diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..c8153b5 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +/composer.lock +/vendor/ diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..5a4f48c --- /dev/null +++ b/.travis.yml @@ -0,0 +1,11 @@ +language: php + +php: + - 5.6 + - 5.5 + - 5.4 + - hhvm + +install: composer install + +script: vendor/bin/phpunit diff --git a/LICENSE.txt b/LICENSE.txt new file mode 100644 index 0000000..943bbcc --- /dev/null +++ b/LICENSE.txt @@ -0,0 +1,22 @@ +Copyright (c) 2014 99designs + +MIT License + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/README.md b/README.md index be64abe..5871b41 100644 --- a/README.md +++ b/README.md @@ -2,3 +2,37 @@ HTTP Signatures Guzzle 4 ======================== Guzzle 4 support for 99designs http-signatures library + +[![Build Status](https://travis-ci.org/99designs/http-signatures-guzzlehttp.svg)](https://travis-ci.org/99designs/http-signatures-guzzlehttp) + +Adds [99designs/http-signatures](http-signatures) support to Guzzle 4. +For Guzzle 3 see the [99designs/http-signatures-guzzle](99designs/http-signatures-guzzle) repo. + +Signing with Guzzle 4 +--------------------- + +This library includes support for automatically signing Guzzle requests using an event subscriber. + +```php +use HttpSignatures\Context; +use HttpSignatures\GuzzleHttp\RequestSubscriber; + +$context = new Context(array( + 'keys' => array('examplekey' => 'secret-key-here'), + 'algorithm' => 'hmac-sha256', + 'headers' => array('(request-target)', 'Date', 'Accept'), +)); + +$client = new \Guzzle\Http\Client('http://example.org'); +$client->getEmiter()->attach(new RequestSubscriber($context)); + +// The below will now send a signed request to: http://example.org/path?query=123 +$client->get('/path?query=123', array( + 'Date' => 'Wed, 30 Jul 2014 16:40:19 -0700', + 'Accept' => 'llamas', +)); +``` + +## Contributing + +Pull Requests are welcome. diff --git a/composer.json b/composer.json new file mode 100644 index 0000000..ff25532 --- /dev/null +++ b/composer.json @@ -0,0 +1,30 @@ +{ + "name": "99designs/http-signatures-guzzlehttp", + "description": "Sign and verify HTTP messages with Guzzle 4", + "homepage": "https://github.com/99designs/http-signatures-guzzlehttp", + "keywords": ["http", "https", "signing", "signed", "signature", "hmac", "guzzle 4"], + "license": "MIT", + "authors": [ + { + "name": "Adrian Palmer", + "email": "adrian.palmer@99designs.com" + }, + { + "name": "Ruben de Vries", + "email": "ruben@blocktrail.com" + } + ], + "autoload": { + "psr-4": { + "": "src/" + } + }, + "require": { + "php": ">=5.4.0", + "99designs/http-signatures": "~1.1", + "guzzlehttp/guzzle": "~4.2" + }, + "require-dev": { + "phpunit/phpunit": "~4.1" + } +} diff --git a/phpunit.xml.dist b/phpunit.xml.dist new file mode 100644 index 0000000..6b8cd5e --- /dev/null +++ b/phpunit.xml.dist @@ -0,0 +1,13 @@ + + + + + tests + + + + + src + + + diff --git a/src/HttpSignatures/GuzzleHttp/Message.php b/src/HttpSignatures/GuzzleHttp/Message.php new file mode 100644 index 0000000..ed9c4fc --- /dev/null +++ b/src/HttpSignatures/GuzzleHttp/Message.php @@ -0,0 +1,47 @@ +request = $request; + $this->headers = new MessageHeaders($request); + } + + public function getQueryString() + { + $qs = $this->request->getQuery(); + return $qs->count() ? $qs : null; + } + + public function getMethod() + { + return $this->request->getMethod(); + } + + public function getPathInfo() + { + return $this->request->getPath(); + } +} diff --git a/src/HttpSignatures/GuzzleHttp/MessageHeaders.php