actionhook 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: b8906ab0fc939ebb202c2a2167749e518e3b8b40eaf0dabc0a035e49e4623af2
+  data.tar.gz: 68a6529a569dc4b846fee304c163ceb51177d6613d6e69ea3d7969b877a539d7
+SHA512:
+  metadata.gz: 9acaf26f59b067a688dcfb0be699707aace42348ab2edab9dbfcee4ca82ca626b03d7a67e349af8e24f9e1b0a41be8a0898a46b4b9778180763a554e3e693b32
+  data.tar.gz: aada13e18f5a9be0339873d9503f995f2b283367495a97e450be70cad6d78a0d6195c76a4c479039420cdbc850df6d19c31007671e3bc88708d9667fc5fe8cd9

data/.github/workflows/gempush.yml

@@ -0,0 +1,29 @@
+name: Ruby Gem
+
+on:
+  push:
+    tags:
+      - v*
+
+jobs:
+  build:
+    name: Build + Publish
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby 2.6
+      uses: actions/setup-ruby@v1
+      with:
+        version: 2.6.x
+
+    - name: Publish to RubyGems
+      run: |
+        mkdir -p $HOME/.gem
+        touch $HOME/.gem/credentials
+        chmod 0600 $HOME/.gem/credentials
+        printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
+        gem build *.gemspec
+        gem push *.gem
+      env:
+        GEM_HOST_API_KEY: ${{secrets.RUBYGEMS_AUTH_TOKEN}}

data/.github/workflows/ruby.yml

@@ -0,0 +1,24 @@
+name: Ruby
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby 2.6
+      uses: actions/setup-ruby@v1
+      with:
+        ruby-version: 2.6.x
+    - name: Build and test with Rake
+      run: |
+        gem install bundler
+        bundle install --jobs 4 --retry 3
+        bundle exec rake

data/.gitignore

@@ -0,0 +1,8 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/.rspec

@@ -0,0 +1 @@
+--require spec_helper

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,74 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at sohan39@gmail.com. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [https://contributor-covenant.org/version/1/4][version]
+
+[homepage]: https://contributor-covenant.org
+[version]: https://contributor-covenant.org/version/1/4/

data/Gemfile

@@ -0,0 +1,6 @@
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in actionhook.gemspec
+gemspec
+
+gem "rake", "~> 12.0"

data/Gemfile.lock

@@ -0,0 +1,46 @@
+PATH
+  remote: .
+  specs:
+    actionhook (1.0.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    addressable (2.7.0)
+      public_suffix (>= 2.0.2, < 5.0)
+    crack (0.4.3)
+      safe_yaml (~> 1.0.0)
+    diff-lcs (1.3)
+    hashdiff (0.3.8)
+    public_suffix (4.0.1)
+    rake (12.3.3)
+    rspec (3.9.0)
+      rspec-core (~> 3.9.0)
+      rspec-expectations (~> 3.9.0)
+      rspec-mocks (~> 3.9.0)
+    rspec-core (3.9.0)
+      rspec-support (~> 3.9.0)
+    rspec-expectations (3.9.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.9.0)
+    rspec-mocks (3.9.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.9.0)
+    rspec-support (3.9.0)
+    safe_yaml (1.0.5)
+    webmock (3.4.2)
+      addressable (>= 2.3.6)
+      crack (>= 0.3.2)
+      hashdiff
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  actionhook!
+  rake (~> 12.0)
+  rspec
+  webmock
+
+BUNDLED WITH
+   2.1.4

