From 53eaae33c50cbc95c1da5ab8d46582bf7c8bd7c3 Mon Sep 17 00:00:00 2001
From: "XANDAHQ\\Wai Yan Hein" <wai@xanda.net>
Date: Fri, 15 Jan 2021 15:13:38 +0000
Subject: [PATCH] First commit

---
 .gitignore              |   2 +
 .idea/modules.xml       |   8 ++++
 .idea/php.xml           |   9 ++++
 .idea/url-signer.iml    |  13 +++++
 .idea/workspace.xml     |  62 ++++++++++++++++++++++++
 composer.json           |  19 ++++++++
 readme.md               |  23 +++++++++
 src/URLSigner.php       | 102 +++++++++++++++++++++++++++++++++++++++
 tests/UrlSignerTest.php | 104 ++++++++++++++++++++++++++++++++++++++++
 9 files changed, 342 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 .idea/modules.xml
 create mode 100644 .idea/php.xml
 create mode 100644 .idea/url-signer.iml
 create mode 100644 .idea/workspace.xml
 create mode 100644 composer.json
 create mode 100644 readme.md
 create mode 100644 src/URLSigner.php
 create mode 100644 tests/UrlSignerTest.php

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..6456ac0
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+/vendor
+vendor
\ No newline at end of file
diff --git a/.idea/modules.xml b/.idea/modules.xml
new file mode 100644
index 0000000..df1c035
--- /dev/null
+++ b/.idea/modules.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectModuleManager">
+    <modules>
+      <module fileurl="file://$PROJECT_DIR$/.idea/url-signer.iml" filepath="$PROJECT_DIR$/.idea/url-signer.iml" />
+    </modules>
+  </component>
+</project>
\ No newline at end of file
diff --git a/.idea/php.xml b/.idea/php.xml
new file mode 100644
index 0000000..a445b75
--- /dev/null
+++ b/.idea/php.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="PhpIncludePathManager">
+    <include_path>
+      <path value="$PROJECT_DIR$/vendor/composer" />
+    </include_path>
+  </component>
+  <component name="PhpProjectSharedConfiguration" php_language_level="7.2" />
+</project>
\ No newline at end of file
diff --git a/.idea/url-signer.iml b/.idea/url-signer.iml
new file mode 100644
index 0000000..fce4448
--- /dev/null
+++ b/.idea/url-signer.iml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module type="WEB_MODULE" version="4">
+  <component name="NewModuleRootManager">
+    <content url="file://$MODULE_DIR$">
+      <sourceFolder url="file://$MODULE_DIR$/spec" isTestSource="true" />
+      <sourceFolder url="file://$MODULE_DIR$/src" isTestSource="false" packagePrefix="Waiyanhein\LumenSignedUrl\" />
+      <sourceFolder url="file://$MODULE_DIR$/tests" isTestSource="true" />
+      <excludeFolder url="file://$MODULE_DIR$/vendor/composer" />
+    </content>
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+  </component>
+</module>
\ No newline at end of file
diff --git a/.idea/workspace.xml b/.idea/workspace.xml
new file mode 100644
index 0000000..5bd4b9e
--- /dev/null
+++ b/.idea/workspace.xml
@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ChangeListManager">
+    <list default="true" id="64a4f0b1-61f0-498e-bb23-c8de208c7383" name="Default Changelist" comment="" />
+    <option name="SHOW_DIALOG" value="false" />
+    <option name="HIGHLIGHT_CONFLICTS" value="true" />
+    <option name="HIGHLIGHT_NON_ACTIVE_CHANGELIST" value="false" />
+    <option name="LAST_RESOLUTION" value="IGNORE" />
+  </component>
+  <component name="ComposerSettings" synchronizationState="SYNCHRONIZE">
+    <pharConfigPath>$PROJECT_DIR$/composer.json</pharConfigPath>
+    <execution />
+  </component>
+  <component name="GitToolBoxStore">
+    <option name="projectConfigVersion" value="2" />
+  </component>
+  <component name="PhpWorkspaceProjectConfiguration">
