dpc/hash-verifier

Package for Nonce Generation & HMac Validation for authentication with APIs

Maintainers

Details

github.com/Dylan-DPC/hash-verifier

Source

Issues

Installs: 44

Dependents: 1

Suggesters: 0

Security: 0

Stars: 4

Watchers: 2

Forks: 3

v0.2.0 2017-11-03 18:23 UTC

Requires

MIT 78a6f62d45b96d799a9eddf8f98c82f0f7ec810c

This package is not auto-updated.

Last update: 2024-04-07 05:38:31 UTC

README

hash verification using a nonce & verifying the hmac from the URL for a laravel application

Installation

composer require dpc/hash-verifier

The service provider will be automatically discovered in Laravel 5.5. Publish the config file by running:

php artisan vendor:publish --provider="Dpc\HashVerifier\AuthValidatorServiceProvider"

This will create a validator.php in your config folder.

Do not use your secret directly in config file. Instead fetch it from the .env or server environment variables.

Usage

Inject the nonce generator contract and/or HMAC validator contract in your class:

  public function __construct(NonceContract $generator)
    {
        $this->generator = $generator;
    }

To generate a nonce:

$nonce = $this->generator->generateNonce($user)

The nonce will be automatically stored in the session with key as `nonce'. To retrieve it call:

$nonce = $this->generator->getStoredNonce();

Ensure that you do not mutate the nonce.

To verify whether the nonce matches

$nonceMatches = $this->generator->matches($user, $nonce);

To validate if the hmac matches the components of the URL:

$result = $this->validator->validate($uriComponents));

You can check this repo for further details on how to use this package

Versioning

This package follows semver. Features introduced & any breaking changes created in major releases are mentioned in releases.

Contributing

  1. Fork it!
  2. Create your feature branch: git checkout -b my-new-feature
  3. Commit your changes: git commit -am 'Add some feature'
  4. Push to the branch: git push origin my-new-feature
  5. Submit a pull request :D

Author

Dylan DPC

Versioning

This package follows semver. Features introduced & any breaking changes created in major releases are mentioned in releases.

Support

If you need help or have any questions you can:

License

This project is licensed under the MIT License - see the LICENSE file for details