chore: Update signature logic to use only a single secret value

Author: johnnynotsolucky

README.md

@@ -45,20 +45,16 @@ The values can either be a single value, an array of values, or an associative a
 ```php
 // Create Options object with array of values
 $options = new Options([
-    'width' => 300,
-    'height' => 400,
-    'resize' => [
-        'width' => 300,
-        'height' => 400,
-        'enlarge' => false,
-        'resize_type' => 'fill',
-    ],
-    'gravity' => 'sm',
-    'png_options' => [
-        'interlaced' => true,
-        'quantize' => false,
-    ],
-]);
+		'width' => 300,
+		'height' => 400,
+		'fit' => 'fill',
+		'watermarkPosition' => 'center',
+		'border' => [
+			'width' => 10,
+			'color' => '000000',
+			'borderMethod' => 'overlay',
+		],
+	]);
 ```
 
 ### Building URLs
@@ -81,46 +77,22 @@ $imageUrl = 'https://example.com/images/image.jpg';
 $url = $builder->buildUrl($imageUrl, $options);
 
 echo $url;
-// Output: https://images.my-origin.com/unsafe/preset:sharp/resize:fill:300:400:0/gravity:sm/quality:80/format:png/plain/https://example.com/images/image.jpg
-```
-
-### Encoded URLs
-
-```php
-use smallpics\smallpics\Options;
-use smallpics\smallpics\UrlBuilder;
-
-// Create options object
-$options = new Options();
-$options
-    ->setWidth(300)
-    ->setHeight(400);
-
-// Create URL builder
-$builder = new UrlBuilder('https://images.my-origin.com');
-
-// Build URL with encoded source
-$imageUrl = 'images/image.jpg';
-$url = $builder->buildUrl($imageUrl, $options);
-
-echo $url;
-// Output: https://images.my-origin.com/images/image.jpg?width=300&height=400
+// Output: https://images.my-origin.com/images/image.jpg?q=80&fm=png
 ```
 
 ### Signed URLs
 
 ```php
 // Create URL builder with signing keys
-$key = '0123456789abcdef0123456789abcdef';
-$salt = 'fedcba9876543210fedcba9876543210';
-$builder = new UrlBuilder('https://images.my-origin.com', $key, $salt);
+$secret = '0123456789abcdef0123456789abcdef';
+$builder = new UrlBuilder('https://images.my-origin.com', $secret);
 
 // Build signed URL
 $imageUrl = 'images/image.jpg';
 $url = $builder->buildUrl($imageUrl, $options);
 
 echo $url;
-// Output will include a signature: https://images.my-origin.com/images/image.jpg?width=300&height=400&signature=[signature]
+// Output will include a signature: https://images.my-origin.com/images/image.jpg?signature=[signature]
 ```
 
 ## Development

src/UrlBuilder.php

@@ -9,8 +9,7 @@ class UrlBuilder
 	 */
 	public function __construct(
 		protected string $host,
-		protected ?string $key = null,
-		protected ?string $salt = null,
+		protected ?string $secret = null,
 	) {
 	}
 
@@ -29,7 +28,7 @@ public function buildUrl(string $sourceUrl, ?Options $options = null): string
 
 		$unsignedUrl = "https://{$this->host}/{$sourceUrl}?{$optionsString}";
 
-		if ($this->key === null || $this->salt === null) {
+		if ($this->secret === null) {
 			return $unsignedUrl;
 		}
 
@@ -41,11 +40,14 @@ public function buildUrl(string $sourceUrl, ?Options $options = null): string
 	 */
 	protected function generateSignature(string $path): string
 	{
-		$keyBin = pack('H*', $this->key);
-		$saltBin = pack('H*', $this->salt);
+		// We always want to generate a signature for a path that exludes the signature param and value
+		$path = preg_replace('/&?signature=[^&]*/', '', $path);
 
-		$signature = hash_hmac('sha256', $saltBin . $path, $keyBin, true);
+		if ($path === null || $this->secret === null) {
+			return '';
+		}
 
+		$signature = hash_hmac('sha256', $path, $this->secret, true);
 		$signature = base64_encode($signature);
 		// Make it neat
 		$signature = str_replace(['+', '/', '='], '', $signature);

tests/Unit/UrlBuilderTest.php

@@ -231,13 +231,12 @@
 		'height' => 400,
 	]);
 
-	$key = '0123456789abcdef0123456789abcdef';
-	$salt = 'fedcba9876543210fedcba9876543210';
+	$secret = 'my-secret-value';
 
-	$builder = new UrlBuilder('https://images.example.com', $key, $salt);
+	$builder = new UrlBuilder('images.example.com', $secret);
 	$url = $builder->buildUrl('images/image.jpg', $options);
 
-	expect($url)->toBe('https://https://images.example.com/images/image.jpg?w=300&h=400&signature=X3DbGrEoMMGYE5xPsb0tOmEIdgvo3VbQfKFddxZwx2Q');
+	expect($url)->toBe('https://images.example.com/images/image.jpg?w=300&h=400&signature=S0b0bvBhc0kh2L6WRhcYGaRVT1LsuzWwONsdROoBk');
 });
 
 test('can generate complex signed URLs', function (): void {
@@ -247,11 +246,10 @@
 		->setQuality(80)
 		->setFormat('png');
 
-	$key = '0123456789abcdef0123456789abcdef';
-	$salt = 'fedcba9876543210fedcba9876543210';
+	$secret = 'my-secret-value';
 
-	$builder = new UrlBuilder('https://images.example.com', $key, $salt);
+	$builder = new UrlBuilder('images.example.com', $secret);
 	$url = $builder->buildUrl('images/image.jpg', $options);
 
-	expect($url)->toBe('https://https://images.example.com/images/image.jpg?border=5,ff0000,overlay&q=80&fm=png&signature=S0n8P4GVg2FErH3Yg3vVAC7XnRaLexs4UWfaa2r4');
+	expect($url)->toBe('https://images.example.com/images/image.jpg?border=5,ff0000,overlay&q=80&fm=png&signature=NBzER5uyLXXVZGFMAXWjthvfYWCVaj754FoMWujdaeI');
 });