cronofy 0.37.2 → 0.37.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 3e09c2030d7992753a4e8f0e52af1d00d2ab6ced77f5e5b81336cb97a5c98ec6
4
- data.tar.gz: 464b7a63bdfb341f67da6f4556e4ee66b36db144d9d41270c9204ee6a10ca56c
3
+ metadata.gz: f398fb44b861ba5df84e244632877a53b050f584c08d15a815cb0e4abaae13bc
4
+ data.tar.gz: 8cea161bbef6df1b41a3ff52b29984c9ccd3f713abe279a7137e1e0be89cd7d7
5
5
  SHA512:
6
- metadata.gz: f6a6f59a184da190d6905b495a0c067437ab422561ccf26f23e1e7d6f48fd0a0d2c63bb033d46f760b9ce24e958539a58e319b8a160c2fc2a719f4f1e3f31bcd
7
- data.tar.gz: a777db3452a6cc462ba526447c17fe0790d73dd8b08517d62363ac3f5d9b7cb076d2b77ef614ed51f981941451362bd0f568fab4749c08bdc9bc38533974729b
6
+ metadata.gz: 5961670573669f876d06f772a1c96175ac2e37a06fb3b3c6a1c677da86f5cbcb50820aa1e71897b7e8379ec556b55f9b56751efb51037d2f642284e72f0f07ed
7
+ data.tar.gz: 7bf5e28b6786f2fee081d09562e9e2dd57a90652994d1755a13b76c9ad9484cb50ef9dce1784fd6921372a3f6b5b29888c2274e99ed13bdb196aa42036133233
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## [0.37.3]
2
+
3
+ * Support `hmac_valid` as well as the original `hmac_match` for Client to verify a HMAC from a push notification using the client's secret.[#95]
4
+
1
5
  ## [0.37.2]
2
6
 
3
7
  * Support `query_periods` as well as the original `available_periods` for Availability Query and Sequenced Availability [#91]
@@ -187,6 +191,7 @@
187
191
  [0.37.0]: https://github.com/cronofy/cronofy-ruby/releases/tag/v0.37.0
188
192
  [0.37.1]: https://github.com/cronofy/cronofy-ruby/releases/tag/v0.37.1
189
193
  [0.37.2]: https://github.com/cronofy/cronofy-ruby/releases/tag/v0.37.2
194
+ [0.37.3]: https://github.com/cronofy/cronofy-ruby/releases/tag/v0.37.3
190
195
 
191
196
  [#13]: https://github.com/cronofy/cronofy-ruby/pull/13
192
197
  [#16]: https://github.com/cronofy/cronofy-ruby/pull/16
@@ -231,3 +236,4 @@
231
236
  [#86]: https://github.com/cronofy/cronofy-ruby/pull/86
232
237
  [#90]: https://github.com/cronofy/cronofy-ruby/pull/90
233
238
  [#91]: https://github.com/cronofy/cronofy-ruby/pull/91
239
+ [#95]: https://github.com/cronofy/cronofy-ruby/pull/95
data/README.md CHANGED
@@ -1,6 +1,6 @@
1
1
  # Cronofy
2
2
 
3
- [![Build Status](https://travis-ci.org/cronofy/cronofy-ruby.svg?branch=master)](https://travis-ci.org/cronofy/cronofy-ruby)
3
+ [![ruby CI](https://github.com/cronofy/cronofy-ruby/actions/workflows/ci.yml/badge.svg)](https://github.com/cronofy/cronofy-ruby/actions/workflows/ci.yml)
4
4
  [![Gem Version](https://badge.fury.io/rb/cronofy.svg)](http://badge.fury.io/rb/cronofy)
5
5
 
