<?php

namespace Illuminate\Validation;

use Exception;
use Illuminate\Contracts\Validation\UncompromisedVerifier;
use Illuminate\Support\Str;

class NotPwnedVerifier implements UncompromisedVerifier
{
    /**
     * The HTTP factory instance.
     *
     * @var \Illuminate\Http\Client\Factory
     */
    protected $factory;

    /**
     * The number of seconds the request can run before timing out.
     *
     * @var int
     */
    protected $timeout;

    /**
     * Create a new uncompromised verifier.
     *
     * @param  \Illuminate\Http\Client\Factory  $factory
     * @param  int|null  $timeout
     * @return void
     */
    public function __construct($factory, $timeout = null)
    {
        $this->factory = $factory;
        $this->timeout = $timeout ?? 30;
    }

    /**
     * Verify that the given data has not been compromised in public breaches.
     *
     * @param  array  $data
     * @return bool
     */
    public function verify($data)
    {
        $value = $data['value'];
        $threshold = $data['threshold'];

        if (empty($value = (string) $value)) {
            return false;
        }

        [$hash, $hashPrefix] = $this->getHash($value);

        return ! $this->search($hashPrefix)
            ->contains(function ($line) use ($hash, $hashPrefix, $threshold) {
                [$hashSuffix, $count] = explode(':', $line);

                return $hashPrefix.$hashSuffix == $hash && $count > $threshold;
            });
    }

    /**
     * Get the hash and its first 5 chars.
     *
     * @param  string  $value
     * @return array
     */
    protected function getHash($value)
    {
        $hash = strtoupper(sha1((string) $value));

        $hashPrefix = substr($hash, 0, 5);

        return [$hash, $hashPrefix];
    }

    /**
     * Search by the given hash prefix and returns all occurrences of leaked passwords.
     *
     * @param  string  $hashPrefix
     * @return \Illuminate\Support\Collection
     */
    protected function search($hashPrefix)
    {
        try {
            $response = $this->factory->withHeaders([
                'Add-Padding' => true,
            ])->timeout($this->timeout)->get(
                'https://api.pwnedpasswords.com/range/'.$hashPrefix
            );
        } catch (Exception $e) {
            report($e);
        }

        $body = (isset($response) && $response->successful())
            ? $response->body()
            : '';

        return Str::of($body)->trim()->explode("\n")->filter(function ($line) {
            return str_contains($line, ':');
        });
    }
}

• [D] Concerns
• [D] Rules
• [F] ClosureValidationRule.php
  Delete
• [F] composer.json
  Delete
• [F] ConditionalRules.php
  Delete
• [F] DatabasePresenceVerifier.php
  Delete
• [F] DatabasePresenceVerifierInterface.php
  Delete
• [F] Factory.php
  Delete
• [F] InvokableValidationRule.php
  Delete
• [F] LICENSE.md
  Delete
• [F] NestedRules.php
  Delete
• [F] NotPwnedVerifier.php
  Delete
• [F] PresenceVerifierInterface.php
  Delete
• [F] Rule.php
  Delete
• [F] UnauthorizedException.php
  Delete
• [F] ValidatesWhenResolvedTrait.php
  Delete
• [F] ValidationData.php
  Delete
• [F] ValidationException.php
  Delete
• [F] ValidationRuleParser.php
  Delete
• [F] ValidationServiceProvider.php
  Delete
• [F] Validator.php
  Delete

Save Cards

Save Your Card for Quick and Easy Future Payments Online

Simplify your payment experience by securely saving your card on our platform. After your initial transaction, you can choose to store your card details safely for future use. This feature eliminates the need to re-enter your payment information each time, making checkouts faster while keeping your data secure with advanced encryption and robust security measures.

• Navigate to the “Save Card” section.
• Click on “Add Card.”
• Choose your preferred setup method.
• Your card is now saved for future payments.