A simple and flexible PHP middleware dispatcher based on PSR-7, PSR-11, and PSR-15
Clone or download
Latest commit 1e119c1 Jan 19, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
build Examples can now be tried out with Docker Compose Jan 8, 2019
examples This workaround is not necessary anymore with the latest version of D… Jan 8, 2019
src Fix issues found by PHPStan Jan 10, 2019
tests Fix issues found by PHPStan Jan 10, 2019
.coveralls.yml Added PSR-7 compliance Jun 12, 2015
.editorconfig Updated editorconfig file Jan 14, 2017
.env.dist Examples can now be tried out with Docker Compose Jan 8, 2019
.gitattributes Update .gitattributes Jan 12, 2019
.gitignore Examples can now be tried out with Docker Compose Jan 8, 2019
.prettyci.composer.json Add composer.json for Pretty CI Dec 21, 2018
.scrutinizer.yml Enabled new Scrutinizer analyzer Sep 12, 2017
.travis.yml Run Travis tests on PHP 7.3 Oct 14, 2018
CHANGELOG.md Remove duplicated line Jan 11, 2019
CODE_OF_CONDUCT.md Update email address Jan 11, 2019
CONTRIBUTING.md Removed unnecessary part from contributing file Jan 14, 2017
LICENSE Update license year Jan 2, 2019
Makefile Add release script Jan 11, 2019
README.md Update README.md Jan 8, 2019
SUPPORT.md Added SUPPORT file Aug 22, 2017
composer.json Update to PHPStan 0.11 Jan 19, 2019
docker-compose.examples.yml Examples can now be tried out with Docker Compose Jan 8, 2019
docker-compose.yml Improve local development Nov 26, 2018
phpcs.xml Examples can now be tried out with Docker Compose Jan 8, 2019
phpstan.neon Update to PHPStan 0.11 Jan 19, 2019
phpunit.xml.dist Test coverage is calculated by XDebug Sep 12, 2015

README.md

Woohoo Labs. Harmony

Latest Version on Packagist Software License Build Status Coverage Status Quality Score Total Downloads Gitter

Woohoo Labs. Harmony is a PSR-15 compatible middleware dispatcher.

Harmony was born to be a totally flexible and almost invisible framework for your application. That's why Harmony supports the PSR-7, PSR-11, as well as the PSR-15 standards.

Table of Contents

Introduction

Rationale

This blog post explains the idea best why Harmony was started back in 2014: http://www.catonmat.net/blog/frameworks-dont-make-sense/

Features

  • High performance due to Harmony's simplicity
  • High flexibility thanks to the vast middleware ecosystem of PSR-15
  • Full control over HTTP messages via PSR-7
  • Support for many DI Containers via PSR-11 (formerly known as Container-Interop)

Why Harmony?

There are a lot of very similar middleware dispatcher libraries out there, like Zend-Stratigility, Slim Framework 3 or Relay. You might ask yourself, what is the purpose of yet another library with the same functionality?

We believe Harmony offers two key features which justify its existence:

  • It is the most simple library of all. Although simplicity is subjective, one thing is certain: Harmony offers the bare minimum functionality of what a library like this would need. That's why Harmony itself fits into a single class of ~140 lines.

  • As of version 3, Harmony natively supports the concept of Conditions which is a rare feature for middleware dispatchers. This eases dealing with a major weakness of the middleware-oriented approach, namely, the ability to invoke middleware conditionally.

Use cases

Certainly, Harmony won't suit the needs of all projects and teams: this framework works best for an experienced team with a longer term project. Less experienced teams - especially if they have short deadlines - should probably choose a framework with more features - working out-of-the box - in order to speed up development in its initial phase. Harmony's flexibility is the most advantageous when your software should be supported for a longer time.

Concepts

Woohoo Labs. Harmony is built upon two main concepts: middleware, which promote separation of concerns, and common interfaces, making it possible to rely on loosely coupled components.

By using middleware, you can easily take hands on the course of action of the request-response lifecycle: you can authenticate before routing, do some logging after the response has been sent, or you can even dispatch multiple routes in one request. This all can be achieved because everything in Harmony is a middleware, so the framework itself only consists of cc. 140 lines of code. This is why there is no framework-wide configuration, only middleware can be configured. What you do with Harmony depends only on your imagination and needs.