+    <include_path>
+      <path value="$PROJECT_DIR$/vendor/composer" />
+    </include_path>
+  </component>
+  <component name="ProjectId" id="1n6v9wa3fEc2O5xhKx4rKYPfa5A" />
+  <component name="ProjectViewState">
+    <option name="hideEmptyMiddlePackages" value="true" />
+    <option name="showLibraryContents" value="true" />
+  </component>
+  <component name="PropertiesComponent">
+    <property name="RunOnceActivity.OpenProjectViewOnStart" value="true" />
+    <property name="WebServerToolWindowFactoryState" value="false" />
+    <property name="last_opened_file_path" value="$PROJECT_DIR$" />
+    <property name="nodejs_package_manager_path" value="npm" />
+    <property name="settings.editor.selected.configurable" value="terminal" />
+  </component>
+  <component name="SpellCheckerSettings" RuntimeDictionaries="0" Folders="0" CustomDictionaries="0" DefaultDictionary="application-level" UseSingleDictionary="true" transferred="true" />
+  <component name="TaskManager">
+    <task active="true" id="Default" summary="Default task">
+      <changelist id="64a4f0b1-61f0-498e-bb23-c8de208c7383" name="Default Changelist" comment="" />
+      <created>1610723206984</created>
+      <option name="number" value="Default" />
+      <option name="presentableId" value="Default" />
+      <updated>1610723206984</updated>
+      <workItem from="1610723208056" duration="238000" />
+    </task>
+    <servers />
+  </component>
+  <component name="TerminalProjectNonSharedOptionsProvider">
+    <option name="shellPath" value="C:\Program Files\Git\bin\sh.exe" />
+  </component>
+  <component name="TypeScriptGeneratedFilesManager">
+    <option name="version" value="3" />
+  </component>
+  <component name="WindowStateProjectService">
+    <state x="740" y="261" key="FileChooserDialogImpl" timestamp="1610723518318">
+      <screen x="0" y="0" width="1920" height="1040" />
+    </state>
+    <state x="740" y="261" key="FileChooserDialogImpl/0.0.1920.1040@0.0.1920.1040" timestamp="1610723518318" />
+    <state x="491" y="165" key="SettingsEditor" timestamp="1610723522585">
+      <screen x="0" y="0" width="1920" height="1040" />
+    </state>
+    <state x="491" y="165" key="SettingsEditor/0.0.1920.1040@0.0.1920.1040" timestamp="1610723522585" />
+  </component>
+</project>
\ No newline at end of file
diff --git a/composer.json b/composer.json
new file mode 100644
index 0000000..f449d38
--- /dev/null
+++ b/composer.json
@@ -0,0 +1,19 @@
+{
+    "name": "waiyanhein/lumen-signed-url",
+    "description": "Package to generate temporary signd URL for Lumen framework",
+    "authors": [
+        {
+            "name": "Wai Yan Hein",
+            "email": "iljimae.ic@gmail.com"
+        }
+    ],
+    "require": {
+        "php": ">=7.2.0",
+        "laravel/lumen-framework": ">=5.5.x-dev"
+    },
+    "autoload": {
+        "psr-4": {
+            "Waiyanhein\\LumenSignedUrl\\": "src/"
+        }
+    }
+}
diff --git a/readme.md b/readme.md
new file mode 100644
index 0000000..cf92ea0
--- /dev/null
+++ b/readme.md
@@ -0,0 +1,23 @@
+### Package to generate signed url for Lumen framework
+
+This package use Laravel file storage system to save the signed URLs, https://laravel.com/docs/8.x/filesystem.
+
+##### Installation
+`composer require waiyanhein/lumen-signed-url`
+
+##### Generating temporary Signed URL
+```
+$signedUrl = URLSigner::sign("http://testing.com", Carbon::now()->addMinutes(10)->format('Y-m-d H:i:s'));
+```
+- Note: the date must be in `Y-m-d H:i:s` format.
+
+##### Signing URL with parameters
+If your URL has parameters you can pass them as the third parameter as array.
