Calculates a base-64 encoded, URL-safe sha-256 hmac.
string $data: String to be validated with the hmac.
string $key: A secret string key.
string A base-64 encoded sha-256 hmac, with + replaced with -, / with _ and any = padding characters removed.
public static function hmacBase64($data, $key) {
$hmac = base64_encode(hash_hmac('sha256', $data, $key, TRUE));
// Modify the hmac so it's safe to use in URLs.
return strtr($hmac, array(
'+' => '-',
'/' => '_',
'=' => '',
));
}