You are here

Home » API reference » Webhooks 8 » Webhook.php » Webhook

public static function Webhook::verify in Webhooks 8

Verify the webhook with the stored secret.

Parameters

string $secret: The webhook secret.

string $payload: The raw webhook payload.

string $signature: The webhook signature.

Return value

bool Boolean TRUE for success.

Throws

\Drupal\webhooks\Exception\WebhookMismatchSignatureException Throws exception if signatures do not match.

1 call to Webhook::verify()
WebhooksService::receive in src/WebhooksService.php
Receive a webhook.

File

src/Webhook.php, line 405

Class

Webhook
Class Webhook .

Namespace

Drupal\webhooks

Code

public static function verify($secret, $payload, $signature) {
  [
    $algorithm,
    $user_string,
  ] = explode('=', $signature);
  $known_string = hash_hmac($algorithm, $payload, $secret);
  if (!hash_equals($known_string, $user_string)) {
    throw new WebhookMismatchSignatureException($user_string, $algorithm . '=' . $known_string, $payload);
  }
  return TRUE;
}