Import (Merged) Guzzle4 version of http-signatures from https://github.com/blocktrail/http-signatures-guzzle/tree/guzzle4
This commit is contained in:
commit
345d1a993a
|
@ -0,0 +1,2 @@
|
||||||
|
/composer.lock
|
||||||
|
/vendor/
|
|
@ -0,0 +1,11 @@
|
||||||
|
language: php
|
||||||
|
|
||||||
|
php:
|
||||||
|
- 5.6
|
||||||
|
- 5.5
|
||||||
|
- 5.4
|
||||||
|
- hhvm
|
||||||
|
|
||||||
|
install: composer install
|
||||||
|
|
||||||
|
script: vendor/bin/phpunit
|
|
@ -0,0 +1,22 @@
|
||||||
|
Copyright (c) 2014 99designs
|
||||||
|
|
||||||
|
MIT License
|
||||||
|
|
||||||
|
Permission is hereby granted, free of charge, to any person obtaining
|
||||||
|
a copy of this software and associated documentation files (the
|
||||||
|
"Software"), to deal in the Software without restriction, including
|
||||||
|
without limitation the rights to use, copy, modify, merge, publish,
|
||||||
|
distribute, sublicense, and/or sell copies of the Software, and to
|
||||||
|
permit persons to whom the Software is furnished to do so, subject to
|
||||||
|
the following conditions:
|
||||||
|
|
||||||
|
The above copyright notice and this permission notice shall be
|
||||||
|
included in all copies or substantial portions of the Software.
|
||||||
|
|
||||||
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
||||||
|
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
||||||
|
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
||||||
|
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
||||||
|
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
||||||
|
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
||||||
|
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
34
README.md
34
README.md
|
@ -2,3 +2,37 @@ HTTP Signatures Guzzle 4
|
||||||
========================
|
========================
|
||||||
|
|
||||||
Guzzle 4 support for 99designs http-signatures library
|
Guzzle 4 support for 99designs http-signatures library
|
||||||
|
|
||||||
|
[![Build Status](https://travis-ci.org/99designs/http-signatures-guzzlehttp.svg)](https://travis-ci.org/99designs/http-signatures-guzzlehttp)
|
||||||
|
|
||||||
|
Adds [99designs/http-signatures](http-signatures) support to Guzzle 4.
|
||||||
|
For Guzzle 3 see the [99designs/http-signatures-guzzle](99designs/http-signatures-guzzle) repo.
|
||||||
|
|
||||||
|
Signing with Guzzle 4
|
||||||
|
---------------------
|
||||||
|
|
||||||
|
This library includes support for automatically signing Guzzle requests using an event subscriber.
|
||||||
|
|
||||||
|
```php
|
||||||
|
use HttpSignatures\Context;
|
||||||
|
use HttpSignatures\GuzzleHttp\RequestSubscriber;
|
||||||
|
|
||||||
|
$context = new Context(array(
|
||||||
|
'keys' => array('examplekey' => 'secret-key-here'),
|
||||||
|
'algorithm' => 'hmac-sha256',
|
||||||
|
'headers' => array('(request-target)', 'Date', 'Accept'),
|
||||||
|
));
|
||||||
|
|
||||||
|
$client = new \Guzzle\Http\Client('http://example.org');
|
||||||
|
$client->getEmiter()->attach(new RequestSubscriber($context));
|
||||||
|
|
||||||
|
// The below will now send a signed request to: http://example.org/path?query=123
|
||||||
|
$client->get('/path?query=123', array(
|
||||||
|
'Date' => 'Wed, 30 Jul 2014 16:40:19 -0700',
|
||||||
|
'Accept' => 'llamas',
|
||||||
|
));
|
||||||
|
```
|
||||||
|
|
||||||
|
## Contributing
|
||||||
|
|
||||||
|
Pull Requests are welcome.
