1. Go to this page and download the library: Download mardy-git/hmac library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
mardy-git / hmac example snippets
use Mardy\Hmac\Manager;
use Mardy\Hmac\Adapters\Hash;
use Mardy\Hmac\Exceptions\HmacInvalidAlgorithmException;
use Mardy\Hmac\Exceptions\HmacInvalidArgumentException;
//there are several adapters available 'Bcrypt', 'Hash', 'HashHmac', 'HashPbkdf2'
//you can inject any of them into the manager, they all share the same interface
//With the Bcrypt adapter the num of iteration config is applied to the cost
$manager = new Manager(new Hash);
//you can use any of the Hash algorithms that are available on your environment
$config = [
'algorithm' => 'sha256',
'num-first-iterations' => 10,
'num-second-iterations' => 10,
'num-final-iterations' => 100,
];
//the private key used in both applications to ensure the hash is the same
$key = 'wul4RekRPOMw4a2A6frifPqnOxDqMXdtRQMt6v6lsCjxEeF9KgdwDCMpcwROTqyPxvs1ftw5qAHjL4Lb';
try {
$manager->config($config);
} catch (HmacInvalidAlgorithmException $e) {
//an HmacInvalidAlgorithmException can be caught here
//"The algorithm ({$algorithm}) selected is not available"
}
//the secure private key that will be stored locally and not sent in the http headers
$manager->key($key);
//the data to be encoded with the hmac, you could use the URI for this
$manager->data('test');
//the current timestamp, this will be compared in the other API to ensure
$manager->time(microtime(true)); //use time() or micortime(true)
//encodes the hmac if all the
use Mardy\Hmac\Manager;
use Mardy\Hmac\Adapters\Hash;
use Mardy\Hmac\Exceptions\HmacInvalidAlgorithmException;
//there are several adapters available 'Bcrypt', 'Hash', 'HashHmac', 'HashPbkdf2'
//you can inject any of them into the manager, they all share the same interface
//With the Bcrypt adapter the num of iteration config is applied to the cost
$manager = new Manager(new Hash);
//you can use any of the Hash algorithms that are available on your environment
$config = [
'algorithm' => 'sha256',
'num-first-iterations' => 10,
'num-second-iterations' => 10,
'num-final-iterations' => 100,
];
//the private key used in both applications to ensure the hash is the same
$key = 'wul4RekRPOMw4a2A6frifPqnOxDqMXdtRQMt6v6lsCjxEeF9KgdwDCMpcwROTqyPxvs1ftw5qAHjL4Lb';
$ttl = 2;
try {
$manager->config($config);
} catch (HmacInvalidAlgorithmException $e) {
//an HmacInvalidAlgorithmException can be caught here
//"The algorithm ({$algorithm}) selected is not available"
}
//time to live, when checking if the hmac isValid this will ensure
//that the time with have to be with this number of seconds
$manager->ttl($ttl);
//the secure private key that will be stored locally and not sent in the http headers
$manager->key($key);
//get the HMAC values from the $_SERVER/request headers (and make sure you sanitise the values)
$hmac['data'] = filter_var($_SERVER['data'], FILTER_SANITIZE_STRING);
$hmac['time'] = filter_var($_SERVER['time'], FILTER_SANITIZE_STRING);
$hmac['hmac'] = filter_var($_SERVER['hmac'], FILTER_SANITIZE_STRING);
//the data to be encoded with the hmac, you could use the URI for this
$manager->data($hmac['data']);
//the current timestamp, this will be compared in the other API to ensure
$manager->time($hmac['time']);
//to check if the hmac is valid you need to run the isValid() method
//this needs to be executed after the encode method has been ran
if (! $manager->isValid($hmac['hmac'])) {
http_response_code(401);
echo 'Invalid credentials';
}
use GuzzleHttp\Client;
use GuzzleHttp\Event\BeforeEvent;
use Mardy\Hmac\Plugin\HmacHeadersGuzzleEvent;
use Mardy\Hmac\Adapters\Hash;
//Using the HmacHeadersGuzzleEvent class you can automatically inject some headers
//directly into the guzzle request. This is far more convenient for those of us
//using dependency injection containers and means we don't have to do it manually
//each time \o/
$client = new Client;
$client->getEmitter()->on('before', function (BeforeEvent $event) {
(new HmacHeadersGuzzleEvent(
new Hash,
'wul4RekRPOMw4a2A6frifPqnOxDqMXdtRQMt6v6lsCjxEeF9KgdwDCMpcwROTqyPxvs1ftw5qAHjL4Lb',
'test-data',
microtime(true)
))->onBefore($event);
});
$request = $client->createRequest('GET', 'http://www.google.com');
$client->send($request);
Loading please wait ...
Before you can download the PHP files, the dependencies should be resolved. This can take some minutes. Please be patient.