TokenValidator::validate() - Code Metrics - chadicus/hmac-middleware-php - Measure and Improve Code Quality continuously with Scrutinizer

TokenValidator::validate() A
last analyzed 2017-09-21 01:20 UTC

↳ Parent: TokenValidator

Complexity

Conditions	2
Paths	2

Size

Total Lines	13
Code Lines	8

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	13
rs	9.4285
c	0
b	0
f	0
cc	2
eloc	8
nc	2
nop	3

<?php

namespace Chadicus\Psr\Http\ServerMiddleware\Hmac;

use Chadicus\Psr\Http\ServerMiddleware\AuthenticationException;
use Chadicus\Psr\Http\ServerMiddleware\Token;
use Chadicus\Psr\Http\ServerMiddleware\TokenValidatorInterface;
use Psr\Http\Message\ServerRequestInterface;

/**
 * Interface for validating token data.
 */
final class TokenValidator implements TokenValidatorInterface
{
    /**
     * Validates the given token against the private key and incoming request.
     *
     * @param string                 $privateKey The private API key.
     * @param Token                  $token      The token extracted from the request.
     * @param ServerRequestInterface $request    The incoming PSR-7 request.
     *
     * @return boolean
     *
     * @throws AuthenticationException 401 Thrown hash is not valid.
     */
    public function validate(string $privateKey, Token $token, ServerRequestInterface $request) : bool
    {
        $method = $request->getMethod();
        $uri = (string)$request->getUri();
        $base64 = base64_encode((string)$request->getBody());
        $data = "{$privateKey}{$method}{$uri}{$token->getTimeStamp()}{$token->getNonce()}{$base64}";

        if (hash('sha256', $data) !== $token->getSignature()) {
            throw new AuthenticationException(401, 'Invalid Hash');
        }

        return true;
    }
}


1			<?php
2
3			namespace Chadicus\Psr\Http\ServerMiddleware\Hmac;
4
5			use Chadicus\Psr\Http\ServerMiddleware\AuthenticationException;
6			use Chadicus\Psr\Http\ServerMiddleware\Token;
7			use Chadicus\Psr\Http\ServerMiddleware\TokenValidatorInterface;
8			use Psr\Http\Message\ServerRequestInterface;
9
10			/**
11			* Interface for validating token data.
12			*/
13			final class TokenValidator implements TokenValidatorInterface
14			{
15			/**
16			* Validates the given token against the private key and incoming request.
17			*
18			* @param string $privateKey The private API key.
19			* @param Token $token The token extracted from the request.
20			* @param ServerRequestInterface $request The incoming PSR-7 request.
21			*
22			* @return boolean
23			*
24			* @throws AuthenticationException 401 Thrown hash is not valid.
25			*/
26			public function validate(string $privateKey, Token $token, ServerRequestInterface $request) : bool
27			{
28			$method = $request->getMethod();
29			$uri = (string)$request->getUri();
30			$base64 = base64_encode((string)$request->getBody());
31			$data = "{$privateKey}{$method}{$uri}{$token->getTimeStamp()}{$token->getNonce()}{$base64}";
32
33			if (hash('sha256', $data) !== $token->getSignature()) {
34			throw new AuthenticationException(401, 'Invalid Hash');
35			}
36
37			return true;
38			}
39			}
40

chadicus / hmac-middleware-php

TokenValidator::validate() A last analyzed 2017-09-21 01:20 UTC

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like

TokenValidator::validate() A
last analyzed 2017-09-21 01:20 UTC