Download the PHP package br/signed-request-bundle without Composer
On this page you can find all versions of the php package br/signed-request-bundle. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package signed-request-bundle
SignedRequestBundle
Symfony 2 bundle that provides request and response signing
Introduction
This bundle provides very easy request signing (verification), and automatic response signing. This means that every request has to be signed with a hash of
md5($requestUri . $content . $salt)The response will be signed with:
md5($responseContent . $salt)The signatures are always put (and assumed) in a header called X-SignedRequest.
Contributions are as always welcome.
Installation
Simply run assuming you have installed composer.phar or composer binary (or add to your composer.json and run composer install:
You can follow dev-master, or use a more stable tag (recommended for various reasons). On the Github repository, or on Packagist, you can always find out the latest tag.
Now add the Bundle to your Kernel:
Configuration
To configure the bundle, edit your config.yml, or config_{environment}.yml:
If you put the listeners into debug mode, the request listener will always pass through the request, it will add a
X-SignedRequest-Debug header though, that will either contain "true" or "false" depending on whether the signature
was correct.
Providing your own signing service
You can provide your own signing service by tagging your service as br_signed_request.signing_service and
implementing the Service\SigningServiceInterface. The bundle will then call the respective functions of your
service. You can take a look at the default service that is used (that just uses MD5) to see how it is setup.
Using the signed request / response annotation
Instead of checking every request for a signature you can also add an annotation on a single controller function. In
order to use that you would have to set request_listener_enabled to false. The same is true for signing responses.
If you disable response_listener_enabled, you can use annotations to specify a controller action that should sign the
response. Of course, you can also combine both annotations.
Example
To Do & Future plans
None at the moment. Open an issue or submit a PR :)
All versions of signed-request-bundle with dependencies
symfony/routing Version >=2.1, <2.4-dev
symfony/http-kernel Version >=2.1, <2.4-dev
symfony/framework-bundle Version >=2.1, <2.4-dev
symfony/event-dispatcher Version >=2.1, <2.4-dev
doctrine/common Version 2.4.*@dev