public function acceptSignatureHash(string
$userIdentifier, int
$expires, string
$hash): void
{ if ($expires <
time()) { throw new ExpiredSignatureException('Signature has expired.'
);
} $hmac =
substr($hash, 0, 44
);
$payload =
substr($hash, 44
).':'.
$expires.':'.
$userIdentifier;
if (!
hash_equals($hmac,
$this->
generateHash($payload))) { throw new InvalidSignatureException('Invalid or expired signature.'
);
} } /**
* Verifies the hash using the provided user and expire time.
*
* @param int $expires The expiry time as a unix timestamp
* @param string $hash The plaintext hash provided by the request
*
* @throws InvalidSignatureException If the signature does not match the provided parameters
* @throws ExpiredSignatureException If the signature is no longer valid
*/