1. Go to this page and download the library: Download truelayer/signing library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
truelayer / signing example snippets
use TrueLayer\Signing\Signer;
$signer = Signer::signWithPemFile('kid-value', '/path/to/privatekey');
$signer = Signer::signWithPem('kid-value', $pemContents);
$signer = Signer::signWithPemBase64('kid-value', $pemContentsBase64Encoded);
$signer = Signer::signWithKey('kid-value', new \Jose\Component\Core\JWK());
use TrueLayer\Signing\Signer;
$signature = $signer->method('POST')
->path('/path') // The api path
->header('Idempotency-Key', 'my-key') // The idempotency key you must send with your request
->body('stringified request body')
->sign();
use TrueLayer\Signing\Signer;
$request = $signer->addSignatureHeader($request)
use TrueLayer\Signing\Verifier;
use GuzzleHttp\Client;
// Note: you should add error handling as appropriate
$httpClient = new Client();
$response = $httpClient->get('https://webhooks.truelayer-sandbox.com/.well-known/jwks')->getBody()->getContents();
$keys = json_decode($response, true)['keys'];
$verifier = Verifier::verifyWithJsonKeys(...$keys); // Note the spread operator, it's important.
$verifier
->path('/path') // Should be your webhook path, for example $_SERVER['REQUEST_URI']
->headers($headers) // All headers you receive. Header names can be in any casing.
->body('stringified request body'); // For example file_get_contents('php://input');
try {
$verifier->verify($headers['tl-signature']);
} catch (InvalidSignatureException $e) {
throw $e; // Handle invalid signature. You should not use this request's data.
}
Loading please wait ...
Before you can download the PHP files, the dependencies should be resolved. This can take some minutes. Please be patient.