But middleware must work in cooperation (the router and the dispatcher are particularly tightly coupled to each other). That's why it is also important to provide common interfaces for the distinct components of the framework.

Naturally, we decided to use PSR-7 for modelling the HTTP request and response. In order to facilitate the usage of different DI Containers, we adapted PSR-11 (former Container-Interop) which is supported by various containers out of the box.

Middleware interface design

Woohoo Labs. Harmony's middleware interface design is based on the the PSR-15 de-facto standard.

If you want to learn about the specifics of this style, please refer to the following articles which describe the very concept:

Install

The only thing you need before getting started is Composer.

Install a PSR-7 implementation:

Because Harmony requires a PSR-7 implementation (a package which provides the psr/http-message-implementation virtual package), you must install one first. You may use Zend Diactoros or any other library of your preference:

$ composer require zendframework/zend-diactoros:^2.0.0

Install Harmony:

To install the latest version of this library, run the command below:

$ composer require woohoolabs/harmony

Note: The tests and examples won't be downloaded by default. You have to use composer require woohoolabs/harmony --prefer-source or clone the repository if you need them.

Harmony 6 requires PHP 7.1 at least, but you may use Harmony 4.0.0 for PHP 7.0.

Install the optional dependencies:

If you want to use the default middleware stack then you have to require the following dependency too:

$ composer require nikic/fast-route:^1.0.0 # FastRouteMiddleware needs it
$ composer require zendframework/zend-httphandlerrunner:^1.0.0 # HttpHandlerRunnerMiddleware needs it

Basic Usage

Define your endpoints:

The following example applies only if you use the default dispatcher middleware. There are two important things to note here: first, each dispatchable endpoint receives a Psr\Http\Message\ServerRequestInterface and a Psr\Http\Message\ResponseInterface object as parameter and the latter is expected to be manipulated and returned. Secondly, you can not only use class methods as endpoints, it is possible to define other callables too (see below in the routing section).

namespace App\Controllers;

use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Message\ResponseInterface;

class UserController
{
    public function getUsers(ServerRequestInterface $request, ResponseInterface $response): ResponseInterface
    {
        $users = ["Steve", "Arnie", "Jason", "Bud"];
        $response->getBody()->write(json_encode($users));
        
        return $response;
    }

    public function updateUser(ServerRequestInterface $request, ResponseInterface $response): ResponseInterface
    {
        $userId = $request->getAttribute("id");
        $userData = $request->getParsedBody();

        // Updating user...
        
        return $response;
    }
}

Define your routes:

The following example applies only if you use the default router middleware which is based on FastRoute, the library of Nikita Popov. We chose to use it by default because of its performance and simplicity. You can read more about it in Nikita's blog.

Let's add the routes for the aforementioned endpoints to FastRoute:

use App\Controllers\UserController;

$router = FastRoute\simpleDispatcher(function(FastRoute\RouteCollector $r) {
    // An anonymous function endpoint
    $r->addRoute("GET", "/me", function (ServerRequestInterface $request, ResponseInterface $response) {
            // ...
    });

    // Class method endpoints
    $r->addRoute("GET", "/users", [UserController::class, "getUsers"]);
    $r->addRoute("POST", "/users/{id}", [UserController::class, "updateUser"]);
});

Finally, launch the app:

use WoohooLabs\Harmony\Harmony;
use WoohooLabs\Harmony\Middleware\FastRouteMiddleware;
use WoohooLabs\Harmony\Middleware\DispatcherMiddleware;
use WoohooLabs\Harmony\Middleware\HttpHandlerRunnerMiddleware;
use Zend\Diactoros\ServerRequestFactory;
use Zend\Diactoros\Response;
use Zend\HttpHandlerRunner\Emitter\SapiEmitter;

$harmony = new Harmony(ServerRequestFactory::fromGlobals(), new Response());
$harmony
    ->addMiddleware(new HttpHandlerRunnerMiddleware(new SapiEmitter()))
    ->addMiddleware(new FastRouteMiddleware($router))
    ->addMiddleware(new DispatcherMiddleware());

$harmony();

You have to register all the prior middleware in order for the framework to function properly:

  • HttpHandlerRunnerMiddleware sends the response to the ether via zend-httphandlerrunner
  • FastRouteMiddleware takes care of routing ($router was configured in the previous step)
  • DispatcherMiddleware dispatches a controller which belongs to the request's current route

Note that there is a second optional argument of Harmony::addMiddleware() with which you can define the ID of a middleware (doing so is necessary if you want to call Harmony::getMiddleware() somewhere in your code).

