Mailgun\Mailgun::verifyWebhookSignature PHP Method

Mailgun Class Documentation Usage Examples Of Mailgun\Mailgun::verifyWebhookSignature Mostrar archivo Open project: mailgun/mailgun-php

verifyWebhookSignature() public method

Pass an array of parameters. If you pass nothing, $_POST will be used instead. If this function returns FALSE, you must not process the request. You should reject the request with status code 403 Forbidden.

public verifyWebhookSignature ( array \| null $postData = null ) : boolean
$postData	array \| null
return	boolean

    public function verifyWebhookSignature($postData = null)
    {
        if ($postData === null) {
            $postData = $_POST;
        }
        if (!isset($postData['timestamp']) || !isset($postData['token']) || !isset($postData['signature'])) {
            return false;
        }
        $hmac = hash_hmac('sha256', "{$postData['timestamp']}{$postData['token']}", $this->apiKey);
        $sig = $postData['signature'];
        if (function_exists('hash_equals')) {
            // hash_equals is constant time, but will not be introduced until PHP 5.6
            return hash_equals($hmac, $sig);
        } else {
            return $hmac === $sig;
        }
    }

Usage Example

Ejemplo n.º 1

Mostrar archivo

Archivo: MailgunTest.php Proyecto: kenjiro7/mailgun-php

 public function testVerifyWebhookBad()
 {
     $client = new Mailgun('key-3ax6xnjp29jd6fds4gc373sgvjxteol0');
     $postData = array('timestamp' => '1403645220', 'token' => 'owyldpe6nxhmrn78epljl6bj0orrki1u3d2v5e6cnlmmuox8jr', 'signature' => '9cfc5c41582e51246e73c88d34db3af0a3a2692a76fbab81492842f000256d33');
     assert(!$client->verifyWebhookSignature($postData));
 }

Mailgun

BatchMessage

MessageBuilder

OptInHandler

__construct

delete

domains

get

post

put

sendMessage

setApiVersion

setSslEnabled

stats

verifyWebhookSignature