Should we use HS256 or RS256?

[kiwo12345]

Should we use HS256 or RS256?
Looking at the docs it says: RS256

I have tried to make a token using: $token = JWT::encode($payload, $key, 'HS256');
But if I later try to use that token when testing on ios I get the error:
FIRAuthErrorDomain Code=17000 "The custom token format is incorrect. Please check the documentation.

[kiwo12345]

If I try to use RS256 I get the error:
openssl_sign(): supplied key param cannot be coerced into a private key

[Nayir]

Do you try using double quote instead of single quote ? I managed to solve it with double quote.

I mean, if you write $token = JWT::encode($payload, "YourGiantKey", 'RS256'); instead of $token = JWT::encode($payload, 'YourGiantKey', 'RS256');

I dont know how to solve the problem with the var $key by the way. If you manage to do it, please let me know :)

[kiwo12345]

@Nayir I tried with double quote and now it works, thanks!!
I could not get it to work by $key instead I put it inside a define like this:

define("FIREBASE_PRIVATE_KEY","giant_key_goes_here");
token = JWT::encode($payload, FIREBASE_PRIVATE_KEY, 'RS256');

Which worked :)

[chinedufn]

When you download your JSON file from Firebase it comes with a bunch of \n characters.

These need to be interpreted as new lines. In PHP, double quotes "" will interpret them as newlines, while single quotes '' will not.

$ php -a
Interactive mode enabled

php > echo '\n';
\n
php > echo "\n"
php >

php > $foo = '\n';
php > $bar = "\n";
php > strlen($foo);
php > echo strlen($foo);
2
php > echo strlen($bar);
1
php >

---

Thinking it might be nice to throw an error / warning.. but haven't thought through any potential edge cases... So for now I'll just PR the README