Utilities for working with PSR-7 Http Message objects.
- psr/http-message: ^1 || ^2
- php: >=7.3
Install the latest version with:
composer require 'corpus/http-message-utils'Utility to split an Authorization header into <type> and <credentials> ala:
Authorization: <type> <credentials>
The parser itself is authorization type agnostic and works with any RFC7235 conforming authorization type.
$serverRequest = \GuzzleHttp\Psr7\ServerRequest::fromGlobals();
$parsedAuth = (new \Corpus\HttpMessageUtils\Authorization\AuthorizationHeaderParser)->parseServerRequest($serverRequest);
if( $parsedAuth ) {
echo 'type: ' . $parsedAuth->getType();
echo 'cred: ' . $parsedAuth->getCredentials();
}function __construct([ ?\Corpus\HttpMessageUtils\Authorization\AuthorizationPartsFactory $factory = null])- \Corpus\HttpMessageUtils\Authorization\AuthorizationPartsFactory | null
$factory- Optional factory for construction of result objects
function parseString(string $headerValue) : ?\Corpus\HttpMessageUtils\Authorization\AuthorizationPartsInterfaceParses an Authorization header into <type> and <credentials>
- string
$headerValue- The header value to parse
- \Corpus\HttpMessageUtils\Authorization\AuthorizationPartsInterface | null - AuthorizationParts on success, null on failure. Reasons for failure include empty string and non-RFC7235 compliant header values.
function parseServerRequest(\Psr\Http\Message\ServerRequestInterface $request [, string $headerName = self::DEFAULT_HEADER]) : ?\Corpus\HttpMessageUtils\Authorization\AuthorizationPartsInterfaceHelper to easily parse from a PSR ServerRequestInterface
- \Psr\Http\Message\ServerRequestInterface
$request- The PSR ServerRequestInterface to read from - string
$headerName- Optional header name to parse. Defaults to Authorization.
- \Corpus\HttpMessageUtils\Authorization\AuthorizationPartsInterface | null - AuthorizationParts on success, null on failure.
Representation of the parts of an Authorization Header:
Authorization: <type> <credentials>
function getType() : stringThe specified authorization type
function getCredentials() : stringThe specified authorization credentials
Utility to map a Uri or ServerRequestInterface's Uri to the external scheme detected from a proxy such as an AWS load balancer.
Will only ever upgrade to https, never downgrade.
$serverRequest = \GuzzleHttp\Psr7\ServerRequest::fromGlobals();
$serverRequest = (new \Corpus\HttpMessageUtils\ProxyAwareSchemer)->withUriWithDetectedScheme($serverRequest);<?php
namespace Corpus\HttpMessageUtils;
class ProxyAwareSchemer {
public const HTTPS_EXPECTED_SERVER_VALUES = ['HTTP_X_FORWARDED_PROTOCOL' => 'https', 'HTTP_X_FORWARDED_PROTO' => 'https', 'HTTP_X_FORWARDED_SSL' => 'on', 'HTTP_FRONT_END_HTTPS' => 'on', 'HTTP_X_URL_SCHEME' => 'https', 'HTTPS' => 'on'];
public const PORT_EXPECTED_SERVER_KEYS = ['HTTP_X_FORWARDED_PORT'];
/** Value for `default port` arguments to remove the port from the URI */
public const REMOVE_PORT = -65536;
}function __construct([ ?array $server = null [, ?array $proxyServerHttpsKeyValues = null [, ?array $proxyServerPortKeys = null]]])- array<string,scalar>
$server- Server array to inspect. Defaults to $_SERVER. - array<string,string> | null
$proxyServerHttpsKeyValues- Map of $_SERVER keys to their expected https-positive value. Defaults to ProxyAwareSchemer::HTTPS_EXPECTED_SERVER_VALUES - string[] | null
$proxyServerPortKeys- Array of $_SERVER keys to check for a forwarded port value.
function withUriWithDetectedScheme(\Psr\Http\Message\ServerRequestInterface $serverRequest [, bool $detectPort = true [, ?int $defaultOnHttps = self::REMOVE_PORT]]) : \Psr\Http\Message\ServerRequestInterfaceGiven a \Psr\Http\Message\ServerRequestInterface returns a new instance of ServerRequestInterface with a new Uri
having the scheme adjusted to match the detected external scheme as defined by the proxies headers.
- bool
$detectPort- Enable / Disable proxy port sniffing. - int | null
$defaultOnHttps- Default port to use if sniffing fails but HTTPS proxy is detected. Defaults to ProxyAwareSchemer::REMOVE_PORT which removes the port information from the URI. Passing null will leave port as-is.
function withDetectedScheme(\Psr\Http\Message\UriInterface $uri [, bool $detectPort = true [, ?int $defaultOnHttps = self::REMOVE_PORT]]) : \Psr\Http\Message\UriInterfaceGiven a \Psr\Http\Message\UriInterface returns an instance of UriInterface having the scheme adjusted to match
the detected external scheme as defined by the proxies headers.
- bool
$detectPort- Enable / Disable proxy port sniffing. - int | null
$defaultOnHttps- Default port to use if sniffing fails but HTTPS proxy is detected. Defaults to ProxyAwareSchemer::REMOVE_PORT which removes the port information from the URI. Passing null will leave port as-is.
function withDetectedPort(\Psr\Http\Message\UriInterface $uri [, ?int $default = null]) : \Psr\Http\Message\UriInterfaceGiven a \Psr\Http\Message\UriInterface returns an instance of UriInterface having the port adjusted to match
the detected external scheme as defined by the proxies headers.
- int | null
$default- Defines a default fallback port. Passing ProxyAwareSchemer::REMOVE_PORT will default to removing the port information. Defaults to null - null leaves port as-is.
Utility to actualize a PSR7 ResponseInterface
Sends headers and body.
$response = new \GuzzleHttp\Psr7\Response();
(new \Corpus\HttpMessageUtils\ResponseSender)->send($response);Inspired by http-interop/response-sender
MIT License Copyright (c) 2017 Woody Gilk
function __construct([ bool $fullHttpStmtHeader = false [, bool $rewindBody = true]])ResponseSender constructor.
- bool
$fullHttpStmtHeader- Setting totrueenables full HTTP statement construction which allows non-standard reason phrases and potentially mismatched protocol versions. Use with care. - bool
$rewindBody- Setting tofalseallows you to disable rewinding the body of the response before transmission.
function send(\Psr\Http\Message\ResponseInterface $response) : voidTrigger the transmission of the given \Psr\Http\Message\ResponseInterface