Sha256: 54f5c553e7bac6a4873f22ea4660582d3d379ae34c761e7b7d5a67589cf0083e
Contents?: true
Size: 1.04 KB
Versions: 12
Compression:
Stored size: 1.04 KB
Contents
# frozen_string_literal: true
module BeyondCanvas
module RequestValidation # :nodoc:
extend ActiveSupport::Concern
private
def validate_app_installation_request!
bad_request unless app_installation_params? && valid_signature?(params[:signature],
app_installation_data,
BeyondApi.configuration.client_secret)
end
def app_installation_params?
if params[:code].nil? ||
params[:signature].nil? ||
params[:return_url].nil? ||
params[:api_url].nil? ||
params[:access_token_url].nil?
false
else
true
end
end
def app_installation_data
"#{params[:code]}:#{params[:access_token_url]}"
end
def valid_signature?(signature, data, secret)
digest = OpenSSL::Digest.new('SHA1')
hmac = OpenSSL::HMAC.digest(digest, secret, data)
URI.decode(signature) == Base64.encode64(hmac).chop
end
end
end
Version data entries
12 entries across 12 versions & 1 rubygems