# `Image.Components.Signing.ImageKit`
[🔗](https://github.com/elixir-image/image_components/blob/v0.1.1/lib/image/components/signing/imagekit.ex#L1)

ImageKit-flavoured client-side URL signing.

Wire-format-compatible with `Image.Plug.Provider.ImageKit.Signing`
on the server side and with ImageKit's hosted signed URLs.
Sign-only — verification happens at the back-end.

HMAC-SHA1 over the path-and-query (`ik-s` excluded). Signature
appended as `?ik-s=<hex>` (or `&ik-s=<hex>` if a query is already
present).

# `sign`

```elixir
@spec sign(String.t(), [String.t(), ...], keyword()) :: String.t()
```

Signs `path_with_query` with the first key in `keys`.

### Arguments

* `path_with_query` is the ImageKit request path, optionally
  with an existing query string.

* `keys` is a non-empty list of ImageKit private API keys.

### Options

* `:expires_at` — `DateTime` or unix-seconds. Adds an
  `ik-t=<unix>` parameter; the back-end's verifier rejects
  after that time.

### Returns

* The path with `?ik-s=<hex>` (and optional `?ik-t=…`) appended.

### Examples

    iex> Image.Components.Signing.ImageKit.sign("/demo/tr:w-200/cat.jpg", ["k"])
    ...> |> String.contains?("?ik-s=")
    true

---

*Consult [api-reference.md](api-reference.md) for complete listing*