/** * {@inheritDoc} */ public function signResponse(ResponseInterface $response) { $authHeader = AuthorizationHeader::createFromRequest($this->request); $parts = [$authHeader->getNonce(), $this->request->getHeaderLine('X-Authorization-Timestamp'), (string) $response->getBody()]; $message = implode("\n", $parts); $signature = $this->digest->sign($message, $this->key->getSecret()); /** @var \Psr\Http\Message\ResponseInterface $response */ $response = $response->withHeader('X-Server-Authorization-HMAC-SHA256', $signature); return $response; }
/** * Generate a signature from the request. * * @throws \Acquia\Hmac\Exception\MalformedRequestException * When a required header is missing. * * @return string * The generated signature. */ protected function generateSignature() { if (!$this->request->hasHeader('X-Authorization-Timestamp')) { throw new MalformedRequestException('X-Authorization-Timestamp header missing from request.', null, 0, $this->request); } $parts = [strtoupper($this->request->getMethod()), $this->request->getUri()->getHost(), $this->request->getUri()->getPath(), $this->request->getUri()->getQuery(), $this->serializeAuthorizationParameters()]; $parts = array_merge($parts, $this->normalizeCustomHeaders()); $parts[] = $this->request->getHeaderLine('X-Authorization-Timestamp'); $body = (string) $this->request->getBody(); if (strlen($body)) { if ($this->request->hasHeader('Content-Type')) { $parts[] = $this->request->getHeaderLine('Content-Type'); } $parts[] = $this->digest->hash((string) $body); } return $this->digest->sign(implode("\n", $parts), $this->key->getSecret()); }