba(0, 0, 0, 1)">())
{
</span><span style="color: rgba(128, 0, 128, 1)">$timestamp</span> = <span style="color: rgba(0, 128, 128, 1)">is_null</span>(<span style="color: rgba(0, 0, 255, 1)">static</span>::<span style="color: rgba(128, 0, 128, 1)">$timestamp</span>) ? <span style="color: rgba(0, 128, 128, 1)">time</span>() : <span style="color: rgba(0, 0, 255, 1)">static</span>::<span style="color: rgba(128, 0, 128, 1)">$timestamp</span><span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 0, 255, 1)">empty</span>(<span style="color: rgba(128, 0, 128, 1)">$key</span><span style="color: rgba(0, 0, 0, 1)">)) {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> InvalidArgumentException('Key may not be empty'<span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(128, 0, 128, 1)">$tks</span> = <span style="color: rgba(0, 128, 128, 1)">explode</span>('.', <span style="color: rgba(128, 0, 128, 1)">$jwt</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 128, 128, 1)">count</span>(<span style="color: rgba(128, 0, 128, 1)">$tks</span>) != 3<span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> UnexpectedValueException('Wrong number of segments'<span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 0, 255, 1)">list</span>(<span style="color: rgba(128, 0, 128, 1)">$headb64</span>, <span style="color: rgba(128, 0, 128, 1)">$bodyb64</span>, <span style="color: rgba(128, 0, 128, 1)">$cryptob64</span>) = <span style="color: rgba(128, 0, 128, 1)">$tks</span><span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 0, 255, 1)">null</span> === (<span style="color: rgba(128, 0, 128, 1)">$header</span> = <span style="color: rgba(0, 0, 255, 1)">static</span>::jsonDecode(<span style="color: rgba(0, 0, 255, 1)">static</span>::urlsafeB64Decode(<span style="color: rgba(128, 0, 128, 1)">$headb64</span><span style="color: rgba(0, 0, 0, 1)">)))) {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> UnexpectedValueException('Invalid header encoding'<span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 0, 255, 1)">null</span> === <span style="color: rgba(128, 0, 128, 1)">$payload</span> = <span style="color: rgba(0, 0, 255, 1)">static</span>::jsonDecode(<span style="color: rgba(0, 0, 255, 1)">static</span>::urlsafeB64Decode(<span style="color: rgba(128, 0, 128, 1)">$bodyb64</span><span style="color: rgba(0, 0, 0, 1)">))) {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> UnexpectedValueException('Invalid claims encoding'<span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 0, 255, 1)">false</span> === (<span style="color: rgba(128, 0, 128, 1)">$sig</span> = <span style="color: rgba(0, 0, 255, 1)">static</span>::urlsafeB64Decode(<span style="color: rgba(128, 0, 128, 1)">$cryptob64</span><span style="color: rgba(0, 0, 0, 1)">))) {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> UnexpectedValueException('Invalid signature encoding'<span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 0, 255, 1)">empty</span>(<span style="color: rgba(128, 0, 128, 1)">$header</span>-><span style="color: rgba(0, 0, 0, 1)">alg)) {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> UnexpectedValueException('Empty algorithm'<span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 0, 255, 1)">empty</span>(<span style="color: rgba(0, 0, 255, 1)">static</span>::<span style="color: rgba(128, 0, 128, 1)">$supported_algs</span>[<span style="color: rgba(128, 0, 128, 1)">$header</span>-><span style="color: rgba(0, 0, 0, 1)">alg])) {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> UnexpectedValueException('Algorithm not supported'<span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (!<span style="color: rgba(0, 128, 128, 1)">in_array</span>(<span style="color: rgba(128, 0, 128, 1)">$header</span>->alg, <span style="color: rgba(128, 0, 128, 1)">$allowed_algs</span><span style="color: rgba(0, 0, 0, 1)">)) {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> UnexpectedValueException('Algorithm not allowed'<span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(128, 0, 128, 1)">$header</span>->alg === 'ES256'<span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> OpenSSL expects an ASN.1 DER sequence for ES256 signatures</span>
<span style="color: rgba(128, 0, 128, 1)">$sig</span> = self::signatureToDER(<span style="color: rgba(128, 0, 128, 1)">$sig</span><span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 128, 128, 1)">is_array</span>(<span style="color: rgba(128, 0, 128, 1)">$key</span>) || <span style="color: rgba(128, 0, 128, 1)">$key</span><span style="color: rgba(0, 0, 0, 1)"> instanceof \ArrayAccess) {
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 0, 255, 1)">isset</span>(<span style="color: rgba(128, 0, 128, 1)">$header</span>-><span style="color: rgba(0, 0, 0, 1)">kid)) {
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (!<span style="color: rgba(0, 0, 255, 1)">isset</span>(<span style="color: rgba(128, 0, 128, 1)">$key</span>[<span style="color: rgba(128, 0, 128, 1)">$header</span>-><span style="color: rgba(0, 0, 0, 1)">kid])) {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> UnexpectedValueException('"kid" invalid, unable to lookup correct key'<span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(128, 0, 128, 1)">$key</span> = <span style="color: rgba(128, 0, 128, 1)">$key</span>[<span style="color: rgba(128, 0, 128, 1)">$header</span>-><span style="color: rgba(0, 0, 0, 1)">kid];
} </span><span style="color: rgba(0, 0, 255, 1)">else</span><span style="color: rgba(0, 0, 0, 1)"> {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> UnexpectedValueException('"kid" empty, unable to lookup correct key'<span style="color: rgba(0, 0, 0, 1)">);
}
}
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">检查签名</span>
<span style="color: rgba(0, 0, 255, 1)">if</span> (!<span style="color: rgba(0, 0, 255, 1)">static</span>::verify("<span style="color: rgba(128, 0, 128, 1)">$headb64</span>.<span style="color: rgba(128, 0, 128, 1)">$bodyb64</span>", <span style="color: rgba(128, 0, 128, 1)">$sig</span>, <span style="color: rgba(128, 0, 128, 1)">$key</span>, <span style="color: rgba(128, 0, 128, 1)">$header</span>-><span style="color: rgba(0, 0, 0, 1)">alg)) {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> \UnexpectedValueException('Signature verification failed'<span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> 检查是否到了起作用的时间,未到则禁止</span>
