Sha256: fd9cde07fe8d8a66363fe2738a2d76c0881ff76fedd85402f241bf898cc9ab49
Contents?: true
Size: 668 Bytes
Versions: 6
Compression:
Stored size: 668 Bytes
Contents
# frozen_string_literal: true module DuodealerApp class ExtensionVerificationController < ApplicationController protect_from_forgery with: :null_session before_action :verify_request private def verify_request hmac_header = request.headers["HTTP_X_DUODEALER_HMAC_SHA256"] request_body = request.body.read secret = DuodealerApp.configuration.secret digest = OpenSSL::Digest.new("sha256") expected_hmac = Base64.strict_encode64(OpenSSL::HMAC.digest(digest, secret, request_body)) head(:unauthorized) unless ActiveSupport::SecurityUtils.secure_compare(expected_hmac, hmac_header) end end end
Version data entries
6 entries across 5 versions & 1 rubygems