PHP HMac Restful Api

Hi, created a HMAC Restful api on github. Feedback welcome.

Still have a few things left

  • change from client id (auto incremented) to 20 character public key (so you can't iterate through)
  • need to include uri hash check for better security
  • need to check timestamp, allow only 5 min span
  • client is lame
  • add better documentation on github

Thanks for sharing!

Looks good, i'll take it for a spin soon.


if you find any issues, let me know, ill fix asap




Thanks for sharing. When I try your client-connect.php the application returns

The requested URL /php-hmac-rest-api/ping was not found on this server.

The Request looks valid... Any ideas where my mistake might be?


the request should come across as /ping and NOT /php-hmac-rest-api/ping


How do I accomplish that? I just changed the parts you mentioned on GitHub...

edited Jun '15

Bruno, you may be missing the .htaccess file at the root:

<IfModule mod_rewrite.c> RewriteEngine On RewriteRule ^$ public/ [L] RewriteRule (.*) public/$1 [L] </IfModule>


with this .htaccess i get an 500 internal server error

edited Jun '15

you also need an .htaccess inside the folder public:

<IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)$ index.php?_url=/$1 [QSA,L] </IfModule>

and the client-connect.php, change the $host accordingly to your server url :

$route = '/ping';
//$route = '/test/4';
//$route = '/doesntexist';
//$route = '/skip/auth';

if (isset($argv[1])) {
    $host = 'http://' . $argv[1] . $route;
} else {
    //$host = "" . $route;
    // change the $host  accordingly to your server url :
    $host = "http://localhost/php-hmac-rest-api-master" . $route;