Of course, it is completely up to you how you add additional middleware or how you replace them with your own implementations. When you'd like to go live, call $harmony()!

Advanced Usage

Using invokable class controllers

Most of the time, you will define your endpoints (~controller actions) as regular callables as was shown in the section about the default router:

$r->addRoute("GET", "/users/me", [\App\Controllers\UserController::class, "getMe"]);

But nowadays, there is an increasing popularity of controllers containing only one action. To do so, it is a general practice to implement the __invoke() magic method. In former versions of Harmony, if you wanted to apply this pattern, you had to define the example route above the following way (at least if you used the default router and dispatcher):

$r->addRoute("GET", "/users/me", [\App\Controllers\GetMe::class, "__invoke"]);

As of Harmony 2.1.0, your route definition can be simplified to:

$r->addRoute("GET", "/users/me", \App\Controllers\GetMe::class);

Note: If you use a different router or dispatcher than the default ones, please make sure if the feature is available for you.

If you are interested in how you could benefit from invokable controllers in the context of the Action-Domain-Responder pattern, you can find an insightful description in Paul M. Jones' blog post.

Using your favourite DI Container with Harmony

The motivation of creating Woohoo Labs. Harmony was to become able to change every single aspect of the framework. That's why you can use any DI Container you want.

For this purpose, we chose to build upon PSR-11 - the most widespread common interface for DI Containers - in the built-in DispatcherMiddleware.

It's also important to know that the DispatcherMiddleware uses the BasicContainer by default. It's nothing more than a very silly DIC which tries to create objects based on their class name (so calling $basicContainer->get(Foo::class) would create a new Foo instance).

But if you provide an argument to the middleware's constructor, you can use your favourite PSR-11 compliant DI Container too. Let's have a look at an example where one would like to swap BasicContainer with Zen:

$container = new MyContainer();
$harmony->addMiddleware(new DispatcherMiddleware($container));

Creating custom middleware

New middleware also has to implement the PSR-15 MiddlewareInterface. Let's see an example:

use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Server\MiddlewareInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Psr\Log\LoggerInterface;

class LoggerMiddleware implements MiddlewareInterface
{
    /**
     * @var LoggerInterface
     */
    private $logger;
    
    public function __construct(LoggerInterface $logger)
    {
        $this->logger = $logger;
    }

    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
    {
        // Perform logging before handling the request
        $logger->info("Request needs to be handled");
        
        // Invoking the remaining middleware
        $response = $handler->handle($request);
        
        // Perform logging after the request has been handled
        $logger->info("Request was successfuly handled");
    
        // Return the response
        return $response;
    }
}

And when you are ready, attach it to Harmony:

$harmony->addMiddleware(new LoggerMiddleware(new Logger()));

What to do if you do not want to invoke the remaining middleware (possibly because of an error)? Then you can simply manipulate and return a response whose "prototype" was passed to the middleware in its constructor. You can see this in action in the following example:

use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Server\MiddlewareInterface;
use Psr\Http\Server\RequestHandlerInterface;

class AuthenticationMiddleware implements MiddlewareInterface
{
    /**
     * @var string
     */
    protected $apiKey;
    
    /**
     * @var ResponseInterface
     */
    protected $errorResponsePrototype;

    public function __construct(string $apiKey, ResponseInterface $errorResponsePrototype)
    {
        $this->apiKey = $apiKey;
        $this->errorResponsePrototype = $errorResponsePrototype;
    }

    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
    {
        // Return Error 401 "Unauthorized" if the provided API key doesn't match the expected one
        if ($request->getHeader("x-api-key") !== [$this->apiKey]) {
            return $this->errorResponsePrototype->withStatusCode(401);
        }
        
        // Invoke the remaining middleware if authentication was successful
        return $handler->handle($request);
    }
}

Then

$harmony->addMiddleware(new AuthenticationMiddleware("123"), new Response());

Defining conditions

Non-trivial applications often need some kind of branching during the execution of their middleware pipeline. A possible use-case is when they want to perform authentication only for some of their endpoints or when they want to check for a CSRF token if the request method is POST. With Harmony 2 branching was also easy to handle, but Harmony 3+ helps you to optimize the performance of conditional logic in your middleware.

