public function authenticate(TokenInterface $token) { try { $signedRequest = new SignedRequest($token->requestMethod, $token->requestHost, $token->requestPathInfo, $token->requestContent, $token->signatureTime); $signedRequest->authenticateSignature($token->signature, $this->signatureConfig, $this->replayProtection); return new SignatureValidToken($token->signature, $token->signatureTime); } catch (InvalidSignatureException $e) { throw new AuthenticationException('Invalid signature', null, $e); } catch (ExpiredSignatureException $e) { throw new NonceExpiredException($e->getMessage(), null, $e); } }
private function buildSignature($url, $timestamp) { $signedRequest = new SignedRequest('GET', 'security-bundle.vlr.localtest', $url, '', $timestamp); return $signedRequest->buildSignature($this->signatureConfig); }
public function test_signature_generated_with_replay_protection_should_not_be_the_same_without() { $this->given($mockSignatureConfig = new \mock\Rezzza\SecurityBundle\Security\Firewall\SignatureConfig(false, 'sha1', 's3cr3t'), $mockReplayProtection = new \mock\Rezzza\SecurityBundle\Security\Firewall\ReplayProtection(true, 100), $mockReplayProtection->getMockController()->accept = true, $sut = new SUT('GET', 'localhost', '/url', 'content', 123))->exception(function () use($sut, $mockSignatureConfig, $mockReplayProtection) { $sut->authenticateSignature('68a9f810beed3c8bbbf98096a60d36ade5f81d42', $mockSignatureConfig, $mockReplayProtection); })->isInstanceOf('Rezzza\\SecurityBundle\\Security\\Firewall\\InvalidSignatureException'); }