catarse_pagarme 2.9.5 → 2.9.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e72f0b4cc55c672bf850cc16cf19de9c4832b63c
-  data.tar.gz: 26b1102b44a4d4730cdc0bbdbaa176c2a766c975
+  metadata.gz: 185bd4250e358af76710ce94d9a3c703820f41c5
+  data.tar.gz: 6a67184aa54291976fea34be692724399678b300
 SHA512:
-  metadata.gz: 90bbf83877040e6c3b0134982f60216c7d2609d90330335df6a35f7f565ca4fb16cd41bdeac19408d026455d875c843ad4d02ab7755bfb4e39c0727f99c6a277
-  data.tar.gz: 6536b98846b8fbb1db90447c4c936cc53b743674a90bb286598549265e27f3012c30a04de2e815b12ec5ca308156f4b9a1b90e89e97f39e9fb503412e50616f3
+  metadata.gz: 76558ef9eaccbb5b43be7be3abeddfb10301ab89cc7517b537eda2b58f055ec8dd5a44209af1e4df990ad414e11d7597b7fc6a5bfc25bf31af4a367bdc113dfe
+  data.tar.gz: c2ffd38296376c43d0e1e15b648a1ac70f4129b6f19717611255fb85332ecd4ec450c8b00cabf35145a630ca5b87107c6c194ccd0db6f3f27e69ecc8b519f3b1

data/Gemfile.lock

@@ -1,8 +1,8 @@
 PATH
   remote: .
   specs:
-    catarse_pagarme (2.9.5)
-      pagarme (= 1.10.0)
+    catarse_pagarme (2.9.6)
+      pagarme (= 2.1.3)
       rails (~> 4.0)
       sidekiq
       weekdays (>= 1.0.2)
@@ -60,7 +60,7 @@ GEM
     factory_girl_rails (4.5.0)
       factory_girl (~> 4.5.0)
       railties (>= 3.0.0)
-    globalid (0.3.6)
+    globalid (0.3.7)
       activesupport (>= 4.1.0)
     http-cookie (1.0.2)
       domain_name (~> 0.5)
@@ -71,16 +71,16 @@ GEM
     mail (2.6.4)
       mime-types (>= 1.16, < 4)
     method_source (0.8.2)
-    mime-types (3.0)
+    mime-types (3.1)
       mime-types-data (~> 3.2015)
-    mime-types-data (3.2016.0221)
+    mime-types-data (3.2016.0521)
     mini_portile (0.6.2)
     minitest (5.8.1)
     multi_json (1.12.1)
     netrc (0.11.0)
     nokogiri (1.6.6.2)
       mini_portile (~> 0.6.0)
-    pagarme (1.10.0)
+    pagarme (2.1.3)
       multi_json
       rest-client
     pg (0.18.3)
@@ -89,6 +89,8 @@ GEM
       method_source (~> 0.8.1)
       slop (~> 3.4)
     rack (1.6.4)
+    rack-protection (1.5.3)
+      rack
     rack-test (0.6.3)
       rack (>= 1.0)
     rails (4.2.4)
@@ -116,7 +118,7 @@ GEM
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
     rake (10.4.2)
-    redis (3.2.2)
+    redis (3.3.1)
     rest-client (2.0.0)
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 4.0)
@@ -138,20 +140,26 @@ GEM
       rspec-mocks (~> 3.3.0)
       rspec-support (~> 3.3.0)
     rspec-support (3.3.0)
-    sidekiq (4.0.2)
+    sidekiq (4.1.4)
       concurrent-ruby (~> 1.0)
       connection_pool (~> 2.2, >= 2.2.0)
       redis (~> 3.2, >= 3.2.1)
+      sinatra (>= 1.4.7)
+    sinatra (1.4.7)
+      rack (~> 1.5)
+      rack-protection (~> 1.4)
+      tilt (>= 1.3, < 3)
     slop (3.6.0)
-    sprockets (3.6.0)
+    sprockets (3.7.0)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
-    sprockets-rails (3.0.4)
+    sprockets-rails (3.1.1)
       actionpack (>= 4.0)
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
     thor (0.19.1)
     thread_safe (0.3.5)
+    tilt (2.0.5)
     tzinfo (1.2.2)
       thread_safe (~> 0.1)
     unf (0.1.4)

data/app/controllers/catarse_pagarme/notifications_controller.rb

@@ -6,7 +6,7 @@ module CatarsePagarme
       if payment
         payment.payment_notifications.create(contribution: payment.contribution, extra_data: params.to_json)
 
-        if PagarMe::validate_fingerprint(payment.try(:gateway_id), params[:fingerprint])
+        if valid_postback?
           delegator.change_status_by_transaction(params[:current_status])
           delegator.update_transaction
 
@@ -14,7 +14,7 @@ module CatarsePagarme
         end
       end
 
-      render nothing: true, status: 404
+      render_invalid_postback_response
     end
 
     protected
@@ -22,5 +22,15 @@ module CatarsePagarme
     def payment
       @payment ||=  PaymentEngines.find_payment({ gateway_id: params[:id] })
     end
+
+    def valid_postback?
+      raw_post  = request.raw_post
+      signature = request.headers['HTTP_X_HUB_SIGNATURE']
+      PagarMe::Postback.valid_request_signature?(raw_post, signature)
+    end
+
+    def render_invalid_postback_response
+      render json: {error: 'invalid postback'}, status: 400
+    end
   end
 end

data/catarse_pagarme.gemspec

@@ -18,7 +18,8 @@ Gem::Specification.new do |s|
   s.test_files = s.files.grep(%r{^(test|spec|features)/})
 
   s.add_dependency "rails", "~> 4.0"
-  s.add_dependency "pagarme", "1.10.0"
+  s.add_dependency "pagarme", "2.1.3"
+  #s.add_dependency "pagarme", "1.10.0"
   s.add_dependency "weekdays", ">= 1.0.2"
   s.add_dependency "sidekiq"
 

data/lib/catarse_pagarme/version.rb

@@ -1,3 +1,3 @@
 module CatarsePagarme
-  VERSION = "2.9.5"
+  VERSION = "2.9.6"
 end

data/spec/controllers/catarse_pagarme/notifications_controller_spec.rb

@@ -5,7 +5,7 @@ describe CatarsePagarme::NotificationsController, type: :controller do
 
   before do
     @routes = CatarsePagarme::Engine.routes
-    PagarMe.stub(:validate_fingerprint).and_return(true)
+    PagarMe::PostBack.stub(:validate_request_signature?).and_return(true)
     PagarMe::Transaction.stub(:find_by_id).and_return(fake_transaction)
   end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: catarse_pagarme
 version: !ruby/object:Gem::Version
-  version: 2.9.5
+  version: 2.9.6
 platform: ruby
 authors:
 - Antônio Roberto Silva
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-08-04 00:00:00.000000000 Z
+date: 2016-08-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -31,14 +31,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.10.0
+        version: 2.1.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.10.0
+        version: 2.1.3
 - !ruby/object:Gem::Dependency
   name: weekdays
   requirement: !ruby/object:Gem::Requirement