/** * Is signature valid? * * @param RequestInterface $request Request * @param CredentialsInterface $credentials Credentials * @throws DriftExceededException If timestamp greater than or less than allowable drift * @throws SignatureMissingException If signature is missing from request * @throws TimestampMissingException If timestamp is missing from request * @return boolean */ public function isValid(RequestInterface $request, CredentialsInterface $credentials) { $params = $request->getParams(); $this->isSignaturePresent($params); $this->isTimestampPresent($params); $this->isDriftExceeded($params); return $params['signature'] === $this->signature->createSignature($request, $credentials); }
/** * Creates signature * * {@inheritDoc} */ public function createSignature(RequestInterface $request, CredentialsInterface $credentials) { $data = $request->getMethod() . "\n" . $request->getHost() . "\n" . $this->getAbsolutePath($request->getPath()) . "\n" . $this->normalizeParameters($request->getParams()); return \base64_encode(\hash_hmac('sha256', $data, $credentials->getSecret(), true)); }