Sha256: 4e2725463ec0b93d829b9ca3fe51b605d13936c12e9c3f8edf469463dfb133b6
Contents?: true
Size: 1.62 KB
Versions: 2
Compression:
Stored size: 1.62 KB
Contents
module Braintree
class WebhookNotificationGateway # :nodoc:
def initialize(gateway)
@gateway = gateway
@config = gateway.config
end
def parse(signature_string, payload)
if payload =~ /[^A-Za-z0-9+=\/\n]/
raise InvalidSignature, "payload contains illegal characters"
end
_verify_signature(signature_string, payload)
attributes = Xml.hash_from_xml(Base64.decode64(payload))
WebhookNotification._new(@gateway, attributes[:notification])
end
def verify(challenge)
raise InvalidChallenge, 'challenge contains non-hex characters' unless challenge =~ /\A[a-f0-9]{20,32}\z/
digest = Braintree::Digest.hexdigest(@config.private_key, challenge)
"#{@config.public_key}|#{digest}"
end
def _matching_signature_pair(signature_string)
signature_pairs = signature_string.split("&")
valid_pairs = signature_pairs.select { |pair| pair.include?("|") }.map { |pair| pair.split("|") }
valid_pairs.detect do |public_key, signature|
public_key == @config.public_key
end
end
def _verify_signature(signature_string, payload)
public_key, signature = _matching_signature_pair(signature_string)
raise InvalidSignature, 'no matching public key' if public_key.nil?
signature_matches = [payload, payload + "\n"].any? do |payload|
payload_signature = Braintree::Digest.hexdigest(@config.private_key, payload)
Braintree::Digest.secure_compare(signature, payload_signature)
end
raise InvalidSignature, 'signature does not match payload - one has been modified' unless signature_matches
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| braintree-2.45.0 | lib/braintree/webhook_notification_gateway.rb |
| braintree-2.44.0 | lib/braintree/webhook_notification_gateway.rb |