PluginProbe ʕ •ᴥ•ʔ
Booking for Appointments and Events Calendar – Amelia / 2.4.4
Booking for Appointments and Events Calendar – Amelia v2.4.4
2.4.4 2.4.3 2.4.2 2.4.1 2.4 trunk 1.2.1 1.2.10 1.2.11 1.2.12 1.2.13 1.2.14 1.2.15 1.2.16 1.2.17 1.2.18 1.2.19 1.2.2 1.2.20 1.2.21 1.2.22 1.2.23 1.2.24 1.2.25 1.2.26 1.2.27 1.2.28 1.2.29 1.2.3 1.2.30 1.2.31 1.2.32 1.2.33 1.2.34 1.2.35 1.2.36 1.2.37 1.2.38 1.2.4 1.2.5 1.2.6 1.2.7 1.2.8 1.2.9 2.0 2.0.1 2.0.2 2.1 2.1.1 2.1.2 2.1.3 2.2 2.2.1 2.3
ameliabooking / vendor / stripe / stripe-php / lib / WebhookSignature.php
ameliabooking / vendor / stripe / stripe-php / lib Last commit date
ApiOperations 6 months ago Apps 6 months ago Billing 6 months ago BillingPortal 6 months ago Checkout 6 months ago Climate 6 months ago Entitlements 6 months ago EventData 6 months ago Events 6 months ago Exception 6 months ago FinancialConnections 6 months ago Forwarding 6 months ago HttpClient 6 months ago Identity 6 months ago Issuing 6 months ago Radar 6 months ago Reporting 6 months ago Service 6 months ago Sigma 6 months ago Tax 6 months ago Terminal 6 months ago TestHelpers 6 months ago Treasury 6 months ago Util 6 months ago V2 6 months ago Account.php 6 months ago AccountLink.php 6 months ago AccountSession.php 6 months ago ApiRequestor.php 6 months ago ApiResource.php 6 months ago ApiResponse.php 6 months ago ApplePayDomain.php 6 months ago Application.php 6 months ago ApplicationFee.php 6 months ago ApplicationFeeRefund.php 6 months ago Balance.php 6 months ago BalanceTransaction.php 6 months ago BankAccount.php 6 months ago BaseStripeClient.php 6 months ago BaseStripeClientInterface.php 6 months ago Capability.php 6 months ago Card.php 6 months ago CashBalance.php 6 months ago Charge.php 6 months ago Collection.php 6 months ago ConfirmationToken.php 6 months ago ConnectCollectionTransfer.php 6 months ago CountrySpec.php 6 months ago Coupon.php 6 months ago CreditNote.php 6 months ago CreditNoteLineItem.php 6 months ago Customer.php 6 months ago CustomerBalanceTransaction.php 6 months ago CustomerCashBalanceTransaction.php 6 months ago CustomerSession.php 6 months ago Discount.php 6 months ago Dispute.php 6 months ago EphemeralKey.php 6 months ago ErrorObject.php 6 months ago Event.php 6 months ago ExchangeRate.php 6 months ago File.php 6 months ago FileLink.php 6 months ago FundingInstructions.php 6 months ago Invoice.php 6 months ago InvoiceItem.php 6 months ago InvoiceLineItem.php 6 months ago InvoicePayment.php 6 months ago InvoiceRenderingTemplate.php 6 months ago LineItem.php 6 months ago LoginLink.php 6 months ago Mandate.php 6 months ago OAuth.php 6 months ago OAuthErrorObject.php 6 months ago PaymentIntent.php 6 months ago PaymentLink.php 6 months ago PaymentMethod.php 6 months ago PaymentMethodConfiguration.php 6 months ago PaymentMethodDomain.php 6 months ago Payout.php 6 months ago Person.php 6 months ago Plan.php 6 months ago Price.php 6 months ago Product.php 6 months ago ProductFeature.php 6 months ago PromotionCode.php 6 months ago Quote.php 6 months ago Reason.php 6 months ago RecipientTransfer.php 6 months ago Refund.php 6 months ago RelatedObject.php 6 months ago RequestTelemetry.php 6 months ago ReserveTransaction.php 6 months ago Review.php 6 months ago SearchResult.php 6 months ago SetupAttempt.php 6 months ago SetupIntent.php 6 months ago ShippingRate.php 6 months ago SingletonApiResource.php 6 months ago Source.php 6 months ago SourceMandateNotification.php 6 months ago SourceTransaction.php 6 months ago Stripe.php 6 months ago StripeClient.php 6 months ago StripeClientInterface.php 6 months ago StripeObject.php 6 months ago StripeStreamingClientInterface.php 6 months ago Subscription.php 6 months ago SubscriptionItem.php 6 months ago SubscriptionSchedule.php 6 months ago TaxCode.php 6 months ago TaxDeductedAtSource.php 6 months ago TaxId.php 6 months ago TaxRate.php 6 months ago ThinEvent.php 6 months ago Token.php 6 months ago Topup.php 6 months ago Transfer.php 6 months ago TransferReversal.php 6 months ago Webhook.php 6 months ago WebhookEndpoint.php 6 months ago WebhookSignature.php 6 months ago
WebhookSignature.php
111 lines
1 <?php
2
3 namespace AmeliaVendor\Stripe;
4
5 abstract class WebhookSignature
6 {
7 const EXPECTED_SCHEME = 'v1';
8 /**
9 * Verifies the signature header sent by Stripe. Throws an
10 * Exception\SignatureVerificationException exception if the verification fails for
11 * any reason.
