/** * @param OpenIdCheckAuthenticationRequest $request * @param $macAlg * @param $secret * @param $claimed_sig * @return bool */ public static function verify(OpenIdCheckAuthenticationRequest $request, $macAlg, $secret, $claimed_sig) { $res = false; $signed = $request->getSigned(); $claimed_signed = explode(',', $signed); ksort($claimed_signed); $data = ''; foreach ($claimed_signed as $key) { $key_php = str_ireplace('.', '_', $key); $val = $request->getParam($key_php); $data .= $key . ':' . $val . "\n"; } $computed_sig = base64_encode(OpenIdCryptoHelper::computeHMAC($macAlg, $data, $secret)); if ($claimed_sig == $computed_sig) { $res = true; } return $res; }
protected function canHandle(OpenIdMessage $message) { $res = OpenIdCheckAuthenticationRequest::IsOpenIdCheckAuthenticationRequest($message); return $res; }