Sha256: e88e68b19be6f77750fcc564af9ddfaae036277c1b3e3747868d62882c44ea75
Contents?: true
Size: 1.31 KB
Versions: 13
Compression:
Stored size: 1.31 KB
Contents
# typed: strict
# frozen_string_literal: true
module ShopifyAPI
module Utils
module HmacValidator
extend T::Sig
class << self
extend T::Sig
sig { params(verifiable_query: VerifiableQuery).returns(T::Boolean) }
def validate(verifiable_query)
return false unless verifiable_query.hmac
result = validate_signature(verifiable_query, Context.api_secret_key)
if result || Context.old_api_secret_key.blank?
result
else
validate_signature(verifiable_query, T.must(Context.old_api_secret_key))
end
end
private
sig { params(verifiable_query: VerifiableQuery, secret: String).returns(T::Boolean) }
def validate_signature(verifiable_query, secret)
received_signature = verifiable_query.hmac
computed_signature = compute_signature(verifiable_query.to_signable_string, secret)
OpenSSL.secure_compare(computed_signature, received_signature)
end
sig { params(signable_string: String, secret: String).returns(String) }
def compute_signature(signable_string, secret)
OpenSSL::HMAC.hexdigest(
OpenSSL::Digest.new("sha256"),
secret,
signable_string,
)
end
end
end
end
end
Version data entries
13 entries across 13 versions & 1 rubygems