<span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 0, 255, 1)">isset</span>(<span style="color: rgba(128, 0, 128, 1)">$payload</span>->nbf) && <span style="color: rgba(128, 0, 128, 1)">$payload</span>->nbf > (<span style="color: rgba(128, 0, 128, 1)">$timestamp</span> + <span style="color: rgba(0, 0, 255, 1)">static</span>::<span style="color: rgba(128, 0, 128, 1)">$leeway</span><span style="color: rgba(0, 0, 0, 1)">)) {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> \UnexpectedValueException(
</span>'Cannot handle token prior to ' . <span style="color: rgba(0, 128, 128, 1)">date</span>(DateTime::ISO8601, <span style="color: rgba(128, 0, 128, 1)">$payload</span>-><span style="color: rgba(0, 0, 0, 1)">nbf)
);
}
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 0, 255, 1)">isset</span>(<span style="color: rgba(128, 0, 128, 1)">$payload</span>->iat) && <span style="color: rgba(128, 0, 128, 1)">$payload</span>->iat > (<span style="color: rgba(128, 0, 128, 1)">$timestamp</span> + <span style="color: rgba(0, 0, 255, 1)">static</span>::<span style="color: rgba(128, 0, 128, 1)">$leeway</span><span style="color: rgba(0, 0, 0, 1)">)) {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> \UnexpectedValueException(
</span>'Cannot handle token prior to ' . <span style="color: rgba(0, 128, 128, 1)">date</span>(DateTime::ISO8601, <span style="color: rgba(128, 0, 128, 1)">$payload</span>-><span style="color: rgba(0, 0, 0, 1)">iat)
);
}
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> 过期检查</span>
<span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 0, 255, 1)">isset</span>(<span style="color: rgba(128, 0, 128, 1)">$payload</span>-><span style="color: rgba(0, 128, 128, 1)">exp</span>) && (<span style="color: rgba(128, 0, 128, 1)">$timestamp</span> - <span style="color: rgba(0, 0, 255, 1)">static</span>::<span style="color: rgba(128, 0, 128, 1)">$leeway</span>) >= <span style="color: rgba(128, 0, 128, 1)">$payload</span>-><span style="color: rgba(0, 128, 128, 1)">exp</span><span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> \UnexpectedValueException('Expired token'<span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(128, 0, 128, 1)">$payload</span><span style="color: rgba(0, 0, 0, 1)">;
}
</span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
* Converts and signs a PHP object or array into a JWT string.
*
* @param object|array $payload PHP object or array
* @param string $key The secret key.
* If the algorithm used is asymmetric, this is the private key
* @param string $alg The signing algorithm.
* Supported algorithms are 'ES256', 'HS256', 'HS384', 'HS512', 'RS256', 'RS384', and 'RS512'
* @param mixed $keyId
* @param array $head An array with header elements to attach
*
* @return string A signed JWT
*
* @uses jsonEncode
* @uses urlsafeB64Encode
</span><span style="color: rgba(0, 128, 0, 1)">*/</span>
<span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">function</span> encode(<span style="color: rgba(128, 0, 128, 1)">$payload</span>, <span style="color: rgba(128, 0, 128, 1)">$key</span>, <span style="color: rgba(128, 0, 128, 1)">$alg</span> = 'HS256', <span style="color: rgba(128, 0, 128, 1)">$keyId</span> = <span style="color: rgba(0, 0, 255, 1)">null</span>, <span style="color: rgba(128, 0, 128, 1)">$head</span> = <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">)
{
</span><span style="color: rgba(128, 0, 128, 1)">$header</span> = <span style="color: rgba(0, 0, 255, 1)">array</span>('typ' => 'JWT', 'alg' => <span style="color: rgba(128, 0, 128, 1)">$alg</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(128, 0, 128, 1)">$keyId</span> !== <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(128, 0, 128, 1)">$header</span>['kid'] = <span style="color: rgba(128, 0, 128, 1)">$keyId</span><span style="color: rgba(0, 0, 0, 1)">;
}
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 0, 255, 1)">isset</span>(<span style="color: rgba(128, 0, 128, 1)">$head</span>) && <span style="color: rgba(0, 128, 128, 1)">is_array</span>(<span style="color: rgba(128, 0, 128, 1)">$head</span><span style="color: rgba(0, 0, 0, 1)">)) {
</span><span style="color: rgba(128, 0, 128, 1)">$header</span> = <span style="color: rgba(0, 128, 128, 1)">array_merge</span>(<span style="color: rgba(128, 0, 128, 1)">$head</span>, <span style="color: rgba(128, 0, 128, 1)">$header</span><span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(128, 0, 128, 1)">$segments</span> = <span style="color: rgba(0, 0, 255, 1)">array</span><span style="color: rgba(0, 0, 0, 1)">();
</span><span style="color: rgba(128, 0, 128, 1)">$segments</span>[] = <span style="color: rgba(0, 0, 255, 1)">static</span>::urlsafeB64Encode(<span style="color: rgba(0, 0, 255, 1)">static</span>::jsonEncode(<span style="color: rgba(128, 0, 128, 1)">$header</span><span style="color: rgba(0, 0, 0, 1)">));
</span><span style="color: rgba(128, 0, 128, 1)">$segments</span>[] = <span style="color: rgba(0, 0, 255, 1)">static</span>::urlsafeB64Encode(<span style="color: rgba(0, 0, 255, 1)">static</span>::jsonEncode(<span style="color: rgba(128, 0, 128, 1)">$payload</span><span style="color: rgba(0, 0, 0, 1)">));
</span><span style="color: rgba(128, 0, 128, 1)">$signing_input</span> = <span style="color: rgba(0, 128, 128, 1)">implode</span>('.', <span style="color: rgba(128, 0, 128, 1)">$segments</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(128, 0, 128, 1)">$signature</span> = <span style="color: rgba(0, 0, 255, 1)">static</span>::sign(<span style="color: rgba(128, 0, 128, 1)">$signing_input</span>, <span style="color: rgba(128, 0, 128, 1)">$key</span>, <span style="color: rgba(128, 0, 128, 1)">$alg</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(128, 0, 128, 1)">$segments</span>[] = <span style="color: rgba(0, 0, 255, 1)">static</span>::urlsafeB64Encode(<span style="color: rgba(128, 0, 128, 1)">$signature</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 128, 128, 1)">implode</span>('.', <span style="color: rgba(128, 0, 128, 1)">$segments</span><span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
* Sign a string with a given key and algorithm.
