Allow to skip signature verification #741
Conversation
habara-k
force-pushed
the
allow-to-skip-signature-verification
branch
from
43a6658 to
e276dfc
Compare
This reverts commit e276dfc.
habara-k
force-pushed
the
allow-to-skip-signature-verification
branch
from
d79e580 to
47bd3ec
Compare
habara-k
force-pushed
the
allow-to-skip-signature-verification
branch
from
47bd3ec to
e6a1849
Compare
| * This can be useful in scenarios such as when you're in the process of updating | ||
| * the channel secret and need to temporarily bypass verification to avoid disruptions. | ||
| */ | ||
| public $skipSignatureValidation; |
There was a problem hiding this comment.
Are you using a callable instead of a bool so that the user can dynamically skip validation? If so, it might be helpful to mention that briefly in the PHPDoc.
| class EventRequestOptions | ||
| { | ||
| /** | ||
| * @var callable|null Function that returns boolean to determine if signature validation should be skipped. |
There was a problem hiding this comment.
It might be a good idea to explicitly specify that it returns a bool.
| * @var callable|null Function that returns boolean to determine if signature validation should be skipped. | |
| * @var callable(): bool|null Function that returns boolean to determine if signature validation should be skipped. |
There was a problem hiding this comment.
Thank you for the suggestion!
Yes, the intention is to allow dynamic control — the callable can return a boolean value to determine whether signature validation should be skipped.
However, we had to simplify the PHPDoc type to callable|null instead of callable(): bool|null, because phpDocumentor 3.x currently doesn’t support the newer callable syntax with return types.
To avoid breaking the documentation build, we decided to keep the simpler type declaration.
There was a problem hiding this comment.
It says it's available from version 3.3.0, so is that not correct? We use 3.3.1
There was a problem hiding this comment.
and more, this is probably (callable(): bool)|null ...?
| /** | ||
| * Constructor | ||
| * | ||
| * @param callable|null $skipSignatureValidation Function that returns boolean to determine if signature validation should be skipped |
There was a problem hiding this comment.
ditto
| * @param callable|null $skipSignatureValidation Function that returns boolean to determine if signature validation should be skipped | |
| * @param callable(): bool|null $skipSignatureValidation Function that returns boolean to determine if signature validation should be skipped |
| echo "DIFF_IS_EMPTY=$([[ -z "$diff_excluding_submodule" ]] && echo 'true' || echo 'false')" >> $GITHUB_ENV | ||
| echo "CURRENT_DATETIME=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_ENV | ||
| # Save full diff to file and upload artifact |
There was a problem hiding this comment.
I recognize this as a workaround, but do you encounter a diff when executing the steps written in the workflow locally?
line-bot-sdk-php/.github/workflows/generate-code.yml
Lines 33 to 57 in e6a1849
If so, this might confuse external contributors too like you, and we should consider measures to ensure stricter version control. For example, https://github.com/line/line-bot-sdk-php/blob/master/CONTRIBUTING.md should be updated.
.... However, since CI provides stable results, could it be that your local version is misaligned...?
@eucyt might help you when you're confused with something.
There was a problem hiding this comment.
It seems the PHP version I was running locally was outdated. The issue is now resolved, but I plan to keep this change for future troubleshooting.
3 participants
Changes
Motivation
The signature returned with webhooks is calculated using a single channel secret. If the bot owner changes their channel secret, the signature for webhooks starts being calculated using the new channel secret. To avoid signature verification failures, the bot owner must update the channel secret on their server, which is used for signature verification. However, if there is a timing mismatch in the update—and such a mismatch is almost unavoidable—verification will fail during that period.
In such cases, having an option to skip signature verification for webhooks would be a convenient way to avoid these issues.