[7.x] Add new Redirector::signedRoute(), Redirector::temporarySignedRoute() methods

[ryangjchandler]

This pull requests adds two new shortcut methods for redirecting to signed routes.

Currently, this can be achieved by:

redirect()->to(URL::signedRoute(...));

but this can get hard to read and isn't as fluent as the other methods, such as redirect()->route().

This PR adds support for the following:

redirect()->signedRoute($route, $parameters, $expiration, $status, $headers);

// and

redirect()->temporarySignedRoute($route, $expiration, $parameters, $status, $headers);

Happy to implement these as macros in userland, but I don't see why they're not implemented in core.

[taylorotwell]

Curious about the use case on this. Signed URLs are usually used to confirm that your backend actually generated the URL. However, in this case, you are doing the redirecting so you ALREADY know that you generated the URL.

[ryangjchandler]

Curious about the use case on this. Signed URLs are usually used to confirm that your backend actually generated the URL. However, in this case, you are doing the redirecting so you ALREADY know that you generated the URL.

Yeah, understandably. I work for an insurance company where we have a public quote process.

When you start a quote you get taken to 'foo.com/quote/product/{order}' without any need for authentication. You can freely visit this page during the hour that the signed URL is valid. We're using the temporary signed URLs for these routes to ensure that customers can't enter or change the policy number and view another "in progress" quote for example.

When the user visits the next page, we redirect to the next page but still need that signature in place.

The original developer had used md5 hashes with a custom middleware for this, which had the same effect (with less security) as signed routes. Happy to provide more information.

[ryangjchandler]

Thanks 🙏🏼