- $value = json_decode( $body, true );
- return ( json_last_error() === JSON_ERROR_NONE ) ? $value : false;
+ if ( $this->serializationType === 'legacy' ) {
+ $serialized = $body;
+ } else {
+ $pieces = explode( '.', $body, 3 );
+ if ( count( $pieces ) !== 3 || $pieces[0] !== $this->serializationType ) {
+ return false;
+ }
+ list( , $hmac, $serialized ) = $pieces;
+ if ( $this->hmacKey !== '' ) {
+ $checkHmac = hash_hmac( 'sha256', $serialized, $this->hmacKey, true );
+ if ( !hash_equals( $checkHmac, base64_decode( $hmac ) ) ) {
+ return false;
+ }
+ }
+ }
+
+ switch ( $this->serializationType ) {
+ case 'JSON':
+ $value = json_decode( $serialized, true );
+ return ( json_last_error() === JSON_ERROR_NONE ) ? $value : false;
+
+ case 'PHP':
+ case 'legacy':
+ return unserialize( $serialized );
+
+ default:
+ throw new \DomainException(
+ "Unknown serialization type: $this->serializationType"
+ );
+ }