lib/razorpay/utility.rb in razorpay-2.4.1 vs lib/razorpay/utility.rb in razorpay-3.0.0
- old
+ new
@@ -8,13 +8,19 @@
# Data requires the values to be in sorted order of their keys.
# attributes.sort returns a nested array, and the last
# element of each is the value. These are joined.
data = attributes.sort.map(&:last).join('|')
-
secret = Razorpay.auth[:password]
+ verify_signature(data, signature, secret)
+ end
+ def self.verify_payment_link_signature(attributes)
+ signature = attributes.delete(:razorpay_signature)
+ # element of each is the value. These are joined.
+ data = attributes.values.join('|')
+ secret = Razorpay.auth[:password]
verify_signature(data, signature, secret)
end
def self.verify_webhook_signature(body, signature, secret)
verify_signature(body, signature, secret)
@@ -23,10 +29,9 @@
class << self
private
def verify_signature(data, signature, secret)
expected_signature = OpenSSL::HMAC.hexdigest('SHA256', secret, data)
-
verified = secure_compare(expected_signature, signature)
raise SecurityError, 'Signature verification failed' unless verified
verified