VerifySignature - Code Metrics - minulislam/multicoin-api - Measure and Improve Code Quality continuously with Scrutinizer

VerifySignature A
last analyzed 2024-06-05 18:09 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	29
Duplicated Lines	0 %

Importance

Changes	2
Bugs	2	Features	0

Metric	Value
eloc	15
c	2
b	2
f	0
dl	0
loc	29
rs	10
wmc	5

2 Methods

Rating	Name	Duplication	Size	Complexity
A	handle()	0	13	3
A	isValid()	0	12	2

<?php

namespace Multicoin\Api\Http\Middlewares;

use Closure;
use Multicoin\Api\Exceptions\WebhookFailed;

class VerifySignature
{
    public function handle($request, Closure $next)
    {
        $signature = $request->header('X-Multicoin-Signature');

        if (! $signature) {
            throw WebhookFailed::missingSignature();
        }

        if (! $this->isValid($signature, $request)) {
            throw WebhookFailed::invalidSignature($signature);
        }

        return $next($request);
    }

    protected function isValid(string $signature, $request): bool
    {
        $payload = $request->getContent();

        $secret = config('multicoin.api_key');
        if (empty($secret)) {
            throw WebhookFailed::signingSecretNotSet();
        }
        $timestamp = $request->header('timestamp');
        $token = $request->header('token');
        $computedSignature = hash_hmac('sha256', $token.$timestamp, $secret);

        return hash_equals($signature, $computedSignature);
    }
}


1			<?php
2
3			namespace Multicoin\Api\Http\Middlewares;
4
5			use Closure;
6			use Multicoin\Api\Exceptions\WebhookFailed;
7
8			class VerifySignature
9			{
10			public function handle($request, Closure $next)
11			{
12			$signature = $request->header('X-Multicoin-Signature');
13
14			if (! $signature) {
15			throw WebhookFailed::missingSignature();
16			}
17
18			if (! $this->isValid($signature, $request)) {
19			throw WebhookFailed::invalidSignature($signature);
20			}
21
22			return $next($request);
23			}
24
25			protected function isValid(string $signature, $request): bool
26			{
27			$payload = $request->getContent();
			0 ignored issues – show Unused Code introduced 2019-05-11 04:50 UTC by Report Bug Copy Issue Report The assignment to `$payload` is dead and can be removed. Loading history...
28			$secret = config('multicoin.api_key');
29			if (empty($secret)) {
30			throw WebhookFailed::signingSecretNotSet();
31			}
32			$timestamp = $request->header('timestamp');
33			$token = $request->header('token');
34			$computedSignature = hash_hmac('sha256', $token.$timestamp, $secret);
35
36			return hash_equals($signature, $computedSignature);
37			}
38			}
39

minulislam / multicoin-api

GitHub Access Token became invalid

VerifySignature A last analyzed 2024-06-05 18:09 UTC

Complexity

Size/Duplication

Importance

2 Methods

Duplication Side-by-Side

Filter issues like

VerifySignature A
last analyzed 2024-06-05 18:09 UTC