# File lib/omniauth/strategies/ign.rb, line 33
      def callback_phase
        signature = OpenSSL::HMAC.hexdigest('sha1', @api_key, ("#{request.params["username"]}::#{request.params["timestamp"]}"))

        raise CallbackError.new("Invalid Signature","The supplied and calculated signature did not match, user not approved.") if signature != request.params["signature"]

        super
      rescue CallbackError => e
        fail!(:invalid_response, e)
      end