RubyGems - flipper - Versions diffs - 0.28.3 → 1.0.0 - Mend

flipper 0.28.3 → 1.0.0

Files changed (48) hide show

checksums.yaml +4 -4
data/.github/workflows/examples.yml +2 -2
data/Changelog.md +190 -165
data/Gemfile +5 -3
data/docs/images/flipper_cloud.png +0 -0
data/examples/cloud/app.ru +12 -0
data/examples/cloud/basic.rb +22 -0
data/examples/cloud/cloud_setup.rb +4 -0
data/examples/cloud/forked.rb +31 -0
data/examples/cloud/import.rb +17 -0
data/examples/cloud/threaded.rb +36 -0
data/examples/dsl.rb +0 -14
data/flipper-cloud.gemspec +19 -0
data/flipper.gemspec +3 -2
data/lib/flipper/cloud/configuration.rb +189 -0
data/lib/flipper/cloud/dsl.rb +27 -0
data/lib/flipper/cloud/instrumenter.rb +48 -0
data/lib/flipper/cloud/message_verifier.rb +95 -0
data/lib/flipper/cloud/middleware.rb +63 -0
data/lib/flipper/cloud/routes.rb +14 -0
data/lib/flipper/cloud.rb +53 -0
data/lib/flipper/dsl.rb +0 -46
data/lib/flipper/{railtie.rb → engine.rb} +19 -3
data/lib/flipper/metadata.rb +5 -1
data/lib/flipper/middleware/memoizer.rb +1 -1
data/lib/flipper/spec/shared_adapter_specs.rb +43 -43
data/lib/flipper/test/shared_adapter_test.rb +43 -43
data/lib/flipper/version.rb +1 -1
data/lib/flipper.rb +3 -5
data/spec/flipper/adapters/dual_write_spec.rb +2 -2
data/spec/flipper/adapters/instrumented_spec.rb +1 -1
data/spec/flipper/adapters/memoizable_spec.rb +6 -6
data/spec/flipper/adapters/operation_logger_spec.rb +2 -2
data/spec/flipper/adapters/read_only_spec.rb +6 -6
data/spec/flipper/cloud/configuration_spec.rb +269 -0
data/spec/flipper/cloud/dsl_spec.rb +82 -0
data/spec/flipper/cloud/message_verifier_spec.rb +104 -0
data/spec/flipper/cloud/middleware_spec.rb +289 -0
data/spec/flipper/cloud_spec.rb +180 -0
data/spec/flipper/dsl_spec.rb +0 -75
data/spec/flipper/engine_spec.rb +190 -0
data/spec/flipper_integration_spec.rb +12 -12
data/spec/flipper_spec.rb +0 -30
data/spec/spec_helper.rb +0 -12
data/spec/support/climate_control.rb +7 -0
metadata +54 -11
data/.tool-versions +0 -1
data/spec/flipper/railtie_spec.rb +0 -109

data/lib/flipper/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Flipper
-  VERSION = '0.28.3'.freeze
+  VERSION = '1.0.0'.freeze
 end

data/lib/flipper.rb CHANGED Viewed

@@ -56,13 +56,11 @@ module Flipper
   # Public: All the methods delegated to instance. These should match the
   # interface of Flipper::DSL.
   def_delegators :instance,
-                 :enabled?, :enable, :disable, :bool, :boolean,
-                 :enable_actor, :disable_actor, :actor,
+                 :enabled?, :enable, :disable,
+                 :enable_actor, :disable_actor,
                  :enable_group, :disable_group,
                  :enable_percentage_of_actors, :disable_percentage_of_actors,
-                 :actors, :percentage_of_actors,
                  :enable_percentage_of_time, :disable_percentage_of_time,
-                 :time, :percentage_of_time,
                  :features, :feature, :[], :preload, :preload_all,
                  :adapter, :add, :exist?, :remove, :import, :export,
                  :memoize=, :memoizing?,
@@ -167,4 +165,4 @@ require 'flipper/types/percentage_of_time'
 require 'flipper/typecast'
 require 'flipper/version'
-require "flipper/railtie" if defined?(Rails::Railtie)
+require "flipper/engine" if defined?(Rails)

