seffeng / laravel-signature
PHP laravel extension signature
Installs: 1 742
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 2
Forks: 0
Open Issues: 0
Requires
- php: >=7.1.3
- seffeng/signature: >=0.1
Requires (Dev)
- phpunit/phpunit: >=8.0
README
安装
# 安装
$ composer require seffeng/laravel-signature
Laravel
# 1、生成配置文件 $ php artisan vendor:publish --tag="signature" # 2、修改配置文件 /config/signature.php,或 .env
lumen
# 1、复制扩展内配置文件 /config/signature.php 到项目配置目录 /config # 2、修改配置文件 /config/signature.php,或 .env # 3、将以下代码段添加到 /bootstrap/app.php 文件中的 Providers 部分 $app->register(Seffeng\LaravelSignature\SignatureServiceProvider::class); # 4、/bootstrap/app.php 添加配置加载代码 $app->configure('signature');
示例
# 客户端示例 use Seffeng\Signature\Exceptions\SignatureException; use Seffeng\LaravelSignature\Facades\Signature; class SiteController extends Controller { public function test() { try { /** * 客户端使用签名 * @var string $method */ $method = 'GET'; $uri = '/test'; $params = ['page' => 1]; $signature = Signature::sign($method, $uri, $params); $headers = Signature::getHeaders(); print_r($headers); // 其他客户端 //$signature = Signature::setClient('other-client')->loadClient()->sign($method, $uri, $params); //$headers = Signature::getHeaders(); //print_r($headers); // 通过请求传递 $headers,如使用 GuzzleHttp // $httpClient = new Client(['base_uri' => 'http://domain.com']); // $request = $httpClient->get('/test', ['headers' => $headers, 'query' => $params]); } catch (SignatureException $e) { var_dump($e->getMessage()); } catch (\Exception $e) { var_dump($e->getMessage()); } } }
# 路由使用中间件,配置中间件 # 1、默认服务端:middleware('check.signature') # 2、其他服务端:middleware('check.signature:other-server') # 服务端示例,可通过中间件使用,或参考 /tests/SignatureTest.php use Closure; use Seffeng\Signature\Exceptions\SignatureException; use Seffeng\Signature\Exceptions\SignatureAccessException; use Seffeng\Signature\Exceptions\SignatureTimeoutException; use Seffeng\LaravelSignature\Facades\Signature as SignatureFacade; use Seffeng\LaravelSignature\Middleware\Signature as Middleware; class Signature extends Middleware { /** * * {@inheritDoc} * @see \Seffeng\LaravelSignature\Middleware\Signature::handle() */ public function handle($request, Closure $next, string $server = null) { try { !is_null($server) && SignatureFacade::setServer($server)->loadServer(); // $accessKeyId 用于查询应用信息,获取 secret 和 IP 等 $accessKeyId = $request->header(SignatureFacade::getHeaderAccessKeyId()); if (true) { // 通过数据库查询secret,自行创建数据表 $application = Application::where('access_key_id', $accessKeyId)->first(); if (!$application) { throw new SignatureException('应用不存在!'); } $accessKeySecret = $application->access_key_secret; } else { // 通过配置,自行添加配置字段 if ($accessKeyId !== config('signature.servers.default.accessKeyId', '')) { throw new SignatureException('应用不存在!'); } $accessKeySecret = config('signature.servers.default.accessKeySecret', ''); } $this->setAccessKeySecret($accessKeySecret); $this->setAllowIp([]); // 可配置或通过数据库查询ip,自行创建数据表 //$this->setDenyIp([]); // 可配置或通过数据库查询ip,自行创建数据表 /** * 若某些参数不是通过前端传过来的则需要过滤 * 如:在此签名验证中间件前执行了以下方法设置的参数 * $request->offsetSet('extra1', '额外参数1'); * $request->merge(['extra2' => '额外参数2']); $params = $request->all(); if (isset($params['extra1'])) { unset($params['extra1']); } $this->setParams($params); */ if (parent::handle($request, $next)) { return $next($request); } throw new SignatureException('签名错误!'); } catch (\Error $e) { throw $e; } catch (SignatureTimeoutException $e) { throw $e; } catch (SignatureAccessException $e) { throw $e; } catch (SignatureException $e) { throw $e; } catch (\Exception $e) { throw $e; } } }
备注
1、测试脚本 tests/SignatureTest.php 仅作为示例供参考。