+```
+$signedUrl = URLSigner::sign("http://testing.com", Carbon::now()->addMinutes(10)->format('Y-m-d H:i:s'), [ 'first_name' = 'Wai', 'last_name' => 'Hein' ]);
+```
+
+##### Validating the Signed URL
+```
+$isValid = URLSigner::validate($signedUrl);
+```
diff --git a/src/URLSigner.php b/src/URLSigner.php
new file mode 100644
index 0000000..8a459f3
--- /dev/null
+++ b/src/URLSigner.php
@@ -0,0 +1,102 @@
+<?php
+
+namespace Waiyanhein\LumenSignedUrl;
+
+use Carbon\Carbon;
+use Illuminate\Support\Facades\Storage;
+
+class URLSigner
+{
+    static $FILENAME = 'generated-signed-urls.txt';
+    static $STORAGE_DISK = 'local';
+
+    //$expireAt should be string in Y-m-d H:i:s format
+    //$params is for passing the additional parameters
+    public static function sign($url, $expireAt, $params = [ ]): ?string
+    {
+        if (empty($url)) {
+            return null;
+        }
+
+        if (empty($expireAt)) {
+            return null;
+        }
+
+        $millsNow = (string)time();
+        $signature = sha1($url . $expireAt . $millsNow) . uniqid() . uniqid();
+        $encodedExpireAt = base64_encode($expireAt);
+        $signedUrl = "{$url}?signature={$signature}&expireAt={$encodedExpireAt}";
+        if (count($params) > 0) {
+            foreach ($params as $key => $value) {
+                $signedUrl = "{$signedUrl}&{$key}={$value}";
+            }
+        }
+        $signedUrlData = [
+            'expire_at' => $expireAt,
+            'signature' => $signature,
+            'url' => $url,
+            'signed_url' => $signedUrl,
+            'params' => $params,
+        ];
+
+        $existingFileContent = '';
+        if (Storage::exists(static::$FILENAME)) {
+            $existingFileContent = Storage::disk(static::$STORAGE_DISK)->get(static::$FILENAME);
+        }
+        $signedUrlDataList = [];
+        if ($existingFileContent) {
+            try {
+                $signedUrlDataList = json_decode($existingFileContent);
+            } catch (\Exception $e) {
+
+            }
+        }
+
+        $signedUrlDataList[] = $signedUrlData;
+        Storage::disk(static::$STORAGE_DISK)->put(static::$FILENAME, json_encode($signedUrlDataList));
+
+        return $signedUrl;
+    }
+
+    public static function validate($signedUrl)
+    {
+        if (empty($signedUrl)) {
+            return false;
+        }
+
+        $urlComponents = parse_url($signedUrl);
+        if (! isset($urlComponents['query'])) {
+            return false;
+        }
+
+        $params = [];
+        parse_str($urlComponents['query'], $params);
+
+        if (!(isset($params['expireAt']) && isset($params['signature']))) {
+            return false;
+        }
+
+        try {
+            $expireAt = base64_decode($params['expireAt']);
+            $signature = $params['signature'];
+            $fileContent = Storage::disk(static::$STORAGE_DISK)->get(static::$FILENAME);
+            $signedUrlDataList = json_decode($fileContent);
+            if (! $signedUrlDataList) {
+                return false;
+            }
+
+            $signedUrlDataList = collect($signedUrlDataList);
+            $signedUrl = $signedUrlDataList->where('signature', '=', $signature)->first();
+            if (! $signedUrl) {
+                return false;
+            }
+            if ($signedUrl->expire_at != $expireAt) {
+                return false;
+            }
+
+            return Carbon::createFromFormat('Y-m-d H:i:s', $expireAt)->gte(Carbon::now());
+        } catch (\Exception $exception) {
+            return false;
+        }
+    }
+}
diff --git a/tests/UrlSignerTest.php b/tests/UrlSignerTest.php
new file mode 100644
index 0000000..ccd78b8
--- /dev/null
+++ b/tests/UrlSignerTest.php
@@ -0,0 +1,104 @@
+<?php
+
+use Waiyanhein\LumenSignedUrl\URLSigner;
+use Carbon\Carbon;
+use Illuminate\Support\Facades\Storage;
+
+class UrlSignerTest extends TestCase
+{
+    protected function setUp(): void
+    {
+        parent::setUp();
+        if (Storage::exists(URLSigner::$FILENAME)) {
+            Storage::disk(URLSigner::$STORAGE_DISK)->delete(URLSigner::$FILENAME);
+        }
+    }
+
+    public function testItCanGenerateSignedUrl()
+    {
+        $url = 'http://testing.com';
+        $expireAt = Carbon::now()->addDays(5)->format('Y-m-d H:i:s');
+        $signedUrl = URLSigner::sign($url, $expireAt);
+
+        $this->assertNotEmpty($signedUrl);
+        //test the file content to ensure that the meta data is correct.
