Box::verify() - Code Metrics - laravel-shield/box - Measure and Improve Code Quality continuously with Scrutinizer

Box::verify() A
last analyzed 2017-10-31 22:08 UTC

↳ Parent: Box

Complexity

Conditions	3
Paths	3

Size

Total Lines	16
Code Lines	7

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	7
CRAP Score	3

Importance

Changes

Metric	Value
dl	0
loc	16
ccs	7
cts	7
cp	1
rs	9.4285
c	0
b	0
f	0
cc	3
eloc	7
nc	3
nop	2
crap	3

<?php

namespace Shield\Box;

use Carbon\Carbon;
use Illuminate\Http\Request;
use Illuminate\Support\Collection;
use Shield\Shield\Contracts\Service;

/**
 * Class Box
 *
 * @package \Shield\Box
 */
class Box implements Service
{
    public function verify(Request $request, Collection $config): bool
    {
        $rawTimestamp = (string) $request->header('BOX-DELIVERY-TIMESTAMP');

        $timestamp = Carbon::parse($rawTimestamp);

        // 10 Minute Tolerance
        if (Carbon::now(config('app.timezone', 'UTC'))->diffInSeconds($timestamp) > $config->get('tolerance', 600)) {
            return false;
        }

        $generated = $request->getContent() . $rawTimestamp;

        // Primary or Secondary can pass to be valid.
        return $this->check($generated, $config->get('primary'), $request->header('BOX-SIGNATURE-PRIMARY')) || $this->check($generated, $config->get('secondary'), $request->header('BOX-SIGNATURE-SECONDARY'));
    }

    public function check($generated, $key, $supplied)
    {
        $encoded = base64_encode(hash_hmac('sha256', $generated, $key, true));

        return hash_equals($encoded, $supplied);
    }

    public function headers(): array
    {
        return ['BOX-DELIVERY-TIMESTAMP', 'BOX-SIGNATURE-PRIMARY', 'BOX-SIGNATURE-SECONDARY'];
    }
}


1		<?php
2
3		namespace Shield\Box;
4
5		use Carbon\Carbon;
6		use Illuminate\Http\Request;
7		use Illuminate\Support\Collection;
8		use Shield\Shield\Contracts\Service;
9
10		/**
11		* Class Box
12		*
13		* @package \Shield\Box
14		*/
15		class Box implements Service
16		{
17	4	public function verify(Request $request, Collection $config): bool
18		{
19	4	$rawTimestamp = (string) $request->header('BOX-DELIVERY-TIMESTAMP');
20
21	4	$timestamp = Carbon::parse($rawTimestamp);
22
23		// 10 Minute Tolerance
24	4	if (Carbon::now(config('app.timezone', 'UTC'))->diffInSeconds($timestamp) > $config->get('tolerance', 600)) {
25	1	return false;
26		}
27
28	3	$generated = $request->getContent() . $rawTimestamp;
29
30		// Primary or Secondary can pass to be valid.
31	3	return $this->check($generated, $config->get('primary'), $request->header('BOX-SIGNATURE-PRIMARY')) \|\| $this->check($generated, $config->get('secondary'), $request->header('BOX-SIGNATURE-SECONDARY'));
32		}
33
34	3	public function check($generated, $key, $supplied)
35		{
36	3	$encoded = base64_encode(hash_hmac('sha256', $generated, $key, true));
37
38	3	return hash_equals($encoded, $supplied);
39		}
40
41	1	public function headers(): array
42		{
43	1	return ['BOX-DELIVERY-TIMESTAMP', 'BOX-SIGNATURE-PRIMARY', 'BOX-SIGNATURE-SECONDARY'];
44		}
45		}
46

laravel-shield / box

Box::verify() A last analyzed 2017-10-31 22:08 UTC

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like

Box::verify() A
last analyzed 2017-10-31 22:08 UTC