c-squared-solutions-llc/hmac-util

PHP HMAC utility library for signing and verifying signed requests

Maintainers

Details

github.com/C-Squared-Solutions-LLC/hmac-util

Homepage

Source

Issues

Installs: 6

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 2

Forks: 0

Open Issues: 0

v1.1.0 2020-10-11 09:44 UTC

Requires

  • php: ^7.2|^8.0

MIT ccda9ec932226c05189ccc97b60ea503ea7ef8ad

  • Casey Christensen <casey.woop@c2rd.io>

This package is auto-updated.

Last update: 2024-06-11 18:23:45 UTC

README

Hmac Util currently supports signing requests with an hmac signature. You will need to provide the following to the library.

  1. HMAC Credentials (Username, Secret)
  2. HMAC Algorithm you would like to use
  3. Request Line (see HTTP REQUEST STANDARDS https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html)
  4. Body of the request (if any)
  5. Headers you wish to sign with (do not include headers you are sending but do not want as part of signature)

Example of use below

<?php

$hmac_request = new CSquaredSolutionsLlc\HmacUtil\HmacRequest();

$hmac_request->setAlgorithm('sha256');
$hmac_request->setCreds("testing","testing");

$hmac_request->request_line = 'POST /test HTTP/1.1';

$hmac_request->body = '{test: 1}';

$hmac_request->headers = [
	'Content-Type' => 'application/json',
	'Content-Length' => 115252
];

$hmac_util = new CSquaredSolutionsLlc\HmacUtil\HmacUtil();

$hmac_request = $hmac_util->sign($hmac_request);

After you get the HmacRequest object back, it will contain an authorization header and possibly two more headers for the signature. Send all headers, plus any others you want, and the body from the HmacRequest object via any restful library that supports it.