/** * Checks whether the policy and sig * @param ApiUser $user * @return bool * @throws EApiError */ public function isSignatureMatched($user) { $requestArray = Yii::app()->getController()->getJsonInputAsArray(); if (empty($requestArray)) { throw new EApiError(HHttp::ERROR_BADREQUEST, HHttp::getErrorMessage(HHttp::ERROR_BADREQUEST)); } $signature = ArrayX::pop($requestArray, 'signature'); $expires = ArrayX::pop($requestArray, 'expiration'); if (!$signature || !$expires) { throw new EApiError(HHttp::ERROR_BADREQUEST, HHttp::getErrorMessage(HHttp::ERROR_BADREQUEST)); } // check time if (strtotime($expires) < time()) { throw new EApiError(HHttp::ERROR_INTERNAL_504, HHttp::getErrorMessage(HHttp::ERROR_INTERNAL_504)); } // set back the expiration time to recreate the policy and make a handshake $requestArray['ttd'] = $expires; $requestData = new RequestData($requestArray); $requestData->prepareData($user->api_secret); // use secret to create signature return strcmp($requestData->getSignature(), $signature) === 0; }