Pusher.php

1. <?php
2.  
3. namespace Pusher;
4.  
5. use Psr\Log\LoggerAwareInterface;
6. use Psr\Log\LoggerAwareTrait;
7. use Psr\Log\LoggerInterface;
8. use Psr\Log\LogLevel;
9.  
10. class Pusher implements LoggerAwareInterface, PusherInterface
11. {
12. use LoggerAwareTrait;
13.  
14. /**
15. * @var string Version
16. */
17. public static $VERSION = '5.0.3';
18.  
19. /**
20. * @var null|PusherCrypto
21. */
22. private $crypto;
23.  
24. /**
25. * @var array Settings
26. */
27. private $settings = array(
28. 'scheme' => 'http',
29. 'port' => 80,
30. 'path' => '',
31. 'timeout' => 30,
32. 'curl_options' => array(),
33. );
34.  
35. /**
36. * @var null|resource
37. */
38. private $ch = null; // Curl handler
39.  
40. /**
41. * Initializes a new Pusher instance with key, secret, app ID and channel.
42. *
43. * @param string $auth_key
44. * @param string $secret
45. * @param int $app_id
46. * @param array $options [optional]
47. * Options to configure the Pusher instance.
48. * scheme - e.g. http or https
49. * host - the host e.g. api.pusherapp.com. No trailing forward slash.
50. * port - the http port
51. * timeout - the http timeout
52. * useTLS - quick option to use scheme of https and port 443.
53. * encrypted - deprecated; renamed to `useTLS`.
54. * cluster - cluster name to connect to.
55. * encryption_master_key - deprecated; use `encryption_master_key_base64`
56. * encryption_master_key_base64 - a 32 byte key, encoded as base64. This key, along with the channel name, are used to derive per-channel encryption keys. Per-channel keys are used to encrypt event data on encrypted channels.
57. * curl_options - wrapper for curl_setopt, more here: http://php.net/manual/en/function.curl-setopt.php
58. * @param string $host [optional] - deprecated
59. * @param int $port [optional] - deprecated
60. * @param int $timeout [optional] - deprecated
61. *
62. * @throws PusherException Throws exception if any required dependencies are missing
63. */
64. public function __construct($auth_key, $secret, $app_id, $options = array(), $host = null, $port = null, $timeout = null)
65. {
66. $this->check_compatibility();
67.  
68. if (!is_null($host)) {
69. $match = null;
70. preg_match("/(http[s]?)\:\/\/(.*)/", $host, $match);
71.  
72. if (count($match) === 3) {
73. $this->settings['scheme'] = $match[1];
74. $host = $match[2];
75. }
76.  
77. $this->settings['host'] = $host;
78. $this->settings['path'] = '';
79.  
80. $this->log('Legacy $host parameter provided: {scheme} host: {host}', array(
81. 'scheme' => $this->settings['scheme'],
82. 'host' => $this->settings['host'],
83. 'path' => $this->settings['path'],
84. ));
85. }
86.  
87. if (!is_null($port)) {
88. $options['port'] = $port;
89. }
90.  
91. if (!is_null($timeout)) {
92. $options['timeout'] = $timeout;
93. }
94.  
95. /* End backward compatibility with old constructor **/
96.  
97. $useTLS = false;
98. if (isset($options['useTLS'])) {
99. $useTLS = $options['useTLS'] === true;
100. } elseif (isset($options['encrypted'])) {
101. // `encrypted` deprecated in favor of `forceTLS`
102. $useTLS = $options['encrypted'] === true;
103. }
104. if (
105. $useTLS &&
106. !isset($options['scheme']) &&
107. !isset($options['port'])
108. ) {
109. $options['scheme'] = 'https';
110. $options['port'] = 443;
111. }
112.  
113. $this->settings['auth_key'] = $auth_key;
114. $this->settings['secret'] = $secret;
115. $this->settings['app_id'] = $app_id;
116. $this->settings['base_path'] = '/apps/'.$this->settings['app_id'];
117.  
118. foreach ($options as $key => $value) {
119. // only set if valid setting/option
120. if (isset($this->settings[$key])) {
121. $this->settings[$key] = $value;
122. }
123. }
124.  
125. // handle the case when 'host' and 'cluster' are specified in the options.
126. if (!array_key_exists('host', $this->settings)) {
127. if (array_key_exists('host', $options)) {
128. $this->settings['host'] = $options['host'];
129. } elseif (array_key_exists('cluster', $options)) {
130. $this->settings['host'] = 'api-'.$options['cluster'].'.pusher.com';
131. } else {
132. $this->settings['host'] = 'api.pusherapp.com';
133. }
134. }
135.  