*
* @param string $msg The message to sign
* @param string|resource $key The secret key
* @param string $alg The signing algorithm.
* Supported algorithms are 'ES256', 'HS256', 'HS384', 'HS512', 'RS256', 'RS384', and 'RS512'
*
* @return string An encrypted message
*
* @throws DomainException Unsupported algorithm was specified
</span><span style="color: rgba(0, 128, 0, 1)">*/</span>
<span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">function</span> sign(<span style="color: rgba(128, 0, 128, 1)">$msg</span>, <span style="color: rgba(128, 0, 128, 1)">$key</span>, <span style="color: rgba(128, 0, 128, 1)">$alg</span> = 'HS256'<span style="color: rgba(0, 0, 0, 1)">)
{
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 0, 255, 1)">empty</span>(<span style="color: rgba(0, 0, 255, 1)">static</span>::<span style="color: rgba(128, 0, 128, 1)">$supported_algs</span>[<span style="color: rgba(128, 0, 128, 1)">$alg</span><span style="color: rgba(0, 0, 0, 1)">])) {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> DomainException('Algorithm not supported'<span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 0, 255, 1)">list</span>(<span style="color: rgba(128, 0, 128, 1)">$function</span>, <span style="color: rgba(128, 0, 128, 1)">$algorithm</span>) = <span style="color: rgba(0, 0, 255, 1)">static</span>::<span style="color: rgba(128, 0, 128, 1)">$supported_algs</span>[<span style="color: rgba(128, 0, 128, 1)">$alg</span><span style="color: rgba(0, 0, 0, 1)">];
</span><span style="color: rgba(0, 0, 255, 1)">switch</span> (<span style="color: rgba(128, 0, 128, 1)">$function</span><span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(0, 0, 255, 1)">case</span> 'hash_hmac':
<span style="color: rgba(0, 0, 255, 1)">return</span> hash_hmac(<span style="color: rgba(128, 0, 128, 1)">$algorithm</span>, <span style="color: rgba(128, 0, 128, 1)">$msg</span>, <span style="color: rgba(128, 0, 128, 1)">$key</span>, <span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 0, 255, 1)">case</span> 'openssl':
<span style="color: rgba(128, 0, 128, 1)">$signature</span> = ''<span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(128, 0, 128, 1)">$success</span> = openssl_sign(<span style="color: rgba(128, 0, 128, 1)">$msg</span>, <span style="color: rgba(128, 0, 128, 1)">$signature</span>, <span style="color: rgba(128, 0, 128, 1)">$key</span>, <span style="color: rgba(128, 0, 128, 1)">$algorithm</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (!<span style="color: rgba(128, 0, 128, 1)">$success</span><span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> DomainException("OpenSSL unable to sign data"<span style="color: rgba(0, 0, 0, 1)">);
} </span><span style="color: rgba(0, 0, 255, 1)">else</span><span style="color: rgba(0, 0, 0, 1)"> {
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(128, 0, 128, 1)">$alg</span> === 'ES256'<span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(128, 0, 128, 1)">$signature</span> = self::signatureFromDER(<span style="color: rgba(128, 0, 128, 1)">$signature</span>, 256<span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(128, 0, 128, 1)">$signature</span><span style="color: rgba(0, 0, 0, 1)">;
}
}
}
</span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
* Verify a signature with the message, key and method. Not all methods
* are symmetric, so we must have a separate verify and sign method.
*
* @param string $msg The original message (header and body)
* @param string $signature The original signature
* @param string|resource $key For HS*, a string key works. for RS*, must be a resource of an openssl public key
* @param string $alg The algorithm
*
* @return bool
*
* @throws DomainException Invalid Algorithm or OpenSSL failure
</span><span style="color: rgba(0, 128, 0, 1)">*/</span>
<span style="color: rgba(0, 0, 255, 1)">private</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">function</span> verify(<span style="color: rgba(128, 0, 128, 1)">$msg</span>, <span style="color: rgba(128, 0, 128, 1)">$signature</span>, <span style="color: rgba(128, 0, 128, 1)">$key</span>, <span style="color: rgba(128, 0, 128, 1)">$alg</span><span style="color: rgba(0, 0, 0, 1)">)
{
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 0, 255, 1)">empty</span>(<span style="color: rgba(0, 0, 255, 1)">static</span>::<span style="color: rgba(128, 0, 128, 1)">$supported_algs</span>[<span style="color: rgba(128, 0, 128, 1)">$alg</span><span style="color: rgba(0, 0, 0, 1)">])) {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> DomainException('Algorithm not supported'<span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 0, 255, 1)">list</span>(<span style="color: rgba(128, 0, 128, 1)">$function</span>, <span style="color: rgba(128, 0, 128, 1)">$algorithm</span>) = <span style="color: rgba(0, 0, 255, 1)">static</span>::<span style="color: rgba(128, 0, 128, 1)">$supported_algs</span>[<span style="color: rgba(128, 0, 128, 1)">$alg</span><span style="color: rgba(0, 0, 0, 1)">];
</span><span style="color: rgba(0, 0, 255, 1)">switch</span> (<span style="color: rgba(128, 0, 128, 1)">$function</span><span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(0, 0, 255, 1)">case</span> 'openssl':
<span style="color: rgba(128, 0, 128, 1)">$success</span> = openssl_verify(<span style="color: rgba(128, 0, 128, 1)">$msg</span>, <span style="color: rgba(128, 0, 128, 1)">$signature</span>, <span style="color: rgba(128, 0, 128, 1)">$key</span>, <span style="color: rgba(128, 0, 128, 1)">$algorithm</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(128, 0, 128, 1)">$success</span> === 1<span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">;
} </span><span style="color: rgba(0, 0, 255, 1)">elseif</span> (<span style="color: rgba(128, 0, 128, 1)">$success</span> === 0<span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">;
}
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> returns 1 on success, 0 on failure, -1 on error.</span>
<span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> DomainException(