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2020 smsohan
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,93 @@
+# Why?
+
+`ActionHook` is a drop-in library for sending webhooks. You specify the content and destination, `ActionHook` takes care of securely delivering it.
+
+
+## Build Status
+
+![Build](https://github.com/smsohan/actionhook/workflows/Ruby/badge.svg)
+
+# Features:
+
+- [x] **Core** Send webhooks
+- [x] **Configuration** Timeout, IP blocking, etc.
+- [x] **Security** Supports HTTP Basic, Token, and Bearer Token auth.
+- [x] **Security** Blocks private IPs and allows custom IP blocking
+- [x] **Security** 2-factor authentication using a secret for each receiver.
+- [x] **Usability** Works seamlessly on Ruby on Rails. [Example](examples/actionhook-rails-example)
+- [x] **Scale** Works seamlessly on AWS Lambda. [Example](examples/actionhook-aws-lambda-example)
+- [x] **More** Logging
+
+
+## Send Webhooks
+
+```ruby
+request = ActionHook::Core::JSONRequest.new(url: 'https://example.com',
+  method: :post, body: { hello: "world" }, headers: {})
+
+ActionHook::Core::NetHttpSender.send(request)
+```
+
+## Configuration
+
+All configurations are optional, only use these if you want to override the defaults.
+You can set the following configs in `ActionHook.configuration` object.
+
+|Name|Description|Default Value|
+|---|---|---|
+|`open_timeout` | `Net::HTTP` open timeout in seconds | `5` |
+|`read_timeout` | `Net::HTTP` read timeout in seconds | `15`|
+|`hash_header_name` | A HTTP Request header that contains the SHA256 fingerprint of the request body | `SHA256-FINGERPRINT` |
+|`allow_private_ips` | If loopback or private IPs should be allowed as receiver | `false` |
+|`blocked_ip_ranges` | Custom IP ranges to block, e.g. `%w{172.8.9.8/24}`| `[]`|
+
+Instead of the global config using ActionHook.configuration, you can provide an instance of `ActionHook::Core::Configuration` to the `send` method. Please note that, global config will be ignored when you provide a configuration while calling `send`. Here's an example of providing a configuration while calling `send`.
+
+```ruby
+ActionHook::Core::NetHttpSender.send(request, ActionHook::Core::Configuration.new)
+```
+
+## Security: Authentication
+
+ActionHook supports `Basic`, `Token`, and `BearerToken` authentication out of the box. You can assign one of these authentication methods to the request object as follows:
+
+```ruby
+  basic = ActionHook::Security::Authentication::Basic.new(username: 'a_user', password: 'a_pass')
+  token = ActionHook::Security::Authentication::Token.new('a_token')
+  bearer_token = ActionHook::Security::Authentication::BearerToken.new('a_bearer_token')
+
+  request = ActionHook::Core::JSONRequest.new(url: 'https://example.com',
+    authentication: basic, # or token, bearer_token
+  )
+```
+
+## Security: 2-Factor Authentication: Hashing With a Secure Key
+
+You can generate secure key for each receiving endpoint and pass it to `ActionHook`
+for adding a 2-factor authentication. Using this this key, `ActionHook` will automatically add the `SHA256-FINGERPRINT` header to the webhook. The receiver can compute the SHA256 digest of the request body using the same secret to verify the sender and message integrity.
+
+```ruby
+request = ActionHook::Core::JSONRequest.new(url: 'https://example.com',
+  secret: '<Your Secret For This Hook>', # Remember to provide your secret
+  method: :post, body: { hello: "world" }, headers: {})
+
+ActionHook::Core::NetHttpSender.send(request)
+```
+
+## Security: IP Blocking
+
+When a request is blocked due to private IP, `send` raises `ActionHook::Security::IPBlocking::PrivateIPError`.
+When a request is blocked due to the `blocked_ip_ranges`, `send` raises `ActionHook::Security::IPBlocking::BlockedRequestError`.
+In both cases, the error message includes necessary context for debugging / logging.
+
+## Logging
+
+You should pass an instance of `Logger` to put all `ActionLog`. Otherwise, logs are written into `STDOUT`.
+
+```ruby
+# For example, in Rails, you can pass the Rails logger in an initializer
+# config/initializers/actionhook_initializer.rb
+
+ActionHook.logger = Rails.logger
+```
+For debugging, you can set the log level to `debug` for detailed information. Even in debug, the secure header values aren't logged, only the header names are mentioned.

