2222 */
2323class UriSigner
2424{
25+ private const STATUS_VALID = 1 ;
26+ private const STATUS_INVALID = 2 ;
27+ private const STATUS_MISSING = 3 ;
28+ private const STATUS_EXPIRED = 4 ;
29+
2530 /**
2631 * @param string $hashParameter Query string parameter to use
2732 * @param string $expirationParameter Query string parameter to use for expiration
@@ -93,24 +98,12 @@ public function sign(string $uri/* , \DateTimeInterface|\DateInterval|int|null $
9398 */
9499 public function check (string $ uribool
95100 {
96- try {
97- $ this verify ($ uri
98- } catch (SignedUriException
99- return false ;
100- }
101-
102- return true ;
101+ return self ::STATUS_VALID === $ this doVerify ($ uri
103102 }
104103
105104 public function checkRequest (Request $ requestbool
106105 {
107- try {
108- $ this verify ($ request
109- } catch (SignedUriException
110- return false ;
111- }
112-
113- return true ;
106+ return self ::STATUS_VALID === $ this doVerify (self ::normalize ($ request
114107 }
115108
116109 /**
@@ -123,37 +116,24 @@ public function checkRequest(Request $request): bool
123116 */
124117 public function verify (Request string $ urivoid
125118 {
126- if ($ uriinstanceof Request) {
127- $ qs$ qs$ uriserver ->get ('QUERY_STRING ' )) ? '? ' .$ qs'' ;
128- $ uri$ urigetSchemeAndHttpHost ().$ urigetBaseUrl ().$ urigetPathInfo ().$ qs
129- }
119+ $ uriself ::normalize ($ uri
120+ $ status$ this doVerify ($ uri
130121
131- $ urlparse_url ($ uri
132- $ params
133-
134- if (isset ($ url'query ' ])) {
135- parse_str ($ url'query ' ], $ params
122+ if (self ::STATUS_VALID === $ status
123+ return ;
136124 }
137125
138- if (empty ( $ params [ $ this -> hashParameter ]) ) {
126+ if (self :: STATUS_MISSING === $ status
139127 throw new UnsignedUriException ($ uri
140128 }
141129
142- $ hash$ params$ this hashParameter ];
143- unset($ params$ this hashParameter ]);
144-
145- // In 8.0, remove support for non-url-safe tokens
146- if (!hash_equals ($ this computeHash ($ this buildUrl ($ url$ paramsstrtr (rtrim ($ hash'= ' ), ['/ ' => '_ ' , '+ ' => '- ' ]))) {
130+ if (self ::STATUS_INVALID === $ status
147131 throw new UnverifiedSignedUriException ($ uri
148132 }
149133
150- if (!$ expiration$ params$ this expirationParameter ] ?? false ) {
151- return ;
152- }
153-
154- if (time () < $ expiration
155- return ;
156- }
134+ $ urlparse_url ($ uri
135+ parse_str ($ url'query ' ], $ params
136+ $ expiration$ params$ this expirationParameter ];
157137
158138 throw new ExpiredSignedUriException (\DateTimeImmutable::createFromFormat ('U ' , $ expiration$ uri
159139 }
@@ -193,4 +173,49 @@ private function getExpirationTime(\DateTimeInterface|\DateInterval|int $expirat
193173
194174 return (string ) $ expiration
195175 }
176+
177+ /**
178+ * @return self::STATUS_*
179+ */
180+ private function doVerify (string $ uriint
181+ {
182+ $ urlparse_url ($ uri
183+ $ params
184+
185+ if (isset ($ url'query ' ])) {
186+ parse_str ($ url'query ' ], $ params
187+ }
188+
189+ if (empty ($ params$ this hashParameter ])) {
190+ return self ::STATUS_MISSING ;
191+ }
192+
193+ $ hash$ params$ this hashParameter ];
194+ unset($ params$ this hashParameter ]);
195+
196+ // In 8.0, remove support for non-url-safe tokens
197+ if (!hash_equals ($ this computeHash ($ this buildUrl ($ url$ paramsstrtr (rtrim ($ hash'= ' ), ['/ ' => '_ ' , '+ ' => '- ' ]))) {
198+ return self ::STATUS_INVALID ;
199+ }
200+
201+ if (!$ expiration$ params$ this expirationParameter ] ?? false ) {
202+ return self ::STATUS_VALID ;
203+ }
204+
205+ if (time () < $ expiration
206+ return self ::STATUS_VALID ;
207+ }
208+
209+ return self ::STATUS_EXPIRED ;
210+ }
211+
212+ private static function normalize (Request string $ uristring
213+ {
214+ if ($ uriinstanceof Request) {
215+ $ qs$ qs$ uriserver ->get ('QUERY_STRING ' )) ? '? ' .$ qs'' ;
216+ $ uri$ urigetSchemeAndHttpHost ().$ urigetBaseUrl ().$ urigetPathInfo ().$ qs
217+ }
218+
219+ return $ uri
220+ }
196221}
0 commit comments