eurolink/hawk

该包已被放弃,不再维护。没有建议的替代包。

Hawk

维护者

详细信息

github.com/eurolink/hawk

主页

源码

问题

安装: 9

依赖: 0

建议者: 0

安全: 0

星标: 0

关注者: 1

分支: 0

dev-master 2018-08-21 12:59 UTC

Requires

  • php: >=5.6.0

Requires (Dev)

MIT 0cdee0f63d7e0c801fa537ad8ad8c6209fc4b85f

  • Eurolink <tean.woop@Eurolinkwebsites.com>

Authenticationhawkbewit

This package is auto-updated.

Last update: 2019-09-05 10:45:58 UTC

README

Hawk是一种使用消息认证码(MAC)算法提供部分HTTP请求加密验证的HTTP身份验证方案。 — hawk README

实现

已尽力遵循位于hueniverse/hawk的原生Node包。此实现应与Hawk v4.x兼容,使用协议1.0。在尽可能的情况下,考虑到JavaScript和PHP之间的技术差异,测试紧随原始包。

要求

  • PHP 5.6.x

使用示例

客户端代码

// load the library.
require dirname(__FILE__) . '/../autoload.php';

use Eurolink\Hawk;

// declare credentials (usually stored in a database)
$credentials = [
    '1' => [
        'id' => '1', // Required by Hawk\Client::header
        'key' => 'secret',
        'algorithm' => 'sha256',
        'user' => 'john'
    ]
];

// credentials lookup function
$credentialsFunc = function ($id, $callback) use ($credentials) {
    // usually you're going to want to lookup these credentials from
    // a database using the $id:
    return $callback(null, $credentials[$id]);
};

// send authenticated request
$credentialsFunc('1', function ($err, $credentials) use ($credentialsFunc) {
    if ($err) {
        // handle the error.
        var_dump($err); exit;
    }

    $options = [
        'credentials' => $credentials,
        'content_type' => 'application/json',
        'payload' => json_encode(['foo' => 'bar']),
        'timestamp' => 1454097545,
        'nonce' => '56abc49c419c1',
        'ext' => 'user'
    ];

    $header = Hawk\Client::header('http://www.example.com/users/1/', 'GET', $options);

    // use this for your Authorization header in your request.
    // $header['field'];
    // Hawk id="1", ts="1454097545", nonce="56abc49c419c1", hash="PUk+U4tj/ssBHHLygBeFGY35uc+UJQCFHpk1cfwRn5w=", ext="user", mac="WU7NKoqJ22iBY2lb261jPOwmTuIRHKKzJzScYKGp+pc="
    var_dump($header);
});

服务器端代码

// load the library.
require dirname(__FILE__) . '/../autoload.php';

use Eurolink\Hawk;

// declare credentials (usually stored in a database)
$credentials = [
    '1' => [
        'id' => '1', // Required by Hawk\Client::header
        'key' => 'secret',
        'algorithm' => 'sha256',
        'user' => 'john'
    ]
];

// credentials lookup function
$credentialsFunc = function ($id, $callback) use ($credentials) {
    // usually you're going to want to lookup these credentials from
    // a database using the $id:
    return $callback(null, $credentials[$id]);
};

// build the request.
$request = [
    'method' => 'GET',
    'url' => '/users/1/',
    'host' => 'www.example.com',
    'port' => 80,
    'authorization' => 'Hawk id="1", ts="1454097545", nonce="56abc49c419c1", hash="PUk+U4tj/ssBHHLygBeFGY35uc+UJQCFHpk1cfwRn5w=", ext="user", mac="WU7NKoqJ22iBY2lb261jPOwmTuIRHKKzJzScYKGp+pc="'
];

$options = [
    'localtime_offset_msec' => (1454097545 * 1000) - Hawk\Utils::getTimeNowMs()
];

// authenticate the request.
Hawk\Server::authenticate($request, $credentialsFunc, $options, function ($err, $credentials = null, $artifacts = null) {
    if ($err) {
        // handle the error.
        var_dump($err); exit;
    }

    // do something with the validated request.
    var_dump($credentials);
});

待办事项

  • 为Utils、Crypto编写测试。
  • 通过异常改进错误消息。
  • 添加更好的加密工具以提高伪随机数生成器(PRNG)。
  • 发布到Packagist,以便您可以使用Composer进行安装。

贡献

  1. 分支它
  2. 创建您的功能分支(git checkout -b my-new-feature
  3. 提交您的更改(git commit -am 'Add some feature'
  4. 推送到分支(git push origin my-new-feature
  5. 创建新的Pull Request

许可

MIT,请参阅LICENSE。