data/Rakefile

@@ -0,0 +1,5 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+task :default => :spec

data/actionhook.gemspec

@@ -0,0 +1,29 @@
+require_relative 'lib/actionhook/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "actionhook"
+  spec.version       = ActionHook::VERSION
+  spec.authors       = ["smsohan"]
+  spec.email         = ["sohan39@gmail.com"]
+
+  spec.summary       = %q{Drop-in library for sending webhooks}
+  spec.description   = %q{Use this library to send webhooks from your application}
+  spec.homepage      = "https://github.com/smsohan/actionhook"
+  spec.license       = "MIT"
+  spec.required_ruby_version = Gem::Requirement.new(">= 2.3.0")
+
+  spec.metadata["homepage_uri"] = spec.homepage
+  spec.metadata["source_code_uri"] = "https://github.com/smsohan/actionhook"
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features|examples)/}) }
+  end
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency 'rspec'
+  spec.add_development_dependency 'webmock'
+end

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "actionhook"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/lib/actionhook/core/configuration.rb

@@ -0,0 +1,44 @@
+module ActionHook
+  module Core
+
+    class Configuration
+
+      DEFAULT_OPEN_TIMEOUT_IN_SECONDS = 5
+      DEFAULT_READ_TIMEOUT_IN_SECONDS = 15
+      DEFAULT_HASH_HEADER_NAME = 'SHA256-FINGERPRINT'
+      attr_accessor :open_timeout, :read_timeout, :hash_header_name,
+        :allow_private_ips
+
+      attr_writer :blocked_custom_ip_ranges
+
+      def initialize(open_timeout: DEFAULT_OPEN_TIMEOUT_IN_SECONDS,
+        read_timeout: DEFAULT_READ_TIMEOUT_IN_SECONDS,
+        hash_header_name: DEFAULT_HASH_HEADER_NAME,
+        allow_private_ips: false,
+        blocked_custom_ip_ranges: []
+      )
+        @open_timeout = open_timeout
+        @read_timeout = read_timeout
+        @hash_header_name = hash_header_name
+        @allow_private_ips = allow_private_ips
+        @blocked_custom_ip_ranges = blocked_custom_ip_ranges || []
+      end
+
+      def net_http_options
+        {
+          open_timeout: @open_timeout,
+          read_timeout: @read_timeout
+        }
+      end
+
+      def blocked_custom_ip_ranges
+        @memoized_blocked_custom_ip_ranges ||= @blocked_custom_ip_ranges&.map{|ip| IPAddr.new(ip)} || []
+      end
+
+      def allow_all?
+        allow_private_ips && blocked_custom_ip_ranges.empty?
+      end
+
+    end
+  end
+end

data/lib/actionhook/core/json_request.rb

@@ -0,0 +1,19 @@
+require 'json'
+module ActionHook
+  module Core
+    class JSONRequest < Request
+
+      def serialized_body
+        return @serialized_body if @serialized_body
+
+        if body.is_a?(Hash) || body.is_a?(Array)
+          @serialized_body = JSON.generate(body)
+        else
+          super
+        end
+
+      end
+
+    end
+  end
+end