12 *
13 * @param string $payload the payload sent by Stripe
14 * @param string $header the contents of the signature header sent by
15 * Stripe
16 * @param string $secret secret used to generate the signature
17 * @param int $tolerance maximum difference allowed between the header's
18 * timestamp and the current time
19 *
20 * @return bool
21 *
22 * @throws Exception\SignatureVerificationException if the verification fails
23 */
24 public static function verifyHeader($payload, $header, $secret, $tolerance = null)
25 {
26 // Extract timestamp and signatures from header
27 $timestamp = self::getTimestamp($header);
28 $signatures = self::getSignatures($header, self::EXPECTED_SCHEME);
29 if (-1 === $timestamp) {
30 throw \Stripe\Exception\SignatureVerificationException::factory('Unable to extract timestamp and signatures from header', $payload, $header);
31 }
32 if (empty($signatures)) {
33 throw \Stripe\Exception\SignatureVerificationException::factory('No signatures found with expected scheme', $payload, $header);
34 }
35 // Check if expected signature is found in list of signatures from
36 // header
37 $signedPayload = "{$timestamp}.{$payload}";
38 $expectedSignature = self::computeSignature($signedPayload, $secret);
39 $signatureFound = false;
40 foreach ($signatures as $signature) {
41 if (\AmeliaVendor\Stripe\Util\Util::secureCompare($expectedSignature, $signature)) {
42 $signatureFound = true;
43 break;
44 }
45 }
46 if (!$signatureFound) {
47 throw \Stripe\Exception\SignatureVerificationException::factory('No signatures found matching the expected signature for payload', $payload, $header);
48 }
49 // Check if timestamp is within tolerance
50 if ($tolerance > 0 && \abs(\time() - $timestamp) > $tolerance) {
51 throw \Stripe\Exception\SignatureVerificationException::factory('Timestamp outside the tolerance zone', $payload, $header);
52 }
53 return true;
54 }
55 /**
56 * Extracts the timestamp in a signature header.
57 *
58 * @param string $header the signature header
59 *
60 * @return int the timestamp contained in the header, or -1 if no valid
61 * timestamp is found
62 */
63 private static function getTimestamp($header)
64 {
65 $items = \explode(',', $header);
66 foreach ($items as $item) {
67 $itemParts = \explode('=', $item, 2);
68 if ('t' === $itemParts[0]) {
69 if (!\is_numeric($itemParts[1])) {
70 return -1;
71 }
72 return (int) $itemParts[1];
73 }
74 }
75 return -1;
76 }
77 /**
78 * Extracts the signatures matching a given scheme in a signature header.
79 *
80 * @param string $header the signature header
81 * @param string $scheme the signature scheme to look for
82 *
83 * @return array the list of signatures matching the provided scheme
84 */
85 private static function getSignatures($header, $scheme)
86 {
87 $signatures = [];
88 $items = \explode(',', $header);
89 foreach ($items as $item) {
90 $itemParts = \explode('=', $item, 2);
91 if (\trim($itemParts[0]) === $scheme) {
92 $signatures[] = $itemParts[1];
93 }
94 }
95 return $signatures;
96 }
97 /**
98 * Computes the signature for a given payload and secret.
99 *
100 * The current scheme used by Stripe ("v1") is HMAC/SHA-256.
101 *
102 * @param string $payload the payload to sign
103 * @param string $secret the secret used to generate the signature
104 *
105 * @return string the signature as a string
106 */
107 private static function computeSignature($payload, $secret)
108 {
109 return \hash_hmac('sha256', $payload, $secret);
110 }
111 }