A PHP 5.4+ port of the Signature ruby gem
Add philipbrown/signature-php as a requirement to composer.json:
{
"require": {
"philipbrown/signature-php": "~2.0"
}
}Update your packages with composer update.
HMAC-SHA authentication allows you to implement very simple key / secret authentication for your API using hashed signatures.
use PhilipBrown\Signature\Token;
use PhilipBrown\Signature\Request;
$data = ['name' => 'Philip Brown'];
$token = new Token('abc123', 'qwerty');
$request = new Request('POST', 'users', $data);
$auth = $request->sign($token);
$http->post('users', array_merge($auth, $data));use PhilipBrown\Signature\Auth;
use PhilipBrown\Signature\Token;
use PhilipBrown\Signature\Exceptions\SignatureException;
$auth = new Auth('POST', 'users', $_POST);
$token = new Token('abc123', 'qwerty');
try {
$auth->attempt($token);
}
catch (SignatureException $e) {
// return 4xx
}