convoy.rb 0.3.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d84ba6e548b79893bcad3e8deb0a86d80c591e4009f0d6a11d64011a7b918593
4
- data.tar.gz: 2b5cf92c2939fb48e766928e86e63a0800ef99591a92a9472023a3f62d90e858
3
+ metadata.gz: e8f15617864719123de4834de4b15ae72db7ab5015e9a58a5abd51e4d08dbdac
4
+ data.tar.gz: 41e3736a899549a250bdfe9067e7b8c9d8cbbd24662c4eba4e6f2bebedabe3d0
5
5
  SHA512:
6
- metadata.gz: 30d0410db297a90f8a21243cf8aa477569865df8ae57af66159428f8745644f805f6900e18f0f0e022588ea2b0ee0b60ffa2bd961503ea625c21a9e791dfd14c
7
- data.tar.gz: 939f323b06ff770b6f4b9d48a3c196fca4a4a99cc72889ae6876b1e8139497d09d2a3ede98091a4cd7b434629a1cad274d0759bf5eb68e166d62112fa5725ee0
6
+ metadata.gz: 65ec9158b0afd2ca52b44133f70aa9355ba515c520a78eddc95d1e2d576917c2a5e1bf9a40dae5caf6bc5e3f14a9b5798700a2c9928df03a10d9453198b30273
7
+ data.tar.gz: a60f5bc98eef97a940fad99c84111c164f6948ce01c17929cea9c712ec1403084b293119895e88138f0284c1fc53419e797b5944cabcf55fc8159c312884a417
@@ -1,3 +1,3 @@
1
1
  module Convoy
2
- VERSION = "0.3.0"
2
+ VERSION = "0.4.0"
3
3
  end
@@ -34,8 +34,7 @@ module Convoy
34
34
  is_advanced = (sig_header.split(",")).length > 1
35
35
 
36
36
  if is_advanced
37
- verify_advanced_signature(payload, sig_header)
38
- return
37
+ return verify_advanced_signature(payload, sig_header)
39
38
  end
40
39
 
41
40
  verify_simple_signature(payload, sig_header)
@@ -49,7 +48,7 @@ module Convoy
49
48
 
50
49
  def verify_advanced_signature(payload, sig_header)
51
50
  timestamp_header, signatures = get_timestamp_and_signatures(sig_header)
52
- payload = "{#{timestamp_header}},{#{payload}}"
51
+ payload = "#{Integer(timestamp_header)},#{payload}"
53
52
 
54
53
  verify_timestamp(timestamp_header)
55
54
 
@@ -57,6 +56,8 @@ module Convoy
57
56
  raise SignatureVerificationError.new,
58
57
  "No signatures found matching the expected signature for payload"
59
58
  end
59
+
60
+ return true
60
61
  end
61
62
 
62
63
  def verify_timestamp(timestamp_header)
@@ -76,17 +77,19 @@ module Convoy
76
77
  def compute_signature(payload)
77
78
  case @encoding
78
79
  when "hex"
79
- return OpenSSL::HMAC.hexdigest(@hash, @secret, payload)
80
+ val = OpenSSL::HMAC.hexdigest(@hash, @secret, payload)
81
+ return val
80
82
  when "base64"
81
83
  hmac = OpenSSL::HMAC.digest(@hash, @secret, payload)
82
- return Base64.encode64(hmac)
84
+ return Base64.strict_encode64(hmac)
83
85
  end
84
86
  end
85
87
 
86
88
  def get_timestamp_and_signatures(sig_header)
87
89
  list_items = sig_header.split(/,\s*/).map { |i| i.split("=", 2) }
88
90
  timestamp = Integer(list_items.select { |i| i[0] == "t" }[0][1])
89
- [Time.at(timestamp), list_items[1]]
91
+ signatures = list_items[1..].map { |i| i[1] }
92
+ [Time.at(timestamp), signatures]
90
93
  end
91
94
  end
92
95
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: convoy.rb
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.0
4
+ version: 0.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Subomi Oluwalana
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2023-06-21 00:00:00.000000000 Z
11
+ date: 2024-01-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: zeitwerk