atalanda/signature-php

There is no license information available for the latest version (1.0.3-beta) of this package.

Maintainers

Details

github.com/atalanda/signature-php

Source

Issues

Installs: 174

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 2

Forks: 1

Open Issues: 0

1.0.3-beta 2014-02-10 09:47 UTC

Unknown License 3c96f9fa07063c4d02b7d70504b27868bfd2b728

This package is not auto-updated.

Last update: 2024-09-28 14:01:48 UTC

README

AtalandaSignature-php provides a simple PHP class that lets you sign requests to the atalogics API and verify our callbacks.

Installation

The best way to install the library is by using Composer. Add the following to composer.json in the root of your project:

{ 
  "require": {
    "atalanda/signature-php": "dev-master"
  }
}

Then, on the command line:

composer install

Use the generated vendor/autoload.php file to autoload the library classes.

Usage

Signing API calls

Use this to add a valid signature to the parameter hash that you send to our api.

$parameters = array(
  "atalogics" => array()
);
$token = new Atalogics\Signature\Token("[Your API key]", "[Your API secret]");
$request = new Atalogics\Signature\Request("POST", "https://atalogics.com/api/order", $parameters);
$signedParameters = $request->sign($token);

var_dump($signedParameters);
/* => array(5) {
  'atalogics' => array()
  'auth_timestamp' =>
  int(1391167211)
  'auth_key' =>
  string(4) "[Your API key]"
  'auth_signature' =>
  string(64) "552beac4b99949a556b120b7e5f7e22def46f663992a08f0f132ad4afee68b9f"
}*/

Example

POST Request to https://atalogics.com/api/orderOffer with the following JSON:

{
  "atalogics": {
    "api_key": "5f70fd232454e5c142566dbacc3dec5",
    "offer_id": "33/2014-01-22/1/2014-01-22",
    "expected_fee": 5.59,
    "external_id": "AZDF-234",
    "url_state_update": "https://ihr-server.de/atalogics/callbacks",
    "catch": {
        "name": "Top Fashion Shop",
        "street": "Schneiderstraße 20",
        "postal_code": "5020",
        "city": "Salzburg",
        "phone_number": "123456",
        "email": "info@fashionshop.de"
    },
    "drop": {
        "name": "Marta Musterkundin",
        "street": "Kaufstr. 76",
        "postal_code": "5020",
        "city": "Salzburg",
        "phone_number": "435236",
        "email": "marta@musterkundin.de",
        "extra_services": ["R18"]
    }
  }
}
$token = new Atalogics\Signature\Token("[Your API key]", "[Your API secret]");
$request = new Atalogics\Signature\Request("POST", "https://atalogics.com/api/orderOffer", $parameters); //  parameters contains a hash representing the json above
$signedParameters = $request->sign($token);
// Now send a post request to our api and set the body to the json encoded version of $signed_parameters

If you do a GET Request, you also have to sign all URL parameters. Simply include them in the parameters hash. Send the produced auth parameters along with the other URL parameters, for example:

https://atalogics.com/api/status?tracking_id=42ef32a&api_key=abcde**&auth_signature=ab332d2f&auth_timestamp=123244&auth_key=abcde**

Verifying the signature of our callbacks

Use this to verify the signature of our callbacks.

$data = json_decode($body, true); // convert json from post body into php array
$token = new Atalogics\Signature\Token("[Your API key]", "[Your API secret]");
$request = new Atalogics\Signature\Request("POST", "https://your-server.com/callback", $data);
$signatureCheckResult = $request->authenticate($token);

if($signatureCheckResult["authenticated"] === true) {
  // signature is valid
}