diff options
| -rw-r--r-- | doc/md/REST-API.md | 57 |
1 files changed, 37 insertions, 20 deletions
diff --git a/doc/md/REST-API.md b/doc/md/REST-API.md index f872744e..ad407749 100644 --- a/doc/md/REST-API.md +++ b/doc/md/REST-API.md | |||
| @@ -68,37 +68,54 @@ $signature = hash_hmac('sha512', $content, $secret); | |||
| 68 | ``` | 68 | ``` |
| 69 | 69 | ||
| 70 | 70 | ||
| 71 | ### Complete example | 71 | ### Complete examples |
| 72 | 72 | ||
| 73 | #### PHP | 73 | ### PHP |
| 74 | |||
| 75 | This example uses the [PHP cURL](http://php.net/manual/en/book.curl.php) library. | ||
| 74 | 76 | ||
| 75 | ```php | 77 | ```php |
| 78 | <?php | ||
| 79 | $baseUrl = 'https://shaarli.mydomain.net'; | ||
| 80 | $secret = 'thats_my_api_secret'; | ||
| 81 | |||
| 82 | function base64url_encode($data) { | ||
| 83 | return rtrim(strtr(base64_encode($data), '+/', '-_'), '='); | ||
| 84 | } | ||
| 85 | |||
| 76 | function generateToken($secret) { | 86 | function generateToken($secret) { |
| 77 | $header = base64_encode('{ | 87 | $header = base64url_encode('{ |
| 78 | "typ": "JWT", | 88 | "typ": "JWT", |
| 79 | "alg": "HS512" | 89 | "alg": "HS512" |
| 80 | }'); | 90 | }'); |
| 81 | $payload = base64_encode('{ | 91 | $payload = base64url_encode('{ |
| 82 | "iat": '. time() .' | 92 | "iat": '. time() .' |
| 83 | }'); | 93 | }'); |
| 84 | $signature = hash_hmac('sha512', $header .'.'. $payload , $secret); | 94 | $signature = base64url_encode(hash_hmac('sha512', $header .'.'. $payload , $secret, true)); |
| 85 | return $header .'.'. $payload .'.'. $signature; | 95 | return $header . '.' . $payload . '.' . $signature; |
| 86 | } | 96 | } |
| 87 | 97 | ||
| 88 | $secret = 'mysecret'; | ||
| 89 | $token = generateToken($secret); | ||
| 90 | echo $token; | ||
| 91 | ``` | ||
| 92 | 98 | ||
| 93 | > `ewogICAgICAgICJ0eXAiOiAiSldUIiwKICAgICAgICAiYWxnIjogIkhTNTEyIgogICAgfQ==.ewogICAgICAgICJpYXQiOiAxNDY4NjY3MDQ3CiAgICB9.1d2c54fa947daf594fdbf7591796195652c8bc63bffad7f6a6db2a41c313f495a542cbfb595acade79e83f3810d709b4251d7b940bbc10b531a6e6134af63a68` | 99 | function getInfo($baseUrl, $secret) { |
| 100 | $token = generateToken($secret); | ||
| 101 | $endpoint = rtrim($baseUrl, '/') . '/api/v1/info'; | ||
| 94 | 102 | ||
| 95 | ```php | 103 | $headers = [ |
| 96 | $options = [ | 104 | 'Content-Type: text/plain; charset=UTF-8', |
| 97 | 'http' => [ | 105 | 'Authorization: Bearer ' . $token, |
| 98 | 'method' => 'GET', | 106 | ]; |
| 99 | 'jwt' => $token, | 107 | |
| 100 | ], | 108 | $ch = curl_init($endpoint); |
| 101 | ]; | 109 | curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); |
| 102 | $context = stream_context_create($options); | 110 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); |
| 103 | file_get_contents($apiEndpoint, false, $context); | 111 | curl_setopt($ch, CURLOPT_AUTOREFERER, 1); |
| 112 | curl_setopt($ch, CURLOPT_FRESH_CONNECT, 1); | ||
| 113 | |||
| 114 | $result = curl_exec($ch); | ||
| 115 | curl_close($ch); | ||
| 116 | |||
| 117 | return $result; | ||
| 118 | } | ||
| 119 | |||
| 120 | var_dump(getInfo($baseUrl, $secret)); | ||
| 104 | ``` | 121 | ``` |