Created
March 24, 2024 19:02
-
-
Save smiell/a36dfbefc723bbca5ad2cb1bbbc7e0f7 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| private function IsWebhookTrusted($tallyKeyFromSettings, $receivedSignature, $payLoadBody) : bool { | |
| // Obliczamy oczekiwany podpis HMAC na podstawie klucza Tally i payloadu | |
| $payLoadBodyString = json_encode($payLoadBody); | |
| $expectedSignature = hash_hmac('sha256', $payLoadBodyString, $tallyKeyFromSettings); | |
| error_log("Hash coming from request: " . $receivedSignature); | |
| error_log("Hash saved in settings: " . $tallyKeyFromSettings); | |
| error_log("Result of cryptographic count: " . $expectedSignature); | |
| // Result of comparison of the received hash with the desired one | |
| $result = hash_equals($receivedSignature, $expectedSignature); | |
| if( $result == true ) { | |
| // Consistent comparison OK | |
| error_log("Hash OK"); | |
| return true; | |
| } else { | |
| // The comparison is inconsistent NOT OK | |
| error_log("Hash Invalid"); | |
| return false; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment