Class: Payflow::Webhooks::SignatureVerifier

Inherits:
Object
  • Object
show all
Defined in:
lib/payflow/webhooks/signature_verifier.rb

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(provider:, request:) ⇒ SignatureVerifier

Returns a new instance of SignatureVerifier.



6
7
8
9
 
# File 'lib/payflow/webhooks/signature_verifier.rb', line 6

def initialize(provider:, request:)
  @provider = provider.to_sym
  @request = request
end

Class Method Details

.extract_stripe_parts(header) ⇒ Object 



33
34
35
36
 
# File 'lib/payflow/webhooks/signature_verifier.rb', line 33

def self.extract_stripe_parts(header)
  parts = header.split(",").to_h { |part| part.split("=", 2) }
  [parts["t"], parts["v1"]]
end

.verify_stripe(payload:, signature_header:, secret:) ⇒ Object 



22
23
24
25
26
27
28
29
30
31
 
# File 'lib/payflow/webhooks/signature_verifier.rb', line 22

def self.verify_stripe(payload:, signature_header:, secret:)
  return false if secret.blank? || signature_header.blank?

  timestamp, signature = extract_stripe_parts(signature_header)
  return false unless timestamp && signature

  signed_payload = "#{timestamp}.#{payload}"
  expected = OpenSSL::HMAC.hexdigest("SHA256", secret, signed_payload)
  ActiveSupport::SecurityUtils.secure_compare(expected, signature)
end

Instance Method Details

#valid?Boolean

Returns:

  • (Boolean) 


11
12
13
14
15
16
17
18
19
20
 
# File 'lib/payflow/webhooks/signature_verifier.rb', line 11

def valid?
  case @provider
  when :asaas
    verify_asaas
  when :stripe
    verify_stripe
  else
    false
  end
end