bunq-client 0.6.1 → 0.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/bunq/errors.rb +1 -1
- data/lib/bunq/signature.rb +23 -2
- data/lib/bunq/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: bd7688576042b6d4767eeb9f3ba6a5571a296070b44cf3da4aabcc221eb83b3c
|
4
|
+
data.tar.gz: d81a7e0a729a790315ea24fc630815c2145c89fea9ac577e7ff80e40f1bf4096
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 40cc75610a053e7cf0476ee8f752333041f3e8d777ad58d29632dcfe8ae4a961888e41d4a8cfd9ff9cbbabfd6c4265902d0f787e2fb5628e2f7667c2b568c530
|
7
|
+
data.tar.gz: 7c78e3b0840ad09acc5060bb2b509655032c73f39b4fc540b5ba16764413216e8d4a87d4ea362a977eacda744859988a9888848c441e2d4ec142319fdd40746b
|
data/lib/bunq/errors.rb
CHANGED
@@ -26,7 +26,7 @@ module Bunq
|
|
26
26
|
end
|
27
27
|
|
28
28
|
class UnexpectedResponse < ResponseError; end
|
29
|
-
class
|
29
|
+
class InvalidResponseSignature < ResponseError; end
|
30
30
|
class AbsentResponseSignature < ResponseError; end
|
31
31
|
class TooManyRequestsResponse < ResponseError; end
|
32
32
|
class UnauthorisedResponse < ResponseError; end
|
data/lib/bunq/signature.rb
CHANGED
@@ -34,8 +34,8 @@ module Bunq
|
|
34
34
|
end
|
35
35
|
|
36
36
|
signature = Base64.strict_decode64(signature_headers_value.first)
|
37
|
-
|
38
|
-
fail
|
37
|
+
if !verify_modern(signature, response) && !verify_legacy(signature, response)
|
38
|
+
fail InvalidResponseSignature.new(code: response.code, headers: response.raw_headers, body: response.body)
|
39
39
|
end
|
40
40
|
end
|
41
41
|
|
@@ -55,5 +55,26 @@ module Bunq
|
|
55
55
|
def skip_signature_check(responseCode)
|
56
56
|
(Bunq::configuration.sandbox && responseCode == 409) || responseCode == 429
|
57
57
|
end
|
58
|
+
|
59
|
+
def verify_legacy(signature, response)
|
60
|
+
sorted_bunq_headers = response
|
61
|
+
.raw_headers
|
62
|
+
.select(&method(:verifiable_header?))
|
63
|
+
.sort
|
64
|
+
.to_h
|
65
|
+
.map do |k, v|
|
66
|
+
"#{k.to_s.split('-').map(&:capitalize).join('-')}: #{v.first}"
|
67
|
+
end
|
68
|
+
|
69
|
+
verify(signature, %Q{#{response.code}\n#{sorted_bunq_headers.join("\n")}\n\n#{response.body}})
|
70
|
+
end
|
71
|
+
|
72
|
+
def verify_modern(signature, response)
|
73
|
+
verify(signature, response.body)
|
74
|
+
end
|
75
|
+
|
76
|
+
def verify(signature, data)
|
77
|
+
server_public_key.verify(digest, signature, data)
|
78
|
+
end
|
58
79
|
end
|
59
80
|
end
|
data/lib/bunq/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: bunq-client
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.7.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Lars Vonk
|
@@ -11,7 +11,7 @@ authors:
|
|
11
11
|
autorequire:
|
12
12
|
bindir: exe
|
13
13
|
cert_chain: []
|
14
|
-
date: 2020-03-
|
14
|
+
date: 2020-03-10 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: rest-client
|