通过 
搜索
搜索krak / hmac
Hmac 库
v0.2.1
2016-04-16 19:23 UTC
Requires (Dev)
- guzzlehttp/guzzle: ^6.2
- guzzlehttp/psr7: ^1.2
- phake/phake: ^2.3
- phpunit/phpunit: ~4.0
- pimple/pimple: ~3.0
- symfony/http-foundation: ~2.0
Suggests
- guzzlehttp/guzzle: Allows for GuzzleHttp client integration
- symfony/http-foundation: Allows for Symfony Request framework integration
This package is auto-updated.
Last update: 2024-09-18 17:32:39 UTC
README
Hmac 是一个用于处理 hmac 认证的库。请查看源代码以获取文档。
用法
<?php use Krak\Hmac\Psr7HmacRequest, Krak\Hmac\HmacKeyPair, Krak\Hmac\ArrayHmacKeyPairProvider; use function Krak\Hmac\hmac_sign_request, Krak\Hmac\hmac_auth_request; // create the key pair of public and private keys $keypair = new HmacKeyPair('public-key', 'private-key'); // wrap your request with the appropriate HmacRequest wrapper $request = new Psr7HmacRequest($psr7_request); // create the signer with default configuration $sign = hmac_sign_request(); // sign the request $request = $sign($request, $keypair); // create a key pair provider for looking up the key pair used for the request $provider = new ArrayHmacKeyPairProvider([$keypair]); // we can authenticate a request now, by creating the authenticator with the // same config as the signer (they need to match exactly) $auth = hmac_auth_request($provider); // authenticate the request var_dump($auth($request)); // output: bool(true)
HmacConfig
在创建时,将 HmacConfig 传递给签名者和验证者,以允许完全配置请求的认证或签名方式。签名和验证需要相同的配置才能相互抵消。
以下是选项
<?php use Krak\Hmac; $config = Hmac\HmacConfig::create([ 'scheme' => 'CustomHmac', // authentication scheme. Authorization: <scheme> <public_key>:<hash> 'hasher' => new Hmac\StdHmacHasher(), // any HmacHasher instance, defaults to Base64HmacHasher(StdHmacHasher) 'hs_gen' => hmac\hmac_hashed_hs_gen(), // any hash string generator function 'time_gen' => hmac\hmac_date_time_gen() // any time_gen function for generating a unit of time 'time_header' => 'Date', 'auth_header' => 'Authorization', ]); $sign = hmac\hmac_sign_request($config); $auth = hmac\hmac_auth_request($provider, $config);
签名者
hmac_sign_request(HmacConfing = null);
hmac_psr7_sign_request(HmacConfing = null);
hmac_psr7_sign($sign);
hmac_sign_request 是默认签名者,它创建一个接受 HmacRequest 和 HmacKeyPair 的签名函数。
hmac_psr7_sign_request 是围绕 hmac_sign_request 的装饰器签名者,用于接受和返回 Psr Http 请求。它只是简单地使用 hmac_psr7_sign 装饰器包装 hmac_sign_request。
hmac_psr7_sign 是接受签名函数并包装它的装饰器签名函数,它将返回一个接受并返回 Psr Http 请求的签名函数。
哈希字符串生成器
哈希字符串生成器是接受请求和时间值并生成最终将被哈希的字符串的函数。
提供的 hs_gen 函数
// returns a hs_gen that will md5 hash the content and join everything by the given separator
hmac_hashed_hs_gen($sep = "\n");
示例
<?php function concat_hs_gen() { return function(Krak\Hmac\HmacRequest $req, $time) { return $req->getUri() . $time; }; }
时间生成器
时间生成器仅用于生成时间单元,如时间戳或日期戳。
提供的 time_gen 函数
// returns the `time` function which creates a unix timestamp
hmac_ts_time_gen();
// returns a time_gen which creates an RFC 2822 formatted date
hmac_date_time_gen();
集成
GuzzleHttp
可以通过 Provider/guzzle.php 函数简单地与 Guzzle 进行集成。
<?php use GuzzleHttp\HandlerStack, GuzzleHttp\Client, Krak\Hmac\HmacKeyPair; use function Krak\Hmac\Provider\guzzle_hmac_middleware, Krak\Hmac\hmac_psr7_sign_request, $handler = HandlerStack::create(); $handler->push(guzzle_hmac_middleware(hmac_psr7_sign_request(), $keypair)); $client = new Client(['handler' => $handler]);