Sha256: 9680a824bad1be87c0f3305d47cd49f4d8400c925766cb75a54167aee6aa27c0

Contents?: true

Size: 623 Bytes

Versions: 2

Compression:

Stored size: 623 Bytes

Contents

require 'url_signer/base'

module UrlSigner
  class Verifier < Base

    def valid?
      return false unless signed?

      # extract signature from params
      remaining_params = params.dup
      provided_signature = remaining_params.delete('signature')

      # recompute the signature using the secret key
      recomputed_signature = compute_signature(url.host, url.path, remaining_params)

      safe_compare(provided_signature, recomputed_signature)
    end

    private

    def safe_compare(signature, other_signature)
      hash_method.digest(signature) == hash_method.digest(other_signature)
    end

  end
end

Version data entries

2 entries across 2 versions & 1 rubygems

Version Path
url_signer-0.2 lib/url_signer/verifier.rb
url_signer-0.1 lib/url_signer/verifier.rb