|
||||||
|
|
|
@ -0,0 +1,30 @@
|
||||||
|
{
|
||||||
|
"name": "99designs/http-signatures-guzzlehttp",
|
||||||
|
"description": "Sign and verify HTTP messages with Guzzle 4",
|
||||||
|
"homepage": "https://github.com/99designs/http-signatures-guzzlehttp",
|
||||||
|
"keywords": ["http", "https", "signing", "signed", "signature", "hmac", "guzzle 4"],
|
||||||
|
"license": "MIT",
|
||||||
|
"authors": [
|
||||||
|
{
|
||||||
|
"name": "Adrian Palmer",
|
||||||
|
"email": "adrian.palmer@99designs.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "Ruben de Vries",
|
||||||
|
"email": "ruben@blocktrail.com"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"autoload": {
|
||||||
|
"psr-4": {
|
||||||
|
"": "src/"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"require": {
|
||||||
|
"php": ">=5.4.0",
|
||||||
|
"99designs/http-signatures": "~1.1",
|
||||||
|
"guzzlehttp/guzzle": "~4.2"
|
||||||
|
},
|
||||||
|
"require-dev": {
|
||||||
|
"phpunit/phpunit": "~4.1"
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,13 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<phpunit bootstrap="./tests/bootstrap.php" colors="true">
|
||||||
|
<testsuites>
|
||||||
|
<testsuite>
|
||||||
|
<directory>tests</directory>
|
||||||
|
</testsuite>
|
||||||
|
</testsuites>
|
||||||
|
<filter>
|
||||||
|
<whitelist>
|
||||||
|
<directory suffix=".php">src</directory>
|
||||||
|
</whitelist>
|
||||||
|
</filter>
|
||||||
|
</phpunit>
|
|
@ -0,0 +1,47 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace HttpSignatures\GuzzleHttp;
|
||||||
|
|
||||||
|
use GuzzleHttp\Message\RequestInterface;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Class RequestMessage
|
||||||
|
*
|
||||||
|
* wrapper around the Guzzle Request instance to have a consistent API for the HttpSignatures classes to consume
|
||||||
|
*
|
||||||
|
* @package HttpSignatures\Guzzle
|
||||||
|
*/
|
||||||
|
class Message
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @var RequestInterface
|
||||||
|
*/
|
||||||
|
private $request;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var MessageHeaders
|
||||||
|
*/
|
||||||
|
public $headers;
|
||||||
|
|
||||||
|
public function __construct(RequestInterface $request)
|
||||||
|
{
|
||||||
|
$this->request = $request;
|
||||||
|
$this->headers = new MessageHeaders($request);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getQueryString()
|
||||||
|
{
|
||||||
|
$qs = $this->request->getQuery();
|
||||||
|
return $qs->count() ? $qs : null;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getMethod()
|
||||||
|
{
|
||||||
|
return $this->request->getMethod();
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getPathInfo()
|
||||||
|
{
|
||||||
|
return $this->request->getPath();
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,40 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace HttpSignatures\GuzzleHttp;
|
||||||
|
|
||||||
|
use GuzzleHttp\Message\MessageInterface;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Class MessageHeaders
|
||||||
|
*
|
||||||
|
* wrapper around the Guzzle Request instance to have a consistent API for the HttpSignatures classes to consume
|
||||||
|
*
|
||||||
|
* @package HttpSignatures\Guzzle
|
||||||
|
*/
|
||||||
|
class MessageHeaders
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @var MessageInterface
|
||||||
|
*/
|
||||||
|
private $request;
|
||||||
|
|
||||||
|
public function __construct(MessageInterface $request)
|
||||||
|
{
|
||||||
|
$this->request = $request;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function has($header)
|
||||||
|
{
|
||||||
|
return $this->request->hasHeader($header);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function get($header)
|
||||||
|
{
|
||||||
|
return $this->request->getHeader($header);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function set($header, $value)
|
||||||
|
{
|
||||||
|
$this->request->setHeader($header, $value);
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,37 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace HttpSignatures\GuzzleHttp;
|
||||||
|
|
||||||
|
use GuzzleHttp\Event\BeforeEvent;
|
||||||
|
use GuzzleHttp\Event\RequestEvents;
|
||||||
|
use GuzzleHttp\Event\SubscriberInterface;
|
||||||
|
use HttpSignatures\Context;
|
||||||
|
|
||||||
|
class RequestSubscriber implements SubscriberInterface
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @var \HttpSignatures\Context
