PHPackages                             havenshen/larsign - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. havenshen/larsign

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

havenshen/larsign
=================

Laravel signature certification with web API server.

1.0.3(8y ago)222.2k8[2 PRs](https://github.com/HavenShen/larsign/pulls)MITPHPCI failing

Since Dec 5Pushed 2y ago2 watchersCompare

[ Source](https://github.com/HavenShen/larsign)[ Packagist](https://packagist.org/packages/havenshen/larsign)[ RSS](/packages/havenshen-larsign/feed)WikiDiscussions master Synced 2w ago

READMEChangelogDependencies (2)Versions (7)Used By (0)

Api Authorized Signature Middleware for Laravel 5
=================================================

[](#api-authorized-signature-middleware-for-laravel-5)

[![Scrutinizer Code Quality](https://camo.githubusercontent.com/423b0db116468665dd9d4bdc549ea3bed8aba92dcc85c6c9601682c23156fa39/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f486176656e5368656e2f6c61727369676e2f6261646765732f7175616c6974792d73636f72652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/HavenShen/larsign/?branch=master)[![Build Status](https://camo.githubusercontent.com/e7d5a43f17724399f0f5042e1e3a7c06081c3c85818d696fc2850451327e4fdf/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f486176656e5368656e2f6c61727369676e2f6261646765732f6275696c642e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/HavenShen/larsign/build-status/master)[![Code Coverage](https://camo.githubusercontent.com/ad66aa1efec93301b1bae44187ed34559338bc9f0cd6079d813ffb3affd6c53a/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f486176656e5368656e2f6c61727369676e2f6261646765732f636f7665726167652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/HavenShen/larsign/?branch=master)[![Build Status](https://camo.githubusercontent.com/f4c206213e70d6a83480703dd44120ccea154205cba083585cbf0bc056108748/68747470733a2f2f7472617669732d63692e6f72672f486176656e5368656e2f6c61727369676e2e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/HavenShen/larsign)[![Latest Stable Version](https://camo.githubusercontent.com/b09628fb9dbca019de082cb57efcf5065e743a6aa6f9dea576a1bc552dbf876b/68747470733a2f2f706f7365722e707567782e6f72672f486176656e5368656e2f6c61727369676e2f762f737461626c652e737667)](https://packagist.org/packages/HavenShen/larsign)[![Latest Unstable Version](https://camo.githubusercontent.com/df377282f5244623a94995fc45ca213fedc4698e9342fa102d4b23fa381675f2/68747470733a2f2f706f7365722e707567782e6f72672f486176656e5368656e2f6c61727369676e2f762f756e737461626c652e737667)](https://packagist.org/packages/HavenShen/larsign)[![Latest Stable Version](https://camo.githubusercontent.com/6ef97d25bf5d338b3c46dc7e7d1ff433d1ad558fc9642e629d09c480c5296f77/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f486176656e5368656e2f6c61727369676e2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/HavenShen/larsign)[![Total Downloads](https://camo.githubusercontent.com/c2050ffb8dcf3dacb77f15d1cfefec959fa6301c94a31441d290a3182a0902d3/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f486176656e5368656e2f6c61727369676e2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/HavenShen/slim-born)[![License](https://camo.githubusercontent.com/58b2d7135e3ad7e5fe1918d03c16b9f062c3e4634fc7fd63633475493183f239/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f6c2f486176656e5368656e2f6c61727369676e2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/HavenShen/larsign)

About
-----

[](#about)

The `larsign` package authorized signature server.

Features
--------

[](#features)

- Handles larsign requests

Installation
------------

[](#installation)

### Laravel

[](#laravel)

Require the `havenshen/larsign` package in your `composer.json` and update your dependencies:

```
$ composer require havenshen/larsign
```

Add the `HavenShen\Larsign\LarsignServiceProvider` to your `config/app.php` providers array:

```
HavenShen\Larsign\LarsignServiceProvider::class,
```

Add the `HavenShen\Larsign\LarsignFacade` to your `config/app.php` aliases array:

```
'Larsign' => HavenShen\Larsign\LarsignFacade::class,
```

### Lumen

[](#lumen)

Require the `havenshen/larsign` package in your `composer.json` and update your dependencies:

```
$ composer require havenshen/larsign
```

Register the package with lumen in `bootstrap/app.php` with the following:

```
$app->register(HavenShen\Larsign\LarsignServiceProvider::class);
```

Global usage
------------

[](#global-usage)

To allow Larsign for all your routes, add the `HandleLarsign` middleware in the `$middleware` property of `app/Http/Kernel.php` class:

```
protected $middleware = [
    // ...
    \HavenShen\Larsign\HandleLarsign::class,
];
```

Group middleware
----------------

[](#group-middleware)

If you want to allow Larsign on a specific middleware group or route, add the `HandleLarsign` middleware to your group:

```
protected $middlewareGroups = [
    'web' => [
       // ...
    ],

    'api' => [
        // ...
        \HavenShen\Larsign\HandleLarsign::class,
    ],
];
```

Application route middleware
----------------------------

[](#application-route-middleware)

