adgators/screenseed-webhook

PHP utilities for verifying ScreenSeed webhook signatures

Maintainers

Details

github.com/AdGators/screenseed-webhook-php

Source

Installs: 2

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 0

Forks: 0

pkg:composer/adgators/screenseed-webhook

v1.0.0 2025-12-30 22:16 UTC

Requires

  • php: >=8.1

Requires (Dev)

MIT 1609ea01053a1ac76e1afdcc243f7e9c9e58cb7c

This package is auto-updated.

Last update: 2025-12-30 22:31:56 UTC

README

Tests PHP Version License

PHP utilities for verifying ScreenSeed webhook signatures.

This package helps you:

  • Validate webhook signatures securely
  • Prevent replay attacks
  • Safely compare HMACs using constant-time comparison

Installation

composer require adgators/screenseed-webhook

Usage

use AdGators\ScreenSeed\Webhook\Signature;
use AdGators\ScreenSeed\Webhook\Exceptions\InvalidSignatureFormatException;

$payload = file_get_contents('php://input');
$signatureHeader = $_SERVER['HTTP_SCREENSEED_SIGNATURE'];
$secret = $_ENV['SCREENSEED_WEBHOOK_SECRET'];

try {
    $signature = new Signature($signatureHeader);

    // verify the signature matches and is less than 30 seconds old
    if (! $signature->verify($payload, $secret, 30)) {
        http_response_code(401);
        exit('Invalid webhook signature');
    }
}
catch(InvalidSignatureFormatException $e) {
    exit($e->getMessage());
}

License

MIT © AdGators