ValidateSignature.php
TLDR
This file contains the implementation of the ValidateSignature middleware class. This class is responsible for validating URL signatures in Laravel routing.
Methods
relative($ignore = [])
This method specifies that the URL signature is for a relative URL. It takes an optional $ignore parameter which specifies the names of the parameters that should be ignored. The method returns a string representation of the middleware class and the ignored parameters.
absolute($ignore = [])
This method specifies that the URL signature is for an absolute URL. It takes an optional $ignore parameter which specifies the names of the parameters that should be ignored. The method returns a string representation of the middleware class and the ignored parameters.
handle($request, Closure $next, ...$args)
This method handles an incoming request. It takes the $request object, a Closure $next, and additional arguments $args. It checks if the request has a valid signature while ignoring certain parameters based on the arguments passed. If the signature is valid, it calls the next middleware in the pipeline. If the signature is invalid, it throws an InvalidSignatureException.
parseArguments(array $args)
This method parses the additional arguments given to the middleware. It takes an array of arguments $args and returns an array of parsed arguments.
except($parameters)
This static method indicates that the given parameters should be ignored during signature validation. It takes an array or string $parameters and updates the $neverValidate property with the ignored parameters.
Classes
There are no additional classes in this file.
<?php
namespace Illuminate\Routing\Middleware;
use Closure;
use Illuminate\Routing\Exceptions\InvalidSignatureException;
use Illuminate\Support\Arr;
class ValidateSignature
{
/**
* The names of the parameters that should be ignored.
*
* @var array<int, string>
*/
protected $ignore = [
//
];
/**
* The globally ignored parameters.
*
* @var array
*/
protected static $neverValidate = [];
/**
* Specify that the URL signature is for a relative URL.
*
* @param array|string $ignore
* @return string
*/
public static function relative($ignore = [])
{
$ignore = Arr::wrap($ignore);
return static::class.':'.implode(',', empty($ignore) ? ['relative'] : ['relative', ...$ignore]);
}
/**
* Specify that the URL signature is for an absolute URL.
*
* @param array|string $ignore
* @return class-string
*/
public static function absolute($ignore = [])
{
$ignore = Arr::wrap($ignore);
return empty($ignore)
? static::class
: static::class.':'.implode(',', $ignore);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param array|null $args
* @return \Illuminate\Http\Response
*
* @throws \Illuminate\Routing\Exceptions\InvalidSignatureException
*/
public function handle($request, Closure $next, ...$args)
{
[$relative, $ignore] = $this->parseArguments($args);
if ($request->hasValidSignatureWhileIgnoring($ignore, ! $relative)) {
return $next($request);
}
throw new InvalidSignatureException;
}
/**
* Parse the additional arguments given to the middleware.
*
* @param array $args
* @return array
*/
protected function parseArguments(array $args)
{
$relative = ! empty($args) && $args[0] === 'relative';
if ($relative) {
array_shift($args);
}
$ignore = array_merge(
property_exists($this, 'except') ? $this->except : $this->ignore,
$args
);
return [$relative, array_merge($ignore, static::$neverValidate)];
}
/**
* Indicate that the given parameters should be ignored during signature validation.
*
* @param array|string $parameters
* @return void
*/
public static function except($parameters)
{
static::$neverValidate = array_values(array_unique(
array_merge(static::$neverValidate, Arr::wrap($parameters))
));
}
}