Signature::verify() - Code Metrics - Inspection of "Removed pow in favor of ** operator" - postpayio/postpay-php - Measure and Improve Code Quality continuously with Scrutinizer

Test Failed

Push — master ( ebd18c...f86896 )

by Dani

created 2020-05-03 07:57 UTC

Signature::verify() A

↳ Parent: Signature

Complexity

Conditions	5
Paths	2

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	7
CRAP Score	5

Importance

Changes

Metric	Value
dl	0
loc	15
ccs	7
cts	7
cp	1
rs	9.4555
c	0
b	0
f	0
cc	5
nc	2
nop	4
crap	5

<?php

namespace Postpay\Http;

class Signature
{
    /**
     * @const int Default tolarence in seconds.
     */
    const DEFAULT_TOLERANCE = 300;

    /**
     * Verifies the signature header.
     *
     * @param string $payload
     * @param string $header
     * @param string $secret
     * @param int    $tolerance
     *
     * @return bool
     */
    public static function verify(
        $payload,
        $header,
        $secret,
        $tolerance = self::DEFAULT_TOLERANCE
    ) {
        list($timestamp, $signature) = explode(':', trim($header), 2);

        if (!is_numeric($timestamp) || empty($signature) ||
                (($tolerance > 0) && (abs(time() - $timestamp) > $tolerance))) {
            return false;
        }
        $expected = hash_hmac('sha256', "{$timestamp}:{$payload}", $secret);
        return hash_equals($expected, $signature);
    }
}


1		<?php
2
3		namespace Postpay\Http;
4
5		class Signature
6		{
7		/**
8		* @const int Default tolarence in seconds.
9		*/
10		const DEFAULT_TOLERANCE = 300;
11
12		/**
13		* Verifies the signature header.
14		*
15		* @param string $payload
16		* @param string $header
17		* @param string $secret
18		* @param int $tolerance
19		*
20		* @return bool
21		*/
22	3	public static function verify(
23		$payload,
24		$header,
25		$secret,
26		$tolerance = self::DEFAULT_TOLERANCE
27		) {
28	3	list($timestamp, $signature) = explode(':', trim($header), 2);
29
30	3	if (!is_numeric($timestamp) \|\| empty($signature) \|\|
31	3	(($tolerance > 0) && (abs(time() - $timestamp) > $tolerance))) {
32	2	return false;
33		}
34	1	$expected = hash_hmac('sha256', "{$timestamp}:{$payload}", $secret);
35	1	return hash_equals($expected, $signature);
36		}
37		}
38

postpayio / postpay-php

Push — master ( ebd18c...f86896 )

Signature::verify() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like