/**
* @param WebhookRequest $webhookRequest
*
* @throws InvalidSignatureException
*/
public function authenticateSignature(WebhookRequest $webhookRequest)
{
$headers = $webhookRequest->getHeaders();
if (!array_key_exists('authorization', $headers)) {
throw new InvalidSignatureException('"Authorization" header not found in Xsolla webhook request');
}
$matches = array();
preg_match('~^Signature ([0-9a-f]{40})$~', $headers['authorization'], $matches);
if (array_key_exists(1, $matches)) {
$clientSignature = $matches[1];
} else {
throw new InvalidSignatureException('Signature not found in "Authorization" header from Xsolla webhook request: ' . $headers['authorization']);
}
$serverSignature = sha1($webhookRequest->getBody() . $this->projectSecretKey);
if ($clientSignature !== $serverSignature) {
throw new InvalidSignatureException("Invalid Signature. Signature provided in \"Authorization\" header ({$clientSignature}) does not match with expected");
}
}
/**
* @param WebhookRequest $webhookRequest
* @param bool $authenticateClientIp
*
* @return Response
*/
public function getSymfonyResponse(WebhookRequest $webhookRequest = null, $authenticateClientIp = true)
{
try {
if (!$webhookRequest) {
$webhookRequest = WebhookRequest::fromGlobals();
}
$this->webhookAuthenticator->authenticate($webhookRequest, $authenticateClientIp);
$message = Message::fromArray($webhookRequest->toArray());
call_user_func($this->webhookCallback, $message);
$webhookResponse = new WebhookResponse();
return $webhookResponse->getSymfonyResponse();
} catch (\Exception $e) {
return WebhookResponse::fromException($e)->getSymfonyResponse();
}
}