TokenValidator::validate() - Code Metrics - Inspection of "Merge pull request #4 from chadicus/fea/hmac" - chadicus/hmac-middleware-php - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( efa379...854a6f )

by Chad

created 2017-09-20 00:45 UTC

TokenValidator::validate() A

↳ Parent: TokenValidator

Complexity

Conditions	2
Paths	2

Size

Total Lines	13
Code Lines	8

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	13
rs	9.4285
c	0
b	0
f	0
cc	2
eloc	8
nc	2
nop	3

<?php

namespace Chadicus\Hmac;

use Psr\Http\Message\ServerRequestInterface;

/**
 * Interface for validating token data.
 */
final class TokenValidator implements TokenValidatorInterface
{
    /**
     * Validates the given token against the private key and incoming request.
     *
     * @param string                 $privateKey The private API key.
     * @param Token                  $token      The token extracted from the request.
     * @param ServerRequestInterface $request    The incoming PSR-7 request.
     *
     * @return boolean
     *
     * @throws AuthenticationException 401 Thrown hash is not valid.
     */
    public function validate(string $privateKey, Token $token, ServerRequestInterface $request) : bool
    {
        $method = $request->getMethod();
        $uri = (string)$request->getUri();
        $base64 = base64_encode((string)$request->getBody());
        $data = "{$privateKey}{$method}{$uri}{$token->getTimeStamp()}{$token->getNonce()}{$base64}";

        if (hash('sha256', $data) !== $token->getSignature()) {
            throw new AuthenticationException(401, 'Invalid Hash');
        }

        return true;
    }
}


1			<?php
2
3			namespace Chadicus\Hmac;
4
5			use Psr\Http\Message\ServerRequestInterface;
6
7			/**
8			* Interface for validating token data.
9			*/
10			final class TokenValidator implements TokenValidatorInterface
11			{
12			/**
13			* Validates the given token against the private key and incoming request.
14			*
15			* @param string $privateKey The private API key.
16			* @param Token $token The token extracted from the request.
17			* @param ServerRequestInterface $request The incoming PSR-7 request.
18			*
19			* @return boolean
20			*
21			* @throws AuthenticationException 401 Thrown hash is not valid.
22			*/
23			public function validate(string $privateKey, Token $token, ServerRequestInterface $request) : bool
24			{
25			$method = $request->getMethod();
26			$uri = (string)$request->getUri();
27			$base64 = base64_encode((string)$request->getBody());
28			$data = "{$privateKey}{$method}{$uri}{$token->getTimeStamp()}{$token->getNonce()}{$base64}";
29
30			if (hash('sha256', $data) !== $token->getSignature()) {
31			throw new AuthenticationException(401, 'Invalid Hash');
32			}
33
34			return true;
35			}
36			}
37

chadicus / hmac-middleware-php

Push — master ( efa379...854a6f )

TokenValidator::validate() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like