unsign
string public \Bitrix\Main\Security\Sign\TimeSigner::unsign( string $signedValue, string|null $salt = null );
Non-static method verifies message signature and lifetime. When both parameters are OK, returns original message.
Parameters
| Parameter | Description | Version |
|---|---|---|
| $signedValue | Signed value must have the format: {message}{separator}{expired timestamp}{separator}{signature}. | |
| $salt | Salt, if required. |
Exceptions
Example
$signer = new TimeSigner;
// Sing message for 1 second
$signedValue = $signer->sign('test', '+1 second');
// Or sign with expiring on some magic timestamp (e.g. 01.01.2030)
$signedValue = $signer->sign('test', 1893445200);
// Get original message with checking
echo $signer->unsign($signedValue);
// Output: 'test'
// Try to unsigning not signed value
echo $signer->unsign('test');
//throw BadSignatureException with message 'Separator not found in value'
// Or with invalid sign
echo $signer->unsign('test.invalid_sign');
// Or invalid salt
echo $signer->unsign($signedValue, 'invalid_salt');
//throw BadSignatureException with message 'Signature does not match'
// Or expired lifetime
echo $signer->unsign($signedValue);
//throw BadSignatureException with message 'Signature timestamp expired (1403039921 < 1403040024)'
© «Bitrix24», 2001-2024