Download the PHP package chatagency/laravel-signed-requests without Composer
On this page you can find all versions of the php package chatagency/laravel-signed-requests. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download chatagency/laravel-signed-requests
More information about chatagency/laravel-signed-requests
Files in chatagency/laravel-signed-requests
Package laravel-signed-requests
Short Description A package to (hopefully) make custom signed requests easier.
License MIT
Informations about the package laravel-signed-requests
Laravel Signed Requests
A Laravel package to help make signed requests between two laravel apps easier.
Requirements
You need to have openssl installed. We use hash_hmac() function to create the signature from the payloads and validate the submitted signature. Review the potentially available algorithms you can use here.
The package includes: A config file:
Allows you to define request types by name and give each type of request a unique signature secret string to use when validating signed request payloads.
A working middleware validator:
This middleware works for the 'request' type as a default. You can copy this middleware after publishing, and use it as the baseline to create your own signed request validating middleware.
To start, after installing with composer, run:
This will give you the config file config/signed-requests.php
as well as the middleware, that will be copied into your app's middleware folder.
As a test, you can use this curl call after installation, with all the default configuration.
The package registers a middleware that is aliased to: signed-requests
. Create a controller and assign this middleware to a post route that uses this controller.
You can then post a simple test payload to this route:
You will get an unauthorized http code if the signature is not passing the middleware's validation.