From a0f24861fef8463aa87e5b08c02c42a0458e1a7e Mon Sep 17 00:00:00 2001 From: Adrian Palmer Date: Wed, 27 Aug 2014 17:45:39 +1000 Subject: [PATCH] Initial commit --- .gitignore | 2 + .travis.yml | 12 +++++ LICENSE.txt | 22 ++++++++ README.md | 28 ++++++++++ composer.json | 26 +++++++++ .../Guzzle/CreateRequestSubscriber.php | 28 ++++++++++ src/HttpSignatures/Guzzle/Message.php | 30 +++++++++++ src/HttpSignatures/Guzzle/MessageHeaders.php | 28 ++++++++++ tests/GuzzleSignerTest.php | 53 +++++++++++++++++++ tests/bootstrap.php | 3 ++ 10 files changed, 232 insertions(+) create mode 100644 .gitignore create mode 100644 .travis.yml create mode 100644 LICENSE.txt create mode 100644 README.md create mode 100644 composer.json create mode 100644 src/HttpSignatures/Guzzle/CreateRequestSubscriber.php create mode 100644 src/HttpSignatures/Guzzle/Message.php create mode 100644 src/HttpSignatures/Guzzle/MessageHeaders.php create mode 100644 tests/GuzzleSignerTest.php create mode 100644 tests/bootstrap.php diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..c8153b5 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +/composer.lock +/vendor/ diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..6c322ae --- /dev/null +++ b/.travis.yml @@ -0,0 +1,12 @@ +language: php + +php: + - 5.6 + - 5.5 + - 5.4 + - 5.3 + - hhvm + +install: composer install + +script: vendor/bin/phpunit diff --git a/LICENSE.txt b/LICENSE.txt new file mode 100644 index 0000000..943bbcc --- /dev/null +++ b/LICENSE.txt @@ -0,0 +1,22 @@ +Copyright (c) 2014 99designs + +MIT License + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..d5c13b1 --- /dev/null +++ b/README.md @@ -0,0 +1,28 @@ +HTTP Signatures Guzzle 3 +=== + +Adds Guzzle 3 support to [99designs/http-signatures][99signatures] + +Signing with Guzzle 3 +--- + +This library includes support for automatically signing Guzzle requests using an event subscriber. + +```php +use HttpSignatures\Guzzle\CreateRequestSubscriber; + +$client = new \Guzzle\Http\Client('http://example.org'); +$client->addSubscriber(new CreateRequestSubscriber($context)); + +// The below will now send a signed request to: http://example.org/path?query=123 +$client->get('/path?query=123', array( + 'Date' => 'Wed, 30 Jul 2014 16:40:19 -0700', + 'Accept' => 'llamas', +))->send(); +``` + +## Contributing + +Pull Requests are welcome. + +[99signatures]: https://github.com/99designs/http-signatures-php diff --git a/composer.json b/composer.json new file mode 100644 index 0000000..0908d67 --- /dev/null +++ b/composer.json @@ -0,0 +1,26 @@ +{ + "name": "99designs/http-signatures-guzzle", + "description": "Sign and verify HTTP messages with Guzzle", + "homepage": "https://github.com/99designs/http-signatures-php", + "keywords": ["http", "https", "signing", "signed", "signature", "hmac", "guzzle"], + "license": "MIT", + "authors": [ + { + "name": "Adrian Palmer", + "email": "adrian.palmer@99designs.com" + } + ], + "autoload": { + "psr-4": { + "HttpSignatures\\": "src/" + } + }, + "require": { + "php": ">=5.3.0", + "99designs/http-signatures": "~1.1", + "guzzle/guzzle": ">=3.9" + }, + "require-dev": { + "phpunit/phpunit": "~4.1" + } +} diff --git a/src/HttpSignatures/Guzzle/CreateRequestSubscriber.php b/src/HttpSignatures/Guzzle/CreateRequestSubscriber.php new file mode 100644 index 0000000..d3f50fb --- /dev/null +++ b/src/HttpSignatures/Guzzle/CreateRequestSubscriber.php @@ -0,0 +1,28 @@ +context = $context; + } + + public static function getSubscribedEvents() + { + return array( + 'client.create_request' => 'signRequest' + ); + } + + public function signRequest($e) + { + $this->context->signer()->sign(new Message($e['request'])); + } +} diff --git a/src/HttpSignatures/Guzzle/Message.php b/src/HttpSignatures/Guzzle/Message.php new file mode 100644 index 0000000..5a55452 --- /dev/null +++ b/src/HttpSignatures/Guzzle/Message.php @@ -0,0 +1,30 @@ +request = $request; + $this->headers = new MessageHeaders($request); + } + + public function getQueryString() + { + return $this->request->getQuery(true); + } + + public function getMethod() + { + return $this->request->getMethod(); + } + + public function getPathInfo() + { + return $this->request->getPath(); + } +} diff --git a/src/HttpSignatures/Guzzle/MessageHeaders.php b/src/HttpSignatures/Guzzle/MessageHeaders.php new file mode 100644 index 0000000..4ff22fd --- /dev/null +++ b/src/HttpSignatures/Guzzle/MessageHeaders.php @@ -0,0 +1,28 @@ +request = $request; + } + + public function has($header) + { + return $this->request->hasHeader($header); + } + + public function get($header) + { + return $this->request->getHeader($header); + } + + public function set($header, $value) + { + $this->request->setHeader($header, $value); + } +} diff --git a/tests/GuzzleSignerTest.php b/tests/GuzzleSignerTest.php new file mode 100644 index 0000000..3e7e91b --- /dev/null +++ b/tests/GuzzleSignerTest.php @@ -0,0 +1,53 @@ +context = new Context(array( + 'keys' => array('pda' => 'secret'), + 'algorithm' => 'hmac-sha256', + 'headers' => array('(request-target)', 'date'), + )); + + $this->client = new \Guzzle\Http\Client(); + $this->client->addSubscriber(new CreateRequestSubscriber($this->context)); + } + + public function testGuzzleRequestHasExpectedHeaders() + { + $message = $this->client->get('/path?query=123', array('date' => 'today', 'accept' => 'llamas')); + + $expectedString = implode( + ',', + array( + 'keyId="pda"', + 'algorithm="hmac-sha256"', + 'headers="(request-target) date"', + 'signature="SFlytCGpsqb/9qYaKCQklGDvwgmrwfIERFnwt+yqPJw="', + ) + ); + + $this->assertEquals( + $expectedString, + (string) $message->getHeader('Signature') + ); + + $this->assertEquals( + 'Signature ' . $expectedString, + (string) $message->getHeader('Authorization') + ); + } + + public function testVerifyGuzzleRequest() + { + $message = $this->client->get('/path?query=123', array('date' => 'today', 'accept' => 'dogs')); + $this->assertTrue($this->context->verifier()->isValid(new Message($message))); + } +} diff --git a/tests/bootstrap.php b/tests/bootstrap.php new file mode 100644 index 0000000..223f5ba --- /dev/null +++ b/tests/bootstrap.php @@ -0,0 +1,3 @@ +