Class: Sockudo::WebHook

Inherits:

Object

• Object
• Sockudo::WebHook

Defined in:

lib/sockudo/webhook.rb

Overview

Used to parse and authenticate WebHooks

Examples:

Sinatra

post '/webhooks' do
  webhook = Sockudo::WebHook.new(request)
  if webhook.valid?
    webhook.events.each do |event|
      case event["name"]
      when 'channel_occupied'
        puts "Channel occupied: #{event["channel"]}"
      when 'channel_vacated'
        puts "Channel vacated: #{event["channel"]}"
      end
    end
  else
    status 401
  end
  return
end

Instance Attribute Summary

• #key ⇒ Object readonly

  Returns the value of attribute key.

• #signature ⇒ Object readonly

  Returns the value of attribute signature.

Instance Method Summary

• #data ⇒ Object

  Access the parsed WebHook body.

• #events ⇒ Object

  Array of events (as Hashes) contained inside the webhook.

• #initialize(request, client = Sockudo) ⇒ WebHook constructor

  Provide either a Rack::Request or a Hash containing :key, :signature, :body, and :content_type (optional).

• #time ⇒ Time

  The time at which the WebHook was initially triggered by Sockudo, i.e.

• #valid?(extra_tokens = nil) ⇒ Boolean

  Returns whether the WebHook is valid by checking that the signature matches the configured key & secret.

Constructor Details

#initialize(request, client = Sockudo) ⇒ WebHook

Provide either a Rack::Request or a Hash containing :key, :signature, :body, and :content_type (optional)

# File 'lib/sockudo/webhook.rb', line 33

def initialize(request, client = Sockudo)
  @client = client
  # For Rack::Request and ActionDispatch::Request
  if request.respond_to?(:env) && request.respond_to?(:content_type)
    @key = request.env['HTTP_X_PUSHER_KEY']
    @signature = request.env['HTTP_X_PUSHER_SIGNATURE']
    @content_type = request.content_type

    request.body.rewind
    @body = request.body.read
    request.body.rewind
  else
    @key, @signature, @body = request.values_at(:key, :signature, :body)
    @content_type = request[:content_type] || 'application/json'
  end
end

Instance Attribute Details

#key ⇒ Object (readonly)

Returns the value of attribute key.

# File 'lib/sockudo/webhook.rb', line 28

def key
  @key
end

#signature ⇒ Object (readonly)

Returns the value of attribute signature.

# File 'lib/sockudo/webhook.rb', line 28

def signature
  @signature
end

Instance Method Details

#data ⇒ Object

Access the parsed WebHook body

# File 'lib/sockudo/webhook.rb', line 88

def data
  @data ||= case @content_type
            when 'application/json'
              MultiJson.decode(@body)
            else
              raise "Unknown Content-Type (#{@content_type})"
            end
end

#events ⇒ Object

Array of events (as Hashes) contained inside the webhook

# File 'lib/sockudo/webhook.rb', line 73

def events
  data['events']
end

#time ⇒ Time

The time at which the WebHook was initially triggered by Sockudo, i.e. when the event occurred

Returns:

• (Time)

# File 'lib/sockudo/webhook.rb', line 82

def time
  Time.at(data['time_ms'].to_f / 1000)
end

#valid?(extra_tokens = nil) ⇒ Boolean

Returns whether the WebHook is valid by checking that the signature matches the configured key & secret. In the case that the webhook is invalid, the reason is logged

Parameters:

• extra_tokens (Hash) (defaults to: nil) —

  If you have extra tokens for your Sockudo app, you can specify them so that they’re used to attempt validation.

Returns:

• (Boolean)

# File 'lib/sockudo/webhook.rb', line 57

def valid?(extra_tokens = nil)
  extra_tokens = [extra_tokens] if extra_tokens.is_a?(Hash)
  if @key == @client.key
    return signature_valid?(@client.secret)
  elsif extra_tokens
    extra_tokens.each do |token|
      return signature_valid?(token[:secret]) if @key == token[:key]
    end
  end

  Sockudo.logger.warn "Received webhook with unknown key: #{key}"
  false
end