136. // ensure host doesn't have a scheme prefix
137. $this->settings['host'] = preg_replace('/http[s]?\:\/\//', '', $this->settings['host'], 1);
138.  
139. if (!array_key_exists('encryption_master_key', $options)) {
140. $options['encryption_master_key'] = '';
141. }
142. if (!array_key_exists('encryption_master_key_base64', $options)) {
143. $options['encryption_master_key_base64'] = '';
144. }
145.  
146. if ($options['encryption_master_key'] != '' or $options['encryption_master_key_base64'] != '') {
147. $parsedKey = PusherCrypto::parse_master_key(
148. $options['encryption_master_key'],
149. $options['encryption_master_key_base64']
150. );
151. $this->crypto = new PusherCrypto($parsedKey);
152. }
153. }
154.  
155. /**
156. * Fetch the settings.
157. *
158. * @return array
159. */
160. public function getSettings()
161. {
162. return $this->settings;
163. }
164.  
165. /**
166. * Set a logger to be informed of internal log messages.
167. *
168. * @deprecated Use the PSR-3 compliant Pusher::setLogger() instead. This method will be removed in the next breaking release.
169. *
170. * @param object $logger A object with a public function log($message) method
171. *
172. * @return void
173. */
174. public function set_logger($logger)
175. {
176. $this->logger = $logger;
177. }
178.  
179. /**
180. * Log a string.
181. *
182. * @param string $msg The message to log
183. * @param array|\Exception $context [optional] Any extraneous information that does not fit well in a string.
184. * @param string $level [optional] Importance of log message, highly recommended to use Psr\Log\LogLevel::{level}
185. *
186. * @return void
187. */
188. private function log($msg, array $context = array(), $level = LogLevel::INFO)
189. {
190. if (is_null($this->logger)) {
191. return;
192. }
193.  
194. if ($this->logger instanceof LoggerInterface) {
195. $this->logger->log($level, $msg, $context);
196.  
197. return;
198. }
199.  
200. // Support old style logger (deprecated)
201. $msg = sprintf('Pusher: %s: %s', strtoupper($level), $msg);
202. $replacement = array();
203.  
204. foreach ($context as $k => $v) {
205. $replacement['{'.$k.'}'] = $v;
206. }
207.  
208. $this->logger->log(strtr($msg, $replacement));
209. }
210.  
211. /**
212. * Check if the current PHP setup is sufficient to run this class.
213. *
214. * @throws PusherException If any required dependencies are missing
215. *
216. * @return void
217. */
218. private function check_compatibility()
219. {
220. if (!extension_loaded('curl')) {
221. throw new PusherException('The Pusher library requires the PHP cURL module. Please ensure it is installed');
222. }
223.  
224. if (!extension_loaded('json')) {
225. throw new PusherException('The Pusher library requires the PHP JSON module. Please ensure it is installed');
226. }
227.  
228. if (!in_array('sha256', hash_algos())) {
229. throw new PusherException('SHA256 appears to be unsupported - make sure you have support for it, or upgrade your version of PHP.');
230. }
231. }
232.  
233. /**
234. * Validate number of channels and channel name format.
235. *
236. * @param string[] $channels An array of channel names to validate
237. *
238. * @throws PusherException If $channels is too big or any channel is invalid
239. *
240. * @return void
241. */
242. private function validate_channels($channels)
243. {
244. if (count($channels) > 100) {
245. throw new PusherException('An event can be triggered on a maximum of 100 channels in a single call.');
246. }
247.  
248. foreach ($channels as $channel) {
249. $this->validate_channel($channel);
250. }
251. }
252.  
253. /**
254. * Ensure a channel name is valid based on our spec.
255. *
256. * @param string $channel The channel name to validate
257. *
258. * @throws PusherException If $channel is invalid
259. *
260. * @return void
261. */
262. private function validate_channel($channel)
263. {
264. if (!preg_match('/\A[-a-zA-Z0-9_=@,.;]+\z/', $channel)) {
265. throw new PusherException('Invalid channel name '.$channel);
266. }
267. }
268.  
269. /**
270. * Ensure a socket_id is valid based on our spec.
