LTO Network
Search…
Latest version
Running a node
Libraries
HTTP Authentication
This library can be used in conjunction with the HTTP authentication library. The
keyId should be the base58 encoded public key.For
POST and PUT requests, it's recommended to create an HTTP Digest (RFC 3230). This is a hash of the body, which manages to indirectly include the body in the signature. See the HTTP Digest library.Creating the HTTP Authentication service
1
use Jasny\HttpSignature\HttpSignature;
2
​
3
$secretKey = 'wJ4WH8dD88fSkNdFQRjaAhjFUZzZhV5yiDLDwNUnp6bYwRXrvWV8MJhQ9HL9uqMDG1n7XpTGZx7PafqaayQV8Rp';
4
​
5
$factory = new LTO\AccountFactory('T'); // 'T' for testnet, 'L' for mainnet
6
$ourAccount = $factory->create($secretKey);
7
​
8
$service = new HttpSignature(
9
['ed25519', 'ed25519-sha256'],
10
new SignCallback($ourAccount),
11
new VerifyCallback($accountFactory)
12
);
Copied!
Server middleware
Create server middleware to verify incoming requests.
The
LTO\Account\ServerMiddleware can be used to set the account attribute for a server request that contains a signature_key_id attribute.1
use Jasny\HttpDigest\HttpDigest;
2
use Jasny\HttpDigest\ServerMiddleware as DigestMiddleware;
3
use Jasny\HttpDigest\Negitiation\DigestNegotiator;
4
use Jasny\HttpSignature\HttpSignature;
5
use Jasny\HttpSignature\ServerMiddleware as SignatureMiddleware;
6
use LTO\Account\ServerMiddleware as AccountMiddleware;
7
use Relay\RelayBuilder;
8
​
9
$factory = new LTO\AccountFactory('T'); // 'T' for testnet, 'L' for mainnet
10
$ourAccount = $factory->create($secretKey);
11
​
12
$digestService = HttpDigest(new DigestNegotiator(), ["SHA-256"]);
13
​
14
$signatureService = new HttpSignature(
15
['ed25519', 'ed25519-sha256'],
16
function() { throw new \LogicException('sign not supported'); },
17
new VerifyCallback($accountFactory)
18
);
19
​
20
$relayBuilder = new RelayBuilder($resolver);
21
$relay = $relayBuilder->newInstance([
22
(new DigestMiddleware($digestService))->asDoublePass(),
23
(new SignatureMiddleware($signatureService))->asDoublePass(),
24
(new AccountMiddleware($factory))->asDoublePass(),
25
]);
Copied!
The server middleware implements the PSR-15
MiddlewareInterface for single pass support and returns a callback for double pass with the asDoublePass() method.Client middleware
Create client middleware to sign outgoing requests.
1
use GuzzleHttp\HandlerStack;
2
use GuzzleHttp\Client;
3
use Jasny\HttpDigest\HttpDigest;
4
use Jasny\HttpDigest\ClientMiddleware as DigestMiddleware;
5
use Jasny\HttpDigest\Negitiation\DigestNegotiator;
6
use Jasny\HttpSignature\HttpSignature;
7
use Jasny\HttpSignature\ClientMiddleware as SignatureMiddleware;
8
​
9
$secretKey = 'wJ4WH8dD88fSkNdFQRjaAhjFUZzZhV5yiDLDwNUnp6bYwRXrvWV8MJhQ9HL9uqMDG1n7XpTGZx7PafqaayQV8Rp';
10
​
11
$factory = new LTO\AccountFactory('T'); // 'T' for testnet, 'L' for mainnet
12
$ourAccount = $factory->create($secretKey);
13
​
14
$digestService = HttpDigest(new DigestNegotiator(), ["SHA-256"]);
15
​
16
$signatureService = new HttpSignature(
17
['ed25519', 'ed25519-sha256'],
18
new SignCallback($ourAccount),
19
function() { throw new \LogicException('verify not supported'); }
20
);
21
​
22
$signatureMiddleware = new SignatureMiddleware(
23
$service->withAlgorithm('ed25519-sha256'),
24
$ourAccount->getPublicKey()
25
);
26
​
27
$stack = new HandlerStack();
28
$stack->push((new DigestMiddleware($digestService))->forGuzzle());
29
$stack->push($signatureMiddleware->forGuzzle());
30
​
31
$client = new Client(['handler' => $stack]);
Copied!
Last modified 1yr ago