From eeaa68400f98aa96496d54bfe5ebe91061684d80 Mon Sep 17 00:00:00 2001
From: Michael Hogg <michael.hogg.uk@gmail.com>
Date: Fri, 28 Aug 2015 12:46:53 +0100
Subject: [PATCH] Fix bug: hash_hmac() should output raw binary data, not
 hexits

---
 src/TokenType/MAC.php | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/TokenType/MAC.php b/src/TokenType/MAC.php
index 1eb3b930..0d026a2d 100644
--- a/src/TokenType/MAC.php
+++ b/src/TokenType/MAC.php
@@ -114,7 +114,14 @@ class MAC extends AbstractTokenType implements TokenTypeInterface
             $calculatedSignatureParts[] = $params->get('ext');
         }
 
-        $calculatedSignature = base64_encode(hash_hmac('sha256', implode("\n", $calculatedSignatureParts), $macKey));
+        $calculatedSignature = base64_encode(
+            hash_hmac(
+                'sha256',
+                implode("\n", $calculatedSignatureParts),
+                $macKey,
+                true  // raw_output: outputs raw binary data
+            )
+        );
 
         // Return the access token if the signature matches
         return ($this->hash_equals($calculatedSignature, $signature)) ? $accessToken : null;