See any reason why the following wouldn't validate? Note: I've included the required files, as well.
//Setting the token
//Find the server details
$tokenId = base64_encode(mcrypt_create_iv(32));
$pieces = parse_url(Router::url('/', true));
$serverName = $pieces['host']; // Retrieve the server name from config file
$signer = new Sha256();
$token = (new Builder())->setIssuer($serverName) // Configures the issuer (iss claim)
->setAudience($serverName) // Configures the audience (aud claim)
->setId($tokenId, true) // Configures the id (jti claim), replicating as a header item
->setIssuedAt(time()) // Configures the time that the token was issue (iat claim)
->setNotBefore(time() + 60) // Configures the time that the token can be used (nbf claim)
->setExpiration(time() + 3600) // (1 hour) Configures the expiration time of the token (exp claim)
//->set('sub', $user['User']['email']) // Configures a new claim, called "id"
->set('id', $user['User']['id']) // Configures a new claim, called "id"
->set('username', $user['User']['username']) // Configures a new claim, called "username"
->set('role', $user['User']['role']) // Configures a new claim, called "role"
->set('banned', $user['User']['banned']) // Configures a new claim, called "role"
->set('supporter', $user['User']['supporter']) // Configures a new claim, called "role"
->set('private', $user['User']['private']) // Configures a new claim, called "private"
//->sign($signer, strval(Configure::read('Security.cipherSeed'))) // creates a signature using "cipherSeed" as key
->getToken(); // Retrieves the generated token
//Validating the token
$decoded = (new Parser())->parse((string) $token); // Parses from a string
$decoded->getHeaders(); // Retrieves the token header
$decoded->getClaims(); // Retrieves the token claims
//Check to make sure the token exists
if(empty($decoded)){
//return json_decode(json_encode("Unable to parse token."), true);
CakeLog::error('JwtTokenAuthenticate:_findUser: Unable to parse token.');
return false;
}
$uid = (string) $decoded->getClaim('id');
if( !$uid ){
CakeLog::error('JwtTokenAuthenticate:_findUser: Unable to find valid id.');
return false;
}
$pieces = parse_url(Router::url('/', true));
$serverName = $pieces['host']; // Retrieve the server name from config file
$data = new ValidationData(); // It will use the current time to validate (iat, nbf and exp)
CakeLog::debug('JwtTokenAuthenticate -> Validating token...');
$data->setIssuer($serverName);
$data->setAudience($serverName);
$data->setId($uid);
//$data->setSigner(strval(Configure::read('Security.cipherSeed')));
$data->setCurrentTime(time()); // changing the validation time
$validated = $decoded->validate($data);
CakeLog::debug('Validated -> ' . $validated);
if ( $validated ) {
CakeLog::debug('Token validated!');
//Build a user from the token
return true;
} else {
CakeLog::error('Token invalid!');
return false;
}