前言:
什么是 Paseto?:https : //developer.okta.com/blog/2019/10/17/a-thorough-introduction-to-paseto
我已经能够使用PHP lib成功实现创建Paseto V1令牌和相应的公钥(在服务器端使用RSA私钥进行密钥对),然后使用公钥在节点上验证给定的令牌.js 方面:
PHP Paseto Public V1:
$privateKeyV1 = new AsymmetricSecretKey($rsaPrivate, new Version1());
$publicKeyV1 = $privateKeyV1->getPublicKey();
$token = (string) (new Builder())
->setKey($privateKeyV1)
->setVersion(new Version1())
->setPurpose(Purpose::public())
// Set it to expire in one day
->setExpiration(
(new DateTime())->add(new DateInterval('P01D'))
)
->setAudience('Foo')
->setIssuedAt(new DateTime())
->setIssuer('Bar')
->setNotBefore()
->setSubject('IDP Paseto')
->setClaims([
'claim' => json_decode($this->claimJSON(), true),
])->toString();
return $response->withJson([
'public_key_v1' => $publicKeyV1->raw(),
'token' => $token
]); …