/**
  * Is signature valid?
  *
  * @param  RequestInterface          $request     Request
  * @param  CredentialsInterface      $credentials Credentials
  * @throws DriftExceededException    If timestamp greater than or less than allowable drift
  * @throws SignatureMissingException If signature is missing from request
  * @throws TimestampMissingException If timestamp is missing from request
  * @return boolean
  */
 public function isValid(RequestInterface $request, CredentialsInterface $credentials)
 {
     $params = $request->getParams();
     $this->isSignaturePresent($params);
     $this->isTimestampPresent($params);
     $this->isDriftExceeded($params);
     return $params['signature'] === $this->signature->createSignature($request, $credentials);
 }
 public function testMissingTimestampThrowsException()
 {
     $this->setExpectedException('QueryAuth\\Exception\\TimestampMissingException', 'Request must contain a timestamp.');
     $this->request->expects($this->once())->method('getParams')->willReturn(['signature' => 12345]);
     $this->requestValidator->isValid($this->request, $this->credentials);
 }
Beispiel #3
0
 /**
  * Creates signature
  *
  * {@inheritDoc}
  */
 public function createSignature(RequestInterface $request, CredentialsInterface $credentials)
 {
     $data = $request->getMethod() . "\n" . $request->getHost() . "\n" . $this->getAbsolutePath($request->getPath()) . "\n" . $this->normalizeParameters($request->getParams());
     return \base64_encode(\hash_hmac('sha256', $data, $credentials->getSecret(), true));
 }