Sha256: ef2356734f71ee02a4453c871ad6d7f2382805d07ab2dbc60af15ed1b34cd69f

Contents?: true

Size: 795 Bytes

Versions: 19

Compression:

Stored size: 795 Bytes

Contents

module ShopifyApp
  module WebhookVerification
    extend ActiveSupport::Concern

    included do
      skip_before_action :verify_authenticity_token, raise: false
      before_action :verify_request
    end

    private

    def verify_request
      data = request.raw_post
      return head :unauthorized unless hmac_valid?(data)
    end

    def hmac_valid?(data)
      secret = ShopifyApp.configuration.secret
      digest = OpenSSL::Digest.new('sha256')
      ActiveSupport::SecurityUtils.secure_compare(
        shopify_hmac,
        Base64.encode64(OpenSSL::HMAC.digest(digest, secret, data)).strip
      )
    end

    def shop_domain
      request.headers['HTTP_X_SHOPIFY_SHOP_DOMAIN']
    end

    def shopify_hmac
      request.headers['HTTP_X_SHOPIFY_HMAC_SHA256']
    end
  end
end

Version data entries

19 entries across 19 versions & 1 rubygems

Version Path
shopify_app-8.4.2 lib/shopify_app/controller_concerns/webhook_verification.rb
shopify_app-8.4.1 lib/shopify_app/controller_concerns/webhook_verification.rb
shopify_app-8.4.0 lib/shopify_app/controller_concerns/webhook_verification.rb
shopify_app-8.3.2 lib/shopify_app/controller_concerns/webhook_verification.rb
shopify_app-8.3.1 lib/shopify_app/controller_concerns/webhook_verification.rb
shopify_app-8.3.0 lib/shopify_app/controller_concerns/webhook_verification.rb
shopify_app-8.2.6 lib/shopify_app/controller_concerns/webhook_verification.rb
shopify_app-8.2.5 lib/shopify_app/controller_concerns/webhook_verification.rb
shopify_app-8.2.4 lib/shopify_app/controller_concerns/webhook_verification.rb
shopify_app-8.2.2 lib/shopify_app/controller_concerns/webhook_verification.rb
shopify_app-8.2.1 lib/shopify_app/controller_concerns/webhook_verification.rb
shopify_app-8.2.0 lib/shopify_app/controller_concerns/webhook_verification.rb
shopify_app-8.1.0 lib/shopify_app/controller_concerns/webhook_verification.rb
shopify_app-8.0.0 lib/shopify_app/controller_concerns/webhook_verification.rb
shopify_app-7.4.0 lib/shopify_app/webhook_verification.rb
shopify_app-7.3.0 lib/shopify_app/webhook_verification.rb
shopify_app-7.2.11 lib/shopify_app/webhook_verification.rb
shopify_app-7.2.10 lib/shopify_app/webhook_verification.rb
shopify_app-7.2.9 lib/shopify_app/webhook_verification.rb