/** * Handle an incoming request. * * @param Request $request * @param Closure $next * * @return mixed */ public function handle($request, Closure $next) { $validationResult = Spec::define(['content-hash' => PrimitiveTypeConstraint::forType(ScalarTypes::SCALAR_STRING), 'authorization' => PrimitiveTypeConstraint::forType(ScalarTypes::SCALAR_STRING)], [], ['content-hash', 'authorization'])->check(array_map(function ($entry) { return $entry[0]; }, $request->headers->all())); if ($validationResult->failed()) { return ApiResponse::makeFromSpec($validationResult)->toResponse(); } $authorization = str_replace('Hash ', '', $request->headers->get('Authorization')); $content = $request->getContent(); try { $pair = $this->finder->byPublicId($authorization, KeyPairTypes::TYPE_HMAC); $hasher = new HmacHasher(); $verificationResult = $hasher->verify($request->headers->get('Content-Hash'), $content . Carbon::now()->format($this->format), $pair->getSecretKey()); if ($verificationResult) { $request->attributes->set(static::ATTRIBUTE_KEYPAIR, $pair); return $next($request); } return ApiResponse::create([], ApiResponse::STATUS_INVALID, ['HMAC content hash does not match the expected hash.'])->toResponse(); } catch (ModelNotFoundException $ex) { if ($ex->getModel() === KeyPair::class) { return ApiResponse::create([], ApiResponse::STATUS_INVALID, ['Unable to locate public ID. Check your credentials'])->toResponse(); } throw $ex; } }
public function testVerify() { $hasher = new HmacHasher(); $private = Str::random(256); $private2 = Str::random(256); $hash1 = $hasher->hash('this is a test', $private); $hash2 = $hasher->hash('another test', $private2); $this->assertEqualsMatrix([[true, $hasher->verify($hash1, 'this is a test', $private)], [false, $hasher->verify($hash1, 'this is a test', $private2)], [false, $hasher->verify($hash2, 'this is a test', $private)], [false, $hasher->verify($hash1, 'th1s 1s 4 t3st', $private)], [false, $hasher->verify($hash2, 'another test', $private)], [true, $hasher->verify($hash2, 'another test', $private2)]]); }