PHPackages                             rezzza/security-bundle - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. rezzza/security-bundle

ActiveSymfony-bundle[Security](/categories/security)

rezzza/security-bundle
======================

Signed requests check

v2.3.2(8y ago)1653.9k13MITPHPPHP &gt;=5.3.2

Since May 21Pushed 3y ago6 watchersCompare

[ Source](https://github.com/rezzza/SecurityBundle)[ Packagist](https://packagist.org/packages/rezzza/security-bundle)[ Docs](https://github.com/rezzza/SecurityBundle)[ RSS](/packages/rezzza-security-bundle/feed)WikiDiscussions master Synced 3w ago

READMEChangelog (10)Dependencies (8)Versions (12)Used By (0)

SecurityBundle
==============

[](#securitybundle)

[![Build Status](https://camo.githubusercontent.com/4b93b6ae54ffc6a27fe09d6bfd8e1e94517468fb87cec85f96bfe847e52cb6f0/68747470733a2f2f7472617669732d63692e6f72672f72657a7a7a612f536563757269747942756e646c652e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/rezzza/SecurityBundle)[![Scrutinizer Code Quality](https://camo.githubusercontent.com/248ec2e5046eb36475a809ad7eb5784b2dee41d25b8c1ecca5e2f2a7cb77a27c/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f72657a7a7a612f536563757269747942756e646c652f6261646765732f7175616c6974792d73636f72652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/rezzza/SecurityBundle/?branch=master)[![Code Coverage](https://camo.githubusercontent.com/975b756789915ce3af10da0e0322854a73ada40b933a24c8f2a7016ca22ee376/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f72657a7a7a612f536563757269747942756e646c652f6261646765732f636f7665726167652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/rezzza/SecurityBundle/?branch=master)

Installation
============

[](#installation)

With Composer
-------------

[](#with-composer)

```
    "require": {
        'rezzza/security-bundle': '~2.0',
    }
```

Enable Bundle
-------------

[](#enable-bundle)

In `AppKernel`:

```
    $bundles = array(
        //....
        new Rezzza\SecurityBundle\RezzzaSecurityBundle(),
        //....
    );
```

On symfony 2.0
--------------

[](#on-symfony-20)

Add factory to your `security.yml`

```
security:
    factories:
        - "%kernel.root_dir%/../vendor/bundles/Rezzza/SecurityBundle/Resources/config/services/security.xml"
```

Request signature checker
=========================

[](#request-signature-checker)

Validate a signature sent by client in query string, this signature can have a lifetime.

Criterias are:

- Time send on signature (if replay\_protection activated)
- RequestMethod
- http host
- path info
- content - RAW\_DATA (posted fields)

It'll hash all theses criterias with a secret defined on `security.yml`, example:

```
# security.yml
    firewalls:
        api:
            pattern: ^/api/.*
            request_signature:
                algorithm: SHA1
                # you can easily ignore this when use functional tests by example
                ignore:    %request_signature.ignore%
                # secret of symfony application or an other one
                secret:    %secret%
                # http://.............?_signature=....
                parameter: _signature
                # Do you want to add a lifetime criteria ? By this way the signature will be transitory
                replay_protection:
                    enabled:   true
                    lifetime:  600
                    parameter: _signature_ttl
```

Build the signature:

```
$signatureConfig = new SignatureConfig(true, 'sha1', 's3cr3t');
$signedRequest = new SignedRequest(
    'GET',
    'subdomain.domain.tld',
    '/path/to/resources',
    'content',
    $signatureTime // if needed
);

$signature = $signedRequest->buildSignature($signatureConfig);
```

You can define distant firewall on a config:

```
rezzza_security:
    firewalls:
        my_firewall:
            # algorithm:        'SHA1' default
            secret:            'IseeDeadPeopleEverywhere'
            # replay_protection: true # default
```

And then:

```
$signatureConfig = $this->container->get('rezzza.security.signature_config.my_firewall');

$signedRequest = new SignedRequest(
    'GET',
    'subdomain.domain.tld',
    '/path/to/resources',
    'content',
    $signatureTime // if needed
);

$signature = $signedRequest->buildSignature($signatureConfig);
```

Do you use PSR7 request ?

```
$signatureConfig = $this->container->get('rezzza.security.signature_config.my_firewall');

$url     = 'http://domain.tld/api/uri.json?foo= bar';
// example with guzzle psr7 implementation.
$request = new \GuzzleHttp\Psr7\Request('GET', $url);

$signer  = new \Rezzza\SecurityBundle\Request\Psr7RequestSigner($signatureConfig);
$request = $signer->sign($request);

$response = (new \GuzzleHttp\Client())->send($request);
```

Obfuscate request
=================

[](#obfuscate-request)

If you have critical data coming on your application, you may not want to expose them into symfony profiler. You can easily define which data will not appear on this one on each routes.

```
rezzza_security:
    request_obfuscator:
        enabled: 1

```

In your route:

```

use \Rezzza\SecurityBundle\Controller\Annotations\ObfuscateRequest;

/**
 * @ObfuscateRequest()
 */
public function indexAction(Request $request)
{
}

```

Will obfuscate all datas on symfony profiler.

```
@obfuscate("content=*") // obfuscate $request->getContent()
@obfuscate("headers={'foobar'}") // obfuscate $request->headers->get('foobar')
@obfuscate("request_request={"customer[password]"}") // obfuscate $request->request->get('customer')['password']

```

Keys to obfuscate are:

- format
- content
- content\_type
- status\_text
- status\_code
- request\_query ($\_GET)
- request\_request ($\_POST)
- request\_headers ($\_HEADER)
- request\_server ($\_SERVER)
- request\_cookies ($\_COOKIES)
- request\_attributes ($request-&gt;attributes)
- response\_headers
- session\_metadata
- session\_attributes
- flashes
- path\_info
- controller
- locale

WishList
========

[](#wishlist)

- QueryString or HTTP Headers
- Unit Tests with atoum

###  Health Score

38

—

LowBetter than 83% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity36

Limited adoption so far

Community19

Small or concentrated contributor base

Maturity65

Established project with proven stability

 Bus Factor1

Top contributor holds 56.4% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~156 days

Total

11

Last Release

3212d ago

Major Versions

v1.1.2 → 2.0.02014-12-11

### Community

Maintainers

![](https://www.gravatar.com/avatar/47c3006a9e7662031ee9d3fa064238fef88479fd7d60f18dd47f038fbbd7dc5a?d=identicon)[steph\_py](/maintainers/steph_py)

---

Top Contributors

[![stephpy](https://avatars.githubusercontent.com/u/232744?v=4)](https://github.com/stephpy "stephpy (31 commits)")[![tyx](https://avatars.githubusercontent.com/u/245494?v=4)](https://github.com/tyx "tyx (12 commits)")[![shouze](https://avatars.githubusercontent.com/u/54712?v=4)](https://github.com/shouze "shouze (10 commits)")[![gmorel](https://avatars.githubusercontent.com/u/2279794?v=4)](https://github.com/gmorel "gmorel (1 commits)")[![JMSBot](https://avatars.githubusercontent.com/u/1719218?v=4)](https://github.com/JMSBot "JMSBot (1 commits)")

---

Tags

symfonybundlesecurity

###  Code Quality

TestsBehat

### Embed Badge

![Health badge](/badges/rezzza-security-bundle/health.svg)

```
[![Health](https://phpackages.com/badges/rezzza-security-bundle/health.svg)](https://phpackages.com/packages/rezzza-security-bundle)
```

###  Alternatives

[rcsofttech/audit-trail-bundle

Enterprise-grade, high-performance Symfony audit trail bundle. Automatically track Doctrine entity changes with split-phase architecture, multiple transports (HTTP, Queue, Doctrine), and sensitive data masking.

1155.2k](/packages/rcsofttech-audit-trail-bundle)[easycorp/easyadmin-bundle

Admin generator for Symfony applications

4.3k17.5M373](/packages/easycorp-easyadmin-bundle)[2lenet/crudit-bundle

The easy like Crud'it Bundle.

1715.6k12](/packages/2lenet-crudit-bundle)[web-auth/webauthn-framework

FIDO2/Webauthn library for PHP and Symfony Bundle.

51090.8k2](/packages/web-auth-webauthn-framework)[web-auth/webauthn-symfony-bundle

FIDO2/Webauthn Security Bundle For Symfony

65474.5k9](/packages/web-auth-webauthn-symfony-bundle)[sulu/sulu

Core framework that implements the functionality of the Sulu content management system

1.3k1.4M196](/packages/sulu-sulu)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)