README

Laravel package for Uzbekistan E-IMZO authentication, PKCS#7 document signing, CRM action signing, verification, timestamping, and demo/example pages.

The package contains:

E-IMZO browser bridge assets.
Laravel routes and demo pages.
Backend services for E-IMZO-SERVER.
Models and migrations for challenges, certificates, and signatures.
Examples for login, document signing, and CRM action signing.

Requirements

PHP ^7.4|^8.0
Laravel ^8.0|^9.0|^10.0
E-IMZO desktop client on the user's computer
E-IMZO-SERVER Java service, either directly reachable or proxied through /frontend

^8.0 includes PHP 8.1, 8.2, 8.3, and 8.4.

Installation

composer require asadbekrahimov/eimzo-integration

For local development before publishing to Packagist:

{
  "repositories": [
    {
      "type": "path",
      "url": "../asadbekrahimov-eimzo-integration"
    }
  ],
  "require": {
    "asadbekrahimov/eimzo-integration": "*"
  }
}

Publish config, migrations, views, and browser assets:

php artisan vendor:publish --tag=eimzo-config
php artisan vendor:publish --tag=eimzo-migrations
php artisan vendor:publish --tag=eimzo-assets
php artisan migrate

Publishing views is optional:

php artisan vendor:publish --tag=eimzo-views

Environment

EIMZO_SERVER_URL=http://185.xxx.xxx.123:8080
EIMZO_FRONTEND_URL=/frontend
EIMZO_SERVER_TIMEOUT=20
EIMZO_SERVER_CONNECT_TIMEOUT=3
EIMZO_REQUEST_HOST=

EIMZO_API_KEYS=localhost,LOCALHOST_KEY,127.0.0.1,LOCAL_IP_KEY,eimzo.test,YOUR_DOMAIN_KEY

EIMZO_CHALLENGE_TTL=120
EIMZO_USER_MODEL=App\Models\User
EIMZO_USER_LOOKUP_COLUMN=tin
EIMZO_AUTO_REGISTER=false
EIMZO_AUTH_GUARD=web
EIMZO_REDIRECT_AFTER_LOGIN=/

EIMZO_ATTACH_TIMESTAMP=true
EIMZO_SIGN_MODE=attached
EIMZO_STORAGE_DISK=local
EIMZO_STORAGE_PATH=eimzo/signatures

EIMZO_ROUTES_ENABLED=true
EIMZO_ROUTE_PREFIX=eimzo
EIMZO_API_PREFIX=api/eimzo
EIMZO_ASSET_ROUTES_ENABLED=true
EIMZO_ASSET_CACHE_SECONDS=3600
EIMZO_LOCAL_PARSE=true

If your nginx/OpenServer proxy exposes the Java service through /frontend, use:

EIMZO_SERVER_URL=http://185.xxx.xxx.123:8080
EIMZO_FRONTEND_URL=/frontend

Routes

Web routes:

GET /eimzo
GET /eimzo/login
GET /eimzo/sign
GET /eimzo/verify
GET /eimzo/examples
GET /eimzo/auth/challenge
POST /eimzo/auth/verify
POST /eimzo/sign
POST /eimzo/verify

API routes are mounted under /api/eimzo by default.

Browser assets are served through:

/vendor/eimzo/vendor/e-imzo.js
/vendor/eimzo/vendor/e-imzo-client.js
/vendor/eimzo/eimzo.js

For production-like local servers, publish assets so nginx/apache can serve them as static JavaScript.

Examples

Open:

/eimzo/examples

Included examples:

Login by signed challenge.
Document signing.
CRM action signing with canonical JSON.

See EXAMPLES.md for database storage recommendations and flow details.

For a step-by-step CRM drop-in guide, read INTEGRATION.md.

For the full feature reference (desktop + mobile API), read USAGE.md.

CRM action signing

For CRM actions, the signed document should be canonical JSON generated by the backend, for example:

{
  "action": "approve_invoice",
  "amount": 1500000,
  "currency": "UZS",
  "entity_id": 1024,
  "entity_type": "invoice",
  "issued_at": "2026-05-03T19:20:00+05:00",
  "nonce": "example-nonce-123"
}

Store your business meaning separately and link it to eimzo_signatures.id:

signed_actions
- user_id
- action
- entity_type
- entity_id
- payload_json
- payload_hash
- signature_id
- certificate_id
- signed_at
- ip
- user_agent

Testing

composer install
composer test

asadbekrahimov / eimzo-integration

Maintainers

Package info

Statistics

Security