Overview
Syllabus
Intro
Auth and Crypto Was Messy
Why Was It A Big Deal?
Cryptography
The Bad — Usability
What Was Missing
What Changed?
The Good — Decoupling
The Good — OSS Libraries
The Good — Hierarchical Auth
What is JOSE?
JSON Web Token (JWT)
JSON Web Signature (JWS)
JSON Web Encryption (JWE)
JSON Web Algorithm
JSON Web Key
Request Example Representation
JWT Header Example
Key Rotation
Request Authorization
Private Request Claims
Hierarchical Credentials
Timestamp and Duration
Request Validation
Private Response Claims
Response Example Representation
JWT Response Claims Example
Response Validation
Encrypted Data with JWE
JWE Header Example
Conclusion
If You Want To Follow Up
Taught by
PHP UK Conference