I'm using Tymon's JWTAuth to connect the app to the api in stateless manner thru tokens. But the problem is that when I decode the token, on the payload data, the iss value is the API url itself.
How to change the value remove the key from being passed on to the token?
Here's the decoded value of the token (I just edited the value here for example purposes)
{
"iss": "http://localhost.com/api/",
"iat": 1111111111,
"exp": 2222222222,
"nbf": 3333333333,
"jti": "xxxxxxxxxxxxxx",
"sub": 1234,
"foo": "bar",
"baz": "bob"
}
I am able to add custom claims but unable to remove the iss key.
$token = $jwt->attempt($request->only(['username', 'password']));
$customClaims = ['foo' => 'bar', 'baz' => 'bob'];
$payload = $jwtFactory->customClaims($customClaims)->make(true);
$token = $jwt->encode($payload);
if ($token === false) {
echo 'invalid credentials';
} else {
echo 'valid user';
}
I even tried:
$jwtFactory->iss('http://example.com')->foo(['lol'])->make();
and only the foo key or rather the "custom claims" values are being change but not the default claims. But as stated on the documentation, the default claims value could be changed when set.
I was able to over write the value of the default claims by setting custom claims in which the values of the custom claims are the default claims.
$customClaims = ['iss' => 'xxx', 'baz' => 'bob'];
$payload = $jwtFactory->customClaims($customClaims)->make();
With this, the value of iss (default claims) is now xxx. This seems weird as on the documentation, it has a different way of over writting default claims which doesn't work.