+        $fileContent = Storage::disk(URLSigner::$STORAGE_DISK)->get(URLSigner::$FILENAME);
+        $signedUrlList = json_decode($fileContent);
+        $this->assertEquals($expireAt, $signedUrlList[0]->expire_at);
+        $this->assertNotEmpty($signedUrlList[0]->signature);
+        $this->assertEquals($url, $signedUrlList[0]->url);
+        $encodedExpireAt = base64_encode($expireAt);
+        $this->assertEquals("{$url}?signature={$signedUrlList[0]->signature}&expireAt={$encodedExpireAt}", $signedUrlList[0]->signed_url);
+    }
+
+    public function testItCanGenerateSignedUrlWithParams()
+    {
+        $url = 'http://testing.com';
+        $expireAt = Carbon::now()->addDays(5)->format('Y-m-d H:i:s');
+        $params = [
+            'first_name' => 'Wai',
+            'last_name' => 'Hein',
+        ];
+        $signedUrl = URLSigner::sign($url, $expireAt, $params);
+
+        $this->assertNotEmpty($signedUrl);
+        //test the file content to ensure that the meta data is correct.
+        $fileContent = Storage::disk(URLSigner::$STORAGE_DISK)->get(URLSigner::$FILENAME);
+        $signedUrlList = json_decode($fileContent);
+        $encodedExpireAt = base64_encode($expireAt);
+        $this->assertEquals("{$url}?signature={$signedUrlList[0]->signature}&expireAt={$encodedExpireAt}&first_name=Wai&last_name=Hein", $signedUrlList[0]->signed_url);
+        $this->assertEquals('Wai', $signedUrlList[0]->params->first_name);
+        $this->assertEquals('Hein', $signedUrlList[0]->params->last_name);
+    }
+
+    public function testSignedUrlValidationPasses()
+    {
+        $url = 'http://testing.com';
+        $expireAt = Carbon::now()->addSeconds(10)->format('Y-m-d H:i:s');
+        $params = [
+            'first_name' => 'Wai',
+            'last_name' => 'Hein',
+        ];
+        $signedUrl = URLSigner::sign($url, $expireAt, $params);
+
+        $this->assertTrue(URLSigner::validate($signedUrl));
+    }
+
+    public function testSignedUrlValidationFails()
+    {
+        $url = 'http://testing.com';
+        $expireAt = Carbon::now()->subSeconds(5)->format('Y-m-d H:i:s');
+        $params = [
+            'first_name' => 'Wai',
+            'last_name' => 'Hein',
+        ];
+        $signedUrl = URLSigner::sign($url, $expireAt, $params);
+
+        $this->assertFalse(URLSigner::validate($signedUrl));
+    }
+
+    public function testItSavesMultipleSignedUrlsInStorage()
+    {
+        $urls = [
+            [
+                'url' => 'http://testing1.com',
+                'expire_at' => Carbon::now()->addMinutes(5)->format('Y-m-d H:i:s'),
+            ],
+            [
+                'url' => 'http://testing2.com',
+                'expire_at' => Carbon::now()->addMinutes(3)->format('Y-m-d H:i:s'),
+            ]
+        ];
+
+        $signedUrls = [];
+        foreach ($urls as $url) {
+            $signedUrls[] = URLSigner::sign($url['url'], $url['expire_at']);
+        }
+
+        $fileContent = Storage::disk(URLSigner::$STORAGE_DISK)->get(URLSigner::$FILENAME);
+        $signedUrlList = json_decode($fileContent);
+        $this->assertEquals(2, count($signedUrlList));
+        $this->assertEquals($signedUrls[0], $signedUrlList[0]->signed_url);
+        $this->assertEquals($signedUrls[1], $signedUrlList[1]->signed_url);
+    }
+}