V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
HavenShen
V2EX  ›  PHP

Laravel 5 API 服务端支持签名授权认证

  •  
  •   HavenShen · 2017-12-11 15:35:01 +08:00 · 1947 次点击
    这是一个创建于 2541 天前的主题,其中的信息可能已经有所发展或是发生改变。

    Laravel 5 API 服务端支持签名授权认证

    Github 项目地址: https://github.com/HavenShen/larsign

    Api Authorized Signature Middleware for Laravel 5

    关于

    The larsign package authorized signature server.

    Features

    • Handles larsign requests

    Installation

    Require the havenshen/larsign package in your composer.json and update your dependencies:

    $ composer require havenshen/larsign
    

    Add the HavenShen\Larsign\LarsignServiceProvider to your config/app.php providers array:

    HavenShen\Larsign\LarsignServiceProvider::class,
    

    Add the HavenShen\Larsign\LarsignFacade to your config/app.php aliases array:

    'Larsign' => HavenShen\Larsign\LarsignFacade::class,
    

    Global usage

    To allow Larsign for all your routes, add the HandleLarsign middleware in the $middleware property of app/Http/Kernel.php class:

    protected $middleware = [
        // ...
        \HavenShen\Larsign\HandleLarsign::class,
    ];
    

    Group middleware

    If you want to allow Larsign on a specific middleware group or route, add the HandleLarsign middleware to your group:

    protected $middlewareGroups = [
        'web' => [
           // ...
        ],
    
        'api' => [
            // ...
            \HavenShen\Larsign\HandleLarsign::class,
        ],
    ];
    

    Application route middleware

    If you want to allow Larsign on a specific application middleware or route, add the HandleLarsign middleware to your application route:

    protected $routeMiddleware = [
        // ...
        'auth.larsign' => \HavenShen\Larsign\HandleLarsign::class,
    ];
    

    Configuration

    The defaults are set in config/larsign.php. Copy this file to your own config directory to modify the values. You can publish the config using this command:

    $ php artisan vendor:publish --provider="HavenShen\Larsign\LarsignServiceProvider"
    
    return [
        /*
         |--------------------------------------------------------------------------
         | Larsign
         |--------------------------------------------------------------------------
         |
         */
        'headerName' => env('LARSIGN_HEADER_NAME', 'Larsign'),
        'accessKey' => env('LARSIGN_ACCESS_KEY', ''),
        'secretKey' => env('LARSIGN_SECRET_KEY', ''),
    ];
    

    Add api route in routes/api.php Copy this.

    Route::middleware(['auth.larsign'])->group(function () {
        Route::get('/larsign', function () {
        return [
            'message' => 'done.'
        ]);
    });
    

    or

    Route::get('/larsign', function () {
        return [
            'message' => 'done.'
        ];
    })->middleware('auth.larsign');
    

    Client

    Generate Larsign signatures

    1. Assume the following management credentials:
    AccessKey = "test"
    SecretKey = "123456"
    
    1. Call interface address:
    url = "https://larsign.dev/api/v1/test?page=1"
    
    1. The original string to be signed:

    note: the time-stamping followed by a newline [currenttime + voucher valid seconds]

    signingStr = "/api/v1/test?page=1\n1510986405"
    
    1. Base64 url safe encode:
    signingStrBase64UrlSafeEncode = "L2FwaS92MS90ZXN0P3BhZ2U9MQoxNTEwOTg2NDY1"
    
    1. hmac_sha1 carries SecretKey encryption then base64 url safe encode:
    sign = "MLKnFIdI-0TOQ4mHn5TyCcmWACU="
    
    1. The final administrative credentials are:

    note: stitching headerName Space AccessKey:sign:signingStrBase64UrlSafeEncode

    larsignToken = "Larsign test:MLKnFIdI-0TOQ4mHn5TyCcmWACU=:L2FwaS92MS90ZXN0P3BhZ2U9MQoxNTEwOTg2NDY1"
    
    1. Add http header:

    note: header key in config/larsign.php -> headerName

    Larsign:Larsign test:MLKnFIdI-0TOQ4mHn5TyCcmWACU=:L2FwaS92MS90ZXN0P3BhZ2U9MQoxNTEwOTg2NDY1
    

    Client signature authorization failed

    Http Response: 403
    

    Testing

    $ phpunit
    

    License

    The MIT License (MIT). Please see License File for more information.

    目前尚无回复
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   1034 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 23ms · UTC 22:24 · PVG 06:24 · LAX 14:24 · JFK 17:24
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.