Sha256: 972fc9db961a03ccbde851e2ca1594017c5bacfd4d1778aa1c7d0c0e0c8e3890

Contents?: true

Size: 1.51 KB

Versions: 16

Compression:

Stored size: 1.51 KB

Contents

module Braintree
  class WebhookNotificationGateway # :nodoc:
    def initialize(gateway)
      @gateway = gateway
      @config = gateway.config
    end

    def parse(signature_string, payload)
      if payload =~ /[^A-Za-z0-9+=\/\n]/
        raise InvalidSignature, "payload contains illegal characters"
      end
      _verify_signature(signature_string, payload)
      attributes = Xml.hash_from_xml(Base64.decode64(payload))
      WebhookNotification._new(@gateway, attributes[:notification])
    end

    def verify(challenge)
      digest = Braintree::Digest.hexdigest(@config.private_key, challenge)
      "#{@config.public_key}|#{digest}"
    end

    def _matching_signature_pair(signature_string)
      signature_pairs = signature_string.split("&")
      valid_pairs = signature_pairs.select { |pair| pair.include?("|") }.map { |pair| pair.split("|") }

      valid_pairs.detect do |public_key, signature|
        public_key == @config.public_key
      end
    end

    def _verify_signature(signature_string, payload)
      public_key, signature = _matching_signature_pair(signature_string)
      raise InvalidSignature, 'no matching public key' if public_key.nil?

      signature_matches = [payload, payload + "\n"].any? do |payload|
        payload_signature = Braintree::Digest.hexdigest(@config.private_key, payload)
        Braintree::Digest.secure_compare(signature, payload_signature)
      end
      raise InvalidSignature, 'signature does not match payload - one has been modified' unless signature_matches
    end
  end
end

Version data entries

16 entries across 16 versions & 1 rubygems

Version Path
braintree-2.43.0 lib/braintree/webhook_notification_gateway.rb
braintree-2.42.0 lib/braintree/webhook_notification_gateway.rb
braintree-2.41.0 lib/braintree/webhook_notification_gateway.rb
braintree-2.40.0 lib/braintree/webhook_notification_gateway.rb
braintree-2.39.0 lib/braintree/webhook_notification_gateway.rb
braintree-2.38.0 lib/braintree/webhook_notification_gateway.rb
braintree-2.37.0 lib/braintree/webhook_notification_gateway.rb
braintree-2.36.0 lib/braintree/webhook_notification_gateway.rb
braintree-2.35.0 lib/braintree/webhook_notification_gateway.rb
braintree-2.34.1 lib/braintree/webhook_notification_gateway.rb
braintree-2.34.0 lib/braintree/webhook_notification_gateway.rb
braintree-2.33.1 lib/braintree/webhook_notification_gateway.rb
braintree-2.33.0 lib/braintree/webhook_notification_gateway.rb
braintree-2.32.1 lib/braintree/webhook_notification_gateway.rb
braintree-2.31.0 lib/braintree/webhook_notification_gateway.rb
braintree-2.30.2 lib/braintree/webhook_notification_gateway.rb