<?php
//JWT JSON Web Token
//Head 头部部分
$header = array();
$header["alg"] = "HS256";
$header["typ"] = "JWT";
$headerJson = json_encode($header);
$headerEn = urlsafe_b64encode($headerJson);
//Payload 负载
$payload = array();
$payload["issuer"] = "issuer";//签发人
$payload["exp"] = "expiration time";//过期时间
$payload["sub"] = "subject";//主题
$payload["aud"] = "audience";//受众
$payload["nbf"] = "Not Before";//生效时间
$payload["iat"] = "Issued At";//签发时间
$payload["jti"] = "JWT ID";//编号
$payloadJson = json_encode($payload);
$payloadEn = urlsafe_b64encode($payloadJson);
//Signature(签名)
/**
* @desc Signature 部分是对前两部分的签名,防止数据篡改
*/
$string = $headerEn . "." . $payloadEn;
//secret--加密秘钥,只能服务端知道
$secret = "11";
$signature = hash_hmac("sha256", $string, $secret);
//算出签名以后,把 Header、Payload、Signature 三个部分拼成一个字符串,每个部分之间用"点"(.)分隔,就可以返回给前端
$result = $headerEn . "." . $payloadEn . "." . $signature;
var_dump($result);
//URL 安全编码
function urlsafe_b64encode($string)
{
$data = base64_encode($string);
$data = str_replace(array('+', '/', '='), array('-', '_', ''), $data);
return $data;
}
//URL 安全解码
function urlsafe_b64dncode($string)
{
$data = str_replace(array('+', '/', '='), array('-', '_', ''), $string);
$mod4 = strlen($data) % 4;
if ($mod4) {
$data .= substr('====', $mod4);//补齐字符串
}
$data = base64_decode($data);
return $data;
}