/**
* Determine if the url has a forged signature.
*
* @param \League\Url\UrlImmutable $url
*
* @return bool
*/
protected function hasValidSignature(UrlImmutable $url)
{
$query = $url->getQuery();
$expiration = $query[$this->expiresParameter];
$providedSignature = $query[$this->signatureParameter];
$intendedUrl = $this->getIntendedUrl($url);
$validSignature = $this->createSignature($intendedUrl, $expiration);
return $providedSignature === $validSignature;
}