</span>'OpenSSL error: ' .<span style="color: rgba(0, 0, 0, 1)"> openssl_error_string()
);
</span><span style="color: rgba(0, 0, 255, 1)">case</span> 'hash_hmac':
<span style="color: rgba(0, 0, 255, 1)">default</span>:
<span style="color: rgba(128, 0, 128, 1)">$hash</span> = hash_hmac(<span style="color: rgba(128, 0, 128, 1)">$algorithm</span>, <span style="color: rgba(128, 0, 128, 1)">$msg</span>, <span style="color: rgba(128, 0, 128, 1)">$key</span>, <span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 128, 128, 1)">function_exists</span>('hash_equals'<span style="color: rgba(0, 0, 0, 1)">)) {
</span><span style="color: rgba(0, 0, 255, 1)">return</span> hash_equals(<span style="color: rgba(128, 0, 128, 1)">$signature</span>, <span style="color: rgba(128, 0, 128, 1)">$hash</span><span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(128, 0, 128, 1)">$len</span> = <span style="color: rgba(0, 128, 128, 1)">min</span>(<span style="color: rgba(0, 0, 255, 1)">static</span>::safeStrlen(<span style="color: rgba(128, 0, 128, 1)">$signature</span>), <span style="color: rgba(0, 0, 255, 1)">static</span>::safeStrlen(<span style="color: rgba(128, 0, 128, 1)">$hash</span><span style="color: rgba(0, 0, 0, 1)">));
</span><span style="color: rgba(128, 0, 128, 1)">$status</span> = 0<span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(0, 0, 255, 1)">for</span> (<span style="color: rgba(128, 0, 128, 1)">$i</span> = 0; <span style="color: rgba(128, 0, 128, 1)">$i</span> < <span style="color: rgba(128, 0, 128, 1)">$len</span>; <span style="color: rgba(128, 0, 128, 1)">$i</span>++<span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(128, 0, 128, 1)">$status</span> |= (<span style="color: rgba(0, 128, 128, 1)">ord</span>(<span style="color: rgba(128, 0, 128, 1)">$signature</span>[<span style="color: rgba(128, 0, 128, 1)">$i</span>]) ^ <span style="color: rgba(0, 128, 128, 1)">ord</span>(<span style="color: rgba(128, 0, 128, 1)">$hash</span>[<span style="color: rgba(128, 0, 128, 1)">$i</span><span style="color: rgba(0, 0, 0, 1)">]));
}
</span><span style="color: rgba(128, 0, 128, 1)">$status</span> |= (<span style="color: rgba(0, 0, 255, 1)">static</span>::safeStrlen(<span style="color: rgba(128, 0, 128, 1)">$signature</span>) ^ <span style="color: rgba(0, 0, 255, 1)">static</span>::safeStrlen(<span style="color: rgba(128, 0, 128, 1)">$hash</span><span style="color: rgba(0, 0, 0, 1)">));
</span><span style="color: rgba(0, 0, 255, 1)">return</span> (<span style="color: rgba(128, 0, 128, 1)">$status</span> === 0<span style="color: rgba(0, 0, 0, 1)">);
}
}
</span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
* Decode a JSON string into a PHP object.
*
* @param string $input JSON string
*
* @return object Object representation of JSON string
*
* @throws DomainException Provided string was invalid JSON
</span><span style="color: rgba(0, 128, 0, 1)">*/</span>
<span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">function</span> jsonDecode(<span style="color: rgba(128, 0, 128, 1)">$input</span><span style="color: rgba(0, 0, 0, 1)">)
{
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 128, 128, 1)">version_compare</span>(<span style="color: rgba(255, 0, 255, 1)">PHP_VERSION</span>, '5.4.0', '>=') && !(<span style="color: rgba(0, 128, 128, 1)">defined</span>('JSON_C_VERSION') && PHP_INT_SIZE > 4<span style="color: rgba(0, 0, 0, 1)">)) {
</span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">* In PHP >=5.4.0, json_decode() accepts an options parameter, that allows you
* to specify that large ints (like Steam Transaction IDs) should be treated as
* strings, rather than the PHP default behaviour of converting them to floats.
</span><span style="color: rgba(0, 128, 0, 1)">*/</span>
<span style="color: rgba(128, 0, 128, 1)">$obj</span> = json_decode(<span style="color: rgba(128, 0, 128, 1)">$input</span>, <span style="color: rgba(0, 0, 255, 1)">false</span>, 512,<span style="color: rgba(0, 0, 0, 1)"> JSON_BIGINT_AS_STRING);
} </span><span style="color: rgba(0, 0, 255, 1)">else</span><span style="color: rgba(0, 0, 0, 1)"> {
</span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">* Not all servers will support that, however, so for older versions we must
* manually detect large ints in the JSON string and quote them (thus converting
*them to strings) before decoding, hence the preg_replace() call.
</span><span style="color: rgba(0, 128, 0, 1)">*/</span>
<span style="color: rgba(128, 0, 128, 1)">$max_int_length</span> = <span style="color: rgba(0, 128, 128, 1)">strlen</span>((<span style="color: rgba(0, 0, 255, 1)">string</span>)PHP_INT_MAX) - 1<span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(128, 0, 128, 1)">$json_without_bigints</span> = <span style="color: rgba(0, 128, 128, 1)">preg_replace</span>('/:\s*(-?\d{' . <span style="color: rgba(128, 0, 128, 1)">$max_int_length</span> . ',})/', ': "$1"', <span style="color: rgba(128, 0, 128, 1)">$input</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(128, 0, 128, 1)">$obj</span> = json_decode(<span style="color: rgba(128, 0, 128, 1)">$json_without_bigints</span><span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(128, 0, 128, 1)">$errno</span> =<span style="color: rgba(0, 0, 0, 1)"> json_last_error()) {
</span><span style="color: rgba(0, 0, 255, 1)">static</span>::handleJsonError(<span style="color: rgba(128, 0, 128, 1)">$errno</span><span style="color: rgba(0, 0, 0, 1)">);
} </span><span style="color: rgba(0, 0, 255, 1)">elseif</span> (<span style="color: rgba(128, 0, 128, 1)">$obj</span> === <span style="color: rgba(0, 0, 255, 1)">null</span> && <span style="color: rgba(128, 0, 128, 1)">$input</span> !== 'null'<span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> DomainException('Null result with non-null input'<span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(128, 0, 128, 1)">$obj</span><span style="color: rgba(0, 0, 0, 1)">;
}
</span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
* Encode a PHP object into a JSON string.
