WC_WCCOM_Site::verify_wccom_request()
Verify Woo.com request from a given body and signature request.
Метод класса: WC_WCCOM_Site{}
Хуков нет.
Возвращает
true|false.
Использование
$result = WC_WCCOM_Site::verify_wccom_request( $body, $signature, $access_token_secret );
- $body(строка) (обязательный)
- Request body.
- $signature(строка) (обязательный)
- Request signature found in X-Woo-Signature header.
- $access_token_secret(строка) (обязательный)
- Access token secret for this site.
Список изменений
| С версии 3.7.0 | Введена. |
Код WC_WCCOM_Site::verify_wccom_request() WC WCCOM Site::verify wccom request WC 8.7.0
protected static function verify_wccom_request( $body, $signature, $access_token_secret ) {
// phpcs:disable WordPress.Security.ValidatedSanitizedInput.InputNotValidated, WordPress.Security.ValidatedSanitizedInput.MissingUnslash, WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
$data = array(
'host' => $_SERVER['HTTP_HOST'],
'request_uri' => urldecode( remove_query_arg( array( 'token', 'signature' ), $_SERVER['REQUEST_URI'] ) ),
'method' => strtoupper( $_SERVER['REQUEST_METHOD'] ),
);
// phpcs:enable
if ( ! empty( $body ) ) {
$data['body'] = $body;
}
$expected_signature = hash_hmac( 'sha256', wp_json_encode( $data ), $access_token_secret );
return hash_equals( $expected_signature, $signature );
}