From 75160b12821f7f4299cce7f0b69c83c1502ae071 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Anton=20Luka=20=C5=A0ijanec?= <anton@sijanec.eu>
Date: Mon, 27 May 2024 13:08:29 +0200
Subject: 2024-02-19 upstream

---
 vendor/stripe/stripe-php/lib/WebhookSignature.php | 280 +++++++++++-----------
 1 file changed, 140 insertions(+), 140 deletions(-)

(limited to 'vendor/stripe/stripe-php/lib/WebhookSignature.php')

diff --git a/vendor/stripe/stripe-php/lib/WebhookSignature.php b/vendor/stripe/stripe-php/lib/WebhookSignature.php
index 46cbb28..bfd1dde 100644
--- a/vendor/stripe/stripe-php/lib/WebhookSignature.php
+++ b/vendor/stripe/stripe-php/lib/WebhookSignature.php
@@ -1,140 +1,140 @@
-<?php
-
-namespace Stripe;
-
-abstract class WebhookSignature
-{
-    const EXPECTED_SCHEME = 'v1';
-
-    /**
-     * Verifies the signature header sent by Stripe. Throws an
-     * Exception\SignatureVerificationException exception if the verification fails for
-     * any reason.
-     *
-     * @param string $payload the payload sent by Stripe
-     * @param string $header the contents of the signature header sent by
-     *  Stripe
-     * @param string $secret secret used to generate the signature
-     * @param int $tolerance maximum difference allowed between the header's
-     *  timestamp and the current time
-     *
-     * @throws Exception\SignatureVerificationException if the verification fails
-     *
-     * @return bool
-     */
-    public static function verifyHeader($payload, $header, $secret, $tolerance = null)
-    {
-        // Extract timestamp and signatures from header
-        $timestamp = self::getTimestamp($header);
-        $signatures = self::getSignatures($header, self::EXPECTED_SCHEME);
-        if (-1 === $timestamp) {
-            throw Exception\SignatureVerificationException::factory(
-                'Unable to extract timestamp and signatures from header',
-                $payload,
-                $header
-            );
-        }
-        if (empty($signatures)) {
-            throw Exception\SignatureVerificationException::factory(
-                'No signatures found with expected scheme',
-                $payload,
-                $header
-            );
-        }
-
-        // Check if expected signature is found in list of signatures from
-        // header
-        $signedPayload = "{$timestamp}.{$payload}";
-        $expectedSignature = self::computeSignature($signedPayload, $secret);
-        $signatureFound = false;
-        foreach ($signatures as $signature) {
-            if (Util\Util::secureCompare($expectedSignature, $signature)) {
-                $signatureFound = true;
-
-                break;
-            }
-        }
-        if (!$signatureFound) {
-            throw Exception\SignatureVerificationException::factory(
-                'No signatures found matching the expected signature for payload',
-                $payload,
-                $header
-            );
-        }
-
-        // Check if timestamp is within tolerance
-        if (($tolerance > 0) && (\abs(\time() - $timestamp) > $tolerance)) {
-            throw Exception\SignatureVerificationException::factory(
-                'Timestamp outside the tolerance zone',
-                $payload,
-                $header
-            );
-        }
-
-        return true;
-    }
-
-    /**
-     * Extracts the timestamp in a signature header.
-     *
-     * @param string $header the signature header
-     *
-     * @return int the timestamp contained in the header, or -1 if no valid
-     *  timestamp is found
-     */
-    private static function getTimestamp($header)
-    {
-        $items = \explode(',', $header);
-
-        foreach ($items as $item) {
-            $itemParts = \explode('=', $item, 2);
-            if ('t' === $itemParts[0]) {
-                if (!\is_numeric($itemParts[1])) {
-                    return -1;
-                }
-
-                return (int) ($itemParts[1]);
-            }
-        }
-
-        return -1;
-    }
-
-    /**
-     * Extracts the signatures matching a given scheme in a signature header.
-     *
-     * @param string $header the signature header
-     * @param string $scheme the signature scheme to look for
-     *
-     * @return array the list of signatures matching the provided scheme
-     */
-    private static function getSignatures($header, $scheme)
-    {
-        $signatures = [];
-        $items = \explode(',', $header);
-
-        foreach ($items as $item) {
-            $itemParts = \explode('=', $item, 2);
-            if (\trim($itemParts[0]) === $scheme) {
-                $signatures[] = $itemParts[1];
-            }
-        }
-
-        return $signatures;
-    }
-
-    /**
-     * Computes the signature for a given payload and secret.
-     *
-     * The current scheme used by Stripe ("v1") is HMAC/SHA-256.
