JWT Framework
v3.2
v3.2
  • Introduction
  • Introduction
    • Provided Features
    • Security Recommendations
    • The Framework
    • Pre-requisite
    • Continous Integration
    • Contributing
  • The Components
    • Algorithm Management (JWA)
    • Key (JWK) and Key Set (JWKSet)
      • Key (JWK)
      • Key Set (JWKSet)
    • Header Checker
    • Claim Checker
    • Signed Tokens (JWS)
      • Signature Algorithms
      • JWS Creation
      • JWS Loading
    • Encrypted Tokens (JWE)
      • Encryption Algorithms
      • JWE Creation
      • JWE Loading
  • The Symfony Bundle
    • Symfony Bundle
    • Algorithm Management
    • Key and Key Set Management
      • Key Management (JWK)
      • Key Set Management (JWKSet)
    • Header and Claim Checker Management
    • Signed Tokens
      • JWS serializers
      • JWS creation
      • JWS verification
    • Encrypted Tokens
      • JWE serializers
      • JWE creation
      • JWE decryption
    • Configuration Helper
    • Events
  • Console Command
    • Console
    • Standalone Application
    • PHAR Application
    • Symfony Console
  • Advanced Topics
    • Nested Tokens
    • Serialization
    • Custom Algorithm
    • Signed tokens and
      • Unprotected Header
      • Multiple Signatures
      • Detached Payload
      • Unencoded Payload
    • Encrypted tokens and
      • Unprotected Headers
      • Multiple Recipients
      • Additional Authentication Data (AAD)
  • Benchmark
    • How To
    • Result table
  • Migration
    • From v1.x to v2.0
    • From v2.x to v3.0
    • From v3.x to v4.0
Powered by GitBook
On this page
  • JWS Verifier Factory Service
  • JWS Verifier As Service
  • Custom Tags
  • JWS Loader Service

Was this helpful?

Edit on GitHub
Export as PDF
  1. The Symfony Bundle
  2. Signed Tokens

JWS verification

JWS Verifier Factory Service

A JWSVerifierFactory is available as a service in your application container:

<?php
use Jose\Component\Signature\JWSVerifierFactory;

$jwsVerifierFactory = $container->get(JWSVerifierFactory::class);

With this factory, you will be able to create the JWSVerifier you need:

$jwsVerifier = $jwsVerifierFactory->create(['HS256']);

You can now use the JWSVerifier as explained in the JWS Creation section.

Reminder: it is important to check the token headers. See the checker section of this documentation.

JWS Verifier As Service

There is also another way to create a JWSVerifier object: using the bundle configuration.

jose:
    jws:
        verifiers:
            verifier1:
                signature_algorithms: ['HS256', 'RS256', 'ES256']
                is_public: true

With the previous configuration, the bundle will create a public JWS Verifier service named jose.jws_verifier.verifier1 with selected signature algorithms.

<?php
$jwsVerifier = $container->get('jose.jws_verifier.verifier1');

Custom Tags

You can add custom tags and attributes to the services you create.

jose:
    jws:
        verifiers:
            verifier1:
                signature_algorithms: ['HS256', 'RS256', 'ES256']
                tags:
                    tag_name1: ~
                    tag_name2: {attribute1: 'foo'}

JWS Loader Service

<?php
use Jose\Component\Signature\JWSLoaderFactory;

$jwsLoaderFactory = $container->get(JWSLoaderFactory::class);

You can also create JWSLoader objects as services using the configuration of the bundle.

jose:
    jws:
        loaders:
            jws_loader1:
                serializers: ['jws_compact']
                signature_algorithms: ['HS256']
                header_checkers: ['alg']
                is_public: true
<?php
use Jose\Bundle\JoseFramework\Helper\ConfigurationHelper;

...
ConfigurationHelper::addJWSLoader($container, 'jws_loader1', ['jws_compact'], ['HS256'], ['alg'], true);
PreviousJWS creationNextEncrypted Tokens

Was this helpful?

The is available as a public service. You can retrieve it using the container or inject it into your services. It will help you to create JWSLoader objects on demand.

Or using the .

JWSLoaderFactory
ConfigurationHelper