HMAC Request Signer is a PHP library that implements the HTTP HMAC Spec to sign and verify RESTful Web API requests. It integrates with popular libraries such as Symfony and Guzzle and can be used on both the server and client.
HMAC Request Signer can be installed with Composer by adding it as a dependency to your project's composer.json file.
{
"require": {
"acquia/http-hmac-php": "*"
}
}
Please refer to Composer's documentation for more detailed installation and usage instructions.
Sign an API request sent via Guzzle.
use Acquia\Hmac\Guzzle\HmacAuthMiddleware;
use Acquia\Hmac\RequestSigner;
use GuzzleHttp\Client;
use GuzzleHttp\HandlerStack;
$requestSigner = new RequestSigner();
$middleware = new HmacAuthMiddleware($requestSigner, 'apiKeyId', 'secretKey');
$stack = HandlerStack::create();
$stack->push($middleware);
$client = new Client([
'handler' => $stack,
]);
$client->get('http://example.com/resource');
Authenticate the request in a Symfony-powered app e.g. Silex.
use Acquia\Hmac\RequestAuthenticator;
use Acquia\Hmac\RequestSigner;
use Acquia\Hmac\Request\Symfony as RequestWrapper;
// $request is a \Symfony\Component\HttpFoundation\Request object.
$requestWrapper = new RequestWrapper($request);
// $keyLoader implements \Acquia\Hmac\KeyLoaderInterface
$authenticator = new RequestAuthenticator(new RequestSigner(), '+15 minutes');
$key = $authenticator->authenticate($requestWrapper, $keyLoader);
Submit changes using GitHub's standard pull request workflow.
All code should adhere to the following standards:
It is recommend to use the PHP Coding Standards Fixer tool to ensure that code adheres to the coding standards mentioned above.
Refer to PHP Project Starter's documentation for the Apache Ant targets supported by this project.