private function parse($raw_signed_request)
{
$signed_request = [];
list($signed_request['encoded_signature'], $signed_request['payload']) = explode('.', $raw_signed_request, 2);
$expected_signature = hash_hmac('sha256', $signed_request['payload'], $this->app->getSecret(), true);
if (static::decodeBase64Url($signed_request['encoded_signature']) !== $expected_signature) {
throw new Exception\SignedRequestException('Invalid signature.');
}
return json_decode(static::decodeBase64Url($signed_request['payload']), true);
}