PHPackages                             token/jwk - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. token/jwk

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

token/jwk
=========

A simple library to work with JSON Web Key.

v1.0.1(12mo ago)09.8kMITPHPPHP ^8.0

Since May 9Pushed 12mo ago1 watchersCompare

[ Source](https://github.com/dependencies-packagist/jwk)[ Packagist](https://packagist.org/packages/token/jwk)[ Docs](https://github.com/dependencies-packagist/jwk)[ RSS](/packages/token-jwk/feed)WikiDiscussions main Synced 1mo ago

READMEChangelogDependencies (3)Versions (3)Used By (0)

JSON Web Key
============

[](#json-web-key)

A simple library to work with JSON Web Key based on the [RFC 7517](https://tools.ietf.org/html/rfc7517).

[![GitHub Tag](https://camo.githubusercontent.com/ebc4d8d29aab86b424d4778db55356cd7c6eaacca87a59965658a994f9435cf8/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f762f7461672f646570656e64656e636965732d7061636b61676973742f6a776b)](https://github.com/dependencies-packagist/jwk/tags)[![Total Downloads](https://camo.githubusercontent.com/47565b1daacf82e88be714e5f6cbb7b589a6a01e7ef09f5d7c4576b869184fca/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f746f6b656e2f6a776b3f7374796c653d666c61742d737175617265)](https://packagist.org/packages/token/jwk)[![Packagist Version](https://camo.githubusercontent.com/4d7ad4649d9cabda28cee6c13204278a870e1533c6b6ee6e1348ed581e221d7d/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f746f6b656e2f6a776b)](https://packagist.org/packages/token/jwk)[![Packagist PHP Version Support](https://camo.githubusercontent.com/78fda9944ab6a746b216f627007d62f87db67d68e0fa21b017b03f11547665e5/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f7068702d762f746f6b656e2f6a776b)](https://github.com/dependencies-packagist/jwk)[![Packagist License](https://camo.githubusercontent.com/5883335d7e0529876fb640c820f29d5f7c1824c12ba7b66fe9ddc0933044c580/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f646570656e64656e636965732d7061636b61676973742f6a776b)](https://github.com/dependencies-packagist/jwk)

Installation
------------

[](#installation)

You can install the package via [Composer](https://getcomposer.org/):

```
composer require token/jwk
```

Usage
-----

[](#usage)

### Create a key

[](#create-a-key)

```
use Token\JWK\Key;

$key = new Key();
$key->setKeyId('key-1');
$key->setKeyType('RSA');
$key->setPublicKeyUse('sig');
$key->push([
    "n" => "z24W4Hs...",
    "e" => "AQAB",
]);
$key->put('other', 'other-value');

echo $key->jsonSerialize();
```

Output:

```
{
    "kid": "key-1",
    "use": "sig",
    "kty": "RSA",
    "n": "z24W4Hs...",
    "e": "AQAB",
    "other": "other-value"
}
```

### Create a KeySet from a publicKey

[](#create-a-keyset-from-a-publickey)

```
use Token\JWK\KeyFactory;
use Token\JWK\KeySet;

$publicKey = file_get_contents('public.pem');
$key       = KeyFactory::createFromPem($publicKey);
$keys      = new KeySet();
$keys->addKey($key);
echo $keys->jsonSerialize();
```

Output:

```
{
    "keys": [
        {
            "use": "sig",
            "kty": "RSA",
            "n": "...",
            "e": "...",
            "kid": "urn:ietf:params:oauth:jwk-thumbprint:sha-256:ef-cEOUom1NztLRBBWGQjmRyaYCK4NwggwOdw-CXfAc"
        }
    ]
}
```

### Parse a KeySet

[](#parse-a-keyset)

```
use Token\JWK\KeySetFactory;

$keys = $keys->jsonSerialize();
foreach (KeySetFactory::createFromJSON($keys) as $key) {
    var_dump($key->getKeyId());
    var_dump($key->getPrivateKey());
    var_dump($key->getPublicKey());
}
var_dump(KeySetFactory::createFromJSON($keys)->toArray());
var_dump(KeySetFactory::createFromJSON($keys)->jsonSerialize());
var_dump(KeySetFactory::createFromJSON($keys)->toString());
var_dump(KeySetFactory::createFromJSON($keys)->getKeyById('S7_qdQ')->getKeyType());
var_dump(KeySetFactory::createFromJSON($keys)->getKeyById('S7_qdQ')->getPublicKey());
```

### Customizing Key Thumbprint Calculation

[](#customizing-key-thumbprint-calculation)

The `Key::computeThumbprint()` static method allows you to customize how a JWK (JSON Web Key) thumbprint is computed. This is useful when you want to define your own logic for generating a unique key identifier.

#### Example 1: Use a Custom Closure

[](#example-1-use-a-custom-closure)

You can define your own thumbprint logic using a closure:

```
use Token\JWK\Key;

Key::computeThumbprint(function (array $keyData) {
    return md5(json_encode($keyData));
});
```

This will override the default thumbprint behavior, using an MD5 hash of the serialized key data.

#### Example 2: Use a Static Method as Callable

[](#example-2-use-a-static-method-as-callable)

You can also use a static method from a custom class:

```
use Token\JWK\Key;
use Token\JWK\Thumbprint\ThumbprintURI;

Key::computeThumbprint([ThumbprintURI::class, 'computeThumbprintURI']);
```

This approach delegates the thumbprint generation to the `computeThumbprintURI()` method inside the `ThumbprintURI` class.

#### Note

[](#note)

- The callback must be a `callable` that receives an array representing the JWK and returns a string thumbprint.

---

License
-------

[](#license)

Nacosvel Contracts is made available under the MIT License (MIT). Please see [License File](LICENSE) for more information.

###  Health Score

32

—

LowBetter than 72% of packages

Maintenance50

Moderate activity, may be stable

Popularity18

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity43

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~13 days

Total

2

Last Release

361d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/2da9b458375a1b7972b7c4d26a5bf8f3e48db305e8805da36f253956f33c5568?d=identicon)[jundayw](/maintainers/jundayw)

---

Top Contributors

[![jundayw](https://avatars.githubusercontent.com/u/16873970?v=4)](https://github.com/jundayw "jundayw (16 commits)")

---

Tags

jwtJWSJWKJSON Web TokenJSON Web Signaturejson web key

### Embed Badge

![Health badge](/badges/token-jwk/health.svg)

```
[![Health](https://phpackages.com/badges/token-jwk/health.svg)](https://phpackages.com/packages/token-jwk)
```

###  Alternatives

[namshi/jose

JSON Object Signing and Encryption library for PHP.

1.8k99.6M101](/packages/namshi-jose)[auth0/auth0-php

PHP SDK for Auth0 Authentication and Management APIs.

40820.2M68](/packages/auth0-auth0-php)[sop/jwx

A PHP library for JSON web tokens (JWT) with signature (JWS) and encryption (JWE) support.

26257.5k1](/packages/sop-jwx)[auth0/login

Auth0 Laravel SDK. Straight-forward and tested methods for implementing authentication, and accessing Auth0's Management API endpoints.

2745.0M3](/packages/auth0-login)[web-token/jwt-framework

JSON Object Signing and Encryption library for PHP and Symfony Bundle.

94818.9M77](/packages/web-token-jwt-framework)[auth0/symfony

Symfony SDK for Auth0 Authentication and Management APIs.

128738.1k](/packages/auth0-symfony)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)