271. *
272. * @param string $socket_id The socket ID to validate
273. *
274. * @throws PusherException If $socket_id is invalid
275. */
276. private function validate_socket_id($socket_id)
277. {
278. if ($socket_id !== null && !preg_match('/\A\d+\.\d+\z/', $socket_id)) {
279. throw new PusherException('Invalid socket ID '.$socket_id);
280. }
281. }
282.  
283. /**
284. * Utility function used to create the curl object with common settings.
285. *
286. * @param string $url_prefix
287. * @param string $path
288. * @param string [optional] $request_method
289. * @param array [optional] $query_params
290. *
291. * @throws PusherException Throws exception if curl wasn't initialized correctly
292. *
293. * @return resource
294. */
295. private function create_curl($url_prefix, $path, $request_method = 'GET', $query_params = array())
296. {
297. // Create the signed signature...
298. $signed_query = self::build_auth_query_string(
299. $this->settings['auth_key'],
300. $this->settings['secret'],
301. $request_method,
302. $path,
303. $query_params
304. );
305.  
306. $full_url = $url_prefix.$path.'?'.$signed_query;
307.  
308. $this->log('create_curl( {full_url} )', array('full_url' => $full_url));
309.  
310. // Create or reuse existing curl handle
311. if (!is_resource($this->ch)) {
312. $this->ch = curl_init();
313. }
314.  
315. if ($this->ch === false) {
316. throw new PusherException('Could not initialise cURL!');
317. }
318.  
319. $ch = $this->ch;
320.  
321. // curl handle is not reusable unless reset
322. if (function_exists('curl_reset')) {
323. curl_reset($ch);
324. }
325.  
326. // Set cURL opts and execute request
327. curl_setopt($ch, CURLOPT_URL, $full_url);
328. curl_setopt($ch, CURLOPT_HTTPHEADER, array(
329. 'Content-Type: application/json',
330. 'Expect:',
331. 'X-Pusher-Library: pusher-http-php '.self::$VERSION,
332. ));
333. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
334. curl_setopt($ch, CURLOPT_TIMEOUT, $this->settings['timeout']);
335. if ($request_method === 'POST') {
336. curl_setopt($ch, CURLOPT_POST, 1);
337. } elseif ($request_method === 'GET') {
338. curl_setopt($ch, CURLOPT_POST, 0);
339. } // Otherwise let the user configure it
340.  
341. // Set custom curl options
342. if (!empty($this->settings['curl_options'])) {
343. foreach ($this->settings['curl_options'] as $option => $value) {
344. curl_setopt($ch, $option, $value);
345. }
346. }
347.  
348. return $ch;
349. }
350.  
351. /**
352. * Utility function to execute curl and create capture response information.
353. *
354. * @param $ch resource
355. *
356. * @return array
357. */
358. private function exec_curl($ch)
359. {
360. $response = array();
361.  
362. $response['body'] = curl_exec($ch);
363. $response['status'] = curl_getinfo($ch, CURLINFO_HTTP_CODE);
364.  
365. if ($response['body'] === false) {
366. $this->log('exec_curl error: {error}', array('error' => curl_error($ch)), LogLevel::ERROR);
367. } elseif ($response['status'] < 200 || 400 <= $response['status']) {
368. $this->log('exec_curl {status} error from server: {body}', $response, LogLevel::ERROR);
369. } else {
370. $this->log('exec_curl {status} response: {body}', $response);
371. }
372.  
373. $this->log('exec_curl response: {response}', array('response' => print_r($response, true)));
374.  
375. return $response;
376. }
377.  
378. /**
379. * Build the Channels url prefix.
380. *
381. * @return string
382. */
383. private function channels_url_prefix()
384. {
385. return $this->settings['scheme'].'://'.$this->settings['host'].':'.$this->settings['port'].$this->settings['path'];
386. }
387.  
388. /**
389. * Build the required HMAC'd auth string.
390. *
391. * @param string $auth_key
392. * @param string $auth_secret
393. * @param string $request_method
394. * @param string $request_path
395. * @param array $query_params [optional]
396. * @param string $auth_version [optional]
397. * @param string $auth_timestamp [optional]
398. *
399. * @return string
400. */
401. public static function build_auth_query_string(
402. $auth_key,
403. $auth_secret,
404. $request_method,
405. $request_path,
406. $query_params = array(),
407. $auth_version = '1.0',
408. $auth_timestamp = null
409. ) {
410. $params = array();
411. $params['auth_key'] = $auth_key;
412. $params['auth_timestamp'] = (is_null($auth_timestamp) ? time() : $auth_timestamp);
413. $params['auth_version'] = $auth_version;
414.  
