Libraries tagged by signed_request
wpify/benefit-plus-gateway-sdk
173 Downloads
This is a "swagger" definition of application programming interface of the MรบzaPay by Benefit Plus e-commerce payment gateway. You may leverage this API from your e-shop to integrate payments by employee-benefits-programme funds. This version of the programme uses mobile payment application MรบzaPay. Requests signingAll requests except /auth/token must be signed by "SHA-256 with RSA" (RSASSA-PKCS1-v1_5, RFC 8017 chapter 8.2) electronic signatures. See online gateway documentation for details. ## Change log * v2 - 2025-06-26 * Added HEALTH value to productCode enum as mandated by the Czech state legislation. * amountAuthorized in PaymentStateResponse renamed to remainingAmount to better capture its meaining. * Added HTTP 410 Gone response to the cancelPayment() operation. * Corrected pattern of orderReferenceCode * Multiple corrections of the documentation, examples and field ordering changes - non-impacting.
factpulse/sdk
61 Downloads
REST API for electronic invoicing in France: Factur-X (CII), UBL 2.1, AFNOR PDP/PA, electronic signatures. ## ๐ฏ Main Features ### ๐ Invoice Generation - **Formats**: CII XML, UBL 2.1 XML, or Factur-X PDF/A-3 - **Profiles** (CII/PDF): MINIMUM, BASIC, EN16931, EXTENDED - **UBL**: Always EN16931 compliant - **Standards**: EN 16931 (EU directive 2014/55), ISO 19005-3 (PDF/A-3), CII (UN/CEFACT), UBL 2.1 (OASIS) - **Simplified Format**: Generation from SIRET + auto-enrichment (Chorus Pro API + Business Search) ### โ Factur-X - Validation - **XML Validation**: Schematron (45 to 210+ rules depending on profile) - **PDF Validation**: PDF/A-3, Factur-X XMP metadata - **VeraPDF**: Strict PDF/A validation (146+ ISO 19005-3 rules) ### โ๏ธ Electronic Signature - **Standards**: PAdES-B-B, PAdES-B-T (RFC 3161 timestamping), PAdES-B-LT (long-term archival) - **eIDAS Levels**: SES (self-signed), AdES (commercial CA), QES (QTSP) - **Validation**: Cryptographic integrity and certificate verification ### ๐ Flux 6 - Invoice Lifecycle (CDAR) - **CDAR Messages**: Acknowledgements, invoice statuses - **PPF Statuses**: REFUSED (210), PAID (212) ### ๐ Flux 10 - E-Reporting - **Tax Declarations**: International B2B, B2C - **Flow Types**: 10.1 (B2B transactions), 10.2 (B2B payments), 10.3 (B2C transactions), 10.4 (B2C payments) ### ๐ก AFNOR PDP/PA (XP Z12-013) - **Flow Service**: Submit and search flows to PDPs - **Directory Service**: Company search (SIREN/SIRET) - **Multi-client**: Support for multiple PDP configs per user ### ๐๏ธ Chorus Pro - **Public Sector Invoicing**: Complete API for Chorus Pro ### โณ Async Tasks - **Celery**: Asynchronous generation, validation and signing - **Polling**: Status tracking via `/tasks/{task_id}/status` - **Webhooks**: Automatic notifications when tasks complete ## ๐ Authentication All requests require a **JWT token** in the Authorization header: ``` Authorization: Bearer YOUR_JWT_TOKEN ``` ### How to obtain a JWT token? #### ๐ Method 1: `/api/token/` API (Recommended) **URL:** `https://factpulse.fr/api/token/` This method is **recommended** for integration in your applications and CI/CD workflows. **Prerequisites:** Having set a password on your account **For users registered via email/password:** - You already have a password, use it directly **For users registered via OAuth (Google/GitHub):** - You must first set a password at: https://factpulse.fr/accounts/password/set/ - Once the password is created, you can use the API **Request example:** ```bash curl -X POST https://factpulse.fr/api/token/ \ -H "Content-Type: application/json" \ -d '{ "username": "[email protected]", "password": "your_password" }' ``` **Optional `client_uid` parameter:** To select credentials for a specific client (PA/PDP, Chorus Pro, signing certificates), add `client_uid`: ```bash curl -X POST https://factpulse.fr/api/token/ \ -H "Content-Type: application/json" \ -d '{ "username": "[email protected]", "password": "your_password", "client_uid": "550e8400-e29b-41d4-a716-446655440000" }' ``` The `client_uid` will be included in the JWT and allow the API to automatically use: - AFNOR/PDP credentials configured for this client - Chorus Pro credentials configured for this client - Electronic signature certificates configured for this client **Response:** ```json { "access": "eyJ0eXAiOiJKV1QiLCJhbGc...", // Access token (validity: 30 min) "refresh": "eyJ0eXAiOiJKV1QiLCJhbGc..." // Refresh token (validity: 7 days) } ``` **Advantages:** - โ Full automation (CI/CD, scripts) - โ Programmatic token management - โ Refresh token support for automatic access renewal - โ Easy integration in any language/tool #### ๐ฅ๏ธ Method 2: Dashboard Generation (Alternative) **URL:** https://factpulse.fr/api/dashboard/ This method is suitable for quick tests or occasional use via the graphical interface. **How it works:** - Log in to the dashboard - Use the "Generate Test Token" or "Generate Production Token" buttons - Works for **all** users (OAuth and email/password), without requiring a password **Token types:** - **Test Token**: 24h validity, 1000 calls/day quota (free) - **Production Token**: 7 days validity, quota based on your plan **Advantages:** - โ Quick for API testing - โ No password required - โ Simple visual interface **Disadvantages:** - โ Requires manual action - โ No refresh token - โ Less suited for automation ### ๐ Full Documentation For more information on authentication and API usage: https://factpulse.fr/documentation-api/
spiderrobb/signed-request
37 Downloads
Simple Class for encoding and decoding SignedRequests that support a number of features and hash algorithms
dbd-net/signed-request
139 Downloads
Sign and validate HTTP requests
chatagency/laravel-signed-requests
24 Downloads
A package to (hopefully) make custom signed requests easier.
irma/requestor
183 Downloads
Create signed IRMA issuance or verification requests
simplon/signr
318 Downloads
Create and validate Signed Requests including data encryption.
irfanokr/laravel-secure-bridge
0 Downloads
Signed, timestamped, replay-protected and optionally AES-256-GCM-encrypted request/response bridge between a JavaScript front-end (SPA or Blade + AJAX) and a Laravel API. Framework-agnostic JS client. Works on Laravel 5.5 through 12 and PHP 7.1+.
francodacosta/caparica-bundle
2237 Downloads
a symfony bundle to help secure your REST api with signed requests
c-squared-solutions-llc/hmac-util
8 Downloads
PHP HMAC utility library for signing and verifying signed requests
peanutgraphic/bloxy-tester-bridge
1661 Downloads
In-app companion for TESTER โ verifies HMAC-signed requests from the TESTER worker, exposes /tester/health, and (Phase 3+) ships TestClock middleware.
ziggeo/manifold-php-signature
53706 Downloads
Verify signed HTTP request from Manifold
mishagodovanuk/payment_gateway
1 Downloads
Framework-agnostic mTLS HTTP client with HMAC-signed GET requests for payment gateway integrations
clickbar/laravel-validate-relative-signature
43 Downloads
Middleware for validating relative signed url requests.
swop/github-webhook-middleware
35 Downloads
PSR-7 style & PSR-15 compatible middleware which will verify if the incoming GitHub web hook request is correctly signed.