{
    $str = strtr(base64_encode($input), '+/=', '-_.');
    $str = str_replace('.', '', $str);
    // remove padding
    return $str;
}
function generate_signed_request($data, $secret)
{
    // always present, and always at the top level
    $data['algorithm'] = 'HMAC-SHA256';
    $data['issued_at'] = time();
    if ($_SERVER['BAD_ALGO']) {
        $data['algorithm'] = 'junky_junk';
    }
    if ($_SERVER['BAD_TIME']) {
        $data['issued_at'] = -10000;
    }
    if ($_SERVER['OLD_TIME']) {
        $data['issued_at'] = time() - 3601;
    }
    // sign it
    $payload = base64_url_encode(json_encode($data));
    $sig = base64_url_encode(hash_hmac('sha256', $payload, $secret, $raw = true));
    if ($_SERVER['BAD_SIG']) {
        $sig = 'junky_junk';
    }
    return $sig . '.' . $payload;
}
$secret = '13750c9911fec5865d01f3bd00bdf4db';
echo generate_signed_request(array('the' => array('answer' => "the answer is forty two")), $secret);
#!/usr/bin/env php
<?php 
function base64_url_encode($input)
{
    $str = strtr(base64_encode($input), '+/=', '-_.');
    $str = str_replace('.', '', $str);
    // remove padding
    return $str;
}
function generate_signed_request($data, $secret, $encrypt = false)
{
    // wrap data inside payload if we are encrypting
    if ($encrypt) {
        $cipher = MCRYPT_RIJNDAEL_128;
        $mode = MCRYPT_MODE_CBC;
        $iv = mcrypt_create_iv(mcrypt_get_iv_size($cipher, $mode), MCRYPT_DEV_URANDOM);
        $data = array('payload' => base64_url_encode(mcrypt_encrypt($cipher, $secret, json_encode($data), $mode, $iv)), 'iv' => base64_url_encode($iv));
    }
    // always present, and always at the top level
    $data['algorithm'] = $encrypt ? 'AES-256-CBC HMAC-SHA256' : 'HMAC-SHA256';
    $data['issued_at'] = time();
    // sign it
    $payload = base64_url_encode(json_encode($data));
    $sig = base64_url_encode(hash_hmac('sha256', $payload, $secret, $raw = true));
    return $sig . '.' . $payload;
}
$secret = '13750c9911fec5865d01f3bd00bdf4db';
echo generate_signed_request(array('the' => array('answer' => "the answer is forty two")), $secret, $_SERVER['DO_ENCRYPT'] == '1');