data/lib/actionhook/core/net_http_sender.rb

@@ -0,0 +1,53 @@
+require 'net/http'
+require 'actionhook/security/ip_blocking'
+
+
+module ActionHook
+
+  module Core
+
+
+    class NetHTTPSender
+      extend ActionHook::Security::IPBlocking
+
+      def self.request_method_class(method)
+        case method
+        when :post then Net::HTTP::Post
+        when :get then Net::HTTP::Get
+        when :delete then Net::HTTP::Delete
+        when :put then Net::HTTP::Put
+        else raise ArgumentError, "Invalid method #{method} is used"
+        end
+      end
+
+      def self.send(request, configuration = ActionHook.configuration)
+        ActionHook.logger.info "[ActionHook] Send called for #{request.method.upcase} to #{request.uri}"
+
+        ActionHook.logger.debug "[ActonHook] Using configuration: #{configuration.inspect}"
+        ActionHook.logger.debug "[ActonHook] using net/http options #{configuration.net_http_options}"
+
+        verify_allowed!(configuration, request.uri.host)
+        ActionHook.logger.debug "[ActonHook] #{request.uri.host} is clear, not blocked"
+
+        options = { use_ssl: request.uri.scheme == 'https' }.merge(configuration.net_http_options)
+        Net::HTTP.start(request.uri.host, request.uri.port, options) do |http|
+          http_request = request_method_class(request.method).new request.uri
+          http_request.body = request.serialized_body if request.body
+
+          ActionHook.logger.debug "[ActonHook] Body: #{http_request.body}"
+
+          request.headers_with_security(configuration)&.each_pair do |name, value|
+            ActionHook.logger.debug "[ActonHook] Added Security Header: #{name}"
+            http_request[name] = value.to_s
+          end
+
+          http.request http_request
+        end
+
+      end
+
+    end
+
+  end
+
+end

data/lib/actionhook/core/request.rb

@@ -0,0 +1,29 @@
+require 'actionhook/security/headers'
+
+module ActionHook
+  module Core
+    class Request
+      include ActionHook::Security::Headers
+
+      attr_accessor :url, :method, :body, :headers, :secret, :authentication
+
+      def initialize(url:, method: :post, body: nil, headers: {}, secret: nil, authentication: nil)
+        @url = url
+        @method = method
+        @body = body
+        @headers = headers || {}
+        @secret = secret
+        @authentication = authentication
+      end
+
+      def serialized_body
+        @body
+      end
+
+      def uri
+        @uri ||= URI.parse(url)
+      end
+
+    end
+  end
+end

data/lib/actionhook/security/authentication.rb

@@ -0,0 +1,49 @@
+require 'base64'
+
+module ActionHook
+  module Security
+    module Authentication
+
+      class Base
+
+        def to_h
+          { "Authorization" => header_value }
+        end
+
+      end
+
+      class Token < Base
+        attr_accessor :token
+        def initialize(token)
+          @token = token
+        end
+
+        def header_value
+          "Token #{token}"
+        end
+      end
+
+      class BearerToken < Token
+        def header_value
+          "Bearer #{token}"
+        end
+      end
+
+      class Basic < Base
+        attr_accessor :username, :password
+
+        def initialize(username:, password:)
+          @username = username
+          @password = password
+        end
+
+        def header_value
+          encoded = Base64.strict_encode64("#{username}:#{password}")
+          "Basic #{encoded}"
+        end
+
+      end
+
+    end
+  end
+end

data/lib/actionhook/security/fingerprinting.rb

@@ -0,0 +1,13 @@
+module ActionHook
+  module Security
+    module Fingerprinting
+
+      def fingerprint
+        if secret && serialized_body
+          OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, secret, serialized_body)
+        end
+      end
+
+    end
+  end
+end

data/lib/actionhook/security/headers.rb

@@ -0,0 +1,22 @@
+require_relative './fingerprinting'
+
+module ActionHook
+  module Security
+    module Headers
+      include ActionHook::Security::Fingerprinting
+
+      def headers_with_security(configuration)
+        headers_with_security = headers.dup
+
+        if digest = fingerprint
+          headers_with_security.merge!(configuration.hash_header_name => digest)
+        end
+
+        headers_with_security.merge!(authentication.to_h) if authentication
+
+        headers_with_security
+      end
+
+    end
+  end
+end

