From e71006ab5c25916903a685ae601fb45ed92a0941 Mon Sep 17 00:00:00 2001
From: THEVENOUX Jean-Philippe <jp.thevenoux@pm.me>
Date: Wed, 7 Aug 2024 09:31:15 +0200
Subject: [PATCH] Change hash_equals order parameters (#221)

---
 src/SignatureValidator/DefaultSignatureValidator.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/SignatureValidator/DefaultSignatureValidator.php b/src/SignatureValidator/DefaultSignatureValidator.php
index 5cad016..a74b700 100644
--- a/src/SignatureValidator/DefaultSignatureValidator.php
+++ b/src/SignatureValidator/DefaultSignatureValidator.php
@@ -24,6 +24,6 @@ public function isValid(Request $request, WebhookConfig $config): bool
 
         $computedSignature = hash_hmac('sha256', $request->getContent(), $signingSecret);
 
-        return hash_equals($signature, $computedSignature);
+        return hash_equals($computedSignature, $signature);
     }
 }