Skip to content

Instantly share code, notes, and snippets.

Last active January 8, 2025 14:19
Show Gist options
  • Save marcoarment/1d84a2619b3bc1a8216e443c9a0fa269 to your computer and use it in GitHub Desktop.
Save marcoarment/1d84a2619b3bc1a8216e443c9a0fa269 to your computer and use it in GitHub Desktop.
Generate ES256 JWT tokens for Apple Push Notification Service (APNS) in PHP
function base64url_encode($binary_data) { return strtr(rtrim(base64_encode($binary_data), '='), '+/', '-_'); }
function apns_jwt_token($team_id, $key_id, $private_key_pem_str)
if (! function_exists('openssl_get_md_methods') || ! in_array('sha256', openssl_get_md_methods())) throw new Exception('Requires openssl with sha256 support');
$private_key = openssl_pkey_get_private($private_key_pem_str);
if (! $private_key) throw new Exception('Cannot decode private key');
$msg = base64url_encode(json_encode([ 'alg' => 'ES256', 'kid' => $key_id ])) . '.' . base64url_encode(json_encode([ 'iss' => $team_id, 'iat' => time() ]));
openssl_sign($msg, $der, $private_key, 'sha256');
// DER unpacking from
$components = [];
$pos = 0;
$size = strlen($der);
while ($pos < $size) {
$constructed = (ord($der[$pos]) >> 5) & 0x01;
$type = ord($der[$pos++]) & 0x1f;
$len = ord($der[$pos++]);
if ($len & 0x80) {
$n = $len & 0x1f;
$len = 0;
while ($n-- && $pos < $size) $len = ($len << 8) | ord($der[$pos++]);
if ($type == 0x03) {
$components[] = substr($der, $pos, $len - 1);
$pos += $len - 1;
} else if (! $constructed) {
$components[] = substr($der, $pos, $len);
$pos += $len;
foreach ($components as &$c) $c = str_pad(ltrim($c, "\x00"), 32, "\x00", STR_PAD_LEFT);
return $msg . '.' . base64url_encode(implode('', $components));
Copy link

komaxx commented Apr 21, 2020

Neat, thank you!
Needs a few more class hierarchies, though ;)

Copy link

Thank you for this great share

Copy link

Awesome work. Simple and not over complicated like most packages.

Copy link

DrBrad commented Nov 18, 2023

Bro I spent 3 days trying to figure out why my JWT generation wasnt working and
// DER unpacking from and below got it working bro thank you xD

Copy link

Thanks, solved my issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment