PHPackages simplon/signr - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. simplon/signr ActiveLibrary[Security](/categories/security) simplon/signr ============= Create and validate Signed Requests including data encryption. 0.6.0(13y ago)2318MITPHPPHP >=5.3.3 Since Feb 4Pushed 13y agoCompare [ Source](https://github.com/fightbulc/simplon_signr)[ Packagist](https://packagist.org/packages/simplon/signr)[ Docs](https://github.com/fightbulc/simplon_signr)[ RSS](/packages/simplon-signr/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependenciesVersions (4)Used By (0) ``` _ _ _ ___(_)_ __ ___ _ __ | | ___ _ __ ___(_) __ _ _ __ _ __ / __| | '_ ` _ \| '_ \| |/ _ \| '_ \ / __| |/ _` | '_ \| '__| \__ \ | | | | | | |_) | | (_) | | | | \__ \ | (_| | | | | | |___/_|_| |_| |_| .__/|_|\___/|_| |_| |___/_|\__, |_| |_|_| |_| |___/ ``` Simplon Signr ============= [](#simplon-signr) Signr creates an signed-request (also known as access token) by a given data array in combination with a secret key which is only known by the transmitter and receiver of the payload. By default the signed-request is secured against fraud through a [hash\_hmac](http://php.net/manual/en/function.hash-hmac.php) signature. Additionally, if the data array holds a key named `secret` all data within that key will be encrypted. To ensure that the signed-request can be send via URL it will be encoded via [base64](http://php.net/manual/en/function.base64-encode.php). Create a signed request ----------------------- [](#create-a-signed-request) ``` use Simplon\Signr\Signr; $secretKeySignedRequest = '123456'; $data = [ 'secret' => [ 'user' => [ 'gameUid' => 'xxx', 'email' => 'xxx', 'gameServerId' => 'xxx', ], 'order' => [ 'checkoutUid' => 'xxx', 'inGameCurrency' => 'xxx', 'realCurrency' => 'xxx', 'currencyCode' => 'xxx', 'provider' => 'xxx', 'created' => 'xxx', ], 'partnerToken' => 'xxx', ], ]; // create signed request $signedRequest = (new Signr()) ->setData($data) ->setSecretKey($secretKeySignedRequest) ->create() ->getSignedRequest(); ``` ### Generated signed request [](#generated-signed-request) ``` VaR6EKGui6clTkLSEVps-fzKgEy9BzEYvK-sWi59kTM.eyJzZWNyZXQiOiJrQ2RXRE50M280MUJvNkZ cL1drS3lwVUtyeGJUMnB0SVB6eG4zdVBFV3FkMFlsYTc4UlpRWTVCZm55MFp6d3R1bHVzaU5pZDJHK1 BWRDN5VExVVFZwUEw5SHZCYkFTeXd4eGpBemxpajlvTXFOUHIrUFlwOVNVOTdhV1pHSGR5QnduTTBTd 1BYZW1FTXBhVGt6XC9iV3pHTlB6d3JaQ3cxdElHWUtpRDhIUGlOdks3QUorWDdmcTE1cHBrY3lUUHVJ MUNQd283TXdMbGdPVDdkWWNnVVZCcWlqQjBQWWRZU3NwOElQYzRhYmQxejI5NlBmWmNZTDBBejlhOWo 2WE1CcnoiLCJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImlzc3VlZF9hdCI6MTM2MTc3ODYxMn0 ``` Read a signed request --------------------- [](#read-a-signed-request) ``` use Simplon\Signr\Signr; $signedRequest = 'xxxzzzyyy'; $secretKeySignedRequest = '123456'; // read data should result the following array... $data = (new Signr()) ->setSignedRequest($signedRequest) ->setSecretKey($secretKeySignedRequest) ->read() ->getData(); /* $data = [ 'secret' => [ 'user' => [ 'gameUid' => 'xxx', 'email' => 'xxx', 'gameServerId' => 'xxx', ], 'order' => [ 'checkoutUid' => 'xxx', 'inGameCurrency' => 'xxx', 'realCurrency' => 'xxx', 'currencyCode' => 'xxx', 'provider' => 'xxx', 'created' => 'xxx', ], 'partnerToken' => 'xxx', ], ]; */ ``` Expire Time ----------- [](#expire-time) Each signed request holds an issued time stamp which allows to test if a signed-request is expired. By default a signed-request never expires. Following an example how to test against a certain time stamp: ``` use Simplon\Signr\Signr; $signedRequest = 'xxxzzzyyy'; $secretKeySignedRequest = '123456'; // lets hold the instance $signr = new Signr() ->setSignedRequest($signedRequest) ->setSecretKey($secretKeySignedRequest) ->read(); // is expired? $isExpired = $signr ->setExpireTimeMinutes(120) // time to run against the expiration ->isExpired(); if($isExpired === TRUE) { echo "SignedRequest is expired!"; } ``` Changelog --------- [](#changelog) ### 0.6.0 [](#060) - Refactored class pattern (builder pattern) - Implemented `isExpired` to test against expiration ### Health Score 25 — LowBetter than 37% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity15 Limited adoption so far Community2 Small or concentrated contributor base Maturity50 Maturing project, gaining track record How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~26 days Total 3 Last Release 4799d ago ### Community Maintainers ![](https://avatars.githubusercontent.com/u/451061?v=4)[Tino Ehrich](/maintainers/fightbulc)[@fightbulc](https://github.com/fightbulc) --- Tags encryptionsigned requests ### Embed Badge ![Health badge](/badges/simplon-signr/health.svg) ``` [![Health](https://phpackages.com/badges/simplon-signr/health.svg)](https://phpackages.com/packages/simplon-signr) ``` ### Alternatives [phpseclib/phpseclib PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc. 5.6k434.8M1.3k](/packages/phpseclib-phpseclib)[defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M214](/packages/defuse-php-encryption)[paragonie/ciphersweet Searchable field-level encryption library for relational databases 4641.2M21](/packages/paragonie-ciphersweet)[ass/xmlsecurity The XmlSecurity library is written in PHP for working with XML Encryption and Signatures 955.6M30](/packages/ass-xmlsecurity)[pear/crypt_gpg Provides an object oriented interface to the GNU Privacy Guard (GnuPG). It requires the GnuPG executable to be on the system. 954.4M10](/packages/pear-crypt-gpg)[soved/laravel-gdpr GDPR compliance with ease 299127.5k2](/packages/soved-laravel-gdpr) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)