validateSignature function

void validateSignature(
  1. String providerId,
  2. String signature,
  3. String applicationId,
  4. String timestamp,
)

Implementation

void validateSignature(String providerId, String signature,
    String applicationId, String timestamp) {
  try {
    logger.info(
        'Starting signature validation for providerId: $providerId, applicationId: $applicationId, timestamp: $timestamp');

    final message =
        jsonEncode({'providerId': providerId, 'timestamp': timestamp});
    final messageHash = keccak256(utf8.encode(message));
    final appId = EthSigUtil.recoverPersonalSignature(
      signature: signature,
      message: messageHash,
    ).toLowerCase();

    if (EthereumAddress.fromHex(appId) !=
        EthereumAddress.fromHex(applicationId)) {
      logger.info(
          'Signature validation failed: Mismatch between derived appId ($appId) and provided applicationId ($applicationId)');
      throw invalidSignatureError(
          'Signature does not match the application id: $appId');
    }

    logger.info(
        'Signature validated successfully for applicationId: $applicationId');
  } catch (err) {
    logger.info('Signature validation failed: ${err.toString()}');
    throw invalidSignatureError(
        'Failed to validate signature: ${err.toString()}');
  }
}