how to sign request in php with jwt by following the instructions below?

Question

Client error: POST https://apisandbox.swissmoney.com/api/integration/v1/company-profiles resulted in a 401 Unauthorized response

Can anyone help on this, i tried with myselft but was unsuccessull. i'm sending over here all the instructions if anyone help me on this to create the best version of code snnipt i'll really appreciate.

Instructions:

Signing a Request

Every request must contain the following headers:

• X-API-Key - The API Key to be provided to you by support team.

• Authorization - Its value should be set to Bearer ,
  where the access token is a Base64-encoded JWT.

  JWT header: alg - RS256 typ - JWT

• target - The method and URI part of the request (e.g. if GET request is sent towards https://api.backoffice.com/api/integration/bank-accounts/4a7692ec-22e7-414f-6c9c-08d9cb82ddee/withdrawals? queryParam=test , then value should be GET /api/integration/bank-accounts/4a7692ec-22e7-414f-6c9c08d9cb82ddee/withdrawals )

• nonce - Unique number or string. Each API request needs to have a different nonce.

• nbf - Identifies the time before which the JWT token MUST NOT be accepted for processing, in seconds since Epoch. In most cases it should be UNIX timestamp when token was generated.

• exp - The expiration time on and after which the JWT must not be accepted for processing, in seconds since Epoch. Must be equal or less than nbf+30sec.

• sub - The API Key.

• aud - The base url of the api. (e.x. https://api.backoffice.com ) bodyHash - Base64 encoded SHA-256 hash of the raw HTTP request body. If request has no body, hash should be calculated out of empty string (calculated result: 47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=)

Request Examples

1 - GET

X-API-KEY: a86bafd5-c3ec-4af9-b9b3-ff7c1a2b6c12 Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0YXJnZXQiOiJHRVQgL2FwaS9pbnRlZ3JhdGlvbi92MS9iY GET https://api.backoffice.com/api/integration/v1/bank-accounts/7ac0348b-7238-1234-8a2c-b58693d164f7/transfers

2 - POST

X-API-KEY: a86bafd5-c3ec-4af9-b9b3-ff7c1a2b6c12 Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0YXJnZXQiOiJQT1NUIC9hcGkvaW50ZWdyYXRpb24vdjEvY Content-Type: application/json POST https://api.backoffice.com/api/integration/v1/bank-accounts/7ac0348b-7238-1234-8a2c-b58693d164f7/internal

Here's my code:

use Illuminate\Support\Facades\Http;

function jwt_generate($method,$target){
    
// Define the API Key and Secret Key

$apiKey = 'XXXXX-ca4f-4ac2-a713-xxxxx';

$secretKey = file_get_contents('file:///home/cidrqqhe/cidrus_money_private.key'); // Replace with your actual secret key

// Define the request details

$method = $method;

$uri = $target;

$queryParam = 'test'; // Replace with your query parameter if needed

$baseURL = 'https://apisandbox.swissmoney.com'; // Replace with your API base URL

// Calculate the nonce

$nonce = Str::uuid()->toString(); // Generate a unique nonce

// Calculate the nbf and exp timestamps
$currentTime = time();

$nbf = $currentTime;

$exp = $nbf + 30; // Token valid for 30 seconds

// Calculate the body hash (assuming no body for a GET request)
$requestBody = ''; // Replace with the actual request body if needed
$bodyHash = base64_encode(hash('sha256', $requestBody, true));

// Create the payload
$payload = [
    'target' => "{$method} {$uri}",
    'nonce' => $nonce,
    'nbf' => $nbf,
    'exp' => $exp,
    'sub' => $apiKey,
    'aud' => $baseURL,
    'bodyHash' => $bodyHash,
];

// Encode the payload as JSON
$payloadJson = json_encode($payload);

// Create the JWT header (constant for RS256)
$header = json_encode([
    'alg' => 'RS256',
    'typ' => 'JWT',
]);

// Combine the header and payload and sign the JWT
$base64UrlHeader = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($header));

$base64UrlPayload = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($payloadJson));

$dataToSign = "{$base64UrlHeader}.{$base64UrlPayload}";

// Sign the JWT using RS256
$signature = '';

openssl_sign($dataToSign, $signature, $secretKey, OPENSSL_ALGO_SHA256);

// Encode the signature as base64 URL
$base64UrlSignature = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($signature));

// Combine all parts to create the JWT token
$jwtToken = "{$base64UrlHeader}.{$base64UrlPayload}.{$base64UrlSignature}";

// Now, you can use $jwtToken as the Authorization Bearer token in your HTTP request.
    
    
    return $jwtToken;
    
}


function createCompanyProfile_swissmoney($data){

$endpoint = 'https://apisandbox.swissmoney.com/api/integration/v1/company-profiles';



$jwt = jwt_generate("POST","/api/integration/v1/company-profiles");



// Headers
$headers = [
    'X-API-KEY' => 'XXXX-ca4f-4ac2-a713-XXXX',
    'Authorization' => 'Bearer '.$jwt,
    'Content-Type' => 'application/json'
];

// dd(json_encode($headers));

// Initialize Guzzle client
$client = new Client();

// Send POST request
$response = $client->request('POST', $endpoint, [
    'headers' => $headers,
    'json' => $data,
]);

// Get and handle the response
$body = $response->getBody();

echo $body;

    
}

$data = [
    'name' => 'KAF Sols',
    'registrationNumber' => '5258',
    'registeredAddress' => [
        'streetAddress' => '23 no chungi garden town',
        'city' => 'multan',
        'postCode' => '66000',
        'countryCode' => 'PK',
    ],
    'operatingAddress' => [
        'streetAddress' => '23 no chungi garden town',
        'city' => 'multan',
        'postCode' => '66000',
        'countryCode' => 'PK',
    ],
];

Please write the code snnipt in php laravel or core php would be appreciated. i'm really tired but i didn't give up, need seniors guidance, so guys help me to create the above code snnipt.

Thanks