Merge pull request #174 from plivo/jwt

add jwt helpers

CHANGELOG.md

@@ -1,5 +1,8 @@
 # Change Log
 
+## [v4.9.0](https://github.com/plivo/plivo-php/releases/tag/v4.9.0) - 2020-05-28
+- Add JWT helper functions.
+
 ## [v4.8.1](https://github.com/plivo/plivo-php/releases/tag/v4.8.1) - 2020-05-28
 - Fix Create Endpoint response.
 

README.md

@@ -66,7 +66,7 @@ The Plivo PHP SDK makes it simpler to integrate communications into your PHP app
 
 - To install a **specific release**, run the following command in the project directory:
 
-        $ composer require plivo/plivo-php:4.8.1
+        $ composer require plivo/plivo-php:4.9.0
 
 - To test the features in the **beta release**, run the following command in the project directory:
 

composer.json

@@ -17,7 +17,8 @@
         "source": "https://github.com/plivo/plivo-php"
     },
     "require": {
-        "guzzlehttp/guzzle": "^6.0"
+        "guzzlehttp/guzzle": "^6.0",
+        "firebase/php-jwt": "^5.2"
     },
     "autoload": {
         "classmap": ["src/", "tests/"],

src/Examples/JWT.php

@@ -0,0 +1,15 @@
+<?php
+require 'vendor/autoload.php';
+use Plivo\Util\AccessToken;
+
+// using validFrom and lifetime
+$acctkn = new AccessToken("{authId}", "{authToken}", "{endpointUsername}", gmdate('U'), 3600, null);
+// grants(incoming:false, outgoing:true)
+$acctkn->addVoiceGrants(false, true);
+echo $acctkn->toJwt() . "\n";
+
+// using validFrom and validTill, with custom uid
+$acctkn = new AccessToken("{authId}", "{authToken}", "{endpointUsername}", gmdate('U'), null, gmdate('U', mktime(23, 59, 59, 4, 29, 2020)), "{uid}");
+// grants(incoming:true, outgoing:false)
+$acctkn->addVoiceGrants(true, false);
+echo $acctkn->toJwt() . "\n";

src/Plivo/Util/jwt.php

@@ -0,0 +1,100 @@
+<?php
+
+namespace Plivo\Util;
+
+use Plivo\Authentication\BasicAuth;
+use Plivo\Exceptions\PlivoValidationException;
+use \Firebase\JWT\JWT;
+
+/**
+ * Class jwt
+ * @package Plivo\Util
+ */
+class AccessToken
+{
+    protected $basicAuth;
+    protected $username;
+    protected $validFrom;
+    protected $lifetime = 86400;
+    protected $grants = [];
+    protected $uid;
+
+    /**
+     * Instantiates a new AccessToken object.
+     *
+     * @param string|null $authId
+     * @param string|null $authToken
+     * @param string $username endpoint
+     * @param integer|null $validFrom valid not before this epoch
+     * @param integer|null $lifetime validity in seconds
+     * @param integer|null $validTill validity expires at this epoch
+     * @param null $uid
+     */
+    public function __construct(
+        $authId = null,
+        $authToken = null,
+        $username = null,
+        $validFrom = null,
+        $lifetime = null,
+        $validTill = null,
+        $uid = null
+    )
+    {
+        $this->basicAuth = new BasicAuth($authId, $authToken);
+        if ($username == null) {
+            throw new PlivoValidationException("null username not allowed");
+        }
+        $this->username = $username;
+        $this->validFrom = intval($validFrom?:gmdate('U'));
+        $this->lifetime = intval($lifetime?:86400);
+        if ($lifetime != null) {
+            if ($validTill != null) {
+                throw new PlivoValidationException("use either lifetime or validTill");
+            }
+        } else if ($validTill != null) {
+            $this->lifetime = intval($validTill)-$this->validFrom;
+            if ($this->lifetime < 180 || $this->lifetime > 86400) {
+                throw new PlivoValidationException("lifetime out of [180, 86400]");
+            }
+        }
+        $this->uid = $uid?:$this->username."-".microtime(true);
+    }
+    /**
+     * Adds voice calling permissions to the token
+     *
+     * @param bool $incoming
+     * @param bool $outgoing
+     */
+    public function addVoiceGrants($incoming = false, $outgoing = false)
+    {
+        $this->grants = array(
+            "voice" => array(
+                "incoming_allow" => $incoming,
+                "outgoing_allow" => $outgoing
+            )
+        );
+    }
+
+    /**
+     * Returns JWT
+     * @returns string $jwt
+     */
+    public function toJwt() {
+        $key = $this->basicAuth->getAuthToken();
+        $headers = array(
+            "typ" => "JWT",
+            "alg" => "HS256",
+            "cty" => "plivo;v=1"
+        );
+        $payload = array(
+            "jti" => $this->uid,
+            "iss" => $this->basicAuth->getAuthId(),
+            "sub" => $this->username,
+            "nbf" => $this->validFrom,
+            "exp" => $this->validFrom + $this->lifetime,
+            "grants" => $this->grants
+        );
+
+        return JWT::encode($payload, $key, "HS256", null, $headers);
+    }
+}

src/Plivo/Version.php

@@ -21,11 +21,11 @@ class Version
     /**
      * @const int PHP helper library minor version number
      */
-    const MINOR = 8;
+    const MINOR = 9;
     /**
      * @const int PHP helper library patch number
      */
-    const PATCH = 1;
+    const PATCH = 0;
     /**
      * @return string
      */

tests/UtilTest.php

@@ -2,6 +2,7 @@
 
 use Plivo\Tests\BaseTestCase;
 use Plivo\Util\signatureValidation;
+use Plivo\Util\AccessToken;
 
 
 /**
@@ -22,4 +23,11 @@ function testSignatureInvalid()
         $output = $SVUtil->validateSignature('https://answer.url','12345','ehV3IKhLysWBxC1sy8INm0qGoQYdYsHwuoKjsX7FsXc=','my_auth_tokens');
         self::assertEquals($output,False);
     }
+
+    function testJWT()
+    {
+        $acctkn = new AccessToken('MADADADADADADADADADA', 'qwerty', 'username', 12121212, 300, null, 'username-12345');
+        $acctkn->addVoiceGrants(true, true);
+        self::assertEquals('eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImN0eSI6InBsaXZvO3Y9MSJ9.eyJqdGkiOiJ1c2VybmFtZS0xMjM0NSIsImlzcyI6Ik1BREFEQURBREFEQURBREFEQURBIiwic3ViIjoidXNlcm5hbWUiLCJuYmYiOjEyMTIxMjEyLCJleHAiOjEyMTIxNTEyLCJncmFudHMiOnsidm9pY2UiOnsiaW5jb21pbmdfYWxsb3ciOnRydWUsIm91dGdvaW5nX2FsbG93Ijp0cnVlfX19.khM99-sYP2AylLo9y6bwNnJbVPjjtOMAimiFvNo7FGA', $acctkn->toJwt());
+    }
 }