Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[NFR]: Add a method for creating custom claims to JWT token #15656

Closed
sinbadxiii opened this issue Sep 10, 2021 · 2 comments · Fixed by #15657
Closed

[NFR]: Add a method for creating custom claims to JWT token #15656

sinbadxiii opened this issue Sep 10, 2021 · 2 comments · Fixed by #15657
Assignees
@niden
Labels
5.0 The issues we want to solve in the 5.0 release new feature request Planned Feature or New Feature Request

Comments

@sinbadxiii
Copy link
Contributor

sinbadxiii commented Sep 10, 2021
edited
Loading

When generating a token in a JWT Phalcon, there is no way to add a custom claim, for example ["email" => "example@gmail.com, "username" => "phalconist" ].

Phalcon Builder https://github.com/phalcon/cphalcon/blob/master/phalcon/Security/JWT/Builder.zep#L406 has a protected setClaim method, which other reserved methods use, such as setIssuer(), setSubject etc.

I propose to introduce a public setCustom method:

 public function setCustom(string! name, var value) -> <Builder>
    {
        return this->setClaim(name, value);
    }

which will allow you to create custom claims in the payload of the token, ex.:

$signer  = new Hmac();
$builder = new Builder($signer);

$now        = new DateTimeImmutable();
$issued     = $now->getTimestamp();
$notBefore  = $now->modify('-1 minute')->getTimestamp();
$expires    = $now->modify('+1 day')->getTimestamp();
$passphrase = 'QcMpZ&b&mo3TPsPk668J6QH8JA$&U&m2';

$builder
    ->setAudience('https://target.phalcon.io')  // aud
    ->setContentType('application/json')        // cty - header
    ->setExpirationTime($expires)               // exp 
    ->setId('abcd123456789')                    // JTI id 
    ->setIssuedAt($issued)                      // iat 
    ->setIssuer('https://phalcon.io')           // iss 
    ->setNotBefore($notBefore)                  // nbf
    ->setSubject('my subject for this claim')   // sub
    ->setPassphrase($passphrase)                // password 
    ->setCustom("email", "example@gmail.com")                // custim claim email 
    ->setCustom("username", "phalconist")                // custim claim username 
;

$tokenObject = $builder->getToken();
echo $tokenObject->getToken();

//eyJ.....

Possible method names:

  • setCustomClaim()
  • withClaim()
  • addClaim()
  • attachClaim()

There is something , this is to make the protected setClaim method public, and then you can simply use it:

...
    ->setSubject('my subject for this claim')   // sub
    ->setPassphrase($passphrase)                // password 
    ->setClaim("email", "example@gmail.com")                // claim email 
    ->setClaim("username", "phalconist")                // claim username 
;

but there may be reasons not to do so :)
@sinbadxiii sinbadxiii added the new feature request Planned Feature or New Feature Request label Sep 10, 2021
@sinbadxiii sinbadxiii changed the title [NFR]: Adding custom claims to JWT token [NFR]: Add a method for creating custom claims to JWT token Sep 10, 2021
@Jeckerson
Copy link
Member

/cc @niden

@niden niden mentioned this issue Sep 10, 2021
Merged
5 tasks
@niden niden added the 5.0 The issues we want to solve in the 5.0 release label Sep 10, 2021
@niden niden linked a pull request Sep 10, 2021 that will close this issue
T15656 custom jwt #15657
Merged
5 tasks
@niden
Copy link
Member

niden commented Sep 10, 2021

Implemented in #15657

@niden niden closed this as completed Sep 10, 2021
@niden niden moved this to Released in Phalcon v5 Aug 25, 2022
@niden niden added this to Phalcon v5 Aug 25, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@niden niden

Labels
5.0 The issues we want to solve in the 5.0 release new feature request Planned Feature or New Feature Request
Projects
Phalcon v5
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

T15656 custom jwt
3 participants
@sinbadxiii @niden @Jeckerson