snicco / signed-url-psr15-bridge
snicco/signed-url 的 Psr15 中间件集成
v2.0.0-beta.9
2024-09-07 14:27 UTC
Requires
- php: ^7.4|^8.0
- psr/http-message: ^1.0.0
- psr/http-server-handler: ^1.0.0
- psr/http-server-middleware: ^1.0.0
- psr/log: ^1.1.1
- snicco/signed-url: ^2.0
Requires (Dev)
- phpunit/phpunit: ^9.5.13
- snicco/http-routing-testing: ^2.0
Conflicts
- snicco/better-wp-api: <2.0.0-beta.9
- snicco/better-wp-cache: <2.0.0-beta.9
- snicco/better-wp-cache-bundle: <2.0.0-beta.9
- snicco/better-wp-cli: <2.0.0-beta.9
- snicco/better-wp-cli-testing: <2.0.0-beta.9
- snicco/better-wp-hooks: <2.0.0-beta.9
- snicco/better-wp-hooks-bundle: <2.0.0-beta.9
- snicco/better-wp-mail: <2.0.0-beta.9
- snicco/better-wp-mail-bundle: <2.0.0-beta.9
- snicco/better-wp-mail-testing: <2.0.0-beta.9
- snicco/better-wpdb: <2.0.0-beta.9
- snicco/better-wpdb-bundle: <2.0.0-beta.9
- snicco/blade-bridge: <2.0.0-beta.9
- snicco/blade-bundle: <2.0.0-beta.9
- snicco/content-negotiation-middleware: <2.0.0-beta.9
- snicco/debug-bundle: <2.0.0-beta.9
- snicco/default-headers-middleware: <2.0.0-beta.9
- snicco/eloquent: <2.0.0-beta.9
- snicco/encryption-bundle: <2.0.0-beta.9
- snicco/event-dispatcher: <2.0.0-beta.9
- snicco/event-dispatcher-testing: <2.0.0-beta.9
- snicco/guests-only-middleware: <1.0.0
- snicco/http-routing: <2.0.0-beta.9
- snicco/http-routing-bundle: <2.0.0-beta.9
- snicco/http-routing-testing: <2.0.0-beta.9
- snicco/https-only-middleware: <2.0.0-beta.9
- snicco/illuminate-container-bridge: <2.0.0-beta.9
- snicco/kernel: <2.0.0-beta.9
- snicco/kernel-testing: <2.0.0-beta.9
- snicco/method-override-middleware: <2.0.0-beta.9
- snicco/minimal-logger: <2.0.0-beta.9
- snicco/must-match-route-middleware: <2.0.0-beta.9
- snicco/no-robots-middleware: <2.0.0-beta.9
- snicco/open-redirect-protection-middleware: <2.0.0-beta.9
- snicco/payload-middleware: <2.0.0-beta.9
- snicco/pimple-bridge: <2.0.0-beta.9
- snicco/psr7-error-handler: <2.0.0-beta.9
- snicco/redirect-middleware: <2.0.0-beta.9
- snicco/session: <2.0.0-beta.9
- snicco/session-bundle: <2.0.0-beta.9
- snicco/session-psr16-bridge: <2.0.0-beta.9
- snicco/session-testing: <2.0.0-beta.9
- snicco/session-wp-bridge: <2.0.0-beta.9
- snicco/share-cookies-middleware: <2.0.0-beta.9
- snicco/signed-url-psr16-bridge: <2.0.0-beta.9
- snicco/signed-url-testing: <2.0.0-beta.9
- snicco/signed-url-wp-bridge: <2.0.0-beta.9
- snicco/str-arr: <2.0.0-beta.9
- snicco/templating: <2.0.0-beta.9
- snicco/templating-bundle: <2.0.0-beta.9
- snicco/testable-clock: <2.0.0-beta.9
- snicco/testing-bundle: <2.0.0-beta.9
- snicco/trailing-slash-middleware: <2.0.0-beta.9
- snicco/wp-auth-only-middleware: <2.0.0-beta.9
- snicco/wp-capability-middleware: <2.0.0-beta.9
- snicco/wp-capapility-middleware: <1.0.0
- snicco/wp-guests-only-middleware: <2.0.0-beta.9
- snicco/wp-nonce-middleware: <2.0.0-beta.9
- dev-master
- v2.0.0-beta.9
- v2.0.0-beta.8
- v2.0.0-beta.7
- v2.0.0-beta.6
- v2.0.0-beta.5
- v2.0.0-beta.4
- v2.0.0-beta.3
- v2.0.0-beta.2
- v2.0.0-beta.1
- v1.10.1
- v1.10.0
- v1.9.1
- v1.9.0
- v1.8.1
- v1.8.0
- v1.7.0
- v1.6.2
- v1.6.1
- v1.6.0
- v1.5.0
- v1.4.2
- v1.4.1
- v1.4.0
- v1.3.0
- v1.2.1
- v1.2.0
- v1.1.3
- v1.1.2
- v1.1.1
- v1.1.0
- v1.0.2
- v1.0.1
- v1.0.0
- dev-beta
This package is auto-updated.
Last update: 2024-09-07 14:27:58 UTC
README
此包包含两个简单的中间件,将使使用 snicco/signed-url
变得轻松。请确保阅读一般的 文档,以了解如何实例化所需的协作者。
安装
composer require snicco/signed-url-psr15-bridge
使用
确保您喜欢的框架支持在路由级别绑定中间件。此中间件应仅添加到您期望有签名 URL 的路由中,而不是全局添加。
基本使用
$storage = /* */ $hmac = /* */ $validator = new \Snicco\Component\SignedUrl\SignedUrlValidator($storage, $hmac); $middleware = new \Snicco\Bridge\SignedUrlPsr15\ValidateSignature( $validator, ); /* Attach $middleware to your route */
自定义额外的请求上下文。
作为第二个参数,您可以传递一个闭包,该闭包将接收当前请求。从该闭包返回的任何内容都将被考虑在内,以验证当前请求。
这必须与创建链接时使用的请求上下文相匹配!
在创建时使用 IP 地址和在验证时使用用户代理将不起作用,请求将始终被验证失败。
// Same as above. $validator = /* */ $middleware = new \Snicco\Bridge\SignedUrlPsr15\ValidateSignature( $validator, function(\Psr\Http\Message\RequestInterface $request) { return $request->getHeaderLine('User-Agent'); } ); /* Attach $middleware to your route */
仅验证不安全 HTTP 方法
如果签名 URL 应该恰好使用一次(用于 GET
请求),您可能会遇到某些电子邮件客户端预加载所有链接的问题。在这种情况下,您可以设置中间件的第三个参数为 (bool) true
。然后,只有当请求方法是 [POST, PATCH, PUT, DELETE]
之一时,才会检查签名。 确保您使用此选项时路由不可通过安全请求方法访问。
垃圾回收
将 CollectGarbage
中间件添加到您的全局中间件组中。
// same as above $storage = /* */ $psr3_logger = /* */ // value between 0-100 // the percentage that one request through the middleware // will trigger garbage collection. $percentage = 4; $middleware = new \Snicco\Bridge\SignedUrlPsr15\CollectGarbage($percentage, $storage, $logger); /* Attach $middleware to your route */