2017 © Pedro Peláez
 

library hawk

Hawk authentication

image

alexbilbie/hawk

Hawk authentication

  • Saturday, March 2, 2013
  • by alexbilbie
  • Repository
  • 0 Watchers
  • 0 Stars
  • 217 Installations
  • 0 Dependents
  • 0 Suggesters
  • 0 Forks
  • 0 Open issues
  • 2 Versions
  • 2 % Grown

The README.md

PHP Hawk Authentication

This is an implementation of the Hawk HTTP authentication scheme., (*1)

Install

Composer

Include alexbilbie/hawk in your composer.json:, (*2)

{
    "require": {
        "alexbilbie/hawk": "*"
    }
}

Then run composer update., (*3)

Git

Run git clone git://github.com/alexbilbie/PHP-Hawk.git /path/to/php-hawk, (*4)

Client Usage

Assume you're hitting up the following endpoint:, (*5)

https://api.example.com/user/123?foo=bar, (*6)

And the API server has given you the following credentials:, (*7)

  • Key - ghU3QVGgXM
  • Secret - 5jNP12yT17Hx5Md3DCZ5pGI5sui82efX

To generate the header run the following:, (*8)

$key = 'ghU3QVGgXM';
$secret = '5jNP12yT17Hx5Md3DCZ5pGI5sui82efX';
$hawk = Hawk::generateHeader($key, $secret, 'GET', 'https://api.example.com/user/123?foo=bar');

You can also pass in additional application specific data with an ext key in the array., (*9)

Once you've got the Hawk string include it in your HTTP request as an Authorization header., (*10)

Server Usage

On your API endpoint if the incoming request is missing an authorization header then return the following two headers:, (*11)

HTTP/1.1 401 Unauthorized WWW-Authenticate: Hawk, (*12)

If the request does contain a Hawk authorization header then process it like so:, (*13)

$hawk = ''; // the authorisation header

// First parse the header to get the parts from the string
$hawk_parts = Hawk::parseHeader($hawk);

// Then with your own function, get the secret for the key from the database
$secret = getSecret($hawk_parts['id']);

// Now validate the request
$valid = Hawk::verifyHeader($hawk, array(
        'host'  =>  'api.example.com',
        'port'  =>  443,
        'path'  =>  '/user/123',
        'method'    =>  'GET'
    ), $secret); // return true if the request is valid, otherwise false

The Versions

02/03 2013

dev-master

9999999-dev https://github.com/alexbilbie/PHP-Hawk.git

Hawk authentication

  Sources   Download

MIT

The Requires

  • php >=5.3.0

 

The Development Requires

authentication generate parse header hawk

02/12 2012

1.1

1.1.0.0 https://github.com/alexbilbie/Hawk

Hawk authentication

  Sources   Download

MIT

The Requires

  • php >=5.3.0

 

The Development Requires

authentication generate parse header hawk