I am using "firebase/php-jwt": "^6.10" for one my JWT and PHP integration.
// Path to the key file
$key_file = '/var/www/mykey.key';
// Check if the key file exists and read the contents
if (!file_exists($key_file)) {
die('Key file not found.');
}
$key = file_get_contents($key_file); /
$kid = // Hex value of directory path
// JWT Payload
$payload = [
'iss' => 'http://yourdomain.com', // Issuer
'aud' => 'http://yourdomain.com', // Audience
'iat' => time(), // Issued at
'exp' => time() + 3600, // Expiration (1 hour)
'data' => [
'user_id' => $user['id'],
'email' => $user['email'],
'role' => $user['role'],
'is_admin' => $user['isadmin']
]
];
// JWT Header with `kid`
$header = [
'alg' => 'HS256',
'typ' => 'JWT',
'kid' => $kid // Add the `kid` parameter in the header
];
// Encode JWT with header and payload
$jwt = JWT::encode($payload, new Key($key, 'HS256'), $header);
When I execute the code, it seems like the encode function is somehow updated. It throws an error
Uncaught TypeError: Argument 3 passed to Firebase\JWT\JWT::encode() must be of the type string, array given, called in /var/www/html/index.php
Basically, on this line
$jwt = JWT::encode($payload, new Key($key, 'HS256'), $header);
I'm not sure what I'm doing wrong. I want to add the kid parameter in my header that the user can later use for directory traversal.
Like @RiggsFolly told, if you want to use the headers array, you need the 4th parameter set to null and use your headers variable as the 5th parameter.
Documentation therefor can be found in the README of the package: https://github.com/firebase/php-jwt?tab=readme-ov-file#example-encodedecode-headers
So in this case it should be:
$jwt = JWT::encode($payload, $key, 'HS256', null, $header);