Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/edgio/php-ectoken

PHP implementation of ectoken
https://github.com/edgio/php-ectoken

Last synced: 3 months ago
JSON representation

PHP implementation of ectoken

Awesome Lists containing this project

README 

          
# Native PHP ECToken Generator



This is a native PHP implementation of the Edgio Token Generator that does

not require a PHP extension to operate, making it suitable for environments in

which PHP extensions are not available.



Additional ECToken parameter management has been included in order to assist

users of this library to construct parameter strings for encrypting.



## Requirements



Efforts have been made to ensure that this code will operate properly on PHP 

5.6+ or PHP 7+, with or without mbstring or openssl support.



- Composer () is required for dependency management



## Installation



Clone or download this repository and run `composer install` from the direcory

containing `composer.json`



_Note:_ `composer install` should be performed in an environment closely

resembling the production environment because dependant library versions will be 

chosen based on the PHP version encountered during install.



## Usage



```

require_once('path/to/autoload.php');



$key = "12345678";



// Configure the token

$token = new ECToken3\ECToken();

$token

  ->addValue('ec_clientip', '111.11.111.11')

  ->addValue('ec_expire', 1185943200)

  ->addValue('ec_country_allow', 'US')

  ->addValue('ec_country_allow', 'CA')

  ->addValue('ec_ref_allow', 'ec1.com');



// Set up the encryption

$encryptor = new ECToken\Crypto($key);



// Generate and encrypt the token

$ectoken = $encryptor->encrypt($token->encode());



echo $ectoken;

```



The library contains a mechanism to configure tokens using the simple ECToken

class. Paremeter names and values are validated for proper content based on the

_VDMS Token-Based Authentication Administration Guide_. Parameter definitions are

aware of whether each parameter can accommodate multiple values.



A parser is provided for consuming decrypted ectokens back into this data

structure.  For example:



```

require_once('path/to/autoload.php);



$key = '12345678';

$ectoken = '3JfiJSVMLupuU6JIk88cjm9kmr8A0ERvcB8WH_8n-9pJKPsBf1l7QNnRQQ6H4M4gysS3J3SRJtAqUQhHmt6HWnaAV-UejGp38iQxd3uZgYnYLWiompbbQTFc5fwu9-x-mtwnsQ5bz2W-ma1LPlj9ZPdXGxN9Pg';



$encryptor = ECToken3\Crypto($key);



$token = new ECToken3\ECToken();



$token->decode($encryptor->decrypt($ectoken));



foreach ($token->getParameters() as $name => $parameter) {

  print("$name: " . implode(', ', $parameter->getValues()) . "\n");

}



```



Output:

```

ec_clientip: 111.11.111.11

ec_expire: 1185943200

ec_country_allow: US, CA

ec_ref_allow: ec1.com

```



## Migrating from php-ectoken



Existing code bases should be simple to migrate from php extension versions of

php-ectoken.



1. Remove any checks for the `ectoken` PHP extension (e.g. `extension_loaded('ectoken')`)

2. Refactor calls to `ectoken_encrypt_token` or `ectoken_decrypt_token` as above or include the following shim:



```

require_once('path/to/autoload.php');



function ectoken_encrypt_token($key, $input) {

  $encryptor = new ECToken\Crypto($key);

  return $encryptor->encrypt($input);

}



function ectoken_decrypt_token($key, $input) {

  $encryptor = new ECToken\Crypto($key);

  return $encryptor->decrypt($input);

}

```



## Libraries used directly by php-native-ectoken



These libraries are used directly:



- php-aes-gcm: AES GCM (Galois Counter Mode) PHP Implementation 

- random_compat: PHP 5.x polyfill for `random_bytes()` and `random_int()` 

- constant_time_encoding: Constant-Time Character Encoding in PHP Projects 

- polyfill-mbstring: Symfony Polyfill / Mbstring 

- Respect\Validation: Validation library