415. $params = array_merge($params, $query_params);
416. ksort($params);
417.  
418. $string_to_sign = "$request_method\n".$request_path."\n".self::array_implode('=', '&', $params);
419.  
420. $auth_signature = hash_hmac('sha256', $string_to_sign, $auth_secret, false);
421.  
422. $params['auth_signature'] = $auth_signature;
423. ksort($params);
424.  
425. $auth_query_string = self::array_implode('=', '&', $params);
426.  
427. return $auth_query_string;
428. }
429.  
430. /**
431. * Implode an array with the key and value pair giving
432. * a glue, a separator between pairs and the array
433. * to implode.
434. *
435. * @param string $glue The glue between key and value
436. * @param string $separator Separator between pairs
437. * @param array|string $array The array to implode
438. *
439. * @return string The imploded array
440. */
441. public static function array_implode($glue, $separator, $array)
442. {
443. if (!is_array($array)) {
444. return $array;
445. }
446.  
447. $string = array();
448. foreach ($array as $key => $val) {
449. if (is_array($val)) {
450. $val = implode(',', $val);
451. }
452. $string[] = "{$key}{$glue}{$val}";
453. }
454.  
455. return implode($separator, $string);
456. }
457.  
458. /**
459. * Trigger an event by providing event name and payload.
460. * Optionally provide a socket ID to exclude a client (most likely the sender).
461. *
462. * @param array|string $channels A channel name or an array of channel names to publish the event on.
463. * @param string $event
464. * @param mixed $data Event data
465. * @param array $params [optional]
466. * @param bool $already_encoded [optional]
467. *
468. * @throws PusherException Throws PusherException if $channels is an array of size 101 or above or $socket_id is invalid
469. * @throws ApiErrorException Throws ApiErrorException if the Channels HTTP API responds with an error
470. *
471. * @return object
472. */
473. public function trigger($channels, $event, $data, $params = array(), $already_encoded = false)
474. {
475. if (is_string($channels) === true) {
476. $channels = array($channels);
477. }
478.  
479. $this->validate_channels($channels);
480. if (isset($params['socket_id'])) {
481. $this->validate_socket_id($params['socket_id']);
482. }
483.  
484. $has_encrypted_channel = false;
485. foreach ($channels as $chan) {
486. if (PusherCrypto::is_encrypted_channel($chan)) {
487. $has_encrypted_channel = true;
488. }
489. }
490.  
491. if ($has_encrypted_channel) {
492. if (count($channels) > 1) {
493. // For rationale, see limitations of end-to-end encryption in the README
494. throw new PusherException('You cannot trigger to multiple channels when using encrypted channels');
495. } else {
496. $data_encoded = $this->crypto->encrypt_payload($channels[0], $already_encoded ? $data : json_encode($data));
497. }
498. } else {
499. $data_encoded = $already_encoded ? $data : json_encode($data);
500. }
501.  
502. $query_params = array();
503.  
504. $path = $this->settings['base_path'].'/events';
505.  
506. // json_encode might return false on failure
507. if (!$data_encoded) {
508. $this->log('Failed to perform json_encode on the the provided data: {error}', array(
509. 'error' => print_r($data, true),
510. ), LogLevel::ERROR);
511. }
512.  
513. $post_params = array();
514. $post_params['name'] = $event;
515. $post_params['data'] = $data_encoded;
516. $post_params['channels'] = array_values($channels);
517.  
518. $all_params = array_merge($post_params, $params);
519.  
520. $post_value = json_encode($all_params);
521.  
522. $query_params['body_md5'] = md5($post_value);
523.  
524. $ch = $this->create_curl($this->channels_url_prefix(), $path, 'POST', $query_params);
525.  
526. $this->log('trigger POST: {post_value}', compact('post_value'));
527.  
528. curl_setopt($ch, CURLOPT_POSTFIELDS, $post_value);
529.  
530. $response = $this->exec_curl($ch);
531.  
532. if ($response['status'] !== 200) {
533. throw new ApiErrorException($response['body'], $response['status']);
534. }
535.  
536. $result = json_decode($response['body']);
537.  
538. if (property_exists($result, 'channels')) {
539. $result->channels = get_object_vars($result->channels);
540. }
541.  
542. return $result;
543. }
544.  
545. /**
546. * Trigger multiple events at the same time.