data/lib/actionhook/security/ip_blocking.rb

@@ -0,0 +1,61 @@
+require 'resolv'
+
+module ActionHook
+  module Security
+    module IPBlocking
+
+      # This is a crucial security feature for sending webhooks. By default, sending webhooks to loopback
+      # interfaces or to the private IP space is blocked. In production, it __should__ remain blocked.
+
+      # If the destination host is an IP address, it's a security risk anyway since you can't have TLS.
+
+      # If the destination host is a domain name, we'll attempt to resolve each of the IP addresses that
+      # resolve the domain name and block the webhook based on the configuration.
+
+      class BlockedRequestError < StandardError
+      end
+
+      class PrivateIPError < StandardError
+      end
+
+      def verify_allowed!(configuration, hostname_or_ip)
+        return if configuration.allow_all?
+
+        begin
+          verify_ip_allowed!(configuration, IPAddr.new(hostname_or_ip))
+        rescue IPAddr::InvalidAddressError
+          verify_hostname_allowed!(configuration, hostname_or_ip)
+        end
+
+      end
+
+      protected
+
+      def verify_ip_allowed!(configuration, ip, host = ip)
+        if !configuration.allow_private_ips && (ip.private? || ip.loopback?)
+          raise PrivateIPError.new("Host: #{host} IP: #{ip} is private")
+        end
+
+        if configuration.blocked_custom_ip_ranges
+          found = configuration.blocked_custom_ip_ranges.find{|range| range.include?(ip) }
+          if found
+            raise BlockedRequestError.new("Host: #{host} IP: #{ip} is part of the blocked range: #{found}")
+          end
+        end
+      end
+
+      def verify_hostname_allowed!(configuration, hostname)
+        #TODO: Find out of Resolv looks up all kinds of DNS records and if it can be improved by limiting the DNS record types
+        Resolv.each_address(hostname) do |ip|
+          begin
+            #TODO: Add logging
+            verify_ip_allowed!(configuration, IPAddr.new(ip), hostname)
+          rescue IPAddr::InvalidAddressError
+            #TODO: ADD logging
+          end
+        end
+      end
+
+    end
+  end
+end

data/lib/actionhook/version.rb

@@ -0,0 +1,3 @@
+module ActionHook
+  VERSION = "1.0.0"
+end

data/lib/actionhook.rb

@@ -0,0 +1,30 @@
+require 'logger'
+require "ipaddr"
+require "actionhook/version"
+require "actionhook/core/configuration"
+require "actionhook/security/authentication"
+require "actionhook/core/request"
+require "actionhook/core/json_request"
+require "actionhook/core/net_http_sender"
+
+module ActionHook
+  class Error < StandardError; end
+
+  DEFAULT_CONFIGURATION = ActionHook::Core::Configuration.new
+
+  def self.logger=(logger)
+    @logger = logger
+  end
+
+  def self.logger
+    @logger ||= Logger.new(STDOUT)
+  end
+
+  def self.configuration=(configuration)
+    @configuration = configuration
+  end
+
+  def self.configuration
+    @configuration || DEFAULT_CONFIGURATION
+  end
+end

metadata

@@ -0,0 +1,96 @@
+--- !ruby/object:Gem::Specification
+name: actionhook
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- smsohan
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2020-04-12 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Use this library to send webhooks from your application
+email:
+- sohan39@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".github/workflows/gempush.yml"
+- ".github/workflows/ruby.yml"
+- ".gitignore"
+- ".rspec"
+- CODE_OF_CONDUCT.md
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- actionhook.gemspec
+- bin/console
+- bin/setup
+- lib/actionhook.rb
+- lib/actionhook/core/configuration.rb
+- lib/actionhook/core/json_request.rb
+- lib/actionhook/core/net_http_sender.rb
+- lib/actionhook/core/request.rb
+- lib/actionhook/security/authentication.rb
+- lib/actionhook/security/fingerprinting.rb
+- lib/actionhook/security/headers.rb
+- lib/actionhook/security/ip_blocking.rb
+- lib/actionhook/version.rb
+homepage: https://github.com/smsohan/actionhook
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/smsohan/actionhook
+  source_code_uri: https://github.com/smsohan/actionhook
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.3.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.3
+signing_key: 
+specification_version: 4
+summary: Drop-in library for sending webhooks
+test_files: []