add signedUrl method

Author: laserhybiz

src/Illuminate/Contracts/Routing/UrlGenerator.php

@@ -72,6 +72,17 @@ public function route($name, $parameters = [], $absolute = true);
      */
     public function signedRoute($name, $parameters = [], $expiration = null, $absolute = true);
 
+    /**
+     * Create a signed URL for a raw url.
+     *
+     * @param  string  $url
+     * @param  \DateTimeInterface|\DateInterval|int|null  $expiration
+     * @return string
+     *
+     * @throws \InvalidArgumentException
+     */
+    public function signedUrl($url, $expiration = null);
+
     /**
      * Create a temporary signed route URL for a named route.
      *

src/Illuminate/Routing/UrlGenerator.php

@@ -13,6 +13,7 @@
 use Illuminate\Support\InteractsWithTime;
 use Illuminate\Support\Str;
 use Illuminate\Support\Traits\Macroable;
+use Illuminate\Support\Uri;
 use InvalidArgumentException;
 use Symfony\Component\Routing\Exception\RouteNotFoundException;
 
@@ -378,6 +379,40 @@ public function signedRoute($name, $parameters = [], $expiration = null, $absolu
         ], $absolute);
     }
 
+    /**
+     * Create a signed URL for a raw url.
+     *
+     * @param  string  $url
+     * @param  \DateTimeInterface|\DateInterval|int|null  $expiration
+     * @return string
+     *
+     * @throws \InvalidArgumentException
+     */
+    public function signedUrl($url, $expiration = null)
+    {
+        $uri = Uri::of($url);
+
+        $parameters = $uri->query()->all();
+
+        $this->ensureSignedRouteParametersAreNotReserved($parameters);
+
+        if ($expiration) {
+            $parameters = $parameters + ['expires' => $this->availableAt($expiration)];
+        }
+
+        ksort($parameters);
+
+        $key = call_user_func($this->keyResolver);
+
+        return $uri->replaceQuery($parameters + [
+            'signature' => hash_hmac(
+                'sha256',
+                $uri->replaceQuery($parameters),
+                is_array($key) ? $key[0] : $key
+            ),
+        ])->value();
+    }
+
     /**
      * Ensure the given signed route parameters are not reserved.
      *

tests/Routing/RoutingUrlGeneratorTest.php

@@ -9,6 +9,7 @@
 use Illuminate\Routing\Route;
 use Illuminate\Routing\RouteCollection;
 use Illuminate\Routing\UrlGenerator;
+use Illuminate\Support\Carbon;
 use InvalidArgumentException;
 use PHPUnit\Framework\Attributes\DataProvider;
 use PHPUnit\Framework\TestCase;
@@ -938,6 +939,99 @@ public function testSignedUrlWithKeyResolver()
         $this->assertTrue($url3->hasValidSignature($secondRequest));
     }
 
+    public function testSignedUrlWithRawUrl()
+    {
+        $url = new UrlGenerator(
+            new RouteCollection,
+            Request::create('http://www.foo.com/')
+        );
+        $url->setKeyResolver(function () {
+            return 'secret';
+        });
+
+        $signedUrl = $url->signedUrl('http://www.foo.com/test');
+        $this->assertStringContainsString('signature=', $signedUrl);
+
+        $request = Request::create($signedUrl);
+        $this->assertTrue($url->hasValidSignature($request));
+
+        $request = Request::create($signedUrl.'&tampered=true');
+        $this->assertFalse($url->hasValidSignature($request));
+    }
+
+    public function testSignedUrlWithExistingQueryParameters()
+    {
+        $url = new UrlGenerator(
+            new RouteCollection,
+            Request::create('http://www.foo.com/')
+        );
+        $url->setKeyResolver(function () {
+            return 'secret';
+        });
+
+        $signedUrl = $url->signedUrl('http://www.foo.com/test?param1=value1&param2=value2');
+        $this->assertStringContainsString('signature=', $signedUrl);
+        $this->assertStringContainsString('param1=value1', $signedUrl);
+        $this->assertStringContainsString('param2=value2', $signedUrl);
+
+        $request = Request::create($signedUrl);
+        $this->assertTrue($url->hasValidSignature($request));
+    }
+
+    public function testSignedUrlWithExpiration()
+    {
+        $url = new UrlGenerator(
+            new RouteCollection,
+            Request::create('http://www.foo.com/')
+        );
+        $url->setKeyResolver(function () {
+            return 'secret';
+        });
+
+        Carbon::setTestNow(Carbon::create(2025, 1, 1));
+        $signedUrl = $url->signedUrl('http://www.foo.com/test', now()->addMinutes(5));
+        $this->assertStringContainsString('signature=', $signedUrl);
+        $this->assertStringContainsString('expires=', $signedUrl);
+
+        $request = Request::create($signedUrl);
+        $this->assertTrue($url->hasValidSignature($request));
+
+        Carbon::setTestNow(Carbon::create(2025, 1, 1)->addMinutes(10));
+        $this->assertFalse($url->hasValidSignature($request));
+    }
+
+    public function testSignedUrlWithReservedSignatureParameter()
+    {
+        $url = new UrlGenerator(
+            new RouteCollection,
+            Request::create('http://www.foo.com/')
+        );
+        $url->setKeyResolver(function () {
+            return 'secret';
+        });
+
+        $this->expectException(InvalidArgumentException::class);
+        $this->expectExceptionMessage('reserved');
+
+        $url->signedUrl('http://www.foo.com/test?signature=tampered');
+    }
+
+    public function testSignedUrlWithReservedExpiresParameter()
+    {
+        $url = new UrlGenerator(
+            new RouteCollection,
+            Request::create('http://www.foo.com/')
+        );
+        $url->setKeyResolver(function () {
+            return 'secret';
+        });
+
+        $this->expectException(InvalidArgumentException::class);
+        $this->expectExceptionMessage('reserved');
+
+        $url->signedUrl('http://www.foo.com/test?expires=123456', now()->addMinutes(5));
+    }
+
     public function testMissingNamedRouteResolution()
     {
         $url = new UrlGenerator(