anfly0 / psr-15-github-auth
PSR-15 middleware for authenticating incoming webhooks from github
1.0.2
2019-08-15 12:09 UTC
Requires
- php: >=7.2
- psr/http-factory: ^1.0.1
- psr/http-server-middleware: ^1.0
- psr/log: ^1.1
Requires (Dev)
- monolog/monolog: ^1
- nyholm/psr7: ^1.1
- phpunit/phpunit: ^8
- squizlabs/php_codesniffer: ^3.4
README
Simple PSR-15 middleware for authenticating GitHub webhooks.
Installation
$ composer require anfly0/psr-15-github-auth
Example
Install dependencies for the following example:
composer require anfly0/psr-15-github-auth composer require slim/slim ^4.0.0-beta composer require slim/psr7 composer require monolog/monolog
<?php /** * Minimal example using slim 4.0.0-beta and monolog */ use Psr\Http\Message\ResponseInterface as Response; use Psr\Http\Message\ServerRequestInterface as Request; use Slim\Factory\AppFactory; use Slim\Psr7\Factory\StreamFactory; use Monolog\Logger; use Monolog\Handler\StreamHandler; use Anfly0\Middleware\GitHub\Auth; require './vendor/autoload.php'; // Logger setup $logger = new Logger('example'); $logger->pushHandler(new StreamHandler('./example.log', Logger::INFO)); // Slim setup $app = AppFactory::create(); // Middleware setup $auth = new Auth('test', $app->getResponseFactory(), new StreamFactory()); $auth->setLogger($logger); // If the request has no body, set the body to the contents of php://input. $body = function (Request $request, $handler) { if ($request->getBody()->getSize() === 0) { $streamFactory = new StreamFactory(); $request = $request->withBody($streamFactory->createStreamFromFile('php://input')); } return $handler->handle($request); }; // Setup route and add middleware $app->post('/', function (Request $request, Response $response, $args) { $response->getBody()->write('OK'); return $response; }) ->addMiddleware($auth) ->add($body); $app->run();
FAQ
-
Authentication fails when I expect it to succeed!?
- Make sure that the correct secret is passed to the constructor when the middleware object is instantiated.
- Make sure that $request->getBody() === file_get_content('php://input').
- i.e The ServerRequest object that is passed to the process method actually contains the request body.
-
How do I get the logging to work?
- Simply pass a PSR-3 compliant logger the setLogger method
License
- MIT license
- Copyright 2019 © Viktor Hellström