Module: Philiprehberger::WebhookSignature

Defined in:
lib/philiprehberger/webhook_signature.rb,
lib/philiprehberger/webhook_signature/signer.rb,
lib/philiprehberger/webhook_signature/version.rb,
lib/philiprehberger/webhook_signature/verifier.rb

Defined Under Namespace

Classes: Error, Signer, VerificationError, Verifier

Constant Summary collapse

VERSION = 
'0.3.0'

Class Method Summary collapse

Class Method Details

.sign(payload, secret:, timestamp: Time.now.to_i, algorithm: :sha256) ⇒ Hash

Convenience: sign a payload.

Parameters:

  • payload (String)

    the raw payload body

  • secret (String)

    the shared secret

  • timestamp (Integer) (defaults to: Time.now.to_i)

    Unix timestamp

  • algorithm (Symbol) (defaults to: :sha256)

    HMAC digest algorithm (:sha256 or :sha512)

Returns:

  • (Hash)

    { timestamp:, signature: }



21
22
23
 
# File 'lib/philiprehberger/webhook_signature.rb', line 21

def self.sign(payload, secret:, timestamp: Time.now.to_i, algorithm: :sha256)
  Signer.new(secret, algorithm: algorithm).sign(payload, timestamp: timestamp)
end

.verify(payload, secret:, timestamp:, signature:, tolerance: 300, algorithm: :sha256) ⇒ Boolean

Convenience: verify a payload.

Parameters:

  • payload (String)

    the raw payload body

  • secret (String)

    the shared secret

  • timestamp (Integer)

    the timestamp

  • signature (String)

    the signature

  • tolerance (Integer, nil) (defaults to: 300)

    max age in seconds

  • algorithm (Symbol) (defaults to: :sha256)

    HMAC digest algorithm (:sha256 or :sha512)

Returns:

  • (Boolean) 


34
35
36
37
 
# File 'lib/philiprehberger/webhook_signature.rb', line 34

def self.verify(payload, secret:, timestamp:, signature:, tolerance: 300, algorithm: :sha256)
  Verifier.new(secret, algorithm: algorithm)
          .verify(payload, timestamp: timestamp, signature: signature, tolerance: tolerance)
end