Let's revisit our authentication middleware example from the last section! This time, we only want to authenticate endpoints below the /users path. In Harmony 2, we had to achieve it with something like this:

use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Server\MiddlewareInterface;
use Psr\Http\Server\RequestHandlerInterface;

class AuthenticationMiddleware implements MiddlewareInterface
{
    /**
     * @var string
     */
    protected $securedPath;

    /**
     * @var MyAuthenticatorInterface
     */
    protected $authenticator;
    
    /**
     * @var ResponseInterface
     */
    protected $errorResponsePrototype;

    public function __construct(string $securedPath, MyAuthenticatorInterface $authenticator, ResponseInterface $errorResponsePrototype)
    {
        $this->securedPath = $securedPath;
        $this->authenticator = $authenticator;
        $this->errorResponsePrototype = $errorResponsePrototype;
    }

    public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next): ResponseInterface
    {
        // Invoke the remaining middleware and cancel authentication if the current URL is for a public endpoint
        if (substr($request->getUri()->getPath(), 0, strlen($this->securedPath)) !== $this->securedPath) {
            return $handler->handle($request);
        }
    
        // Return Error 401 "Unauthorized" if authentication fails
        if ($this->authenticator->authenticate($request) === false) {
            return $this->errorResponsePrototype->withStatusCode(401);
        }
        
        // Invoke the remaining middleware otherwise
        return $handler->handle($request);
    }
}

And finally attach the middleware to Harmony:

$harmony->addMiddleware(new AuthenticationMiddleware("/users", new ApiKeyAuthenticator("123"), new Response()));

You had to check the current URI inside the middleware and the problem was solved. The downside of doing this is that AuthenticationMiddleware and all its dependencies are instantiated for each request even though authentication is not needed at all! This can be a major inconvenience if you depend on a big object graph.

In Harmony 3+, however, you are able to use conditions in order to optimize the number of invoked middleware. In this case you can utilize the built-in PathPrefixCondition. You only have to attach it to Harmony:

$harmony->addCondition(
    new PathPrefixCondition(["/users"]),
    function (Harmony $harmony) {
        $harmony->addMiddleware(new AuthenticationMiddleware(new ApiKeyAuthenticator("123")));
    }
);

This way, AuthenticationMiddleware will only be instantiated when PathPrefixCondition evaluates to true (when the current URI path starts with /users). Furthermore, you are able to attach more middleware to Harmony in the anonymous function. They will be executed together, as if they were part of a containing middleware.

Here is the complete list of the built-in conditions:

  • ExactPathCondition: Evaluates to true if the current URI path exactly matches any of the allowed paths.

  • PathPrefixCondition: Evaluates to true if the current URI path starts with any of the allowed path prefixes.

  • HttpMethodCondition: Evaluates to true if the current HTTP method matches any of the allowed HTTP methods.

Examples

If you want to see a really basic application structure in action, have a look at the examples. If docker-compose and make is available on your system, then run the following commands in order to try out the example app:

cp .env.dist .env      # You can now edit the settings in the .env file
make composer-install  # Install the Composer dependencies
make up                # Start the webserver

If you don't have make, you can copy the underlying commands, and directly use them in your terminal.

Finally, the example app is available at localhost:8080.

If you modified the .env file, you should change the port to the value of the HOST_WEB_PORT variable.

Example URIs:

  • GET /books/1
  • GET /users/1
  • GET /me

When you finished your work, simply stop the webserver:

make down

If the prerequisites are not available for you, you have to set up a webserver on your host, install PHP, as well as the dependencies via Composer.

Versioning

This library follows SemVer v2.0.0.

Change Log

Please see CHANGELOG for more information on what has changed recently.

Testing

Harmony has a PHPUnit test suite. To run the tests, run the following command from the project folder:

$ phpunit

Additionally, you may run docker-compose up or make test to execute the tests.

Contributing

Please see CONTRIBUTING for details.

Support

Please see SUPPORT for details.

Credits

License

The MIT License (MIT). Please see the License File for more information.