547. *
548. * @param array $batch [optional] An array of events to send
549. * @param bool $already_encoded [optional]
550. *
551. * @throws PusherException Throws exception if curl wasn't initialized correctly
552. * @throws ApiErrorException Throws ApiErrorException if the Channels HTTP API responds with an error
553. *
554. * @return object
555. */
556. public function triggerBatch($batch = array(), $already_encoded = false)
557. {
558. foreach ($batch as $key => $event) {
559. $this->validate_channel($event['channel']);
560. if (isset($event['socket_id'])) {
561. $this->validate_socket_id($event['socket_id']);
562. }
563.  
564. $data = $event['data'];
565. if (!is_string($data)) {
566. $data = $already_encoded ? $data : json_encode($data);
567. }
568.  
569. if (PusherCrypto::is_encrypted_channel($event['channel'])) {
570. $batch[$key]['data'] = $this->crypto->encrypt_payload($event['channel'], $data);
571. } else {
572. $batch[$key]['data'] = $data;
573. }
574. }
575.  
576. $post_params = array();
577. $post_params['batch'] = $batch;
578. $post_value = json_encode($post_params);
579.  
580. $query_params = array();
581. $query_params['body_md5'] = md5($post_value);
582. $path = $this->settings['base_path'].'/batch_events';
583.  
584. $ch = $this->create_curl($this->channels_url_prefix(), $path, 'POST', $query_params);
585.  
586. $this->log('trigger POST: {post_value}', compact('post_value'));
587.  
588. curl_setopt($ch, CURLOPT_POSTFIELDS, $post_value);
589.  
590. $response = $this->exec_curl($ch);
591.  
592. if ($response['status'] !== 200) {
593. throw new ApiErrorException($response['body'], $response['status']);
594. }
595.  
596. return json_decode($response['body']);
597. }
598.  
599. /**
600. * Fetch channel information for a specific channel.
601. *
602. * @param string $channel The name of the channel
603. * @param array $params Additional parameters for the query e.g. $params = array( 'info' => 'connection_count' )
604. *
605. * @throws PusherException If $channel is invalid or if curl wasn't initialized correctly
606. * @throws ApiErrorException Throws ApiErrorException if the Channels HTTP API responds with an error
607. *
608. * @return object
609. */
610. public function get_channel_info($channel, $params = array())
611. {
612. $this->validate_channel($channel);
613.  
614. return $this->get('/channels/'.$channel, $params);
615. }
616.  
617. /**
618. * Fetch a list containing all channels.
619. *
620. * @param array $params Additional parameters for the query e.g. $params = array( 'info' => 'connection_count' )
621. *
622. * @throws PusherException Throws exception if curl wasn't initialized correctly
623. * @throws ApiErrorException Throws ApiErrorException if the Channels HTTP API responds with an error
624. *
625. * @return object
626. */
627. public function get_channels($params = array())
628. {
629. $result = $this->get('/channels', $params);
630.  
631. $result->channels = get_object_vars($result->channels);
632.  
633. return $result;
634. }
635.  
636. /**
637. * Fetch user ids currently subscribed to a presence channel.
638. *
639. * @param string $channel The name of the channel
640. *
641. * @throws PusherException Throws exception if curl wasn't initialized correctly
642. * @throws ApiErrorException Throws ApiErrorException if the Channels HTTP API responds with an error
643. *
644. * @return object
645. */
646. public function get_users_info($channel)
647. {
648. return $this->get('/channels/'.$channel.'/users');
649. }
650.  
651. /**
652. * GET arbitrary REST API resource using a synchronous http client.
653. * All request signing is handled automatically.
654. *
655. * @param string $path Path excluding /apps/APP_ID
656. * @param array $params API params (see http://pusher.com/docs/rest_api)
657. * @param bool $associative When true, return the response body as an associative array, else return as an object
658. *
659. * @throws PusherException Throws exception if curl wasn't initialized correctly
660. * @throws ApiErrorException Throws ApiErrorException if the Channels HTTP API responds with an error
661. *
662. * @return mixed See Pusher API docs
663. */
664. public function get($path, $params = array(), $associative = false)
665. {
666. $path = $this->settings['base_path'].$path;
667.  
668. $ch = $this->create_curl($this->channels_url_prefix(), $path, 'GET', $params);
669.  
670. $response = $this->exec_curl($ch);
671.  
672. if ($response['status'] !== 200) {
673. throw new ApiErrorException($response['body'], $response['status']);
674. }
675.  
676. return json_decode($response['body'], $associative);
677. }
678.  
679. /**
680. * Creates a socket signature.
