This repository has been archived by the owner on Mar 28, 2022. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit af6fd50
Showing
26 changed files
with
1,279 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
coverage_clover: clover.xml | ||
json_path: coveralls-upload.json |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
/composer.lock | ||
/phpunit.xml | ||
/vendor/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
sudo: false | ||
|
||
language: php | ||
|
||
cache: | ||
directories: | ||
- $HOME/.composer/cache | ||
- $HOME/.local | ||
- vendor | ||
|
||
matrix: | ||
fast_finish: true | ||
include: | ||
- php: 7.1 | ||
env: | ||
- EXECUTE_CS_CHECK=true | ||
- EXECUTE_TEST_COVERALLS=true | ||
- PATH="$HOME/.local/bin:$PATH" | ||
- php: nightly | ||
allow_failures: | ||
- php: nightly | ||
|
||
before_install: | ||
- if [[ $EXECUTE_TEST_COVERALLS != 'true' ]]; then phpenv config-rm xdebug.ini || return 0 ; fi | ||
- composer self-update | ||
- if [[ $EXECUTE_TEST_COVERALLS == 'true' ]]; then composer require --dev --no-update php-coveralls/php-coveralls:2.0.0 ; fi | ||
|
||
install: | ||
- travis_retry composer install --no-interaction | ||
- composer info -i | ||
|
||
script: | ||
- if [[ $EXECUTE_TEST_COVERALLS == 'true' ]]; then composer test-coverage ; fi | ||
- if [[ $EXECUTE_TEST_COVERALLS != 'true' ]]; then composer test ; fi | ||
- if [[ $EXECUTE_CS_CHECK == 'true' ]]; then composer cs ; fi | ||
|
||
after_script: | ||
- if [[ $EXECUTE_TEST_COVERALLS == 'true' ]]; then composer coveralls ; fi | ||
|
||
notifications: | ||
email: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
Copyright (c) 2018, Ben Scholzen (DASPRiD) | ||
All rights reserved. | ||
|
||
Redistribution and use in source and binary forms, with or without | ||
modification, are permitted provided that the following conditions are met: | ||
|
||
1. Redistributions of source code must retain the above copyright notice, this | ||
list of conditions and the following disclaimer. | ||
2. Redistributions in binary form must reproduce the above copyright notice, | ||
this list of conditions and the following disclaimer in the documentation | ||
and/or other materials provided with the distribution. | ||
|
||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND | ||
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR | ||
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,102 @@ | ||
# Pikkuleipa | ||
|
||
[![Build Status](https://travis-ci.org/DASPRiD/Pikkuleipa.svg?branch=master)](https://travis-ci.org/DASPRiD/Pikkuleipa) | ||
[![Coverage Status](https://coveralls.io/repos/github/DASPRiD/Pikkuleipa/badge.svg?branch=master)](https://coveralls.io/github/DASPRiD/Pikkuleipa?branch=master) | ||
[![Latest Stable Version](https://poser.pugx.org/dasprid/pikkuleipa/v/stable)](https://packagist.org/packages/dasprid/pikkuleipa) | ||
[![Total Downloads](https://poser.pugx.org/dasprid/pikkuleipa/downloads)](https://packagist.org/packages/dasprid/pikkuleipa) | ||
[![License](https://poser.pugx.org/dasprid/pikkuleipa/license)](https://packagist.org/packages/dasprid/pikkuleipa) | ||
|
||
Pikkuleipa is a cookie manager for PSR-7 compliant applications, utilizing [JSON Web Tokens](https://jwt.io/) for | ||
security and allowing the handling of multiple independent cookies.authentication middleware embracing PSR-7. | ||
|
||
## Installation | ||
|
||
Install via composer: | ||
|
||
```bash | ||
$ composer require dasprid/pikkuleipa | ||
``` | ||
|
||
## Getting started (for [Expressive](https://github.com/zendframework/zend-expressive)) | ||
|
||
### Import the factory config | ||
|
||
