23 lines
915 B
PHP
23 lines
915 B
PHP
<?php
|
|
namespace Incoviba\Service;
|
|
|
|
use Incoviba\Common\Ideal;
|
|
|
|
class HMAC extends Ideal\Service
|
|
{
|
|
public function validate(string $timestamp, string $requestSignature, string $requestId, string $secret): bool
|
|
{
|
|
$message = "{$timestamp}.{$requestId}";
|
|
$encodedSecret = mb_convert_encoding($secret, 'UTF-8');
|
|
$encodedMessage = mb_convert_encoding($message, 'UTF-8');
|
|
$hmacObject = hash_hmac('sha256', $encodedMessage, $encodedSecret);
|
|
$computedSignature = base64_encode($hmacObject);
|
|
$this->logger->info('Validating HMAC', [
|
|
'requestSignature' => $requestSignature,
|
|
'computedSignature' => $hmacObject,
|
|
'compare1' => hash_equals($hmacObject, $requestSignature),
|
|
'compare2' => hash_equals($computedSignature, $requestSignature),
|
|
]);
|
|
return hash_equals($computedSignature, $requestSignature);
|
|
}
|
|
} |