public function buildSignature(Request $request, Consumer $consumer)
{
$base_string = $request->getSignatureBaseString();
$request->baseString = $base_string;
$key_parts = array($consumer->secret);
$key_parts = Util::urlEncodeRfc3986($key_parts);
$key = implode('&', $key_parts);
$result = base64_encode(hash_hmac('sha1', $base_string, $key, true));
return $result;
}
public function checkSignature(Request $request, Consumer $consumer, $signature)
{
$decoded_sig = base64_decode($signature);
$base_string = $request->getSignatureBaseString();
// Fetch the public key cert based on the request
$cert = $this->_fetchPublicCert($request);
// Pull the public key ID from the certificate
$publicKey = openssl_get_publickey($cert);
// Check the computed signature against the one passed in the query
$ok = openssl_verify($base_string, $decoded_sig, $publicKey);
// Release the key resource
openssl_free_key($publicKey);
return $ok == 1;
}
