{
$str = strtr(base64_encode($input), '+/=', '-_.');
$str = str_replace('.', '', $str);
// remove padding
return $str;
}
function generate_signed_request($data, $secret)
{
// always present, and always at the top level
$data['algorithm'] = 'HMAC-SHA256';
$data['issued_at'] = time();
if ($_SERVER['BAD_ALGO']) {
$data['algorithm'] = 'junky_junk';
}
if ($_SERVER['BAD_TIME']) {
$data['issued_at'] = -10000;
}
if ($_SERVER['OLD_TIME']) {
$data['issued_at'] = time() - 3601;
}
// sign it
$payload = base64_url_encode(json_encode($data));
$sig = base64_url_encode(hash_hmac('sha256', $payload, $secret, $raw = true));
if ($_SERVER['BAD_SIG']) {
$sig = 'junky_junk';
}
return $sig . '.' . $payload;
}
$secret = '13750c9911fec5865d01f3bd00bdf4db';
echo generate_signed_request(array('the' => array('answer' => "the answer is forty two")), $secret);
#!/usr/bin/env php
<?php
function base64_url_encode($input)
{
$str = strtr(base64_encode($input), '+/=', '-_.');
$str = str_replace('.', '', $str);
// remove padding
return $str;
}
function generate_signed_request($data, $secret, $encrypt = false)
{
// wrap data inside payload if we are encrypting
if ($encrypt) {
$cipher = MCRYPT_RIJNDAEL_128;
$mode = MCRYPT_MODE_CBC;
$iv = mcrypt_create_iv(mcrypt_get_iv_size($cipher, $mode), MCRYPT_DEV_URANDOM);
$data = array('payload' => base64_url_encode(mcrypt_encrypt($cipher, $secret, json_encode($data), $mode, $iv)), 'iv' => base64_url_encode($iv));
}
// always present, and always at the top level
$data['algorithm'] = $encrypt ? 'AES-256-CBC HMAC-SHA256' : 'HMAC-SHA256';
$data['issued_at'] = time();
// sign it
$payload = base64_url_encode(json_encode($data));
$sig = base64_url_encode(hash_hmac('sha256', $payload, $secret, $raw = true));
return $sig . '.' . $payload;
}
$secret = '13750c9911fec5865d01f3bd00bdf4db';
echo generate_signed_request(array('the' => array('answer' => "the answer is forty two")), $secret, $_SERVER['DO_ENCRYPT'] == '1');
