Source of file ShopifyMultipass.php
Size: 2,263 Bytes - Last Modified: 2021-12-24T06:46:30+00:00
/var/www/docs.ssmods.com/process/src/src/Client/ShopifyMultipass.php
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990 | <?php namespace Dynamic\Shopify\Client; use SilverStripe\Core\Config\Configurable; use SilverStripe\Core\Injector\Injectable; /** * Class ShopifyMultipass * @package Dynamic\Shopify\Client */ class ShopifyMultipass { use Configurable; use Injectable; /** * @config null|string */ private static $multipass_secret = null; /** * @var string */ private static $return_url = 'home'; /** * @var false|string */ private $encryption_key; /** * @var false|string */ private $signature_key; /** * ShopifyMultipass constructor. * @param $multipass_secret */ public function __construct($multipass_secret) { // Use the Multipass secret to derive two cryptographic keys, // one for encryption, one for signing $key_material = hash("sha256", $multipass_secret, true); $this->encryption_key = substr($key_material, 0, 16); $this->signature_key = substr($key_material, 16, 16); } /** * @param $customer_data_hash * @return string */ public function generate_token($customer_data_hash) { // Store the current time in ISO8601 format. // The token will only be valid for a small timeframe around this timestamp. $customer_data_hash["created_at"] = date("c"); // Serialize the customer data to JSON and encrypt it $ciphertext = $this->encrypt(json_encode($customer_data_hash)); // Create a signature (message authentication code) of the ciphertext // and encode everything using URL-safe Base64 (RFC 4648) return strtr(base64_encode($ciphertext . $this->sign($ciphertext)), '+/', '-_'); } /** * @param $plaintext * @return string */ private function encrypt($plaintext) { // Use a random IV $iv = openssl_random_pseudo_bytes(16); // Use IV as first block of ciphertext return $iv . openssl_encrypt($plaintext, "AES-128-CBC", $this->encryption_key, OPENSSL_RAW_DATA, $iv); } /** * @param $data * @return false|string */ private function sign($data) { return hash_hmac("sha256", $data, $this->signature_key, true); } } |