Sha256: a03f875396eb56c72efad614231de4f39bdf98045948b5402e765fd33430bdde
Contents?: true
Size: 1023 Bytes
Versions: 2
Compression:
Stored size: 1023 Bytes
Contents
module MonoMerchant
class WebhookValidator
def initialize(request)
@request = request
@webhook_data = @request.raw_post
end
def public_key
Pubkey.get
end
# Validate webhook data signature with public key
#
# @return [Boolean] valid?
def valid?
return false if @webhook_data.nil?
return false if signature.nil?
return false unless public_key
openssl_ec = OpenSSL::PKey::EC.new(public_key)
openssl_ec.check_key
return true if openssl_ec.verify(digest, signature, @webhook_data)
warn "Webhook isn't authorized. Might be wrong signature or inconsistent webhook data."
false
end
private
# Get signature from request headers
#
# @return [String] signature
def signature
@signature ||= Base.decode(@request.headers["X-Sign"])
end
# Get digest from OpenSSL
#
# @return [OpenSSL::Digest] digest
def digest
@digest ||= OpenSSL::Digest.new("SHA256")
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| mono-merchant-0.2.0 | lib/mono-merchant/webhook_validator.rb |
| mono-merchant-0.1.0 | lib/mono-merchant/webhook_validator.rb |