private static boolean validateSignature()

in auth-lib/src/main/java/com/spotify/sdk/android/auth/app/SpotifyNativeAuthUtil.java [175:203]

• 27 lines of code
• 5 McCabe index (conditional complexity)

    private static boolean validateSignature(@NonNull Context context,
                                             String spotifyPackageName,
                                             @NonNull Sha1HashUtil sha1HashUtil) {
        try {
            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
                final PackageInfo packageInfo = context.getPackageManager().getPackageInfo(
                        spotifyPackageName,
                        PackageManager.GET_SIGNING_CERTIFICATES);

                if (packageInfo.signingInfo == null) {
                    return false;
                }
                if(packageInfo.signingInfo.hasMultipleSigners()){
                    return validateSignatures(sha1HashUtil, packageInfo.signingInfo.getApkContentsSigners());
                }
                else{
                    return validateSignatures(sha1HashUtil, packageInfo.signingInfo.getSigningCertificateHistory());
                }
            } else {
                final PackageInfo packageInfo = context.getPackageManager().getPackageInfo(
                        spotifyPackageName,
                        PackageManager.GET_SIGNATURES);

                return validateSignatures(sha1HashUtil, packageInfo.signatures);
            }
        } catch (PackageManager.NameNotFoundException ignored) {
        }
        return false;
    }