PHPackages rramacciani/jwt - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. rramacciani/jwt ActiveLibrary[Authentication & Authorization](/categories/authentication) rramacciani/jwt =============== A JWT implementation v1.0.2(1y ago)0106MITPHPPHP >=5.4 Since May 28Pushed 1y agoCompare [ Source](https://github.com/rramacciani/jwt)[ Packagist](https://packagist.org/packages/rramacciani/jwt)[ RSS](/packages/rramacciani-jwt/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (1)Dependencies (1)Versions (6)Used By (0) This PHP lib is forked from emarref/jwt, it's needed to work with PHP8 An implementation of the [JSON Web Token (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-30) draft in PHP. See [jwt.io](http://jwt.io/) for more information on JWT. Features include: - Token serialization - Token deserialization - Token verification - `aud`, `exp`, `iss`, `nbf`, `sub` claims are verified - Symmetric Encryption - `NONE`, `HS256`, `HS384`, `HS512` algorithms supported - Asymmetric Encryption - `RS256`, `RS384`, `RS512` algorithms supported - `ES256`, `ES384`, `ES512`, `PS256`, `PS384`, `PS512` algorithms are planned This library is not susceptible to a common [encryption vulnerability](https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/). Installation ------------ [](#installation) ``` composer require rramacciani/jwt ``` Usage ----- [](#usage) Create an instance of the `Rramacciani\Jwt\Token` class, then configure it. ``` use Rramacciani\Jwt\Claim; $token = new Rramacciani\Jwt\Token(); // Standard claims are supported $token->addClaim(new Claim\Audience(['audience_1', 'audience_2'])); $token->addClaim(new Claim\Expiration(new \DateTime('30 minutes'))); $token->addClaim(new Claim\IssuedAt(new \DateTime('now'))); $token->addClaim(new Claim\Issuer('your_issuer')); $token->addClaim(new Claim\JwtId('your_id')); $token->addClaim(new Claim\NotBefore(new \DateTime('now'))); $token->addClaim(new Claim\Subject('your_subject')); // Custom claims are supported $token->addClaim(new Claim\PublicClaim('claim_name', 'claim_value')); $token->addClaim(new Claim\PrivateClaim('claim_name', 'claim_value')); ``` To use a token, create a JWT instance. ``` $jwt = new Rramacciani\Jwt\Jwt(); ``` To retrieve the encoded token for transfer, call the `serialize()` method. ``` $algorithm = new Rramacciani\Jwt\Algorithm\None(); $encryption = Rramacciani\Jwt\Encryption\Factory::create($algorithm); $serializedToken = $jwt->serialize($token, $encryption); ``` The `$serializedToken` variable now contains the unencrypted base64 encoded string representation of your token. To encrypt a token, pass an instance of `Rramacciani\Jwt\Encryption\EncryptionInterface` to the `serialize()` method as the second argument. ``` $algorithm = new Rramacciani\Jwt\Algorithm\Hs256('verysecret'); $encryption = Rramacciani\Jwt\Encryption\Factory::create($algorithm); $serializedToken = $jwt->serialize($token, $encryption); ``` An example of using Rs256 encryption with a key pair can be found in the wiki - [Using RS256 Encryption](https://github.com/rramacciani/jwt/wiki/Using-RS256-Encryption). To use a serialized token, first deserialize it into a `Rramacciani\Jwt\Token` object using a `Jwt` instance. ``` $token = $jwt->deserialize($serializedToken); ``` To verify a token's claims, first set up the context that should be used to verify the token against. Encryption is the only required verification. ``` $context = new Rramacciani\Jwt\Verification\Context($encryption); $context->setAudience('audience_1'); $context->setIssuer('your_issuer'); ``` Then use the `verify()` method on a `Jwt` instance. ``` try { $jwt->verify($token, $context); } catch (Rramacciani\Jwt\Exception\VerificationException $e) { echo $e->getMessage(); } ``` Testing ------- [](#testing) This library uses PHPUnit for unit testing. Make sure you've run `composer install` then call: ``` ./bin/phpunit ./test ``` Further Reading --------------- [](#further-reading) - [JSON Web Encryption (JWE)](https://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-36) - [JSON Web Signature (JWS)](https://tools.ietf.org/html/draft-ietf-jose-json-web-signature-36) - [JSON Web Algorithms (JWA)](https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-36) - [JSON Web Key (JWK)](https://tools.ietf.org/html/draft-ietf-jose-json-web-key-36) - ### Health Score 24 — LowBetter than 32% of packages Maintenance31 Infrequent updates — may be unmaintained Popularity11 Limited adoption so far Community10 Small or concentrated contributor base Maturity39 Early-stage or recently created project Bus Factor1 Top contributor holds 93.8% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 5 Last Release 719d ago Major Versions v0.0.2 → v1.0.02024-05-28 ### Community Maintainers ![](https://www.gravatar.com/avatar/a84808071667e8116b7d4d6923a0b8daed24f53f6c21d5171fb96279830546f9?d=identicon)[rramacciani](/maintainers/rramacciani) --- Top Contributors [![emarref](https://avatars.githubusercontent.com/u/556594?v=4)](https://github.com/emarref "emarref (75 commits)")[![erickskrauch](https://avatars.githubusercontent.com/u/4787256?v=4)](https://github.com/erickskrauch "erickskrauch (2 commits)")[![ftrrtf](https://avatars.githubusercontent.com/u/424723?v=4)](https://github.com/ftrrtf "ftrrtf (2 commits)")[![snikch](https://avatars.githubusercontent.com/u/115958?v=4)](https://github.com/snikch "snikch (1 commits)") ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/rramacciani-jwt/health.svg) ``` [![Health](https://phpackages.com/badges/rramacciani-jwt/health.svg)](https://phpackages.com/packages/rramacciani-jwt) ``` ### Alternatives [namshi/jose JSON Object Signing and Encryption library for PHP. 1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client OAuth 1.0 Client Library 99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client 41721.2M118](/packages/league-oauth2-google)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)