JWT encoder service customization

Edit this page

JWT encoder service customization

This bundle comes with two built-in token encoders, one based on the namshi/jose library (default) and the later based on the lcobucci/jwt library. If both don't suit your needs, you can replace it with your own encoder service. Here's an example implementing a nixilla/php-jwt library based encoder.

Creating your own encoder

Create the encoder class

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
// src/App/Encoder/NixillaJWTEncoder.php
namespace App\Encoder;

use JWT\Authentication\JWT;
use Lexik\Bundle\JWTAuthenticationBundle\Encoder\JWTEncoderInterface;
use Lexik\Bundle\JWTAuthenticationBundle\Exception\JWTEncodeFailureException;
use Lexik\Bundle\JWTAuthenticationBundle\Exception\JWTDecodeFailureException;

/**
 * NixillaJWTEncoder
 *
 * @author Nicolas Cabot <n.cabot@lexik.fr>
 */
class NixillaJWTEncoder implements JWTEncoderInterface
{
    private $key;

    public function __construct(string $key = 'super_secret_key')
    {
        $this->key = $key;
    }

    /**
     * {@inheritdoc}
     */
    public function encode(array $data)
    {
        try {
            return JWT::encode($data, $this->key);
        }
        catch (\Exception $e) {
            throw new JWTEncodeFailureException(JWTEncodeFailureException::INVALID_CONFIG, 'An error occurred while trying to encode the JWT token.', $e);
        }
    }

    /**
     * {@inheritdoc}
     */
    public function decode($token)
    {
        try {
            return (array) JWT::decode($token, $this->key);
        } catch (\Exception $e) {
            throw new JWTDecodeFailureException(JWTDecodeFailureException::INVALID_TOKEN, 'Invalid JWT Token', $e);
        }
    }
}

Declare it as a service

1
2
3
4
# config/services.yaml
services:
    acme_api.encoder.nixilla_jwt_encoder:
        class: App\Encoder\NixillaJWTEncoder

Use it as encoder service

1
2
3
4
5
# config/packages/lexik_jwt_authentication.yaml
lexik_jwt_authentication:
    # ...
    encoder:
        service: acme_api.encoder.nixilla_jwt_encoder

Note

You can use the lexik_jwt_authentication.encoder.crypto_engine and lexik_jwt_authentication.encoder.signature_algorithm parameters that represent the corresponding configuration options by injecting them as argument of the encoder's service, then use them through the library on which the encoder is based on.

See the configuration reference for more information.

This work, including the code samples, is licensed under a Creative Commons BY-SA 3.0 license.