*
* @param object|array $input A PHP object or array
*
* @return string JSON representation of the PHP object or array
*
* @throws DomainException Provided object could not be encoded to valid JSON
</span><span style="color: rgba(0, 128, 0, 1)">*/</span>
<span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">function</span> jsonEncode(<span style="color: rgba(128, 0, 128, 1)">$input</span><span style="color: rgba(0, 0, 0, 1)">)
{
</span><span style="color: rgba(128, 0, 128, 1)">$json</span> = json_encode(<span style="color: rgba(128, 0, 128, 1)">$input</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(128, 0, 128, 1)">$errno</span> =<span style="color: rgba(0, 0, 0, 1)"> json_last_error()) {
</span><span style="color: rgba(0, 0, 255, 1)">static</span>::handleJsonError(<span style="color: rgba(128, 0, 128, 1)">$errno</span><span style="color: rgba(0, 0, 0, 1)">);
} </span><span style="color: rgba(0, 0, 255, 1)">elseif</span> (<span style="color: rgba(128, 0, 128, 1)">$json</span> === 'null' && <span style="color: rgba(128, 0, 128, 1)">$input</span> !== <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> DomainException('Null result with non-null input'<span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(128, 0, 128, 1)">$json</span><span style="color: rgba(0, 0, 0, 1)">;
}
</span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
* Decode a string with URL-safe Base64.
*
* @param string $input A Base64 encoded string
*
* @return string A decoded string
</span><span style="color: rgba(0, 128, 0, 1)">*/</span>
<span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">function</span> urlsafeB64Decode(<span style="color: rgba(128, 0, 128, 1)">$input</span><span style="color: rgba(0, 0, 0, 1)">)
{
</span><span style="color: rgba(128, 0, 128, 1)">$remainder</span> = <span style="color: rgba(0, 128, 128, 1)">strlen</span>(<span style="color: rgba(128, 0, 128, 1)">$input</span>) % 4<span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(128, 0, 128, 1)">$remainder</span><span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(128, 0, 128, 1)">$padlen</span> = 4 - <span style="color: rgba(128, 0, 128, 1)">$remainder</span><span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(128, 0, 128, 1)">$input</span> .= <span style="color: rgba(0, 128, 128, 1)">str_repeat</span>('=', <span style="color: rgba(128, 0, 128, 1)">$padlen</span><span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 128, 128, 1)">base64_decode</span>(<span style="color: rgba(0, 128, 128, 1)">strtr</span>(<span style="color: rgba(128, 0, 128, 1)">$input</span>, '-_', '+/'<span style="color: rgba(0, 0, 0, 1)">));
}
</span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
* Encode a string with URL-safe Base64.
*
* @param string $input The string you want encoded
*
* @return string The base64 encode of what you passed in
</span><span style="color: rgba(0, 128, 0, 1)">*/</span>
<span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">function</span> urlsafeB64Encode(<span style="color: rgba(128, 0, 128, 1)">$input</span><span style="color: rgba(0, 0, 0, 1)">)
{
</span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 128, 128, 1)">str_replace</span>('=', '', <span style="color: rgba(0, 128, 128, 1)">strtr</span>(<span style="color: rgba(0, 128, 128, 1)">base64_encode</span>(<span style="color: rgba(128, 0, 128, 1)">$input</span>), '+/', '-_'<span style="color: rgba(0, 0, 0, 1)">));
}
</span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
* Helper method to create a JSON error.
*
* @param int $errno An error number from json_last_error()
*
* @return void
</span><span style="color: rgba(0, 128, 0, 1)">*/</span>
<span style="color: rgba(0, 0, 255, 1)">private</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">function</span> handleJsonError(<span style="color: rgba(128, 0, 128, 1)">$errno</span><span style="color: rgba(0, 0, 0, 1)">)
{
</span><span style="color: rgba(128, 0, 128, 1)">$messages</span> = <span style="color: rgba(0, 0, 255, 1)">array</span><span style="color: rgba(0, 0, 0, 1)">(
JSON_ERROR_DEPTH </span>=> 'Maximum stack depth exceeded',<span style="color: rgba(0, 0, 0, 1)">
JSON_ERROR_STATE_MISMATCH </span>=> 'Invalid or malformed JSON',<span style="color: rgba(0, 0, 0, 1)">
JSON_ERROR_CTRL_CHAR </span>=> 'Unexpected control character found',<span style="color: rgba(0, 0, 0, 1)">
JSON_ERROR_SYNTAX </span>=> 'Syntax error, malformed JSON',<span style="color: rgba(0, 0, 0, 1)">
JSON_ERROR_UTF8 </span>=> 'Malformed UTF-8 characters' <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">PHP >= 5.3.3</span>
<span style="color: rgba(0, 0, 0, 1)"> );
</span><span style="color: rgba(128, 0, 128, 1)">$msg</span> = <span style="color: rgba(0, 0, 255, 1)">isset</span>(<span style="color: rgba(128, 0, 128, 1)">$messages</span>[<span style="color: rgba(128, 0, 128, 1)">$errno</span>]) ? <span style="color: rgba(128, 0, 128, 1)">$messages</span>[<span style="color: rgba(128, 0, 128, 1)">$errno</span>] : 'Unknown JSON error: ' . <span style="color: rgba(128, 0, 128, 1)">$errno</span><span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> DomainException(<span style="color: rgba(128, 0, 128, 1)">$msg</span><span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
* Get the number of bytes in cryptographic strings.
