使用 PHP 进行 Web 推送的 JWT 签名
JWT signature for web push using PHP
我正在尝试使用 PHP 发送网络推送通知。我已经阅读了有关如何实现网络推送协议的信息,例如 here. However, I think I don't really get the step where the author of this guide explains how to form the Authorization header. Using this library and given my VAPID keys created by an online generator,我尝试了以下方法:
use Lcobucci\JWT\Builder;
use Lcobucci\JWT\Signer\Key;
use Lcobucci\JWT\Signer\Ecdsa\Sha256;
$signer = new Sha256();
$privateKey = new Key('<the generated private VAPID key>');
$time = time();
$token = (new Builder())->permittedFor('https://example.com')
->expiresAt($time + 3600)
->withHeader('alg', 'ES256')
->withClaim('sub', 'mailto:someone@example.com')
->getToken($signer, $privateKey);
我想得到的是 $token
中类似于 <JWT Info>.<JWT Data>.<Signature>
的东西。但是,我得到一个错误。
Fatal error: Uncaught InvalidArgumentException: It was not possible to parse your key, reason: error:0909006C:PEM ...
有人知道我在这里做错了什么吗?提前致谢!
在内部,Lcobucci/jwt
API uses both openssl_pkey_get_private()
和 openssl_pkey_get_public()
函数。
根据 documentation,他们需要 PEM-encoded 键,而这不是您提供的。这些键以 --------BEGIN 前缀开头。
我正在尝试使用 PHP 发送网络推送通知。我已经阅读了有关如何实现网络推送协议的信息,例如 here. However, I think I don't really get the step where the author of this guide explains how to form the Authorization header. Using this library and given my VAPID keys created by an online generator,我尝试了以下方法:
use Lcobucci\JWT\Builder;
use Lcobucci\JWT\Signer\Key;
use Lcobucci\JWT\Signer\Ecdsa\Sha256;
$signer = new Sha256();
$privateKey = new Key('<the generated private VAPID key>');
$time = time();
$token = (new Builder())->permittedFor('https://example.com')
->expiresAt($time + 3600)
->withHeader('alg', 'ES256')
->withClaim('sub', 'mailto:someone@example.com')
->getToken($signer, $privateKey);
我想得到的是 $token
中类似于 <JWT Info>.<JWT Data>.<Signature>
的东西。但是,我得到一个错误。
Fatal error: Uncaught InvalidArgumentException: It was not possible to parse your key, reason: error:0909006C:PEM ...
有人知道我在这里做错了什么吗?提前致谢!
在内部,Lcobucci/jwt
API uses both openssl_pkey_get_private()
和 openssl_pkey_get_public()
函数。
根据 documentation,他们需要 PEM-encoded 键,而这不是您提供的。这些键以 --------BEGIN 前缀开头。