/** @test */
public function should_accept_custom_prefix()
{
$auth = $this->request->sign($this->token, 'x-');
$this->assertEquals('5.1.2', $auth['x-version']);
$this->assertEquals('abc123', $auth['x-key']);
$this->assertEquals('1412506800', $auth['x-timestamp']);
$this->assertRegExp('/[a-z0-9]{64}/', $auth['x-signature']);
}
/** @test */
public function should_return_true_on_successful_attempt_with_custom_prefix()
{
$params = ['name' => 'Philip Brown'];
$token = new Token('abc123', 'qwerty');
$request = new Request('POST', 'users', $params);
$signed = $request->sign($token, 'x-');
$params = array_merge($params, $signed);
$token = new Token('abc123', 'qwerty');
$auth = new Auth('POST', 'users', $params, [new CheckKey(), new CheckVersion(), new CheckTimestamp(), new CheckSignature()]);
$this->assertTrue($auth->attempt($token, 'x-'));
}
/**
* Sets up the Hmac authentication headers and dispatches the request
* @param string $endpoint The API endpoing we want
* @param array $payload Any data to send along
* @param string $method The HTTP method
* @return bool
*/
public function fetch($endpoint, array $payload = array(), $method = 'GET')
{
//so we don't want to use the query params for HMAC since we won't know what's
//being sent versus what's expected to be sent. So we remove them and prepare for
//query usage
$query = array();
if (strtolower($method) == 'get') {
$query = $payload;
$payload = array();
}
$token = new Token($this->getApiKey(), $this->getApiSecret());
$request = new Request($method, $endpoint, $payload);
$headers = $request->sign($token, 'm62_auth_');
if (strtolower($method) == 'get') {
$payload = array();
}
$endpoint = $this->getSiteUrl($endpoint, $query);
return $this->request($endpoint, $payload, $method, $headers);
}
