guideToken endpoint in PHP

This article presents a simple token endpoint for creating tokens.

# Dependencies

Both examples use the firebase/php-jwt library for creating tokens.

composer require firebase/php-jwt

# Examples

When creating a token endpoint to integrate with Easy Image, the token payload should contain at least the environment ID.

<?php
require __DIR__ . '/vendor/autoload.php';

use \Firebase\JWT\JWT;

$secretKey = 'wjcHlqytTDBhxYpWPp3NkmLJaHXzn8xWbpX7xmT7JxqQJREguXRjzKIw9L2q';
$environmentId = 'NQoFK1NLVelFWOBQtQ8A';

$payload = array(
    "iss" => $environmentId,
    "iat" => time()
);

$jwt = JWT::encode($payload, $secretKey);

print_r($jwt);
?>

To enable collaboration, you have to add user data and service permissions to the token.

<?php
require __DIR__ . '/vendor/autoload.php';

use \Firebase\JWT\JWT;

$secretKey = 'wjcHlqytTDBhxYpWPp3NkmLJaHXzn8xWbpX7xmT7JxqQJREguXRjzKIw9L2q';
$environmentId = 'NQoFK1NLVelFWOBQtQ8A';

$payload = array(
    "iss" => $environmentId,
    "iat" => time(),
    'user' => array(
        'id' => '123',
        'email' => 'joe.doe@example.com',
        'name' => 'Joe Doe'
    ),
    'services' => array(
        'ckeditor-collaboration' => array(
            'permissions' => array(
                '*' => 'write',
            )
        )
    )
);

$jwt = JWT::encode($payload, $secretKey);

print_r($jwt);
?>

secretKey and environmentId should be replaced with keys provided by the CKEditor Ecosystem customer dashboard. User data can be taken from the session or the database.

You should then pass the token to the client by creating a script that will contain the example code. Do not forget to authenticate the user in your application before you send the token. If the user is unauthenticated, the token endpoint should return an error or redirect to the login page. Also, you should make sure it is sent via an encrypted channel.