VerifySignature::isValid() - Code Metrics - minulislam/multicoin-api - Measure and Improve Code Quality continuously with Scrutinizer

VerifySignature::isValid() A
last analyzed 2024-06-05 18:09 UTC

↳ Parent: VerifySignature

Complexity

Conditions	2
Paths	2

Size

Total Lines	12
Code Lines	8

Duplication

Lines	0
Ratio	0 %

Importance

Changes	2
Bugs	2	Features	0

Metric	Value
cc	2
eloc	8
c	2
b	2
f	0
nc	2
nop	2
dl	0
loc	12
rs	10

<?php

namespace Multicoin\Api\Http\Middlewares;

use Closure;
use Multicoin\Api\Exceptions\WebhookFailed;

class VerifySignature
{
    public function handle($request, Closure $next)
    {
        $signature = $request->header('X-Multicoin-Signature');

        if (! $signature) {
            throw WebhookFailed::missingSignature();
        }

        if (! $this->isValid($signature, $request)) {
            throw WebhookFailed::invalidSignature($signature);
        }

        return $next($request);
    }

    protected function isValid(string $signature, $request): bool
    {
        $payload = $request->getContent();

        $secret = config('multicoin.api_key');
        if (empty($secret)) {
            throw WebhookFailed::signingSecretNotSet();
        }
        $timestamp = $request->header('timestamp');
        $token = $request->header('token');
        $computedSignature = hash_hmac('sha256', $token.$timestamp, $secret);

        return hash_equals($signature, $computedSignature);
    }
}


1			<?php
2
3			namespace Multicoin\Api\Http\Middlewares;
4
5			use Closure;
6			use Multicoin\Api\Exceptions\WebhookFailed;
7
8			class VerifySignature
9			{
10			public function handle($request, Closure $next)
11			{
12			$signature = $request->header('X-Multicoin-Signature');
13
14			if (! $signature) {
15			throw WebhookFailed::missingSignature();
16			}
17
18			if (! $this->isValid($signature, $request)) {
19			throw WebhookFailed::invalidSignature($signature);
20			}
21
22			return $next($request);
23			}
24
25			protected function isValid(string $signature, $request): bool
26			{
27			$payload = $request->getContent();
			0 ignored issues – show Unused Code introduced 2019-05-11 04:50 UTC by Report Bug Copy Issue Report The assignment to `$payload` is dead and can be removed. Loading history...
28			$secret = config('multicoin.api_key');
29			if (empty($secret)) {
30			throw WebhookFailed::signingSecretNotSet();
31			}
32			$timestamp = $request->header('timestamp');
33			$token = $request->header('token');
34			$computedSignature = hash_hmac('sha256', $token.$timestamp, $secret);
35
36			return hash_equals($signature, $computedSignature);
37			}
38			}
39

minulislam / multicoin-api

GitHub Access Token became invalid

VerifySignature::isValid() A last analyzed 2024-06-05 18:09 UTC

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like

VerifySignature::isValid() A
last analyzed 2024-06-05 18:09 UTC