/**
* Returns whether this response is valid.
*
* @param SignatureComposer $composer
* @return bool
*/
public function isValid(SignatureComposer $composer)
{
// Constant Time String Comparison @see http://php.net/hash_equals
if (!function_exists('hash_equals')) {
// Polyfill for PHP < 5.6
return Security::hashEquals($composer->compose($this->parameters), $this->signature);
} else {
return hash_equals($composer->compose($this->parameters), $this->signature);
}
}
/**
* From PHP 5.6
*
* @ref https://php.net/hash_equals
*
* @param string $a
* @param string $b
*
* @return boolean
*/
function hash_equals($known_string, $user_string)
{
return Future\Security::hashEquals($known_string, $user_string);
}