If you want to allow Larsign on a specific application middleware or route, add the `HandleLarsign` middleware to your application route:

```
protected $routeMiddleware = [
    // ...
    'auth.larsign' => \HavenShen\Larsign\HandleLarsign::class,
];
```

Configuration
-------------

[](#configuration)

The defaults are set in `config/larsign.php`. Copy this file to your own config directory to modify the values. If you're using Laravel, you can publish the config using this command:

```
$ php artisan vendor:publish --provider="HavenShen\Larsign\LarsignServiceProvider"
```

If you're using Lumen, Copy the configuration `larsign.php` from `vendor/havenshen/larsign/config/larsign.php` to your `config/` directory

```
return [
    /*
     |--------------------------------------------------------------------------
     | Larsign
     |--------------------------------------------------------------------------
     |
     */
    'headerName' => env('LARSIGN_HEADER_NAME', 'Larsign'),
    'accessKey' => env('LARSIGN_ACCESS_KEY', ''),
    'secretKey' => env('LARSIGN_SECRET_KEY', ''),
];
```

Add api route in `routes/api.php` Copy this.

```
Route::middleware(['auth.larsign'])->group(function () {
    Route::get('/larsign', function () {
    return [
        'message' => 'done.'
    ]);
});
```

or

```
Route::get('/larsign', function () {
    return [
        'message' => 'done.'
    ];
})->middleware('auth.larsign');
```

Client
------

[](#client)

Generate `Larsign` signatures

1. Assume the following management credentials:

```
AccessKey = "test"
SecretKey = "123456"
```

2. Call interface address:

```
url = "https://larsign.dev/api/v1/test?page=1"
```

3. The original string to be signed:

> note: the time-stamping followed by a newline \[currenttime + voucher valid seconds\]

```
signingStr = "/api/v1/test?page=1\n1510986405"
```

4. Base64 url safe encode:

```
signingStrBase64UrlSafeEncode = "L2FwaS92MS90ZXN0P3BhZ2U9MQoxNTEwOTg2NDY1"
```

5. `hmac_sha1` carries `SecretKey` encryption then base64 url safe encode:

```
sign = "MLKnFIdI-0TOQ4mHn5TyCcmWACU="
```

6. The final administrative credentials are:

> note: stitching `headerName` Space `AccessKey`:`sign`:`signingStrBase64UrlSafeEncode`

```
larsignToken = "Larsign test:MLKnFIdI-0TOQ4mHn5TyCcmWACU=:L2FwaS92MS90ZXN0P3BhZ2U9MQoxNTEwOTg2NDY1"
```

7. Add http header:

> note: header key in `config/larsign.php -> headerName`

```
Larsign:Larsign test:MLKnFIdI-0TOQ4mHn5TyCcmWACU=:L2FwaS92MS90ZXN0P3BhZ2U9MQoxNTEwOTg2NDY1
```

Client signature authorization failed
-------------------------------------

[](#client-signature-authorization-failed)

```
Http Response: 403
```

Testing
-------

[](#testing)

```
$ phpunit
```

License
-------

[](#license)

The MIT License (MIT). Please see [License File](LICENSE.md) for more information.

###  Health Score

36

—

LowBetter than 79% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity28

Limited adoption so far

Community14

Small or concentrated contributor base

Maturity67

Established project with proven stability

 Bus Factor1

Top contributor holds 77.8% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~0 days

Total

4

Last Release

3129d ago

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/3860322?v=4)[HavenShen](/maintainers/HavenShen)[@HavenShen](https://github.com/HavenShen)

---

Top Contributors

[![HavenShen](https://avatars.githubusercontent.com/u/3860322?v=4)](https://github.com/HavenShen "HavenShen (21 commits)")[![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)](https://github.com/dependabot[bot] "dependabot[bot] (3 commits)")[![ibrahimMahfuz](https://avatars.githubusercontent.com/u/28502321?v=4)](https://github.com/ibrahimMahfuz "ibrahimMahfuz (3 commits)")

---

Tags

apihmaclaravelmiddlewarepackagesignaturemiddlewareapilaravelsignatureauthorizationlaravel-5-packages

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/havenshen-larsign/health.svg)

```
[![Health](https://phpackages.com/badges/havenshen-larsign/health.svg)](https://phpackages.com/packages/havenshen-larsign)
```

###  Alternatives

[auth0/login

Auth0 Laravel SDK. Straight-forward and tested methods for implementing authentication, and accessing Auth0's Management API endpoints.

2745.2M3](/packages/auth0-login)[ejarnutowski/laravel-api-key

Authorize requests to your Laravel application with API keys

157456.6k1](/packages/ejarnutowski-laravel-api-key)[hasinhayder/tyro

Tyro - The ultimate Authentication, Authorization, and Role &amp; Privilege Management solution for Laravel 12 &amp; 13

6783.6k5](/packages/hasinhayder-tyro)[spatie/laravel-authorize

A middleware to check authorization

20226.2k1](/packages/spatie-laravel-authorize)[erjanmx/laravel-api-auth

Dead simple Laravel api authorization middleware

1925.1k](/packages/erjanmx-laravel-api-auth)[hosseinhezami/laravel-permission-manager

Advanced permission manager for Laravel.

383.3k](/packages/hosseinhezami-laravel-permission-manager)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