|
||||||
|
*/
|
||||||
|
private $context;
|
||||||
|
|
||||||
|
public function __construct(Context $context)
|
||||||
|
{
|
||||||
|
$this->context = $context;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getEvents()
|
||||||
|
{
|
||||||
|
return ['before' => ['onBefore', RequestEvents::SIGN_REQUEST]];
|
||||||
|
}
|
||||||
|
|
||||||
|
public function onBefore(BeforeEvent $event)
|
||||||
|
{
|
||||||
|
$request = $event->getRequest();
|
||||||
|
|
||||||
|
if ($request->getConfig()['auth'] != 'http-signatures') {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->context->signer()->sign(new Message($request));
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,109 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace HttpSignatures\Test;
|
||||||
|
|
||||||
|
use HttpSignatures\GuzzleHttp\Message;
|
||||||
|
use HttpSignatures\GuzzleHttp\RequestSubscriber;
|
||||||
|
use HttpSignatures\Context;
|
||||||
|
|
||||||
|
class GuzzleHttpSignerTest extends \PHPUnit_Framework_TestCase
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @var Context
|
||||||
|
*/
|
||||||
|
private $context;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var \GuzzleHttp\Client
|
||||||
|
*/
|
||||||
|
private $client;
|
||||||
|
|
||||||
|
public function setUp()
|
||||||
|
{
|
||||||
|
$this->context = new Context(array(
|
||||||
|
'keys' => array('pda' => 'secret'),
|
||||||
|
'algorithm' => 'hmac-sha256',
|
||||||
|
'headers' => array('(request-target)', 'date'),
|
||||||
|
));
|
||||||
|
|
||||||
|
$this->client = new \GuzzleHttp\Client([
|
||||||
|
'auth' => 'http-signatures'
|
||||||
|
]);
|
||||||
|
$this->client->getEmitter()->attach(new RequestSubscriber($this->context));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* test signing a message
|
||||||
|
*/
|
||||||
|
public function testGuzzleRequestHasExpectedHeaders()
|
||||||
|
{
|
||||||
|
$message = $this->client->createRequest('GET', '/path?query=123', array(
|
||||||
|
'headers' => array('date' => 'today', 'accept' => 'llamas')
|
||||||
|
));
|
||||||
|
|
||||||
|
$this->context->signer()->sign(new Message($message));
|
||||||
|
|
||||||
|
$expectedString = implode(
|
||||||
|
',',
|
||||||
|
array(
|
||||||
|
'keyId="pda"',
|
||||||
|
'algorithm="hmac-sha256"',
|
||||||
|
'headers="(request-target) date"',
|
||||||
|
'signature="SFlytCGpsqb/9qYaKCQklGDvwgmrwfIERFnwt+yqPJw="',
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
$this->assertEquals(
|
||||||
|
$expectedString,
|
||||||
|
(string) $message->getHeader('Signature')
|
||||||
|
);
|
||||||
|
|
||||||
|
$this->assertEquals(
|
||||||
|
'Signature ' . $expectedString,
|
||||||
|
(string) $message->getHeader('Authorization')
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* test signing a message with a URL that doesn't contain a ?query
|
||||||
|
*/
|
||||||
|
public function testGuzzleRequestHasExpectedHeaders2()
|
||||||
|
{
|
||||||
|
$message = $this->client->createRequest('GET', '/path', array(
|
||||||
|
'headers' => array('date' => 'today', 'accept' => 'llamas')
|
||||||
|
));
|
||||||
|
|
||||||
|
$this->context->signer()->sign(new Message($message));
|
||||||
|
|
||||||
|
$expectedString = implode(
|
||||||
|
',',
|
||||||
|
array(
|
||||||
|
'keyId="pda"',
|
||||||
|
'algorithm="hmac-sha256"',
|
||||||
|
'headers="(request-target) date"',
|
||||||
|
'signature="DAtF133khP05pS5Gh8f+zF/UF7mVUojMj7iJZO3Xk4o="',
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
$this->assertEquals(
|
||||||
|
$expectedString,
|
||||||
|
(string) $message->getHeader('Signature')
|
||||||
|
);
|
||||||
|
|
||||||
|
$this->assertEquals(
|
||||||
|
'Signature ' . $expectedString,
|
||||||
|
(string) $message->getHeader('Authorization')
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testVerifyGuzzleRequest()
|
||||||
|
{
|
||||||
|
$message = $this->client->createRequest('GET', '/path?query=123', array(
|
||||||
|
'headers' => array('date' => 'today', 'accept' => 'dogs')
|
||||||
|
));
|
||||||
|
|
||||||
|
$this->context->signer()->sign(new Message($message));
|
||||||
|
|
||||||
|
$this->assertTrue($this->context->verifier()->isValid(new Message($message)));
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,3 @@
|
||||||
|
<?php
|
||||||
|
error_reporting(E_ALL);
|
||||||
|
require(__DIR__ . '/../vendor/autoload.php');
|
Loading…
Reference in New Issue