*
* @param string $str
*
* @return int
</span><span style="color: rgba(0, 128, 0, 1)">*/</span>
<span style="color: rgba(0, 0, 255, 1)">private</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">function</span> safeStrlen(<span style="color: rgba(128, 0, 128, 1)">$str</span><span style="color: rgba(0, 0, 0, 1)">)
{
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 128, 128, 1)">function_exists</span>('mb_strlen'<span style="color: rgba(0, 0, 0, 1)">)) {
</span><span style="color: rgba(0, 0, 255, 1)">return</span> mb_strlen(<span style="color: rgba(128, 0, 128, 1)">$str</span>, '8bit'<span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 128, 128, 1)">strlen</span>(<span style="color: rgba(128, 0, 128, 1)">$str</span><span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
* Convert an ECDSA signature to an ASN.1 DER sequence
*
* @param string $sig The ECDSA signature to convert
* @returnstring The encoded DER object
</span><span style="color: rgba(0, 128, 0, 1)">*/</span>
<span style="color: rgba(0, 0, 255, 1)">private</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">function</span> signatureToDER(<span style="color: rgba(128, 0, 128, 1)">$sig</span><span style="color: rgba(0, 0, 0, 1)">)
{
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> Separate the signature into r-value and s-value</span>
<span style="color: rgba(0, 0, 255, 1)">list</span>(<span style="color: rgba(128, 0, 128, 1)">$r</span>, <span style="color: rgba(128, 0, 128, 1)">$s</span>) = <span style="color: rgba(0, 128, 128, 1)">str_split</span>(<span style="color: rgba(128, 0, 128, 1)">$sig</span>, (int)(<span style="color: rgba(0, 128, 128, 1)">strlen</span>(<span style="color: rgba(128, 0, 128, 1)">$sig</span>) / 2<span style="color: rgba(0, 0, 0, 1)">));
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> Trim leading zeros</span>
<span style="color: rgba(128, 0, 128, 1)">$r</span> = <span style="color: rgba(0, 128, 128, 1)">ltrim</span>(<span style="color: rgba(128, 0, 128, 1)">$r</span>, "\x00"<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(128, 0, 128, 1)">$s</span> = <span style="color: rgba(0, 128, 128, 1)">ltrim</span>(<span style="color: rgba(128, 0, 128, 1)">$s</span>, "\x00"<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> Convert r-value and s-value from unsigned big-endian integers to
// signed two's complement</span>
<span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 128, 128, 1)">ord</span>(<span style="color: rgba(128, 0, 128, 1)">$r</span>) > 0x7f<span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(128, 0, 128, 1)">$r</span> = "\x00" . <span style="color: rgba(128, 0, 128, 1)">$r</span><span style="color: rgba(0, 0, 0, 1)">;
}
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(0, 128, 128, 1)">ord</span>(<span style="color: rgba(128, 0, 128, 1)">$s</span>) > 0x7f<span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(128, 0, 128, 1)">$s</span> = "\x00" . <span style="color: rgba(128, 0, 128, 1)">$s</span><span style="color: rgba(0, 0, 0, 1)">;
}
</span><span style="color: rgba(0, 0, 255, 1)">return</span> self::<span style="color: rgba(0, 0, 0, 1)">encodeDER(
self</span>::ASN1_SEQUENCE,<span style="color: rgba(0, 0, 0, 1)">
self</span>::encodeDER(self::ASN1_INTEGER, <span style="color: rgba(128, 0, 128, 1)">$r</span>) .<span style="color: rgba(0, 0, 0, 1)">
self</span>::encodeDER(self::ASN1_INTEGER, <span style="color: rgba(128, 0, 128, 1)">$s</span><span style="color: rgba(0, 0, 0, 1)">)
);
}
</span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
* Encodes a value into a DER object.
*
* @param int $type DER tag
* @param string $value the value to encode
* @returnstringthe encoded object
</span><span style="color: rgba(0, 128, 0, 1)">*/</span>
<span style="color: rgba(0, 0, 255, 1)">private</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">function</span> encodeDER(<span style="color: rgba(128, 0, 128, 1)">$type</span>, <span style="color: rgba(128, 0, 128, 1)">$value</span><span style="color: rgba(0, 0, 0, 1)">)
{
</span><span style="color: rgba(128, 0, 128, 1)">$tag_header</span> = 0<span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(128, 0, 128, 1)">$type</span> === self::<span style="color: rgba(0, 0, 0, 1)">ASN1_SEQUENCE) {
</span><span style="color: rgba(128, 0, 128, 1)">$tag_header</span> |= 0x20<span style="color: rgba(0, 0, 0, 1)">;
}
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> Type</span>
<span style="color: rgba(128, 0, 128, 1)">$der</span> = <span style="color: rgba(0, 128, 128, 1)">chr</span>(<span style="color: rgba(128, 0, 128, 1)">$tag_header</span> | <span style="color: rgba(128, 0, 128, 1)">$type</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> Length</span>
<span style="color: rgba(128, 0, 128, 1)">$der</span> .= <span style="color: rgba(0, 128, 128, 1)">chr</span>(<span style="color: rgba(0, 128, 128, 1)">strlen</span>(<span style="color: rgba(128, 0, 128, 1)">$value</span><span style="color: rgba(0, 0, 0, 1)">));
</span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(128, 0, 128, 1)">$der</span> . <span style="color: rgba(128, 0, 128, 1)">$value</span><span style="color: rgba(0, 0, 0, 1)">;
}
</span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
* Encodes signature from a DER object.
