arraypress/hmac-signer
Composer 安装命令:
composer require arraypress/hmac-signer
包简介
Enables secure and verified access to resources by generating HMAC signed URLs, ideal for environments like CloudFlare R2 buckets.
README 文档
README
The HMACSigner library simplifies the generation of HMAC signed URLs to secure access to resources stored in CloudFlare R2 buckets and other public storages. It is designed to integrate easily into PHP projects, enhancing security with timestamped and verifiable access links.
Minimum Requirements
- PHP: 7.4 or higher
Installation
HMAC Signer can be integrated directly into your PHP or WordPress projects. Here's how to get started:
Via Composer
composer require arraypress/hmac-signer
// Require the Composer autoloader to enable class autoloading. require_once __DIR__ . '/vendor/autoload.php'; use function ArrayPress\Utils\HMACSigner\get_attachment_signed; use function ArrayPress\Utils\HMACSigner\get_signed_resource;
Usage Examples
Generating a Signed URL for a WordPress Attachment
$signedUrl = get_attachment_signed( 123, 'https://previews.example.com', 'your-secret-key', 'audio-previews' ); echo "Signed URL: " . $signedUrl;
Generating a Signed URL for a General Resource
$signedUrl = get_signed_resource( 'my-song.mp3', 'https://previews.example.com', 'your-secret-key', 'audio-previews' ); echo "Signed URL: " . $signedUrl;
CloudFlare WAF Configuration
To ensure the security of your resources with CloudFlare, configure a WAF rule to validate the HMAC signatures of your URLs:
Step 1: Access CloudFlare Dashboard
Log in to your CloudFlare account and select the domain for which you want to configure the WAF rule.
Step 2: Navigate to the Firewall Section
Go to the Firewall tab, then select Managed Rules.
Step 3: Create a Custom Firewall Rule
Click on Create a Firewall rule and define the rule conditions and actions.
Step 4: Define the Rule Expression
(http.host eq "previews.example.com" and not is_timed_hmac_valid_v0("your-secret-key", http.request.uri, 600, http.request.timestamp.sec, 8))
Replace "your-secret-key" with the secret key you use to generate your HMAC signatures.
Step 5: Set the Action
Choose Block to prevent unauthorized access.
Step 6: Save and Deploy the Rule
Name your rule appropriately and click Deploy.
Testing Your Configuration
Ensure your rule is effective by accessing a resource with both a valid and an invalid HMAC signature.
Contributions
Contributions to this library are highly appreciated. Raise issues on GitHub or submit pull requests for bug fixes or new features. Share feedback and suggestions for improvements.
License: GPLv2 or later
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
arraypress/hmac-signer 适用场景与选型建议
arraypress/hmac-signer 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 0 次下载、GitHub Stars 达 2, 最近一次更新时间为 2024 年 05 月 12 日, 在 PHP 生态内属于活跃度较高的组件。
我们在过去多个企业项目中使用过 arraypress/hmac-signer 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 arraypress/hmac-signer 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
统计信息
- 总下载量: 0
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 2
- 点击次数: 21
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: GPL-2.0-or-later
- 更新时间: 2024-05-12