Laravel 5 API 服務端支持簽名受權認證php
Github 項目地址: https://github.com/HavenShen/larsigngit
The larsign
package authorized signature server.github
Require the havenshen/larsign
package in your composer.json
and update your dependencies:web
$ composer require havenshen/larsign
Add the HavenShen\Larsign\LarsignServiceProvider
to your config/app.php
providers array:shell
HavenShen\Larsign\LarsignServiceProvider::class,
Add the HavenShen\Larsign\LarsignFacade
to your config/app.php
aliases array:json
'Larsign' => HavenShen\Larsign\LarsignFacade::class,
To allow Larsign for all your routes, add the HandleLarsign
middleware in the $middleware
property of app/Http/Kernel.php
class:api
protected $middleware = [ // ... \HavenShen\Larsign\HandleLarsign::class, ];
If you want to allow Larsign on a specific middleware group or route, add the HandleLarsign
middleware to your group:app
protected $middlewareGroups = [ 'web' => [ // ... ], 'api' => [ // ... \HavenShen\Larsign\HandleLarsign::class, ], ];
If you want to allow Larsign on a specific application middleware or route, add the HandleLarsign
middleware to your application route:composer
protected $routeMiddleware = [ // ... 'auth.larsign' => \HavenShen\Larsign\HandleLarsign::class, ];
The defaults are set in config/larsign.php
. Copy this file to your own config directory to modify the values. You can publish the config using this command:ide
$ php artisan vendor:publish --provider="HavenShen\Larsign\LarsignServiceProvider"
return [ /* |-------------------------------------------------------------------------- | Larsign |-------------------------------------------------------------------------- | */ 'headerName' => env('LARSIGN_HEADER_NAME', 'Larsign'), 'accessKey' => env('LARSIGN_ACCESS_KEY', ''), 'secretKey' => env('LARSIGN_SECRET_KEY', ''), ];
Add api route in routes/api.php
Copy this.
Route::middleware(['auth.larsign'])->group(function () { Route::get('/larsign', function () { return [ 'message' => 'done.' ]); });
or
Route::get('/larsign', function () { return [ 'message' => 'done.' ]; })->middleware('auth.larsign');
Generate Larsign
signatures
AccessKey = "test" SecretKey = "123456"
url = "https://larsign.dev/api/v1/test?page=1"
note: the time-stamping followed by a newline [currenttime + voucher valid seconds]
signingStr = "/api/v1/test?page=1\n1510986405"
signingStrBase64UrlSafeEncode = "L2FwaS92MS90ZXN0P3BhZ2U9MQoxNTEwOTg2NDY1"
hmac_sha1
carries SecretKey
encryption then base64 url safe encode:sign = "MLKnFIdI-0TOQ4mHn5TyCcmWACU="
note: stitching
headerName
SpaceAccessKey
:sign
:signingStrBase64UrlSafeEncode
larsignToken = "Larsign test:MLKnFIdI-0TOQ4mHn5TyCcmWACU=:L2FwaS92MS90ZXN0P3BhZ2U9MQoxNTEwOTg2NDY1"
note: header key in
config/larsign.php -> headerName
Larsign:Larsign test:MLKnFIdI-0TOQ4mHn5TyCcmWACU=:L2FwaS92MS90ZXN0P3BhZ2U9MQoxNTEwOTg2NDY1
Http Response: 403
$ phpunit
The MIT License (MIT). Please see License File for more information.