*
* @param string $der binary signature in DER format
* @param int $keySize the nubmer of bits in the key
* @returnstringthe signature
</span><span style="color: rgba(0, 128, 0, 1)">*/</span>
<span style="color: rgba(0, 0, 255, 1)">private</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">function</span> signatureFromDER(<span style="color: rgba(128, 0, 128, 1)">$der</span>, <span style="color: rgba(128, 0, 128, 1)">$keySize</span><span style="color: rgba(0, 0, 0, 1)">)
{
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> OpenSSL returns the ECDSA signatures as a binary ASN.1 DER SEQUENCE</span>
<span style="color: rgba(0, 0, 255, 1)">list</span>(<span style="color: rgba(128, 0, 128, 1)">$offset</span>, <span style="color: rgba(128, 0, 128, 1)">$_</span>) = self::readDER(<span style="color: rgba(128, 0, 128, 1)">$der</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 0, 255, 1)">list</span>(<span style="color: rgba(128, 0, 128, 1)">$offset</span>, <span style="color: rgba(128, 0, 128, 1)">$r</span>) = self::readDER(<span style="color: rgba(128, 0, 128, 1)">$der</span>, <span style="color: rgba(128, 0, 128, 1)">$offset</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 0, 255, 1)">list</span>(<span style="color: rgba(128, 0, 128, 1)">$offset</span>, <span style="color: rgba(128, 0, 128, 1)">$s</span>) = self::readDER(<span style="color: rgba(128, 0, 128, 1)">$der</span>, <span style="color: rgba(128, 0, 128, 1)">$offset</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> Convert r-value and s-value from signed two's compliment to unsigned
// big-endian integers</span>
<span style="color: rgba(128, 0, 128, 1)">$r</span> = <span style="color: rgba(0, 128, 128, 1)">ltrim</span>(<span style="color: rgba(128, 0, 128, 1)">$r</span>, "\x00"<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(128, 0, 128, 1)">$s</span> = <span style="color: rgba(0, 128, 128, 1)">ltrim</span>(<span style="color: rgba(128, 0, 128, 1)">$s</span>, "\x00"<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> Pad out r and s so that they are $keySize bits long</span>
<span style="color: rgba(128, 0, 128, 1)">$r</span> = <span style="color: rgba(0, 128, 128, 1)">str_pad</span>(<span style="color: rgba(128, 0, 128, 1)">$r</span>, <span style="color: rgba(128, 0, 128, 1)">$keySize</span> / 8, "\x00",<span style="color: rgba(0, 0, 0, 1)"> STR_PAD_LEFT);
</span><span style="color: rgba(128, 0, 128, 1)">$s</span> = <span style="color: rgba(0, 128, 128, 1)">str_pad</span>(<span style="color: rgba(128, 0, 128, 1)">$s</span>, <span style="color: rgba(128, 0, 128, 1)">$keySize</span> / 8, "\x00",<span style="color: rgba(0, 0, 0, 1)"> STR_PAD_LEFT);
</span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(128, 0, 128, 1)">$r</span> . <span style="color: rgba(128, 0, 128, 1)">$s</span><span style="color: rgba(0, 0, 0, 1)">;
}
</span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
* Reads binary DER-encoded data and decodes into a single object
*
* @param string $der the binary data in DER format
* @param int $offset the offset of the data stream containing the object
* to decode
* @return array [$offset, $data] the new offset and the decoded object
</span><span style="color: rgba(0, 128, 0, 1)">*/</span>
<span style="color: rgba(0, 0, 255, 1)">private</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">function</span> readDER(<span style="color: rgba(128, 0, 128, 1)">$der</span>, <span style="color: rgba(128, 0, 128, 1)">$offset</span> = 0<span style="color: rgba(0, 0, 0, 1)">)
{
</span><span style="color: rgba(128, 0, 128, 1)">$pos</span> = <span style="color: rgba(128, 0, 128, 1)">$offset</span><span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(128, 0, 128, 1)">$size</span> = <span style="color: rgba(0, 128, 128, 1)">strlen</span>(<span style="color: rgba(128, 0, 128, 1)">$der</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(128, 0, 128, 1)">$constructed</span> = (<span style="color: rgba(0, 128, 128, 1)">ord</span>(<span style="color: rgba(128, 0, 128, 1)">$der</span>[<span style="color: rgba(128, 0, 128, 1)">$pos</span>]) >> 5) & 0x01<span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(128, 0, 128, 1)">$type</span> = <span style="color: rgba(0, 128, 128, 1)">ord</span>(<span style="color: rgba(128, 0, 128, 1)">$der</span>[<span style="color: rgba(128, 0, 128, 1)">$pos</span>++]) & 0x1f<span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> Length</span>
<span style="color: rgba(128, 0, 128, 1)">$len</span> = <span style="color: rgba(0, 128, 128, 1)">ord</span>(<span style="color: rgba(128, 0, 128, 1)">$der</span>[<span style="color: rgba(128, 0, 128, 1)">$pos</span>++<span style="color: rgba(0, 0, 0, 1)">]);
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(128, 0, 128, 1)">$len</span> & 0x80<span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(128, 0, 128, 1)">$n</span> = <span style="color: rgba(128, 0, 128, 1)">$len</span> & 0x1f<span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(128, 0, 128, 1)">$len</span> = 0<span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(0, 0, 255, 1)">while</span> (<span style="color: rgba(128, 0, 128, 1)">$n</span>-- && <span style="color: rgba(128, 0, 128, 1)">$pos</span> < <span style="color: rgba(128, 0, 128, 1)">$size</span><span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(128, 0, 128, 1)">$len</span> = (<span style="color: rgba(128, 0, 128, 1)">$len</span> << 8) | <span style="color: rgba(0, 128, 128, 1)">ord</span>(<span style="color: rgba(128, 0, 128, 1)">$der</span>[<span style="color: rgba(128, 0, 128, 1)">$pos</span>++<span style="color: rgba(0, 0, 0, 1)">]);
}
}
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> Value</span>
