arthem/jwt-request-signer

使用JWT保护对资源的访问

维护者

详细信息

github.com/4rthem/jwt-request-signer

主页

源代码

问题

安装: 570

依赖: 1

建议者: 1

安全: 0

星星: 0

关注者: 3

分支: 0

开放问题: 0

1.0.1 2020-04-02 15:15 UTC

Requires

Requires (Dev)

MIT ef40b6c0ab77cf043c8303b61f45634267cf4880

This package is auto-updated.

Last update: 2024-08-29 05:24:48 UTC

README

使用JWT令牌签名URL,以保护对资源的访问。

Build Status

安装

composer require arthem/jwt-request-signer
# add a library that implements psr/http-factory-implementation
composer require nyholm/psr7

使用方法

为资源生成签名URL(例如,一张图片)

<?php
use Arthem\JWTRequestSigner\JWTRequestSigner;
use Psr\Http\Message\RequestInterface;

$signer = new JWTRequestSigner(
    'signing-key', // Your secret signing key
    3600, // Expires in
    'x-token' // Optional query parameter name
);

/** @var RequestInterface $requestToSign */
$requestToSign = new PsrRequest('https://domain.tld/images/7b7fae13-2fb4-4c85-bde4-ebd087eb6be5');

$signedRequest = $signer->signRequest($requestToSign);

$signedUri = (string) $signedRequest->getUri();

现在为资源添加授权

<?php
use Arthem\JWTRequestSigner\JWTRequestSigner;
use Arthem\JWTRequestSigner\Exception\InvalidTokenException;
use Psr\Http\Message\RequestInterface;

$signer = new JWTRequestSigner([/* config */]);

try {
    /** @var RequestInterface $currentRequest */
    $signer->validateSignedRequest($currentRequest);
} catch (InvalidTokenException $e) {
    echo "Access denied";
    exit;
}

// Stream your image here...

框架

Symfony request-signer-bundle

配置

决定性头部

为了提供严格保护,大多数头部都进行了签名。您可以排除一些非决定性的头部

<?php
use Arthem\JWTRequestSigner\JWTRequestSigner;

/** @var JWTRequestSigner $signer */
$signer->addUnsignedHeader('X-Time');