Module: Clicksign::Webhook

Defined in:: lib/clicksign/webhook.rb

Constant Summary collapse

DIGEST =

'sha256'

Class Method Summary collapse

.compute_signature(payload, secret:) ⇒ Object

Computes the expected Content-HMAC value for a given payload and secret.
.verify_signature(payload, signature, secret:) ⇒ Object

Returns true/false instead of raising.
.verify_signature!(payload, signature, secret:) ⇒ Object

Raises WebhookSignatureError if the Content-HMAC header does not match.

Class Method Details

.compute_signature(payload, secret:) ⇒ `Object`

Computes the expected Content-HMAC value for a given payload and secret.



27
28
29

# File 'lib/clicksign/webhook.rb', line 27

def self.compute_signature(payload, secret:)
  "#{DIGEST}=#{OpenSSL::HMAC.hexdigest(DIGEST, secret, payload)}"
end

.verify_signature(payload, signature, secret:) ⇒ `Object`

Returns true/false instead of raising.

# File 'lib/clicksign/webhook.rb', line 20

def self.verify_signature(payload, signature, secret:)
  verify_signature!(payload, signature, secret: secret)
rescue WebhookSignatureError
  false
end

.verify_signature!(payload, signature, secret:) ⇒ `Object`

Raises WebhookSignatureError if the Content-HMAC header does not match.

Raises:

(WebhookSignatureError)

# File 'lib/clicksign/webhook.rb', line 10

def self.verify_signature!(payload, signature, secret:)
  expected = compute_signature(payload, secret: secret)
  raise WebhookSignatureError, 'Webhook signature mismatch' unless secure_compare?(
    expected, signature
  )

  true
end