681. *
682. * @param string $channel
683. * @param string $socket_id
684. * @param string $custom_data
685. *
686. * @throws PusherException Throws exception if $channel is invalid or above or $socket_id is invalid
687. *
688. * @return string Json encoded authentication string.
689. */
690. public function socket_auth($channel, $socket_id, $custom_data = null)
691. {
692. $this->validate_channel($channel);
693. $this->validate_socket_id($socket_id);
694.  
695. if ($custom_data) {
696. $signature = hash_hmac('sha256', $socket_id.':'.$channel.':'.$custom_data, $this->settings['secret'], false);
697. } else {
698. $signature = hash_hmac('sha256', $socket_id.':'.$channel, $this->settings['secret'], false);
699. }
700.  
701. $signature = array('auth' => $this->settings['auth_key'].':'.$signature);
702. // add the custom data if it has been supplied
703. if ($custom_data) {
704. $signature['channel_data'] = $custom_data;
705. }
706.  
707. if (PusherCrypto::is_encrypted_channel($channel)) {
708. if (!is_null($this->crypto)) {
709. $signature['shared_secret'] = base64_encode($this->crypto->generate_shared_secret($channel));
710. } else {
711. throw new PusherException('You must specify an encryption master key to authorize an encrypted channel');
712. }
713. }
714.  
715. return json_encode($signature, JSON_UNESCAPED_SLASHES);
716. }
717.  
718. /**
719. * Creates a presence signature (an extension of socket signing).
720. *
721. * @param string $channel
722. * @param string $socket_id
723. * @param string $user_id
724. * @param mixed $user_info
725. *
726. * @throws PusherException Throws exception if $channel is invalid or above or $socket_id is invalid
727. *
728. * @return string
729. */
730. public function presence_auth($channel, $socket_id, $user_id, $user_info = null)
731. {
732. $user_data = array('user_id' => $user_id);
733. if ($user_info) {
734. $user_data['user_info'] = $user_info;
735. }
736.  
737. return $this->socket_auth($channel, $socket_id, json_encode($user_data));
738. }
739.  
740. /**
741. * Verify that a webhook actually came from Pusher, decrypts any encrypted events, and marshals them into a PHP object.
742. *
743. * @param array $headers a array of headers from the request (for example, from getallheaders())
744. * @param string $body the body of the request (for example, from file_get_contents('php://input'))
745. *
746. * @throws PusherException
747. *
748. * @return Webhook marshalled object with the properties time_ms (an int) and events (an array of event objects)
749. */
750. public function webhook($headers, $body)
751. {
752. $this->ensure_valid_signature($headers, $body);
753.  
754. $decoded_events = array();
755. $decoded_json = json_decode($body);
756. foreach ($decoded_json->events as $key => $event) {
757. if (PusherCrypto::is_encrypted_channel($event->channel)) {
758. if (!is_null($this->crypto)) {
759. $decryptedEvent = $this->crypto->decrypt_event($event);
760.  
761. if ($decryptedEvent == false) {
762. $this->log('Unable to decrypt webhook event payload. Wrong key? Ignoring.', null, LogLevel::WARNING);
763. continue;
764. }
765. array_push($decoded_events, $decryptedEvent);
766. } else {
767. $this->log('Got an encrypted webhook event payload, but no master key specified. Ignoring.', null, LogLevel::WARNING);
768. continue;
769. }
770. } else {
771. array_push($decoded_events, $event);
772. }
773. }
774. $webhookobj = new Webhook($decoded_json->time_ms, $decoded_json->events);
775.  
776. return $webhookobj;
777. }
778.  
779. /**
780. * Verify that a given Pusher Signature is valid.
781. *
782. * @param array $headers an array of headers from the request (for example, from getallheaders())
783. * @param string $body the body of the request (for example, from file_get_contents('php://input'))
784. *
785. * @throws PusherException if signature is inccorrect.
786. */
787. public function ensure_valid_signature($headers, $body)
788. {
789. $x_pusher_key = $headers['X-Pusher-Key'];
790. $x_pusher_signature = $headers['X-Pusher-Signature'];
791. if ($x_pusher_key == $this->settings['auth_key']) {
792. $expected = hash_hmac('sha256', $body, $this->settings['secret']);
793. if ($expected === $x_pusher_signature) {
794. return;
795. }
796. }
797.  
798. throw new PusherException(sprintf('Received WebHook with invalid signature: got %s.', $x_pusher_signature));
799. }
800. }
801.