PHPackages mastercard/oauth1-signer - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [API Development](/categories/api) 4. / 5. mastercard/oauth1-signer AbandonedArchivedLibrary[API Development](/categories/api) mastercard/oauth1-signer ======================== Zero dependency library for generating a Mastercard API compliant OAuth signature. v1.1.4(4y ago)5743.8k↓22.7%2MITPHP Since Jan 25Pushed 2y ago11 watchersCompare [ Source](https://github.com/Mastercard/oauth1-signer-php)[ Packagist](https://packagist.org/packages/mastercard/oauth1-signer)[ RSS](/packages/mastercard-oauth1-signer/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (6)Dependencies (2)Versions (7)Used By (0) oauth1-signer-php ================= [](#oauth1-signer-php) [![](https://camo.githubusercontent.com/aef30b99431db5b1f418fef7d137db79c301353f1a093a042c7434a9b26a3e94/68747470733a2f2f646576656c6f7065722e6d6173746572636172642e636f6d2f5f2f5f2f7372632f676c6f62616c2f6173736574732f7376672f6d636465762d6c6f676f2d6461726b2e737667)](https://developer.mastercard.com/) [![maintenance-status](https://camo.githubusercontent.com/a9b9316b0dd923c93b326ea82f12466136f253ede16b6ff8b787945e0bf17b74/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6d61696e74656e616e63652d646570726563617465642d7265642e737667)](https://github.com/Mastercard/.github/blob/main/CLIENT_LIBRARY_DEPRECATION_POLICY.md)[![](https://camo.githubusercontent.com/0cb03170ba5a384f2939fc8549453aeeaed7183f039d5fa9f4b0676ebf7d633b/68747470733a2f2f736f6e6172636c6f75642e696f2f6170692f70726f6a6563745f6261646765732f6d6561737572653f70726f6a6563743d4d6173746572636172645f6f61757468312d7369676e65722d706870266d65747269633d616c6572745f737461747573)](https://sonarcloud.io/dashboard?id=Mastercard_oauth1-signer-php)[![](https://camo.githubusercontent.com/daf0ea089e2667256bc3105e05077aa39502b2fc42eaf70876ad0e12841d078e/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f6d6173746572636172642f6f61757468312d7369676e65722e737667)](https://packagist.org/packages/mastercard/oauth1-signer)[![](https://camo.githubusercontent.com/07a7d0169027aac6d7a0bfa8964dfef5fbc40d5a2075cabb3d8bc67e17be3451/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d79656c6c6f772e737667)](https://github.com/Mastercard/oauth1-signer-php/blob/master/LICENSE) Table of Contents ----------------- [](#table-of-contents) - [Overview](#overview) - [Compatibility](#compatibility) - [References](#references) - [Versioning and Deprecation Policy](#versioning) - [Usage](#usage) - [Prerequisites](#prerequisites) - [Adding the Library to Your Project](#adding-the-library-to-your-project) - [Loading the Signing Key](#loading-the-signing-key) - [Creating the OAuth Authorization Header](#creating-the-oauth-authorization-header) - [Signing HTTP Client Request Objects](#signing-http-client-request-objects) - [Integrating with OpenAPI Generator API Client Libraries](#integrating-with-openapi-generator-api-client-libraries) Overview --------------------------------------------- [](#overview-) Zero dependency library for generating a Mastercard API compliant OAuth signature. ### Compatibility [](#compatibility-) PHP 5.6+ ### References [](#references-) - [OAuth 1.0a specification](https://tools.ietf.org/html/rfc5849) - [Body hash extension for non application/x-www-form-urlencoded payloads](https://tools.ietf.org/id/draft-eaton-oauth-bodyhash-00.html) ### Versioning and Deprecation Policy [](#versioning-and-deprecation-policy-) - [Mastercard Versioning and Deprecation Policy](https://github.com/Mastercard/.github/blob/main/CLIENT_LIBRARY_DEPRECATION_POLICY.md) Usage --------------------------------------- [](#usage-) ### Prerequisites [](#prerequisites-) Before using this library, you will need to set up a project in the [Mastercard Developers Portal](https://developer.mastercard.com). As part of this set up, you'll receive credentials for your app: - A consumer key (displayed on the Mastercard Developer Portal) - A private request signing key (matching the public certificate displayed on the Mastercard Developer Portal) ### Adding the Library to Your Project [](#adding-the-library-to-your-project-) ``` composer require mastercard/oauth1-signer ``` ### Loading the Signing Key [](#loading-the-signing-key-) A private key object can be created by calling the `AuthenticationUtils::loadSigningKey` function: ``` use Mastercard\Developer\OAuth\Utils\AuthenticationUtils; // … $signingKey = AuthenticationUtils::loadSigningKey( '', '', ''); ``` ### Creating the OAuth Authorization Header [](#creating-the-oauth-authorization-header-) The method that does all the heavy lifting is `OAuth::getAuthorizationHeader`. You can call into it directly and as long as you provide the correct parameters, it will return a string that you can add into your request's `Authorization` header. ``` use Mastercard\Developer\OAuth\OAuth; // … $consumerKey = ''; $uri = 'https://sandbox.api.mastercard.com/service'; $method = 'POST'; $payload = 'Hello world!'; $authHeader = OAuth::getAuthorizationHeader($uri, $method, $payload, $consumerKey, $signingKey); ``` ### Signing HTTP Client Request Objects [](#signing-http-client-request-objects-) Alternatively, you can use helper classes for some of the commonly used HTTP clients. These classes, provided in the `Mastercard\Developer\Signers\` namespace, will modify the provided request object in-place and will add the correct `Authorization` header. Once instantiated with a consumer key and private key, these objects can be reused. Usage briefly described below, but you can also refer to the test namespace for examples. - [cURL](#curl) - [GuzzleHttp](#guzzlehttp) #### cURL [](#curl-) ##### POST example [](#post-example) ``` use Mastercard\Developer\Signers\CurlRequestSigner; // … $method = 'POST'; $uri = 'https://sandbox.api.mastercard.com/service'; $payload = json_encode(['foo' => 'bår']); $headers = array( 'Content-Type: application/json', 'Content-Length: ' . strlen($payload) ); $handle = curl_init($uri); curl_setopt_array($handle, array(CURLOPT_RETURNTRANSFER => 1, CURLOPT_CUSTOMREQUEST => $method, CURLOPT_POSTFIELDS => $payload)); $signer = new CurlRequestSigner($consumerKey, $signingKey); $signer->sign($handle, $method, $headers, $payload); $result = curl_exec($handle); curl_close($handle); ``` ##### GET example [](#get-example) ``` use Mastercard\Developer\Signers\CurlRequestSigner; // … $method = 'GET'; $baseUri = 'https://sandbox.api.mastercard.com/service'; $queryParams = array('param1' => 'with spaces', 'param2' => 'encoded#symbol'); $uri = $baseUri . '?' . http_build_query($queryParams); $handle = curl_init($uri); curl_setopt_array($handle, array(CURLOPT_RETURNTRANSFER => 1)); $signer = new CurlRequestSigner($consumerKey, $signingKey); $signer->sign($handle, $method); $result = curl_exec($handle); curl_close($handle); ``` #### GuzzleHttp [](#guzzlehttp-) ``` use GuzzleHttp\Psr7\Request; use Mastercard\Developer\Signers\PsrHttpMessageSigner; // … $payload = '{"foo":"bår"}'; $headers = ['Content-Type' => 'application/json']; $request = new Request('POST', 'https://sandbox.api.mastercard.com/service', $headers, $payload); $signer = new PsrHttpMessageSigner($consumerKey, $signingKey); $signer.sign($request); ``` ### Integrating with OpenAPI Generator API Client Libraries [](#integrating-with-openapi-generator-api-client-libraries-) [OpenAPI Generator](https://github.com/OpenAPITools/openapi-generator) generates API client libraries from [OpenAPI Specs](https://github.com/OAI/OpenAPI-Specification). It provides generators and library templates for supporting multiple languages and frameworks. This project provides you with classes you can use when configuring your API client. These classes will take care of adding the correct `Authorization` header before sending the request. Generators currently supported: - [php](#php) #### php [](#php-) ##### OpenAPI Generator [](#openapi-generator) Client libraries can be generated using the following command: ``` openapi-generator-cli generate -i openapi-spec.yaml -g php -o out ``` See also: - [OpenAPI Generator CLI Installation](https://openapi-generator.tech/docs/installation/) - [CONFIG OPTIONS for php](https://github.com/OpenAPITools/openapi-generator/blob/master/docs/generators/php.md) ##### Usage of the `PsrHttpMessageSigner` [](#usage-of-the-psrhttpmessagesigner) ``` use GuzzleHttp; use OpenAPI\Client\Api\ServiceApi; use OpenAPI\Client\Configuration use Mastercard\Developer\Signers\PsrHttpMessageSigner; // … $stack = new GuzzleHttp\HandlerStack(); $stack->setHandler(new GuzzleHttp\Handler\CurlHandler()); $stack->push(GuzzleHttp\Middleware::mapRequest([new PsrHttpMessageSigner($consumerKey, $signingKey), 'sign'])); $options = ['handler' => $stack]; $client = new GuzzleHttp\Client($options); $config = new Configuration(); $config->setHost('https://sandbox.api.mastercard.com'); $serviceApi = new ServiceApi($client, $config); // … ``` ### Health Score 40 — FairBetter than 88% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity43 Moderate usage in the ecosystem Community18 Small or concentrated contributor base Maturity65 Established project with proven stability Bus Factor1 Top contributor holds 73.3% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~239 days Recently: every ~297 days Total 6 Last Release 1475d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/441fcbfa72c889b1518533de283a93b5b3e0e51b3418b9c074889574b73c308d?d=identicon)[mastercard](/maintainers/mastercard) --- Top Contributors [![jaaufauvre](https://avatars.githubusercontent.com/u/3964455?v=4)](https://github.com/jaaufauvre "jaaufauvre (77 commits)")[![danny-gallagher](https://avatars.githubusercontent.com/u/50239900?v=4)](https://github.com/danny-gallagher "danny-gallagher (22 commits)")[![ech0s7r](https://avatars.githubusercontent.com/u/7020500?v=4)](https://github.com/ech0s7r "ech0s7r (3 commits)")[![lukereichold](https://avatars.githubusercontent.com/u/693592?v=4)](https://github.com/lukereichold "lukereichold (1 commits)")[![NehaSony](https://avatars.githubusercontent.com/u/29691357?v=4)](https://github.com/NehaSony "NehaSony (1 commits)")[![rfeelin](https://avatars.githubusercontent.com/u/3427219?v=4)](https://github.com/rfeelin "rfeelin (1 commits)") --- Tags deprecateddeprecated-repositorymastercardoauth1oauth1aopenapiphpphpopenapioauth1mastercardoauth1a ### Embed Badge ![Health badge](/badges/mastercard-oauth1-signer/health.svg) ``` [![Health](https://phpackages.com/badges/mastercard-oauth1-signer/health.svg)](https://phpackages.com/packages/mastercard-oauth1-signer) ``` ### Alternatives [harmbandstra/swagger-ui-bundle Exposes swagger UI inside your Symfony project through a route (eg. /docs) 42867.3k](/packages/harmbandstra-swagger-ui-bundle)[uderline/openapi-php-attributes Automatically render your OpenApi 3 file describing your PHP API using attributes 2136.3k](/packages/uderline-openapi-php-attributes) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)