PHPackages doing/sign - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. doing/sign ActiveLibrary[Security](/categories/security) doing/sign ========== 通过公钥、私钥和appId进行加密、解密和签名的一种加密类:主要可以运用到接口调用授权中 2281PHP Since Mar 15Pushed 8y agoCompare [ Source](https://github.com/Doing0/sign)[ Packagist](https://packagist.org/packages/doing/sign)[ RSS](/packages/doing-sign/feed)WikiDiscussions master Synced 2mo ago READMEChangelogDependenciesVersions (1)Used By (0) 说明 == [](#说明) 描述一:仅用于签名 --------- [](#描述一仅用于签名) 通过公钥、私钥和appId进行加密、解密和签名的一种加密类:主要可以运用到接口调用授权中 **安装命令** ``` composer require doing/sign dev-master ``` 使用步骤 ---- [](#使用步骤) > 前提:在服务端调用makeKey和doSign时php文件头部已引用命名空间use Sign\\Sign; ### 1.管理人员在SignConfig.php配置类常量APPID($appId)最好是英文单词 [](#1管理人员在signconfigphp配置类常量appidappid最好是英文单词) ### 2.服务端调用以下生成器 生成公钥和私钥 [](#2服务端调用以下生成器-生成公钥和私钥) ``` $keys= MakeKey::instance()->makeKey(); print_r($keys);die; /* array(2) { ["privateKey"] => string(3) "abc" ["publicKey"] => string(3) "cde" }*/ //把生成的privateKey私钥放在SignConfig.php类的常量PRIVATEKEY($privateKey)中 //把生成的publicKey公钥和把配置好的appId给调用接口的开发人员(使用者) ``` ### 3.签名和验证 [](#3签名和验证) #### 3.1使用者 [](#31使用者) ``` //使用者配置好$publicKey和$appId 调用服务器写的认证签名接口,把参数pulicKey和appId通过header头的方式传递去服务器(根据需求自行封装认证接口方法) $publicKey = 'cde'; $appId = 'appid'; ``` #### 3.2服务器端 [](#32服务器端) ``` //通过读取3.1中header中的参数publicKey和appId调用以下方法验证 $res = Sign::instance()->doSign($publicKey,$appId); print_r($res);die; ``` ### 4.验证结果 [](#4验证结果) $res验证通过返回字符串True,验证失败返回字符串False 并返给3.1 ### 5.使用者在3.1中收到返回结果根据项目需求写后续操作 [](#5使用者在31中收到返回结果根据项目需求写后续操作) 描述二:签名+授权(仅能在thinkphp5.0上使用) ---------------------------- [](#描述二签名授权仅能在thinkphp50上使用) 使用步骤 ---- [](#使用步骤-1) > 前提:在服务端调用getCode和check时php文件头部已引用命名空间use Sign\\OAuth; ### 1 在使用之前须操作描述一中的步骤1和2配置号appId以及生成并配置好对应的公钥和私钥 [](#1-在使用之前须操作描述一中的步骤1和2配置号appid以及生成并配置好对应的公钥和私钥) ### 2 调用接口者获取一次性code码 [](#2-调用接口者获取一次性code码) #### 2.1 调用接口者通过在header上携带参数公钥和appId去调服务器对应接口去获取一次性code码 [](#21-调用接口者通过在header上携带参数公钥和appid去调服务器对应接口去获取一次性code码) #### 2.2 服务器通过header获取对应参数生成一次性code码并返回 [](#22-服务器通过header获取对应参数生成一次性code码并返回) ``` $code = OAuth::instance()->getCode($publicKey, $appId); ``` ### 3 调用接口者获取access\_token [](#3-调用接口者获取access_token) #### 3.1 调用接口者通过携带参数code请求相应接口获取access\_token [](#31-调用接口者通过携带参数code请求相应接口获取access_token) #### 3.2 服务器获取到code参数并去生成access\_token 并返回 [](#32-服务器获取到code参数并去生成access_token-并返回) ``` $accessToken = OAuth::instance()->getAccessToken($code); ``` #### 4 调用API的权限验证 [](#4-调用api的权限验证) #### 4.1 调用接口者每次在调用项目API时header上都要携带access\_token参数 [](#41-调用接口者每次在调用项目api时header上都要携带access_token参数) #### 4.2 服务器每次相应请求时都要去判断access\_toen是否有权限 [](#42-服务器每次相应请求时都要去判断access_toen是否有权限) ``` //$res 验证通过为true其他情况全部已抛出异常的形式处理(自行封装) $res = OAuth::instance()->check(); 当返回为true时,服务器去调客户端请求的对应API接口 ``` ### Health Score 22 — LowBetter than 22% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity11 Limited adoption so far Community7 Small or concentrated contributor base Maturity41 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/100146bfe4881f02fc2f12b2fb50a4ec2f339233818ca8f5c52c6e8785946514?d=identicon)[Doing](/maintainers/Doing) --- Top Contributors [![Doing0](https://avatars.githubusercontent.com/u/36249980?v=4)](https://github.com/Doing0 "Doing0 (15 commits)") ### Embed Badge ![Health badge](/badges/doing-sign/health.svg) ``` [![Health](https://phpackages.com/badges/doing-sign/health.svg)](https://phpackages.com/packages/doing-sign) ``` ### Alternatives [defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M214](/packages/defuse-php-encryption)[roave/security-advisories Prevents installation of composer packages with known security vulnerabilities: no API, simply require it 2.9k97.3M6.4k](/packages/roave-security-advisories)[mews/purifier Laravel 5/6/7/8/9/10 HtmlPurifier Package 2.0k16.7M113](/packages/mews-purifier)[robrichards/xmlseclibs A PHP library for XML Security 41278.1M118](/packages/robrichards-xmlseclibs)[bjeavons/zxcvbn-php Realistic password strength estimation PHP library based on Zxcvbn JS 86917.5M63](/packages/bjeavons-zxcvbn-php)[enlightn/security-checker A PHP dependency vulnerabilities scanner based on the Security Advisories Database. 33732.2M110](/packages/enlightn-security-checker) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)