public final function sign(SetCookie $setCookie, Key $key) : SetCookie { $value = $setCookie->getValue(); $hmac = hash_hmac($this->getAlgorithm(), $value, $key->toString()); $value = $hmac . $value; return new SetCookie($setCookie->getName(), $value, $setCookie->expiresAt(), $setCookie->getPath(), $setCookie->getDomain(), $setCookie->isSecure(), $setCookie->isHttpOnly()); }
use HansOtt\PSR7Cookies\RequestCookies; use HansOtt\PSR7Cookies\Signer\Hmac\Sha256; require_once __DIR__ . '/../vendor/autoload.php'; date_default_timezone_set('UTC'); $serverRequest = ServerRequest::fromGlobals(); $requestCookies = RequestCookies::createFromRequest($serverRequest); $signer = new Sha256(); $key = new Key('LAp27106kAgG14u74t5kb^AYrW4^5ih$'); $counter = 0; if ($requestCookies->has('counter')) { $counterCookie = $requestCookies->get('counter'); try { $counterCookie = $signer->verify($counterCookie, $key); $counter = (int) $counterCookie->getValue(); } catch (\HansOtt\PSR7Cookies\Signer\Mismatch $e) { } $counter++; } $setCounterCookie = SetCookie::thatStaysForever('counter', $counter); $setCounterCookie = $signer->sign($setCounterCookie, $key); $response = new Response(); $body = \GuzzleHttp\Psr7\stream_for(sprintf('Counter: %d', $counter)); $response = $response->withBody($body); $response = $setCounterCookie->addToResponse($response); header(sprintf('HTTP/%s %s %s', $response->getProtocolVersion(), $response->getStatusCode(), $response->getReasonPhrase())); foreach ($response->getHeaders() as $name => $values) { foreach ($values as $value) { header(sprintf('%s: %s', $name, $value), false); } } echo $response->getBody();