-     *
-     * @param string $payload the payload to sign
-     * @param string $secret the secret used to generate the signature
-     *
-     * @return string the signature as a string
-     */
-    private static function computeSignature($payload, $secret)
-    {
-        return \hash_hmac('sha256', $payload, $secret);
-    }
-}
+<?php
+
+namespace Stripe;
+
+abstract class WebhookSignature
+{
+    const EXPECTED_SCHEME = 'v1';
+
+    /**
+     * Verifies the signature header sent by Stripe. Throws an
+     * Exception\SignatureVerificationException exception if the verification fails for
+     * any reason.
+     *
+     * @param string $payload the payload sent by Stripe
+     * @param string $header the contents of the signature header sent by
+     *  Stripe
+     * @param string $secret secret used to generate the signature
+     * @param int $tolerance maximum difference allowed between the header's
+     *  timestamp and the current time
+     *
+     * @throws Exception\SignatureVerificationException if the verification fails
+     *
+     * @return bool
+     */
+    public static function verifyHeader($payload, $header, $secret, $tolerance = null)
+    {
+        // Extract timestamp and signatures from header
+        $timestamp = self::getTimestamp($header);
+        $signatures = self::getSignatures($header, self::EXPECTED_SCHEME);
+        if (-1 === $timestamp) {
+            throw Exception\SignatureVerificationException::factory(
+                'Unable to extract timestamp and signatures from header',
+                $payload,
+                $header
+            );
+        }
+        if (empty($signatures)) {
+            throw Exception\SignatureVerificationException::factory(
+                'No signatures found with expected scheme',
+                $payload,
+                $header
+            );
+        }
+
+        // Check if expected signature is found in list of signatures from
+        // header
+        $signedPayload = "{$timestamp}.{$payload}";
+        $expectedSignature = self::computeSignature($signedPayload, $secret);
+        $signatureFound = false;
+        foreach ($signatures as $signature) {
+            if (Util\Util::secureCompare($expectedSignature, $signature)) {
+                $signatureFound = true;
+
+                break;
+            }
+        }
+        if (!$signatureFound) {
+            throw Exception\SignatureVerificationException::factory(
+                'No signatures found matching the expected signature for payload',
+                $payload,
+                $header
+            );
+        }
+
+        // Check if timestamp is within tolerance
+        if (($tolerance > 0) && (\abs(\time() - $timestamp) > $tolerance)) {
+            throw Exception\SignatureVerificationException::factory(
+                'Timestamp outside the tolerance zone',
+                $payload,
+                $header
+            );
+        }
+
+        return true;
+    }
+
+    /**
+     * Extracts the timestamp in a signature header.
+     *
+     * @param string $header the signature header
+     *
+     * @return int the timestamp contained in the header, or -1 if no valid
+     *  timestamp is found
+     */
+    private static function getTimestamp($header)
+    {
+        $items = \explode(',', $header);
+
+        foreach ($items as $item) {
+            $itemParts = \explode('=', $item, 2);
+            if ('t' === $itemParts[0]) {
+                if (!\is_numeric($itemParts[1])) {
+                    return -1;
+                }
+
+                return (int) ($itemParts[1]);
+            }
+        }
+
+        return -1;
+    }
+
+    /**
+     * Extracts the signatures matching a given scheme in a signature header.
+     *
+     * @param string $header the signature header
+     * @param string $scheme the signature scheme to look for
+     *
+     * @return array the list of signatures matching the provided scheme
+     */
+    private static function getSignatures($header, $scheme)
+    {
+        $signatures = [];
+        $items = \explode(',', $header);
+
+        foreach ($items as $item) {
+            $itemParts = \explode('=', $item, 2);
+            if (\trim($itemParts[0]) === $scheme) {
+                $signatures[] = $itemParts[1];
+            }
+        }
+
+        return $signatures;
+    }
+
+    /**
+     * Computes the signature for a given payload and secret.
+     *
+     * The current scheme used by Stripe ("v1") is HMAC/SHA-256.
+     *
+     * @param string $payload the payload to sign
+     * @param string $secret the secret used to generate the signature
+     *
+     * @return string the signature as a string
+     */
+    private static function computeSignature($payload, $secret)
+    {
+        return \hash_hmac('sha256', $payload, $secret);
+    }
+}
-- 
cgit v1.2.3