|
1 | 1 | <?php |
2 | 2 |
|
3 | 3 | return [ |
4 | | - /* |
5 | | - |-------------------------------------------------------------------------- |
6 | | - | The algorithm to sign the request with |
7 | | - |-------------------------------------------------------------------------- |
8 | | - | |
9 | | - | This is the algorithm we'll use to sign the request. |
10 | | - */ |
11 | | - 'algorithm' => env('SIGNED_REQUEST_ALGORITHM', 'sha256'), |
| 4 | + 'default' => [ |
| 5 | + /* |
| 6 | + |-------------------------------------------------------------------------- |
| 7 | + | The algorithm to sign the request with |
| 8 | + |-------------------------------------------------------------------------- |
| 9 | + | |
| 10 | + | This is the algorithm we'll use to sign the request. |
| 11 | + */ |
| 12 | + 'algorithm' => env('SIGNED_REQUEST_ALGORITHM', 'sha256'), |
12 | 13 |
|
13 | | - /* |
14 | | - |-------------------------------------------------------------------------- |
15 | | - | The prefix to use for all of our cache values |
16 | | - |-------------------------------------------------------------------------- |
17 | | - | |
18 | | - | This is the prefix we'll use for all of our keys. |
19 | | - */ |
20 | | - 'cache-prefix' => env('SIGNED_REQUEST_CACHE_PREFIX', 'signed-requests'), |
| 14 | + /* |
| 15 | + |-------------------------------------------------------------------------- |
| 16 | + | The prefix to use for all of our cache values |
| 17 | + |-------------------------------------------------------------------------- |
| 18 | + | |
| 19 | + | This is the prefix we'll use for all of our keys. |
| 20 | + */ |
| 21 | + 'cache-prefix' => env('SIGNED_REQUEST_CACHE_PREFIX', 'signed-requests'), |
21 | 22 |
|
22 | | - /* |
23 | | - |-------------------------------------------------------------------------- |
24 | | - | Available header overrides |
25 | | - |-------------------------------------------------------------------------- |
26 | | - | |
27 | | - | This allows you to customize the http headers that will be inspected to |
28 | | - | look for the signature and algorithm respectively. |
29 | | - */ |
30 | | - 'headers' => [ |
31 | | - 'signature' => env('SIGNED_REQUEST_SIGNATURE_HEADER', 'X-Signature'), |
32 | | - 'algorithm' => env('SIGNED_REQUEST_ALGORITHM_HEADER', 'X-Algorithm') |
33 | | - ], |
| 23 | + /* |
| 24 | + |-------------------------------------------------------------------------- |
| 25 | + | Available header overrides |
| 26 | + |-------------------------------------------------------------------------- |
| 27 | + | |
| 28 | + | This allows you to customize the http headers that will be inspected to |
| 29 | + | look for the signature and algorithm respectively. |
| 30 | + */ |
| 31 | + 'headers' => [ |
| 32 | + 'signature' => env('SIGNED_REQUEST_SIGNATURE_HEADER', 'GoodTalk-Signature'), |
| 33 | + 'algorithm' => env('SIGNED_REQUEST_ALGORITHM_HEADER', 'GoodTalk-Signature-Algorithm') |
| 34 | + ], |
34 | 35 |
|
35 | | - /* |
36 | | - |-------------------------------------------------------------------------- |
37 | | - | The key for signing requests for verification. |
38 | | - |-------------------------------------------------------------------------- |
39 | | - | |
40 | | - | This value is the key we'll use to verify signatures with. By default this |
41 | | - | key is expected from the environment. You can change this behaviour, |
42 | | - | however it is not recommended. |
43 | | - */ |
44 | | - 'key' => env('SIGNED_REQUEST_KEY', 'key'), |
| 36 | + /* |
| 37 | + |-------------------------------------------------------------------------- |
| 38 | + | The key for signing requests for verification. |
| 39 | + |-------------------------------------------------------------------------- |
| 40 | + | |
| 41 | + | This value is the key we'll use to verify signatures with. By default this |
| 42 | + | key is expected from the environment. You can change this behaviour, |
| 43 | + | however it is not recommended. |
| 44 | + */ |
| 45 | + 'key' => env('SIGNED_REQUEST_KEY', 'key'), |
45 | 46 |
|
46 | | - /* |
47 | | - |-------------------------------------------------------------------------- |
48 | | - | Allows the management and tolerance of request replay's |
49 | | - |-------------------------------------------------------------------------- |
50 | | - | |
51 | | - | This allows you to configure if the middleware should prevent the same |
52 | | - | request being replayed to your application, and adjust the tolerance |
53 | | - | for request expiry. |
54 | | - */ |
55 | | - 'request-replay' => [ |
56 | | - 'allow' => env('SIGNED_REQUEST_ALLOW_REPLAYS', false), |
57 | | - 'tolerance' => env('SIGNED_REQUEST_TOLERANCE_SECONDS', 30) |
| 47 | + /* |
| 48 | + |-------------------------------------------------------------------------- |
| 49 | + | Allows the management and tolerance of request replay's |
| 50 | + |-------------------------------------------------------------------------- |
| 51 | + | |
| 52 | + | This allows you to configure if the middleware should prevent the same |
| 53 | + | request being replayed to your application, and adjust the tolerance |
| 54 | + | for request expiry. |
| 55 | + */ |
| 56 | + 'request-replay' => [ |
| 57 | + 'allow' => env('SIGNED_REQUEST_ALLOW_REPLAYS', false), |
| 58 | + 'tolerance' => env('SIGNED_REQUEST_TOLERANCE_SECONDS', 30) |
| 59 | + ] |
58 | 60 | ], |
| 61 | + 'custom' => [ |
| 62 | + 'algorithm' => env('CUSTOM_SIGNED_REQUEST_ALGORITHM', 'sha256'), |
| 63 | + 'cache-prefix' => env('CUSTOM_SIGNED_REQUEST_CACHE_PREFIX', 'signed-requests'), |
| 64 | + 'headers' => [ |
| 65 | + 'signature' => env('CUSTOM_SIGNED_REQUEST_SIGNATURE_HEADER', 'GoodTalk-Signature'), |
| 66 | + 'algorithm' => env('CUSTOM_SIGNED_REQUEST_ALGORITHM_HEADER', 'GoodTalk-Signature-Algorithm') |
| 67 | + ], |
| 68 | + 'key' => env('CUSTOM_SIGNED_REQUEST_KEY', 'key'), |
| 69 | + 'request-replay' => [ |
| 70 | + 'allow' => env('CUSTOM_SIGNED_REQUEST_ALLOW_REPLAYS', false), |
| 71 | + 'tolerance' => env('CUSTOM_SIGNED_REQUEST_TOLERANCE_SECONDS', 30) |
| 72 | + ] |
| 73 | + ] |
59 | 74 | ]; |
0 commit comments