Code Coverage
 
Lines
Functions and Methods
Classes and Traits
Total
100.00%
10 / 10
100.00%
2 / 2
 CRAP
100.00%
1 / 1
WebhookVerifier
100.00%
10 / 10
100.00%
2 / 2
 6
100.00%
1 / 1
 IsValidWebhookSignature
100.00%
8 / 8
100.00%
1 / 1
 5
 checkSignature
100.00%
2 / 2
100.00%
1 / 1
 1
1<?php
2
3namespace Fingerprint\ServerAPI\Webhook;
4
5final class WebhookVerifier
6{
7    public static function IsValidWebhookSignature(string $header, string $data, string $secret): bool
8    {
9        $signatures = explode(',', $header);
10        foreach ($signatures as $signature) {
11            $parts = explode('=', $signature);
12            if (2 === count($parts) && 'v1' === $parts[0]) {
13                $hash = $parts[1];
14                if (self::checkSignature($hash, $data, $secret)) {
15                    return true;
16                }
17            }
18        }
19
20        return false;
21    }
22
23    private static function checkSignature(string $signature, string $data, string $secret): bool
24    {
25        $hash = hash_hmac('sha256', $data, $secret);
26
27        return hash_equals($hash, $signature);
28    }
29}