lfsevergnini/ud-jwt-gen.php

## ud-jwt-gen.php
<?php

///////////////////////////////////////////////////////
// Best run in Laravel Tinker
///////////////////////////////////////////////////////

use App\Models\JsonWebKey;
use App\Models\User;
use App\Platforms\Auth\JsonWebToken;
use Jose\Component\Core\JWK;
use Jose\Component\KeyManagement\JWKFactory;
use Jose\Component\Signature\JWSBuilder;
use Jose\Component\Signature\Serializer\CompactSerializer;

function freshToken(User $user, array $payload = [], string $service = 'firefly')
{
    $sub = sprintf('user:%s:service:%s:jwt', $user->getAuthIdentifier(), $service);

    $claims = array_merge_recursive($payload, [
        'aud' => $service,
        'sub' => $sub,
        'act' => [
            'sub' => $user->email,
            'name' => $user->name,
        ],
    ]);

    $newToken = newToken($claims, $service);

    $newToken->saveAs($sub);

    return $newToken;
}

function getKey(string $service)
{
    $unique = [
        'service' => (string) $service,
        'provider' => 'jwt-framework',
    ];

    if ($key = JsonWebKey::firstWhere($unique)) {
        return JWKFactory::createFromValues($key->private_key);
    }

    $jwk = JWKFactory::createRSAKey(4096, [
        'alg' => 'RS256',
        'use' => 'sig',
    ]);

    $key = JsonWebKey::updateOrCreate($unique, ['public_key' => $jwk->toPublic(), 'private_key' => $jwk]);

    return $jwk;
}

function newToken(array $payload = [], string $service = 'firefly')
{
    $expiresAt = now()->addHours(24);

    $payload = array_merge([
        'iat' => time(),
        'nbf' => time(),
        'exp' => $expiresAt->timestamp,
        'iss' => 'unified-dashboard',
        'typ' => 'JWT',
    ], $payload);

    $key = app(JWSBuilder::class)
        ->create()
        ->withPayload(json_encode($payload))
        ->addSignature(getKey($service), ['alg' => 'RS256'])
        ->build();

    return new JsonWebToken([
        'expires_at' => $expiresAt,
        'token' => app(CompactSerializer::class)->serialize($key, 0),
    ]);
}

// Create token for user
$user = User::where('email', 'qa.user1@pfizer.com')->first();

$payload = ['exp' => now()->addYears(10)->timestamp];

dump(freshToken($user, $payload));
	<?php

	///////////////////////////////////////////////////////
	// Best run in Laravel Tinker
	///////////////////////////////////////////////////////

	use App\Models\JsonWebKey;
	use App\Models\User;
	use App\Platforms\Auth\JsonWebToken;
	use Jose\Component\Core\JWK;
	use Jose\Component\KeyManagement\JWKFactory;
	use Jose\Component\Signature\JWSBuilder;
	use Jose\Component\Signature\Serializer\CompactSerializer;

	function freshToken(User $user, array $payload = [], string $service = 'firefly')
	{
	$sub = sprintf('user:%s:service:%s:jwt', $user->getAuthIdentifier(), $service);

	$claims = array_merge_recursive($payload, [
	'aud' => $service,
	'sub' => $sub,
	'act' => [
	'sub' => $user->email,
	'name' => $user->name,
	],
	]);

	$newToken = newToken($claims, $service);

	$newToken->saveAs($sub);

	return $newToken;
	}

	function getKey(string $service)
	{
	$unique = [
	'service' => (string) $service,
	'provider' => 'jwt-framework',
	];

	if ($key = JsonWebKey::firstWhere($unique)) {
	return JWKFactory::createFromValues($key->private_key);
	}

	$jwk = JWKFactory::createRSAKey(4096, [
	'alg' => 'RS256',
	'use' => 'sig',
	]);

	$key = JsonWebKey::updateOrCreate($unique, ['public_key' => $jwk->toPublic(), 'private_key' => $jwk]);

	return $jwk;
	}

	function newToken(array $payload = [], string $service = 'firefly')
	{
	$expiresAt = now()->addHours(24);

	$payload = array_merge([
	'iat' => time(),
	'nbf' => time(),
	'exp' => $expiresAt->timestamp,
	'iss' => 'unified-dashboard',
	'typ' => 'JWT',
	], $payload);

	$key = app(JWSBuilder::class)
	->create()
	->withPayload(json_encode($payload))
	->addSignature(getKey($service), ['alg' => 'RS256'])
	->build();

	return new JsonWebToken([
	'expires_at' => $expiresAt,
	'token' => app(CompactSerializer::class)->serialize($key, 0),
	]);
	}

	// Create token for user
	$user = User::where('email', 'qa.user1@pfizer.com')->first();

	$payload = ['exp' => now()->addYears(10)->timestamp];

	dump(freshToken($user, $payload));