public function buildSignature(Request $request, Consumer $consumer) { $base_string = $request->getSignatureBaseString(); $request->baseString = $base_string; $key_parts = array($consumer->secret); $key_parts = Util::urlEncodeRfc3986($key_parts); $key = implode('&', $key_parts); $result = base64_encode(hash_hmac('sha1', $base_string, $key, true)); return $result; }
public function checkSignature(Request $request, Consumer $consumer, $signature) { $decoded_sig = base64_decode($signature); $base_string = $request->getSignatureBaseString(); // Fetch the public key cert based on the request $cert = $this->_fetchPublicCert($request); // Pull the public key ID from the certificate $publicKey = openssl_get_publickey($cert); // Check the computed signature against the one passed in the query $ok = openssl_verify($base_string, $decoded_sig, $publicKey); // Release the key resource openssl_free_key($publicKey); return $ok == 1; }