Class: Adyen::Utils::HmacValidator

Inherits:

Object

• Object
• Adyen::Utils::HmacValidator

Defined in:

lib/adyen/utils/hmac_validator.rb

Constant Summary

HMAC_ALGORITHM =

'sha256'.freeze

DATA_SEPARATOR =

':'.freeze

WEBHOOK_VALIDATION_KEYS =

%w[
  pspReference originalReference merchantAccountCode merchantReference
  amount.value amount.currency eventCode success
].freeze

Instance Method Summary

• #calculate_webhook_hmac(webhook_request_item, hmac_key) ⇒ Object (also: #calculate_notification_hmac)
• #data_to_sign(webhook_request_item) ⇒ Object
• #valid_webhook_hmac?(webhook_request_item, hmac_key) ⇒ Boolean (also: #valid_notification_hmac?)

Instance Method Details

#calculate_webhook_hmac(webhook_request_item, hmac_key) ⇒ Object Also known as: calculate_notification_hmac

# File 'lib/adyen/utils/hmac_validator.rb', line 30

def calculate_webhook_hmac(webhook_request_item, hmac_key)
  data = data_to_sign(webhook_request_item)

  Base64.strict_encode64(
    OpenSSL::HMAC.digest(HMAC_ALGORITHM, [hmac_key].pack('H*'), data)
  )
end

#data_to_sign(webhook_request_item) ⇒ Object

# File 'lib/adyen/utils/hmac_validator.rb', line 42

def data_to_sign(webhook_request_item)
  WEBHOOK_VALIDATION_KEYS
    .map { webhook_request_item.dig(*_1.split('.')).to_s }
    .compact
    .join(DATA_SEPARATOR)
end

#valid_webhook_hmac?(webhook_request_item, hmac_key) ⇒ Boolean Also known as: valid_notification_hmac?

Returns:

• (Boolean)

# File 'lib/adyen/utils/hmac_validator.rb', line 16

def valid_webhook_hmac?(webhook_request_item, hmac_key)
  expected_sign = calculate_webhook_hmac(webhook_request_item, hmac_key)
  merchant_sign =
    webhook_request_item.dig('additionalData', 'hmacSignature')

  expected_sign == merchant_sign
end