/**
  *
  * Verify integrity of a request (+ authorization)
  *
  *
  */
 public final function verifyRequest($keys)
 {
     $error = true;
     $error_message = 'Unauthorized';
     $public_key = $this->request->headers->get('x-FLI-Key');
     $hmac = $this->request->headers->get('x-FLI-Hmac');
     $date = $this->request->headers->get('x-FLI-Date');
     if ($this->forceAuthentication) {
         if ($public_key && $hmac && $this->isValidTimeStamp($date)) {
             //check if request is too old, no need to continue
             //args fournis
             if (abs(time() - $date) > $this->RequestTTL) {
                 $error_message = 'Request too old';
                 $this->response->headers->set('x-FLI-authorized', '0');
             } else {
                 if (isset($keys[$public_key])) {
                     //on a trouvé le script appelant
                     // $url = $this->request->url->get();
                     $url = "http://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}";
                     //nouvelle version de calcul de l'url
                     //on reconstruit le hmac
                     $string = strtoupper($this->rest->getVerb()) . "\n" . $url . "\n" . $date . "\n" . $keys[$public_key]['private_key'];
                     $hashed_string = $this->FLIhash($string);
                     if ($hashed_string == $hmac) {
                         //ok, proceed
                         $error = false;
                         $this->response->headers->set('x-FLI-authorized', '1');
                     } else {
                         $error_message = 'Authentication failed';
                         $this->response->headers->set('x-FLI-authorized', '0');
                     }
                 }
             }
         } else {
             $error_message = 'Missing authentication headers';
             $this->response->headers->set('x-FLI-authorized', '0');
             //envoi de mail d'erreur aux admins
             $data = print_r($_SERVER, true);
             mail('*****@*****.**', "Erreur d'appel API", "Erreur d'authentification lors de l'appel a l'API " . strtolower((new \ReflectionClass($this))->getNamespaceName()) . "<br /><br />\$_SERVER :<br />" . nl2br($data), "MIME-Version: 1.0\r\nContent-type: text/html;\r\nFrom: alertes@flinteractive.fr\r\n", '-f alertes@flinteractive.fr');
         }
         if ($error) {
             header('HTTP/1.1 401 Unauthorized', true, 401);
             // send non-cookie headers
             foreach ($this->response->headers->get() as $label => $value) {
                 header("{$label}: {$value}");
             }
             // send cookies
             foreach ($this->response->cookies->get() as $name => $cookie) {
                 setcookie($name, $cookie['value'], $cookie['expire'], $cookie['path'], $cookie['domain'], $cookie['secure'], $cookie['httponly']);
             }
             // send content
             echo json_encode($error_message);
             die;
         }
     } else {
         $this->response->headers->set('x-FLI-authorized', '0');
         if ($public_key && $hmac && $this->isValidTimeStamp($date) && isset($keys[$public_key]) && isset($keys[$public_key]['private_key'])) {
             $url = "http://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}";
             //nouvelle version de calcul de l'url
             $string = strtoupper($this->rest->getVerb()) . "\n" . $url . "\n" . $date . "\n" . $keys[$public_key]['private_key'];
             $hashed_string = $this->FLIhash($string);
             if ($hashed_string == $hmac) {
                 $this->response->headers->set('x-FLI-authorized', '1');
             }
         }
     }
 }