b/src/HttpSignatures/GuzzleHttp/MessageHeaders.php new file mode 100644 index 0000000..c1f2547 --- /dev/null +++ b/src/HttpSignatures/GuzzleHttp/MessageHeaders.php @@ -0,0 +1,40 @@ +request = $request; + } + + public function has($header) + { + return $this->request->hasHeader($header); + } + + public function get($header) + { + return $this->request->getHeader($header); + } + + public function set($header, $value) + { + $this->request->setHeader($header, $value); + } +} diff --git a/src/HttpSignatures/GuzzleHttp/RequestSubscriber.php b/src/HttpSignatures/GuzzleHttp/RequestSubscriber.php new file mode 100644 index 0000000..6edaea3 --- /dev/null +++ b/src/HttpSignatures/GuzzleHttp/RequestSubscriber.php @@ -0,0 +1,37 @@ +context = $context; + } + + public function getEvents() + { + return ['before' => ['onBefore', RequestEvents::SIGN_REQUEST]]; + } + + public function onBefore(BeforeEvent $event) + { + $request = $event->getRequest(); + + if ($request->getConfig()['auth'] != 'http-signatures') { + return; + } + + $this->context->signer()->sign(new Message($request)); + } +} diff --git a/tests/GuzzleHttpSignerTest.php b/tests/GuzzleHttpSignerTest.php new file mode 100644 index 0000000..47da96d --- /dev/null +++ b/tests/GuzzleHttpSignerTest.php @@ -0,0 +1,109 @@ +context = new Context(array( + 'keys' => array('pda' => 'secret'), + 'algorithm' => 'hmac-sha256', + 'headers' => array('(request-target)', 'date'), + )); + + $this->client = new \GuzzleHttp\Client([ + 'auth' => 'http-signatures' + ]); + $this->client->getEmitter()->attach(new RequestSubscriber($this->context)); + } + + /** + * test signing a message + */ + public function testGuzzleRequestHasExpectedHeaders() + { + $message = $this->client->createRequest('GET', '/path?query=123', array( + 'headers' => array('date' => 'today', 'accept' => 'llamas') + )); + + $this->context->signer()->sign(new Message($message)); + + $expectedString = implode( + ',', + array( + 'keyId="pda"', + 'algorithm="hmac-sha256"', + 'headers="(request-target) date"', + 'signature="SFlytCGpsqb/9qYaKCQklGDvwgmrwfIERFnwt+yqPJw="', + ) + ); + + $this->assertEquals( + $expectedString, + (string) $message->getHeader('Signature') + ); + + $this->assertEquals( + 'Signature ' . $expectedString, + (string) $message->getHeader('Authorization') + ); + } + + /** + * test signing a message with a URL that doesn't contain a ?query + */ + public function testGuzzleRequestHasExpectedHeaders2() + { + $message = $this->client->createRequest('GET', '/path', array( + 'headers' => array('date' => 'today', 'accept' => 'llamas') + )); + + $this->context->signer()->sign(new Message($message)); + + $expectedString = implode( + ',', + array( + 'keyId="pda"', + 'algorithm="hmac-sha256"', + 'headers="(request-target) date"', + 'signature="DAtF133khP05pS5Gh8f+zF/UF7mVUojMj7iJZO3Xk4o="', + ) + ); + + $this->assertEquals( + $expectedString, + (string) $message->getHeader('Signature') + ); + + $this->assertEquals( + 'Signature ' . $expectedString, + (string) $message->getHeader('Authorization') + ); + } + + public function testVerifyGuzzleRequest() + { + $message = $this->client->createRequest('GET', '/path?query=123', array( + 'headers' => array('date' => 'today', 'accept' => 'dogs') + )); + + $this->context->signer()->sign(new Message($message)); + + $this->assertTrue($this->context->verifier()->isValid(new Message($message))); + } +} diff --git a/tests/bootstrap.php b/tests/bootstrap.php new file mode 100644 index 0000000..223f5ba --- /dev/null +++ b/tests/bootstrap.php @@ -0,0 +1,3 @@ +