Skip to content

Security

Raxos Security is a compact collection of cryptographic primitives and identifier utilities used across Raxos applications. It provides base64 encoding variants, HMAC signing, cryptographically secure token generation, timing attack mitigation, short and sortable unique identifier generators, a JSON Web Token encoder and decoder with claim validation, and a TOTP based two factor authentication implementation with QR provisioning support.

Every class is a small, dependency light static helper or value object, built on PHP's openssl and hash extensions and the shared Raxos error and foundation packages.

Highlights

Explore by category

Quick example

php
<?php
declare(strict_types=1);

use Raxos\Security\Jwt\{Jwt, JwtAlgorithm};

$token = Jwt::encode([
    'sub' => '1234',
    'iat' => time(),
    'exp' => time() + 3600,
], 'a-shared-secret', JwtAlgorithm::HS256);

$payload = Jwt::decode($token, ['a-shared-secret'], [JwtAlgorithm::HS256]);

Installation

Install it with Composer.

shell
composer require raxos/security

See installation for requirements, or use the sidebar to navigate this package.