Laravel 5 API 服務端支援簽名授權認證

Github 專案地址: https://github.com/HavenShen/larsign

Api Authorized Signature Middleware for Laravel 5

關於

The larsign package authorized signature server.

Features

• Handles larsign requests

Installation

Require the havenshen/larsign package in your composer.json and update your dependencies:

$ composer require havenshen/larsign

Add the HavenShenLarsignLarsignServiceProvider to your config/app.php providers array:

HavenShenLarsignLarsignServiceProvider::class,

Add the HavenShenLarsignLarsignFacade to your config/app.php aliases array:

`Larsign` => HavenShenLarsignLarsignFacade::class,

Global usage

To allow Larsign for all your routes, add the HandleLarsign middleware in the $middleware property of app/Http/Kernel.php class:

protected $middleware = [
    // ...
    HavenShenLarsignHandleLarsign::class,
];

Group middleware

If you want to allow Larsign on a specific middleware group or route, add the HandleLarsign middleware to your group:

protected $middlewareGroups = [
    `web` => [
       // ...
    ],

    `api` => [
        // ...
        HavenShenLarsignHandleLarsign::class,
    ],
];

Application route middleware

If you want to allow Larsign on a specific application middleware or route, add the HandleLarsign middleware to your application route:

protected $routeMiddleware = [
    // ...
    `auth.larsign` => HavenShenLarsignHandleLarsign::class,
];

Configuration

The defaults are set in config/larsign.php. Copy this file to your own config directory to modify the values. You can publish the config using this command:

$ php artisan vendor:publish --provider="HavenShenLarsignLarsignServiceProvider"

return [
    /*
     |--------------------------------------------------------------------------
     | Larsign
     |--------------------------------------------------------------------------
     |
     */
    `headerName` => env(`LARSIGN_HEADER_NAME`, `Larsign`),
    `accessKey` => env(`LARSIGN_ACCESS_KEY`, ``),
    `secretKey` => env(`LARSIGN_SECRET_KEY`, ``),
];

Add api route in routes/api.php Copy this.

Route::middleware([`auth.larsign`])->group(function () {
    Route::get(`/larsign`, function () {
    return [
        `message` => `done.`
    ]);
});

or

Route::get(`/larsign`, function () {
    return [
        `message` => `done.`
    ];
})->middleware(`auth.larsign`);

Client

Generate Larsign signatures

1. Assume the following management credentials:

AccessKey = "test"
SecretKey = "123456"

1. Call interface address:

url = "https://larsign.dev/api/v1/test?page=1"

1. The original string to be signed:

note: the time-stamping followed by a newline [currenttime + voucher valid seconds]

signingStr = "/api/v1/test?page=1
1510986405"

1. Base64 url safe encode:

signingStrBase64UrlSafeEncode = "L2FwaS92MS90ZXN0P3BhZ2U9MQoxNTEwOTg2NDY1"

1. hmac_sha1 carries SecretKey encryption then base64 url safe encode:

sign = "MLKnFIdI-0TOQ4mHn5TyCcmWACU="

1. The final administrative credentials are:

note: stitching headerName Space AccessKey:sign:signingStrBase64UrlSafeEncode

larsignToken = "Larsign test:MLKnFIdI-0TOQ4mHn5TyCcmWACU=:L2FwaS92MS90ZXN0P3BhZ2U9MQoxNTEwOTg2NDY1"

1. Add http header:

note: header key in config/larsign.php -> headerName

Larsign:Larsign test:MLKnFIdI-0TOQ4mHn5TyCcmWACU=:L2FwaS92MS90ZXN0P3BhZ2U9MQoxNTEwOTg2NDY1

Client signature authorization failed

Http Response: 403

Testing

$ phpunit

License

The MIT License (MIT). Please see License File for more information.