private function AuthenticateREST($request) { if (!$request['Signature']) { throw new Exception("Signature is missing"); } if (!$request['KeyID']) { throw new Exception("KeyID is missing"); } if (!$request['Timestamp'] && !$request['TimeStamp']) { throw new Exception("Timestamp is missing"); } ksort($request); $string_to_sign = ""; foreach ($request as $k => $v) { if (!in_array($k, array("Signature"))) { if (is_array($v)) { foreach ($v as $kk => $vv) { $string_to_sign .= "{$k}[{$kk}]{$vv}"; } } else { $string_to_sign .= "{$k}{$v}"; } } } $this->debug['stringToSign'] = $string_to_sign; $this->user = Scalr_Account_User::init()->loadByApiAccessKey($request['KeyID']); if (!$this->user) { throw new Exception("API Key #{$request['KeyID']} not found in database"); } $auth_key = $this->user->getSetting(Scalr_Account_User::SETTING_API_SECRET_KEY); if ($this->user->getAccountId()) { if (!$request['EnvID']) { $envs = $this->user->getEnvironments(); if (!$envs[0]['id']) { throw new Exception("User has no access to any environemnts"); } $this->Environment = Scalr_Environment::init()->loadById($envs[0]['id']); } else { $this->Environment = Scalr_Environment::init()->loadById($request['EnvID']); } $this->user->getPermissions()->setEnvironmentId($this->Environment->id)->validate($this->Environment); //We must set environment to DI Container. $this->getContainer()->environment = $this->Environment; } $valid_sign = base64_encode(hash_hmac(self::HASH_ALGO, trim($string_to_sign), $auth_key, 1)); if ($valid_sign != $request['Signature']) { throw new Exception("Signature doesn't match"); } }