/** * This function will do two things. Firstly it verifies that a HMAC signature * hasn't been seen before, and secondly it will add the given hmac to the cache. * * @param string $hmac The hmac string. * * @return bool True if replay detected, false if not. * @access private */ function cache_hmac_check_replay($hmac) { // cache lifetime is 25 hours (this should be related to the time drift // allowed in get_and_validate_headers $cache = new ElggHMACCache(90000); if (!$cache->load($hmac)) { $cache->save($hmac, $hmac); return false; } return true; }
/** * This function will do two things. Firstly it verifys that a $hmac hasn't been seen before, and * secondly it will add the given hmac to the cache. * * @param $hmac The hmac string. * @return bool True if replay detected, false if not. */ function cache_hmac_check_replay($hmac) { $cache = new ElggHMACCache(90000); // cache lifetime is 25 hours (see time window in get_and_validate_api_headers() ) if (!$cache->load($hmac)) { $cache->save($hmac, $hmac); return false; } return true; }