Create a file named `pikkuleipa.global.php` or similar in your autoloading config directory: | ||
|
||
```php | ||
<?php | ||
return (new DASPRiD\Pikkuleipa\ConfigProvider())->__invoke(); | ||
``` | ||
|
||
This will introduce a few factories, namely you can retrieve the following objects through that: | ||
|
||
- `DASPRiD\Pikkuleipa\CookieManager` through `DASPRiD\Pikkuleipa\CookieManagerInterface` | ||
- `DASPRiD\Pikkuleipa\TokenManager` through `DASPRiD\Pikkuleipa\TokenManagerInterface` | ||
|
||
### Configure Pikkuleipa | ||
|
||
For Pikkuleipa to function, it needs a few configuration variables. Copy the file `doc/example-config.php` and adjust the | ||
values as needed. | ||
|
||
### Using the cookie manager | ||
|
||
The token manager should usually not be of interest to you. The important part is the cookie manager, which you can | ||
either use through the container, if you are using PSR/Container, or by other means. It concretely gives you three | ||
actions you can do, which are setting cookies, getting cookies and expiring cookies. | ||
|
||
#### Setting cookies | ||
|
||
Setting a cookie is really easy. First you either get an existing cookie from the cookie manager or you create a new | ||
one. Then you set that cookie on a PSR-7 response and return the modified response to the user. | ||
|
||
The `setCookie` method takes two additional parameters beside the response and the cookie. The first one is whether the | ||
cookie should expire at the end of the browser session, which defaults to false. The second one defines whether the | ||
`setCookie` call should override a previous `expireCookie` call, which defaults to true. | ||
|
||
```php | ||
<?php | ||
use DASPRiD\Pikkuleipa\Cookie; | ||
use DASPRiD\Pikkuleipa\CookieManagerInterface; | ||
|
||
$cookieManager = $container->get(CookieManagerInterface::class); | ||
$cookie = new Cookie('foo'); | ||
$cookie->set('bar', 'baz'); | ||
|
||
$newResponse = $cookieManager->setCookie($response, $cookie); | ||
``` | ||
|
||
#### Getting cookies | ||
|
||
Getting cookies is also quite simple. When retrieving a cookie, the cookie- and the token manager will verify that the | ||
cookie exists and its contents are legit. If something fails, a new empty cookie instance is returned. | ||
|
||
```php | ||
<?php | ||
use DASPRiD\Pikkuleipa\CookieManagerInterface; | ||
|
||
$cookieManager = $container->get(CookieManagerInterface::class); | ||
$cookie = $cookieManager->getCookie($serverRequest, 'foo'); | ||
|
||
echo $cookie->get('bar'); // Outputs: bar | ||
``` | ||
|
||
#### Expiring cookies | ||
|
||
Expiring cookies is just as simple as setting a cookie. You can either expire a cookie by its instance or by name: | ||
|
||
```php | ||
<?php | ||
use DASPRiD\Pikkuleipa\CookieManagerInterface; | ||
|
||
$cookieManager = $container->get(CookieManagerInterface::class); | ||
$cookie = $cookieManager->getCookie($serverRequest, 'foo'); | ||
|
||
$newResponse = $cookieManager->expireCookie($cookie); | ||
|
||
// Or: | ||
$newResponse = $cookieManager->expireCookieByName('foo'); | ||
``` | ||
|
||
## About the name | ||
|
||
Pikkuleipa is the Finnish word for "cookie" or "biscuit", nothing fancy here! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
{ | ||
"name": "dasprid/pikkuleipa", | ||
"description": "PSR-7 JWT cookie handler", | ||
"type": "library", | ||
"require": { | ||
"php": "^7.1", | ||
"lcobucci/jwt": "^3.2", | ||
"psr/http-message": "^1.0", | ||
"dflydev/fig-cookies": "^1.0", | ||
"cultuurnet/clock": "^1.0" | ||
}, | ||
"require-dev": { | ||
"phpunit/phpunit": "^5.5", | ||
"psr/container": "^1.0", | ||
"dasprid/treereader": "^1.3", | ||
