/** * @test * * @uses \Lcobucci\JWT\Signature::__construct * @uses \Lcobucci\JWT\Signature::__toString * * @covers \Lcobucci\JWT\Signature::verify */ public function verifyMustReturnWhatSignerSays() { $this->signer->expects($this->any())->method('verify')->willReturn(true); $signature = new Signature('test'); self::assertTrue($signature->verify($this->signer, 'one', 'key')); }
/** * Create a signed Amazon CloudFront Cookie. * * @param string $url URL to sign (can include query string * and wildcards). Not required * when passing a custom $policy. * @param string|integer|null $expires UTC Unix timestamp used when signing * with a canned policy. Not required * when passing a custom $policy. * @param string $policy JSON policy. Use this option when * creating a signed cookie for a custom * policy. * * @return array The authenticated cookie parameters * @throws \InvalidArgumentException if the URL provided is invalid * @link http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-cookies.html */ public function getSignedCookie($url = null, $expires = null, $policy = null) { if ($url) { $this->validateUrl($url); } $cookieParameters = []; $signature = $this->signer->getSignature($url, $expires, $policy); foreach ($signature as $key => $value) { $cookieParameters["CloudFront-{$key}"] = $value; } return $cookieParameters; }
/** * @expectedException \AdamStipak\Webpay\PaymentResponseException */ public function testPaymentHasErrorInVerifyPaymentResponse() { $merchantNumber = 123456789; $params = ['OPERATION' => 'operation', 'ORDERNUMBER' => 'ordernumber', 'MERORDERNUMBER' => 'merordernum', 'PRCODE' => 1, 'SRCODE' => 2, 'RESULTTEXT' => 'resulttext']; $signer = new Signer(__DIR__ . '/keys/test_key.pem', 'changeit', __DIR__ . '/keys/test_cert.pem'); $digest = $signer->sign($params); $params['MERCHANTNUMBER'] = $merchantNumber; $digest1 = $signer->sign($params); $response = new PaymentResponse($params['OPERATION'], $params['ORDERNUMBER'], $params['MERORDERNUMBER'], $params['PRCODE'], $params['SRCODE'], $params['RESULTTEXT'], $digest, $digest1); $api = new Api($merchantNumber, 'http://foo.bar', $signer); $api->verifyPaymentResponse($response); }
/** * @param PaymentResponse $response * @throws Exception * @throws PaymentResponseException */ public function verifyPaymentResponse(PaymentResponse $response) { // verify digest & digest1 try { $responseParams = $response->getParams(); $this->signer->verify($responseParams, $response->getDigest()); $responseParams['MERCHANTNUMBER'] = $this->merchantNumber; $this->signer->verify($responseParams, $response->getDigest1()); } catch (SignerException $e) { throw new Exception($e->getMessage(), $e->getCode(), $e); } // verify PRCODE and SRCODE if (false !== $response->hasError()) { throw new PaymentResponseException($response->getParams()['prcode'], $response->getParams()['srcode'], "Response has an error."); } }
/** * Authenticate the user by username and password and then by Messente's verification widget. * @param type $username * @param type $password */ function authenticate($username, $password) { // Primitive and unsecure authentication just for illustrating this example if ($username == 'test' && $password == '1234') { $request_params = array('user' => MESSENTE_API_USERNAME, 'version' => VERSION, 'callback_url' => CALLBACK_URL); // Add phone number if it was submitted if (isset($_POST['phone']) && !empty($_POST['phone'])) { $request_params['phone'] = $_POST['phone']; } // Initialize signature calculation object $signer = new Signer(); // Generate signature $sig = $signer->generateSignature($request_params, MESSENTE_API_PASSWORD); // Add signature to array $request_params['sig'] = $sig; // Redirect to Messente verify($request_params); } else { goBack('Wrong credentials!'); } }
<?php // Get config require_once 'config.php'; // Allowed request parameter keys $allowed_keys = array('user', 'phone', 'version', 'callback_url', 'sig', 'status'); // Get the status parameter $status = $_POST['status']; // Check if there is something posted if (isset($status) && $status == 'VERIFIED') { require_once 'signer.php'; $signer = new Signer(); // Initialize parameters array $params = array(); // Add all POST parameters to array for signature comparison foreach ($_POST as $key => $value) { if (in_array($key, $allowed_keys)) { $params[$key] = $value; } } // Validate the signature if ($signer->verifySignatures($params, MESSENTE_API_PASSWORD)) { ?> <!DOCTYPE html> <html lang="en"> <head> <title>Success</title> <meta charset="utf-8"> <style> h2 {
/** * Constructs a new instance of the <AuthV4Query> class. * * @param string $endpoint (Required) The endpoint to direct the request to. * @param string $operation (Required) The operation to execute as a result of this request. * @param array $payload (Required) The options to use as part of the payload in the request. * @param CFCredential $credentials (Required) The credentials to use for signing and making requests. * @return void */ public function __construct($endpoint, $operation, $payload, CFCredential $credentials) { parent::__construct($endpoint, $operation, $payload, $credentials); }
/** * Verifies if the current hash matches with with the result of the creation of * a new signature with given data * * @param Signer $signer * @param string $payload * @param string $key * * @return boolean */ public function verify(Signer $signer, $payload, $key) { return $signer->verify($this->hash, $payload, $key); }
/** * Verifies if the current hash matches with with the result of the creation of * a new signature with given data * * @param Signer $signer * @param string $payload * @param Key|string $key * * @return bool */ public function verify(Signer $signer, string $payload, $key) : bool { return $signer->verify($this->hash, $payload, $key); }
/** * @expectedException \AdamStipak\Webpay\SignerException */ public function testVerifyWithInvalidDigest() { $params = array('param1' => 'foo', 'param2' => 'bar'); $signer = new Signer(__DIR__ . '/keys/test_key.pem', 'changeit', __DIR__ . '/keys/test_cert.pem'); $signer->verify($params, 'invalid-digest'); }
/** * @depends testSignBC * @param string $seededSignatureFileKey Signature produced with a file key */ public function testStringKey($seededSignatureFileKey) { $key = file_get_contents(__DIR__ . self::KEY_FILE_NAME); $signer = new Signer(self::WMID, $key, self::KEY_PASSWORD); // Seed the random generator with 0 to get a predictable signature mt_srand(0); $seededSignatureStringKey = $signer->sign(self::TEST_STRING); $this->assertEquals($seededSignatureFileKey, $seededSignatureStringKey); }