<span style="color: rgba(0, 0, 255, 1)">if</span> (<span style="color: rgba(128, 0, 128, 1)">$type</span> == self::<span style="color: rgba(0, 0, 0, 1)">ASN1_BIT_STRING) {
</span><span style="color: rgba(128, 0, 128, 1)">$pos</span>++; <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> Skip the first contents octet (padding indicator)</span>
<span style="color: rgba(128, 0, 128, 1)">$data</span> = <span style="color: rgba(0, 128, 128, 1)">substr</span>(<span style="color: rgba(128, 0, 128, 1)">$der</span>, <span style="color: rgba(128, 0, 128, 1)">$pos</span>, <span style="color: rgba(128, 0, 128, 1)">$len</span> - 1<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 0, 255, 1)">if</span> (!<span style="color: rgba(128, 0, 128, 1)">$ignore_bit_strings</span><span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(128, 0, 128, 1)">$pos</span> += <span style="color: rgba(128, 0, 128, 1)">$len</span> - 1<span style="color: rgba(0, 0, 0, 1)">;
}
} </span><span style="color: rgba(0, 0, 255, 1)">elseif</span> (!<span style="color: rgba(128, 0, 128, 1)">$constructed</span><span style="color: rgba(0, 0, 0, 1)">) {
</span><span style="color: rgba(128, 0, 128, 1)">$data</span> = <span style="color: rgba(0, 128, 128, 1)">substr</span>(<span style="color: rgba(128, 0, 128, 1)">$der</span>, <span style="color: rgba(128, 0, 128, 1)">$pos</span>, <span style="color: rgba(128, 0, 128, 1)">$len</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(128, 0, 128, 1)">$pos</span> += <span style="color: rgba(128, 0, 128, 1)">$len</span><span style="color: rgba(0, 0, 0, 1)">;
} </span><span style="color: rgba(0, 0, 255, 1)">else</span><span style="color: rgba(0, 0, 0, 1)"> {
</span><span style="color: rgba(128, 0, 128, 1)">$data</span> = <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
}
</span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">array</span>(<span style="color: rgba(128, 0, 128, 1)">$pos</span>, <span style="color: rgba(128, 0, 128, 1)">$data</span><span style="color: rgba(0, 0, 0, 1)">);
}
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">生成token</span>
<span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">function</span> get_token(<span style="color: rgba(128, 0, 128, 1)">$uid</span>, <span style="color: rgba(128, 0, 128, 1)">$user_name</span><span style="color: rgba(0, 0, 0, 1)">)
{
</span><span style="color: rgba(128, 0, 128, 1)">$key</span> = <span style="color: rgba(0, 0, 255, 1)">static</span>::<span style="color: rgba(0, 128, 128, 1)">key</span><span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(128, 0, 128, 1)">$token</span> =<span style="color: rgba(0, 0, 0, 1)"> [
</span>"iss" => "admin_name",<span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">签发者 可以为空</span>
"aud" => "user_name", <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">面象的用户,可以为空</span>
"iat" => <span style="color: rgba(0, 128, 128, 1)">time</span>(), <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">签发时间</span>
"nbf" => <span style="color: rgba(0, 128, 128, 1)">time</span>(), <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">在什么时候jwt开始生效</span>
"exp" => <span style="color: rgba(0, 128, 128, 1)">time</span>() + 30 * 60, <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">token 过期时间</span>
"uid" => <span style="color: rgba(128, 0, 128, 1)">$uid</span>, <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">记录的userid的信息,这里是自已添加上去的,如果有其它信息,可以再添加数组的键值对</span>
"user_name" => <span style="color: rgba(128, 0, 128, 1)">$user_name</span>,<span style="color: rgba(0, 0, 0, 1)">
];
</span><span style="color: rgba(128, 0, 128, 1)">$jwt</span> = <span style="color: rgba(128, 0, 128, 1)">$this</span>->encode(<span style="color: rgba(128, 0, 128, 1)">$token</span>, <span style="color: rgba(128, 0, 128, 1)">$key</span>, "HS256"); <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">根据参数生成了 token</span>
<span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(128, 0, 128, 1)">$jwt</span><span style="color: rgba(0, 0, 0, 1)">;
}
</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">检查token</span>
<span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">function</span> check_token(<span style="color: rgba(128, 0, 128, 1)">$token</span><span style="color: rgba(0, 0, 0, 1)">)
{
</span><span style="color: rgba(128, 0, 128, 1)">$key</span> = <span style="color: rgba(0, 0, 255, 1)">static</span>::<span style="color: rgba(0, 128, 128, 1)">key</span><span style="color: rgba(0, 0, 0, 1)">;
</span><span style="color: rgba(128, 0, 128, 1)">$info</span> = <span style="color: rgba(128, 0, 128, 1)">$this</span>->decode(<span style="color: rgba(128, 0, 128, 1)">$token</span>, <span style="color: rgba(128, 0, 128, 1)">$key</span>, ["HS256"]); <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">解密jwt</span>
<span style="color: rgba(0, 0, 255, 1)">return</span> json(<span style="color: rgba(128, 0, 128, 1)">$info</span><span style="color: rgba(0, 0, 0, 1)">);
}
}</span></pre>
</div>
<p>使用时可以直接复制这个文件,该为自己的命名空间,然后使用最后两个方法生成和验证token。</p>
<h3> </h3>
<span id="cnki_grabber" style="visibility: hidden" data-id="1710124161000"></span>
</div>
<div id="MySignature" role="contentinfo">
待人友善是修养,
独往独来是性格。
--qq:2986957136<br><br>
来源:https://www.cnblogs.com/jxc321/p/12485437.html LZ分享的JWT实现很详细,赞一个![强]
看了你的代码,感觉有几个小建议可以参考一下:
1、密钥安全:你代码里的$key是直接写死的,建议改成从配置文件读取,或者使用环境变量,这样部署到不同环境更安全一些。
2、过期时间:你设置的是30分钟(30 * 60),这个时间可以根据实际业务需求调整。如果是移动端App可以适当长一点,如果是网页端可以短一些。
3、关于你提到的JWT缺点:确实没办法直接废止token,常见解决方案是:
- 结合Redis,在Redis里存一个黑名单列表
- 或者在payload里加入一个版本号,版本号更新后旧token就失效了
- 也可以用短期token + refresh token的机制
4、实际使用场景:如果你们项目是前后端分离架构,JWT确实很合适。但如果是传统服务端渲染的网页,session其实也没啥大问题。
总的来说,这段代码封装得挺清晰的,直接能用。辛苦LZ整理了![玫瑰]
有没有考虑过用现成的库比如firebase/php-jwt?自己封装虽然灵活,但维护起来可能麻烦一点。
頁:
[1]