Contents

class DiscoApp::RequestValidationService

  def self.hmac_valid?(query_string, secret)
    query_hash = Rack::Utils.parse_query(query_string)
    hmac = query_hash.delete('hmac').to_s
    ActiveSupport::SecurityUtils.variable_size_secure_compare(self.calculated_hmac(query_hash, secret), hmac)
  end

  # Return the calculated hmac for the given query hash and secret.
  def self.calculated_hmac(query_hash, secret)
    sorted_params = query_hash.collect{ |k, v| "#{k}=#{Array(v).join(',')}" }.sort.join('&')
    OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), secret, sorted_params)
  end

end

Version data entries

15 entries across 15 versions & 1 rubygems

Version	Path
disco_app-0.12.5	app/services/disco_app/request_validation_service.rb
disco_app-0.12.6	app/services/disco_app/request_validation_service.rb
disco_app-0.12.7	app/services/disco_app/request_validation_service.rb
disco_app-0.13.0	app/services/disco_app/request_validation_service.rb
disco_app-0.13.1	app/services/disco_app/request_validation_service.rb
disco_app-0.13.2	app/services/disco_app/request_validation_service.rb
disco_app-0.13.3	app/services/disco_app/request_validation_service.rb
disco_app-0.13.4	app/services/disco_app/request_validation_service.rb
disco_app-0.13.5	app/services/disco_app/request_validation_service.rb
disco_app-0.13.6	app/services/disco_app/request_validation_service.rb
disco_app-0.13.7	app/services/disco_app/request_validation_service.rb
disco_app-0.13.8	app/services/disco_app/request_validation_service.rb
disco_app-0.12.7.pre.puma.pre.3	app/services/disco_app/request_validation_service.rb
disco_app-0.14.0	app/services/disco_app/request_validation_service.rb
disco_app-0.13.6.pre.puma.pre.3	app/services/disco_app/request_validation_service.rb