Signed Token Verification
JWS Verifier Factory Service
JWSVerifierFactory is available as a service in your application container:
use Jose\Component\Signature\JWSVerifierFactory; $jwsVerifierFactory = $container->get(JWSVerifierFactory::class);
With this factory, you will be able to create the JWSVerifier you need:
$jwsVerifier = $jwsVerifierFactory->create(['HS256']);
You can now use the JWSVerifier as explained in the JWS Creation section.
Reminder: it is important to check the token headers. See the checker section of this documentation.
JWS Verifier As Service
There is also another way to create a JWSVerifier object: using the bundle configuration.
jose: jws: verifiers: verifier1: signature_algorithms: ['HS256', 'RS256', 'ES256'] is_public: true
With the previous configuration, the bundle will create a public JWS Verifier service named
with selected signature algorithms.
'jose.jws_verifier.verifier1');$jwsVerifier = $container->get(