mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-12-23 05:29:52 +05:30
Fix bug: hash_hmac() should output raw binary data, not hexits
This commit is contained in:
parent
2496653968
commit
eeaa68400f
@ -114,7 +114,14 @@ class MAC extends AbstractTokenType implements TokenTypeInterface
|
||||
$calculatedSignatureParts[] = $params->get('ext');
|
||||
}
|
||||
|
||||
$calculatedSignature = base64_encode(hash_hmac('sha256', implode("\n", $calculatedSignatureParts), $macKey));
|
||||
$calculatedSignature = base64_encode(
|
||||
hash_hmac(
|
||||
'sha256',
|
||||
implode("\n", $calculatedSignatureParts),
|
||||
$macKey,
|
||||
true // raw_output: outputs raw binary data
|
||||
)
|
||||
);
|
||||
|
||||
// Return the access token if the signature matches
|
||||
return ($this->hash_equals($calculatedSignature, $signature)) ? $accessToken : null;
|
||||
|
Loading…
Reference in New Issue
Block a user