datto/json-rpc-auth

Auth extension for JSON-RPC library

4.0.0 2015-12-15 20:03 UTC

This package is not auto-updated.

Last update: 2024-11-09 19:40:15 UTC


README

This is an authentication and authorization extension for the php-json-rpc library. It provides the ability to authorize JSON-RPC requests before they reach the endpoint.

Examples

First write an authentication Handler:

namespace Datto\JsonRpc\Auth;

use Datto\JsonRpc;

class BasicAuthHandler implements Handler
{
    public function canHandle($method, $arguments)
    {
        return isset($_SERVER['PHP_AUTH_USER']);
    }

    public function authenticate($method, $arguments)
    {
        // Don't do this in production. Using '===' is vulnerable to timing attacks!
        return $_SERVER['PHP_AUTH_USER'] === 'phil' && $_SERVER['PHP_AUTH_PW'] === 'superpass!';
    }
}

Once you have that, just use it like this. This example uses the Simple\Evaluator (see php-json-rpc-simple) as underlying mapping mechanism:

$authenticator = new Authenticator(array(
    new BasicAuthHandler(),
    // ...
));

$server = new Server(new Auth\Evaluator(new Simple\Evaluator(), $authenticator));
echo $server->reply('...');

Requirements

  • PHP >= 5.3

Installation

"require": {
  "datto/json-rpc-auth": "~4.0"
}

License

This package is released under an open-source license: LGPL-3.0.

Author

Written by Chad Kosie and Philipp C. Heckel.