I'm trying to create a custom token using Tymon-JWT with a different algorithm than the one defined in the config file (jwt.php).
public function generateCustomToken($data) {
$claims = [...] // standard claims in a JWT token
// set the algorithm
JWTAuth::getJWTProvider()->setAlgo('RS256');
// custom signer as well
JWTAuth::getJWTProvider()->setSecret($data["signer"]);
// if I log it here the correct algorithm is displayed
Log::info(JWTAuth::getJWTProvider()->getAlgo()); == 'RS256'
$claims = new Collection($requiredClaims);
$payload = new Payload($claims, new PayloadValidator());
$tkn = JWTAuth::encode($payload);
return $tkn->get();
}
So I change the algorithm and log it and it shows my value but when I decode the token the header "alg" displays the algorithm set in the config file.
Does this mean that it is not using RS256 to encode the token? How do I go about changing that algo value?
Your environment
Q
A
Bug?
yes
New Feature?
no
Framework
Laravel
Framework version
5.8
Package version
1.0.2
PHP version
7.3.3
Steps to reproduce
Use the code above
Expected behaviour
setting JWTAuth::getJWTProvider()->setAlgo('RS256'); should also change the header "alg" to reflect the algorithm used
Actual behaviour
The algorithm set in the config file is displayed as the value rather than the custom one I set at runtime
I'm trying to create a custom token using Tymon-JWT with a different algorithm than the one defined in the config file (jwt.php).
So I change the algorithm and log it and it shows my value but when I decode the token the header "alg" displays the algorithm set in the config file.
Does this mean that it is not using RS256 to encode the token? How do I go about changing that algo value?
Your environment
Steps to reproduce
Use the code above
Expected behaviour
setting JWTAuth::getJWTProvider()->setAlgo('RS256'); should also change the header "alg" to reflect the algorithm used
Actual behaviour
The algorithm set in the config file is displayed as the value rather than the custom one I set at runtime