ResponseAuthenticator::isAuthentic() - Code Metrics - acquia/http-hmac-php - Measure and Improve Code Quality continuously with Scrutinizer

ResponseAuthenticator::isAuthentic() A
last analyzed 2025-05-22 22:11 UTC

↳ Parent: ResponseAuthenticator

Complexity

Conditions	2
Paths	2

Size

Total Lines	20
Code Lines	11

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	13
CRAP Score	2

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	2
eloc	11
nc	2
nop	1
dl	0
loc	20
ccs	13
cts	13
cp	1
crap	2
rs	9.9
c	1
b	0
f	0

<?php

namespace Acquia\Hmac;

use Acquia\Hmac\Exception\MalformedResponseException;
use Psr\Http\Message\RequestInterface;
use Psr\Http\Message\ResponseInterface;

/**
 *
 */
class ResponseAuthenticator
{
    /**
     * @var \Psr\Http\Message\RequestInterface $request
     *   The signed request.
     */
    protected $request;

    /**
     * @param \Acquia\Hmac\KeyInterface $key
     *   The key with which the request was signed.
     */
    protected $key;

    /**
     * Initializes the response authenticator with a request and auth key.
     *
     * @param \Psr\Http\Message\RequestInterface $request
     *   The signed request.
     * @param \Acquia\Hmac\KeyInterface $key
     *   The key with which the request was signed.
     */
    public function __construct(RequestInterface $request, KeyInterface $key)
    {
        $this->request = $request;
        $this->key = $key;
    }

    /**
     * {@inheritDoc}
     */
    public function isAuthentic(ResponseInterface $response)
    {
        if (!$response->hasHeader('X-Server-Authorization-HMAC-SHA256')) {
            throw new MalformedResponseException(
                'Response is missing required X-Server-Authorization-HMAC-SHA256 header.',
                null,
                0,
                $response
            );
        }

        $responseSigner = new ResponseSigner($this->key, $this->request);
        $compareResponse = $responseSigner->signResponse(
            $response->withoutHeader('X-Server-Authorization-HMAC-SHA256')
        );

        $responseSignature = $response->getHeaderLine('X-Server-Authorization-HMAC-SHA256');
        $compareSignature =  $compareResponse->getHeaderLine('X-Server-Authorization-HMAC-SHA256');

        return hash_equals($compareSignature, $responseSignature);
    }
}


1		<?php
2
3		namespace Acquia\Hmac;
4
5		use Acquia\Hmac\Exception\MalformedResponseException;
6		use Psr\Http\Message\RequestInterface;
7		use Psr\Http\Message\ResponseInterface;
8
9		/**
10		*
11		*/
12		class ResponseAuthenticator
13		{
14		/**
15		* @var \Psr\Http\Message\RequestInterface $request
16		* The signed request.
17		*/
18		protected $request;
19
20		/**
21		* @param \Acquia\Hmac\KeyInterface $key
22		* The key with which the request was signed.
23		*/
24		protected $key;
25
26		/**
27		* Initializes the response authenticator with a request and auth key.
28		*
29		* @param \Psr\Http\Message\RequestInterface $request
30		* The signed request.
31		* @param \Acquia\Hmac\KeyInterface $key
32		* The key with which the request was signed.
33		*/
34	5	public function __construct(RequestInterface $request, KeyInterface $key)
35		{
36	5	$this->request = $request;
37	5	$this->key = $key;
38	5	}
39
40		/**
41		* {@inheritDoc}
42		*/
43	5	public function isAuthentic(ResponseInterface $response)
44		{
45	5	if (!$response->hasHeader('X-Server-Authorization-HMAC-SHA256')) {
46	2	throw new MalformedResponseException(
47	2	'Response is missing required X-Server-Authorization-HMAC-SHA256 header.',
48	2	null,
49	2	0,
50	2	$response
51		);
52		}
53
54	3	$responseSigner = new ResponseSigner($this->key, $this->request);
55	3	$compareResponse = $responseSigner->signResponse(
56	3	$response->withoutHeader('X-Server-Authorization-HMAC-SHA256')
57		);
58
59	3	$responseSignature = $response->getHeaderLine('X-Server-Authorization-HMAC-SHA256');
60	3	$compareSignature = $compareResponse->getHeaderLine('X-Server-Authorization-HMAC-SHA256');
61
62	3	return hash_equals($compareSignature, $responseSignature);
63		}
64		}
65

acquia / http-hmac-php

ResponseAuthenticator::isAuthentic() A last analyzed 2025-05-22 22:11 UTC

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like

ResponseAuthenticator::isAuthentic() A
last analyzed 2025-05-22 22:11 UTC