lib/bunq/signature.rb in bunq-client-0.1.1 vs lib/bunq/signature.rb in bunq-client-0.1.2
- old
+ new
@@ -1,9 +1,8 @@
require_relative 'unexpected_response'
module Bunq
-
class Signature
# headers in raw_headers hash in rest client are all lower case
BUNQ_HEADER_PREFIX = 'X-Bunq-'.downcase
BUNQ_SERVER_SIGNATURE_RESPONSE_HEADER = 'X-Bunq-Server-Signature'.downcase
CACHE_CONTROL_HEADER = 'Cache-Control'.downcase
@@ -17,11 +16,15 @@
@private_key = OpenSSL::PKey::RSA.new(private_key)
@server_public_key = OpenSSL::PKey::RSA.new(server_public_key)
end
def create(verb, path, headers, body)
- signature = private_key.sign(digest, signable_input(verb, path, headers.select { |header_name, _| signable_header?(header_name) }, body))
+ signature = private_key.sign(
+ digest,
+ signable_input(verb, path, headers.select { |header_name, _| signable_header?(header_name) }, body)
+ )
+
Base64.strict_encode64(signature)
end
def verify!(response)
sorted_bunq_headers = response.raw_headers.select(&method(:verifiable_header?)).sort.to_h.map { |k, v| "#{k.to_s.split('-').map(&:capitalize).join('-')}: #{v.first}" }
@@ -41,12 +44,13 @@
def digest
OpenSSL::Digest::SHA256.new
end
def signable_input(verb, path, headers, body)
+ sortable_headers = Hash[headers.collect{ |k,v| [k.to_s, v] }]
head = [
[verb, path].join(' '),
- headers.sort.to_h.map { |k,v| "#{k}: #{v}" }.join("\n")
+ sortable_headers.sort.to_h.map { |k,v| "#{k}: #{v}" }.join("\n")
].join("\n")
"#{head}\n\n#{body}"
end
def signable_header?(header_name)