Download the PHP package meta-tech/pws-auth without Composer

On this page you can find all versions of the php package meta-tech/pws-auth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package pws-auth

PwsAuth

PwsAuth is an authentication protocol throught http header designed to web services

Request Headers

Request headers must be define as follow :

Pws-Authorization : $type $token
Pws-Ident : $userkey

The $token can be either a loginToken or a sessionToken

The $token is divided in four part

The complete token is valid only if obfuscate part can be rebuild.
This simple mecanism ensure that sessionId is valid and can be safety load

Authenticator 's configuration comes with a hash.session.index and hash.noise.length values wich can be redefined to move the session token part into the complete token

                                                    << hash.session.index >>                             << hash.noise.length >>
|-----------------------------------------------------------<<-^->>---------------------------------------------<<-^->>--------|
|- type ||-- date ---|------------ obfuscate token ---------<<-^->>-------------- session token ----------------<<-^->> noise -|
|       ||     1     |                    2                    |                         3                         |     4     |
 PwsAuth2 242003031711e1a6104135f04c6c01e6cd5952ecafbb53c928603b0gb64tqo609qse6ovd7lhdvk4fnaqk7cdl26e4d4qh7jb41eu5f1zb5y79m8pgu3

Requirements

PHP >= 5.4

Install

The package can be installed using Composer .

Or add the package to your composer.json.

Authenticator instanciation

ClientSide

A request header can be generated via the generateHeader($login, $key, $sessid=null) method.
The third parameter determine wich kind of token will be generated

for a client usage, see  MetaTech\Ws\Client

ServerSide

The Token can be retriew via the getToken method

loginToken is validate by the check(Token $token = null, $login) method
loginToken must match a public url with method POST and a couple of login/password
On successfull login, the session id must be transmit to the client.

sessionToken is valid only if the session can effectively be loaded, and the user key match the given Pws-Ident value

for a server usage, see MetaTech\Silex\Ws\Authentication and meta-tech/pws-server .

Configuration

Configuration must be the same on server and client sides
Hash definition is a convenient way to obfuscate your tokens

config/pwsauth.yml

Notes

A valid $userkey alone is useless
A valid $sessionId alone is useless

License

The project is released under the MIT license, see the LICENSE file.


All versions of pws-auth with dependencies

PHP Build Version
Package Version
Requires php Version >=5.4
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package meta-tech/pws-auth contains the following files

Loading the files please wait ....