6
6
  [Cronofy](https://www.cronofy.com) - the scheduling platform for business
@@ -134,6 +134,15 @@ To delete an event from user's calendar:
134
134
  cronofy.delete_event(calendar_id, 'uniq-id')
135
135
  ```
136
136
 
137
+ ## A feature I want is not in the SDK, how do I get it?
138
+
139
+ We add features to this SDK as they are requested, to focus on developing the Cronofy API.
140
+
141
+ If you're comfortable contributing support for an endpoint or attribute, then we love to receive pull requests!
142
+ Please create a PR mentioning the feature/API endpoint you’ve added and we’ll review it as soon as we can.
143
+
144
+ If you would like to request a feature is added by our team then please let us know by getting in touch via [support@cronofy.com](mailto:support@cronofy.com).
145
+
137
146
  ## Links
138
147
 
139
148
  * [API documentation](https://www.cronofy.com/developers/api)
@@ -471,24 +471,33 @@ module Cronofy
471
471
  parse_json(Channel, "channel", response)
472
472
  end
473
473
 
474
+ # DEPRECATED: Please use hmac_valid instead.
475
+ def hmac_match?(args)
476
+ warn "[DEPRECATION] `hmac_match?` is deprecated. Please use `hmac_valid?` instead."
477
+ hmac_valid?(args)
478
+ end
479
+
474
480
  # Public: Verifies a HMAC from a push notification using the client secret.
475
481
  #
476
482
  # args - A Hash containing the details of the push notification:
477
483
  # :body - A String of the body of the notification.
478
- # :hmac - A String of the HMAC of the notification taken from the
484
+ # :hmac - A String containing comma-separated values describing HMACs of the notification taken from the
479
485
  # Cronofy-HMAC-SHA256 header.
480
486
  #
481
- # Returns true if the HMAC provided matches the one calculated using the
487
+ # Returns true if one of the HMAC provided matches the one calculated using the
482
488
  # client secret, otherwise false.
483
- def hmac_match?(args)
489
+ def hmac_valid?(args)
484
490
  body = args[:body]
485
491
  hmac = args[:hmac]
486
492
 
493
+ return false if hmac.nil? || hmac.empty?
494
+
487
495
  sha256 = OpenSSL::Digest.new('sha256')
488
496
  digest = OpenSSL::HMAC.digest(sha256, @client_secret, body)
489
497
  calculated = Base64.encode64(digest).strip
490
498
 
491
- calculated == hmac
499
+ hmac_list = hmac.split(',')
500
+ hmac_list.include?(calculated)
492
501
  end
493
502
 
494
503
  # Public: Lists all the notification channels for the account.
@@ -1,3 +1,3 @@
1
1
  module Cronofy
2
- VERSION = "0.37.2".freeze
2
+ VERSION = "0.37.3".freeze
3
3
  end
@@ -2481,11 +2481,27 @@ describe Cronofy::Client do
2481
2481
  let(:body) { "{\"example\":\"well-known\"}" }
2482
2482
 
2483
2483
  it "verifies the correct HMAC" do
2484
- expect(client.hmac_match?(body: body, hmac: "6r2/HjBkqymGegX0wOfifieeUXbbHwtV/LohHS+jv6c=")).to be true
2484
+ expect(client.hmac_valid?(body: body, hmac: "6r2/HjBkqymGegX0wOfifieeUXbbHwtV/LohHS+jv6c=")).to be true
2485
2485
  end
2486
2486
 
2487
2487
  it "rejects an incorrect HMAC" do
2488
- expect(client.hmac_match?(body: body, hmac: "something-else")).to be false
2488
+ expect(client.hmac_valid?(body: body, hmac: "something-else")).to be false
2489
+ end
2490
+
2491
+ it "verifies the correct HMAC when one of the multiple HMACs splitted by ',' match" do
2492
+ expect(client.hmac_valid?(body: body, hmac: "6r2/HjBkqymGegX0wOfifieeUXbbHwtV/LohHS+jv6c=,something-else")).to be true
2493
+ end
2494
+
2495
+ it "rejects incorrect when multiple HMACs splitted by ',' don't match" do
2496
+ expect(client.hmac_valid?(body: body, hmac: "something-else,something-else2")).to be false
2497
+ end
2498
+
2499
+ it "rejects if empty HMAC" do
2500
+ expect(client.hmac_valid?(body: body, hmac: "")).to be false
2501
+ end
2502
+
2503
+ it "rejects if nil HMAC" do
2504
+ expect(client.hmac_valid?(body: body, hmac: nil)).to be false
2489
2505
  end
2490
2506
  end
2491
2507
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cronofy
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.37.2
4
+ version: 0.37.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sergii Paryzhskyi
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2021-01-15 00:00:00.000000000 Z
12
+ date: 2021-07-02 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: hashie
@@ -156,7 +156,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
156
156
  - !ruby/object:Gem::Version
157
157
  version: '0'
158
158
  requirements: []
159
- rubygems_version: 3.2.4
159
+ rubygems_version: 3.2.20
160
160
  signing_key:
161
161
  specification_version: 4
162
162
  summary: Cronofy - the scheduling platform for business