/**
* @test
*
* @uses \Lcobucci\JWT\Signature::__construct
* @uses \Lcobucci\JWT\Signature::__toString
*
* @covers \Lcobucci\JWT\Signature::verify
*/
public function verifyMustReturnWhatSignerSays()
{
$this->signer->expects($this->any())->method('verify')->willReturn(true);
$signature = new Signature('test');
self::assertTrue($signature->verify($this->signer, 'one', 'key'));
}
/**
* Create a signed Amazon CloudFront Cookie.
*
* @param string $url URL to sign (can include query string
* and wildcards). Not required
* when passing a custom $policy.
* @param string|integer|null $expires UTC Unix timestamp used when signing
* with a canned policy. Not required
* when passing a custom $policy.
* @param string $policy JSON policy. Use this option when
* creating a signed cookie for a custom
* policy.
*
* @return array The authenticated cookie parameters
* @throws \InvalidArgumentException if the URL provided is invalid
* @link http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-cookies.html
*/
public function getSignedCookie($url = null, $expires = null, $policy = null)
{
if ($url) {
$this->validateUrl($url);
}
$cookieParameters = [];
$signature = $this->signer->getSignature($url, $expires, $policy);
foreach ($signature as $key => $value) {
$cookieParameters["CloudFront-{$key}"] = $value;
}
return $cookieParameters;
}
/**
* @expectedException \AdamStipak\Webpay\PaymentResponseException
*/
public function testPaymentHasErrorInVerifyPaymentResponse()
{
$merchantNumber = 123456789;
$params = ['OPERATION' => 'operation', 'ORDERNUMBER' => 'ordernumber', 'MERORDERNUMBER' => 'merordernum', 'PRCODE' => 1, 'SRCODE' => 2, 'RESULTTEXT' => 'resulttext'];
$signer = new Signer(__DIR__ . '/keys/test_key.pem', 'changeit', __DIR__ . '/keys/test_cert.pem');
$digest = $signer->sign($params);
$params['MERCHANTNUMBER'] = $merchantNumber;
$digest1 = $signer->sign($params);
$response = new PaymentResponse($params['OPERATION'], $params['ORDERNUMBER'], $params['MERORDERNUMBER'], $params['PRCODE'], $params['SRCODE'], $params['RESULTTEXT'], $digest, $digest1);
$api = new Api($merchantNumber, 'http://foo.bar', $signer);
$api->verifyPaymentResponse($response);
}
/**
* @param PaymentResponse $response
* @throws Exception
* @throws PaymentResponseException
*/
public function verifyPaymentResponse(PaymentResponse $response)
{
// verify digest & digest1
try {
$responseParams = $response->getParams();
$this->signer->verify($responseParams, $response->getDigest());
$responseParams['MERCHANTNUMBER'] = $this->merchantNumber;
$this->signer->verify($responseParams, $response->getDigest1());
} catch (SignerException $e) {
throw new Exception($e->getMessage(), $e->getCode(), $e);
}
// verify PRCODE and SRCODE
if (false !== $response->hasError()) {
throw new PaymentResponseException($response->getParams()['prcode'], $response->getParams()['srcode'], "Response has an error.");
}
}
/**
* Authenticate the user by username and password and then by Messente's verification widget.
* @param type $username
* @param type $password
*/
function authenticate($username, $password)
{
// Primitive and unsecure authentication just for illustrating this example
if ($username == 'test' && $password == '1234') {
$request_params = array('user' => MESSENTE_API_USERNAME, 'version' => VERSION, 'callback_url' => CALLBACK_URL);
// Add phone number if it was submitted
if (isset($_POST['phone']) && !empty($_POST['phone'])) {
$request_params['phone'] = $_POST['phone'];
}
// Initialize signature calculation object
$signer = new Signer();
// Generate signature
$sig = $signer->generateSignature($request_params, MESSENTE_API_PASSWORD);
// Add signature to array
$request_params['sig'] = $sig;
// Redirect to Messente
verify($request_params);
} else {
goBack('Wrong credentials!');
}
}
<?php
// Get config
require_once 'config.php';
// Allowed request parameter keys
$allowed_keys = array('user', 'phone', 'version', 'callback_url', 'sig', 'status');
// Get the status parameter
$status = $_POST['status'];
// Check if there is something posted
if (isset($status) && $status == 'VERIFIED') {
require_once 'signer.php';
$signer = new Signer();
// Initialize parameters array
$params = array();
// Add all POST parameters to array for signature comparison
foreach ($_POST as $key => $value) {
if (in_array($key, $allowed_keys)) {
$params[$key] = $value;
}
}
// Validate the signature
if ($signer->verifySignatures($params, MESSENTE_API_PASSWORD)) {
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Success</title>
<meta charset="utf-8">
<style>
h2 {
/**
* Constructs a new instance of the <AuthV4Query> class.
*
* @param string $endpoint (Required) The endpoint to direct the request to.
* @param string $operation (Required) The operation to execute as a result of this request.
* @param array $payload (Required) The options to use as part of the payload in the request.
* @param CFCredential $credentials (Required) The credentials to use for signing and making requests.
* @return void
*/
public function __construct($endpoint, $operation, $payload, CFCredential $credentials)
{
parent::__construct($endpoint, $operation, $payload, $credentials);
}
/**
* Verifies if the current hash matches with with the result of the creation of
* a new signature with given data
*
* @param Signer $signer
* @param string $payload
* @param string $key
*
* @return boolean
*/
public function verify(Signer $signer, $payload, $key)
{
return $signer->verify($this->hash, $payload, $key);
}
/**
* Verifies if the current hash matches with with the result of the creation of
* a new signature with given data
*
* @param Signer $signer
* @param string $payload
* @param Key|string $key
*
* @return bool
*/
public function verify(Signer $signer, string $payload, $key) : bool
{
return $signer->verify($this->hash, $payload, $key);
}
/**
* @expectedException \AdamStipak\Webpay\SignerException
*/
public function testVerifyWithInvalidDigest()
{
$params = array('param1' => 'foo', 'param2' => 'bar');
$signer = new Signer(__DIR__ . '/keys/test_key.pem', 'changeit', __DIR__ . '/keys/test_cert.pem');
$signer->verify($params, 'invalid-digest');
}
/**
* @depends testSignBC
* @param string $seededSignatureFileKey Signature produced with a file key
*/
public function testStringKey($seededSignatureFileKey)
{
$key = file_get_contents(__DIR__ . self::KEY_FILE_NAME);
$signer = new Signer(self::WMID, $key, self::KEY_PASSWORD);
// Seed the random generator with 0 to get a predictable signature
mt_srand(0);
$seededSignatureStringKey = $signer->sign(self::TEST_STRING);
$this->assertEquals($seededSignatureFileKey, $seededSignatureStringKey);
}
