A library to work with Google Firebase tokens. You can use it to create custom tokens and verify ID Tokens.
Achieve more with the Firebase Admin SDK for PHP 5.6 (which uses this library).
composer require nathanfeitoza/firebase-tokens-php-5.6
<?php
use Kreait\Firebase\JWT\CustomTokenGenerator;
$clientEmail = '...';
$privateKey = '...';
$generator = CustomTokenGenerator::withClientEmailAndPrivateKey($clientEmail, $privateKey);
$token = $generator->createCustomToken('uid', ['first_claim' => 'first_value' /* ... */]);
echo $token;
// Output: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.e...
<?php
use Kreait\Firebase\JWT\Error\IdTokenVerificationFailed;
use Kreait\Firebase\JWT\IdTokenVerifier;
$projectId = '...';
$idToken = '...';
$verifier = IdTokenVerifier::createWithProjectId($projectId);
try {
$token = $verifier->verifyIdToken($idToken);
} catch (IdTokenVerificationFailed $e) {
echo $e->getMessage();
// Example Output:
// The value 'eyJhbGciOiJSUzI...' is not a verified ID token:
// - The token is expired.
exit;
}
try {
$token = $verifier->verifyIdTokenWithLeeway($idToken, $leewayInSeconds = 10000000);
} catch (IdTokenVerificationFailed $e) {
print $e->getMessage();
exit;
}
Tokens returned from the Generator and Verifier are instances of Kreait\Firebase\JWT\Token
.
$tokenHeaders = $token->getHeaders(); // array
$tokenPayload = token->getPayload(); // array
$tokenString = $token->toString();
$tokenString = (string) $token;
In order to verify ID tokens, the verifier makes a call to fetch Firebase's currently available public keys. The keys are cached in memory by default.
If you want to cache the public keys more effectively, you can use an implementation of psr/simple-cache or psr/cache to wrap the
Example using the Symfony Cache Component
use Kreait\Firebase\JWT\IdTokenVerifier;
use Symfony\Component\Cache\Simple\FilesystemCache;
$cache = new FilesystemCache();
$verifier = IdTokenVerifier::createWithProjectIdAndCache($projectId, $cache);
The MIT License (MIT). Please see License File for more information.