bunq-client 0.6.1 → 0.7.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/bunq/errors.rb +1 -1
  3. data/lib/bunq/signature.rb +23 -2
  4. data/lib/bunq/version.rb +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9740e877575d04b4f9651481d14ebe99c9e72fa1c84784df9723682c390eb3a6
4
- data.tar.gz: c7917f47979a39be25f38ef56ea76f781209f592b1f519ac770f41784f116d66
3
+ metadata.gz: bd7688576042b6d4767eeb9f3ba6a5571a296070b44cf3da4aabcc221eb83b3c
4
+ data.tar.gz: d81a7e0a729a790315ea24fc630815c2145c89fea9ac577e7ff80e40f1bf4096
5
5
  SHA512:
6
- metadata.gz: f4dd1de0cb4cd712176d715fd4f2b71439c04642ea5b9cc5f4858e8a6e23d84140081fd0bc3bfd56ee024f56d2c031fec96d0fa8effc7c690852859dd65f0ec2
7
- data.tar.gz: 4b224b06310d349d5cc243ed6c1c8b60e5c859d3e58c30627af7986163f7e82a8860d63eb5660626ba3a9631ec681589dd1fc9bcde31d9ede397e72b848ee54f
6
+ metadata.gz: 40cc75610a053e7cf0476ee8f752333041f3e8d777ad58d29632dcfe8ae4a961888e41d4a8cfd9ff9cbbabfd6c4265902d0f787e2fb5628e2f7667c2b568c530
7
+ data.tar.gz: 7c78e3b0840ad09acc5060bb2b509655032c73f39b4fc540b5ba16764413216e8d4a87d4ea362a977eacda744859988a9888848c441e2d4ec142319fdd40746b
data/lib/bunq/errors.rb CHANGED
@@ -26,7 +26,7 @@ module Bunq
26
26
  end
27
27
 
28
28
  class UnexpectedResponse < ResponseError; end
29
- class RequestSignatureRequired < ResponseError; end
29
+ class InvalidResponseSignature < ResponseError; end
30
30
  class AbsentResponseSignature < ResponseError; end
31
31
  class TooManyRequestsResponse < ResponseError; end
32
32
  class UnauthorisedResponse < ResponseError; end
data/lib/bunq/signature.rb CHANGED
@@ -34,8 +34,8 @@ module Bunq
34
34
  end
35
35
 
36
36
  signature = Base64.strict_decode64(signature_headers_value.first)
37
- unless server_public_key.verify(digest, signature, "#{response.code}\n#{response.body}")
38
- fail RequestSignatureRequired.new(code: response.code, headers: response.raw_headers, body: response.body)
37
+ if !verify_modern(signature, response) && !verify_legacy(signature, response)
38
+ fail InvalidResponseSignature.new(code: response.code, headers: response.raw_headers, body: response.body)
39
39
  end
40
40
  end
41
41
 
@@ -55,5 +55,26 @@ module Bunq
55
55
  def skip_signature_check(responseCode)
56
56
  (Bunq::configuration.sandbox && responseCode == 409) || responseCode == 429
57
57
  end
58
+
59
+ def verify_legacy(signature, response)
60
+ sorted_bunq_headers = response
61
+ .raw_headers
62
+ .select(&method(:verifiable_header?))
63
+ .sort
64
+ .to_h
65
+ .map do |k, v|
66
+ "#{k.to_s.split('-').map(&:capitalize).join('-')}: #{v.first}"
67
+ end
68
+
69
+ verify(signature, %Q{#{response.code}\n#{sorted_bunq_headers.join("\n")}\n\n#{response.body}})
70
+ end
71
+
72
+ def verify_modern(signature, response)
73
+ verify(signature, response.body)
74
+ end
75
+
76
+ def verify(signature, data)
77
+ server_public_key.verify(digest, signature, data)
78
+ end
58
79
  end
59
80
  end
data/lib/bunq/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Bunq
2
- VERSION = "0.6.1"
2
+ VERSION = "0.7.0"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bunq-client
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.1
4
+ version: 0.7.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Lars Vonk
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: exe
13
13
  cert_chain: []
14
- date: 2020-03-09 00:00:00.000000000 Z
14
+ date: 2020-03-10 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: rest-client