"zendframework/zend-diactoros": "^1.3", | ||
"squizlabs/php_codesniffer": "^2.7" | ||
}, | ||
"suggest": { | ||
"psr/container": "For using the supplied factories", | ||
"dasprid/treereader": "For using the supplied factories" | ||
}, | ||
"license": "BSD-2-Clause", | ||
"authors": [ | ||
{ | ||
"name": "Ben Scholzen 'DASPRiD'", | ||
"homepage": "https://dasprids.de/", | ||
"email": "mail@dasprids.de" | ||
} | ||
], | ||
"keywords": [ | ||
"jwt", | ||
"cookie", | ||
"session", | ||
"http", | ||
"psr", | ||
"psr-7" | ||
], | ||
"autoload": { | ||
"psr-4": { | ||
"DASPRiD\\Pikkuleipa\\": "src/" | ||
} | ||
}, | ||
"autoload-dev": { | ||
"psr-4": { | ||
"DASPRiD\\PikkuleipaTest\\": "test/" | ||
} | ||
}, | ||
"scripts": { | ||
"check": [ | ||
"@cs", | ||
"@test" | ||
], | ||
"coveralls": "php-coveralls", | ||
"cs": "phpcs", | ||
"cs-fix": "phpcbf", | ||
"test": "phpunit", | ||
"test-coverage": "phpunit --coverage-clover clover.xml" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
<?php | ||
return [ | ||
'pikkuleipa' => [ | ||
'default_cookie_settings' => [ | ||
// Path which the cookie applies to | ||
'path' => '/', | ||
|
||
// Whether the cookie is limited to HTTPS | ||
'secure' => true, | ||
|
||
// Lifetime of the cookie, here 30 days | ||
'lifetime' => 2592000, | ||
], | ||
|
||
'cookie_settings' => [ | ||
// Here you can configure all the different cookies you are using | ||
'some_cookie_name' => [ | ||
'path' => '/', | ||
'secure' => true, | ||
'lifetime' => 60 | ||
], | ||
], | ||
|
||
'token' => [ | ||
// Signer used for signing and verification | ||
'signer_class' => Lcobucci\JWT\Signer\Rsa\Sha256::class, | ||
|
||
// Signature and verification keys. See: https://github.com/lcobucci/jwt#token-signature | ||
'signature_key' => '', | ||
'verification_key' => '', | ||
], | ||
], | ||
]; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
<?xml version="1.0"?> | ||
<ruleset name="Pikkuleipa coding standard"> | ||
<description>Pikkuleipa coding standard</description> | ||
|
||
<!-- display progress --> | ||
<arg value="p"/> | ||
<arg name="colors"/> | ||
|
||
<!-- inherit rules from: --> | ||
<rule ref="PSR2"/> | ||
<rule ref="Generic.Arrays.DisallowLongArraySyntax"/> | ||
<rule ref="Squiz.WhiteSpace.SuperfluousWhitespace"> | ||
<properties> | ||
<property name="ignoreBlankLines" value="false"/> | ||
</properties> | ||
</rule> | ||
|
||
<!-- Paths to check --> | ||
<file>src</file> | ||
<file>test</file> | ||
</ruleset> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
xsi:noNamespaceSchemaLocation="vendor/phpunit/phpunit/phpunit.xsd" | ||
bootstrap="vendor/autoload.php" | ||
colors="true"> | ||
<testsuites> | ||
<testsuite name="DASPRiD\\Pikkuleipa Tests"> | ||
<directory>./test</directory> | ||
</testsuite> | ||
</testsuites> | ||
|
||
<filter> | ||
<whitelist processUncoveredFilesFromWhitelist="true"> | ||
<directory suffix=".php">src</directory> | ||
</whitelist> | ||
</filter> | ||
</phpunit> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
<?php | ||
declare(strict_types = 1); | ||
|
||
namespace DASPRiD\Pikkuleipa; | ||
|
||
use DASPRiD\Pikkuleipa\Factory\CookieManagerFactory; | ||
use DASPRiD\Pikkuleipa\Factory\TokenManagerFactory; | ||
|
||
final class ConfigProvider | ||
{ | ||
public function __invoke() : array | ||
{ | ||
return [ | ||
'dependencies' => $this->getDependencyConfig(), | ||
]; | ||
} | ||
|
||
public function getDependencyConfig() : array | ||
{ | ||
return [ | ||
'factories' => [ | ||
CookieManagerInterface::class => CookieManagerFactory::class, | ||
TokenManagerInterface::class => TokenManagerFactory::class, | ||
], | ||
]; | ||
} | ||
} |
Oops, something went wrong.