data/spec/flipper/adapters/dual_write_spec.rb CHANGED Viewed

@@ -55,14 +55,14 @@ RSpec.describe Flipper::Adapters::DualWrite do
   it 'updates remote and local for #enable' do
     feature = sync[:search]
-    subject.enable feature, feature.gate(:boolean), local.boolean
+    subject.enable feature, feature.gate(:boolean), Flipper::Types::Boolean.new(true)
     expect(remote_adapter.count(:enable)).to be(1)
     expect(local_adapter.count(:enable)).to be(1)
   end
   it 'updates remote and local for #disable' do
     feature = sync[:search]
-    subject.disable feature, feature.gate(:boolean), local.boolean(false)
+    subject.disable feature, feature.gate(:boolean), Flipper::Types::Boolean.new(false)
     expect(remote_adapter.count(:disable)).to be(1)
     expect(local_adapter.count(:disable)).to be(1)
   end

data/spec/flipper/adapters/instrumented_spec.rb CHANGED Viewed

@@ -8,7 +8,7 @@ RSpec.describe Flipper::Adapters::Instrumented do
   let(:feature) { flipper[:stats] }
   let(:gate) { feature.gate(:percentage_of_actors) }
-  let(:thing) { flipper.actors(22) }
+  let(:thing) { Flipper::Types::PercentageOfActors.new(22) }
   subject do
     described_class.new(adapter, instrumenter: instrumenter)

data/spec/flipper/adapters/memoizable_spec.rb CHANGED Viewed

@@ -189,7 +189,7 @@ RSpec.describe Flipper::Adapters::Memoizable do
         feature = flipper[:stats]
         gate = feature.gate(:boolean)
         cache[described_class.key_for(feature.key)] = { some: 'thing' }
-        subject.enable(feature, gate, flipper.bool)
+        subject.enable(feature, gate, Flipper::Types::Boolean.new)
         expect(cache[described_class.key_for(feature.key)]).to be_nil
       end
     end
@@ -202,8 +202,8 @@ RSpec.describe Flipper::Adapters::Memoizable do
       it 'returns result' do
         feature = flipper[:stats]
         gate = feature.gate(:boolean)
-        result = subject.enable(feature, gate, flipper.bool)
-        adapter_result = adapter.enable(feature, gate, flipper.bool)
+        result = subject.enable(feature, gate, Flipper::Types::Boolean.new)
+        adapter_result = adapter.enable(feature, gate, Flipper::Types::Boolean.new)
         expect(result).to eq(adapter_result)
       end
     end
@@ -219,7 +219,7 @@ RSpec.describe Flipper::Adapters::Memoizable do
         feature = flipper[:stats]
         gate = feature.gate(:boolean)
         cache[described_class.key_for(feature.key)] = { some: 'thing' }
-        subject.disable(feature, gate, flipper.bool)
+        subject.disable(feature, gate, Flipper::Types::Boolean.new)
         expect(cache[described_class.key_for(feature.key)]).to be_nil
       end
     end
@@ -232,8 +232,8 @@ RSpec.describe Flipper::Adapters::Memoizable do
       it 'returns result' do
         feature = flipper[:stats]
         gate = feature.gate(:boolean)
-        result = subject.disable(feature, gate, flipper.bool)
-        adapter_result = adapter.disable(feature, gate, flipper.bool)
+        result = subject.disable(feature, gate, Flipper::Types::Boolean.new)
+        adapter_result = adapter.disable(feature, gate, Flipper::Types::Boolean.new)
         expect(result).to eq(adapter_result)
       end
     end

data/spec/flipper/adapters/operation_logger_spec.rb CHANGED Viewed

@@ -37,7 +37,7 @@ RSpec.describe Flipper::Adapters::OperationLogger do
     before do
       @feature = flipper[:stats]
       @gate = @feature.gate(:boolean)
-      @thing = flipper.bool
+      @thing = Flipper::Types::Boolean.new
       @result = subject.enable(@feature, @gate, @thing)
     end
@@ -54,7 +54,7 @@ RSpec.describe Flipper::Adapters::OperationLogger do
     before do
       @feature = flipper[:stats]
       @gate = @feature.gate(:boolean)
-      @thing = flipper.bool
+      @thing = Flipper::Types::Boolean.new
       @result = subject.disable(@feature, @gate, @thing)
     end

data/spec/flipper/adapters/read_only_spec.rb CHANGED Viewed

@@ -42,11 +42,11 @@ RSpec.describe Flipper::Adapters::ReadOnly do
   it 'can get feature' do
     actor22 = Flipper::Actor.new('22')
-    adapter.enable(feature, boolean_gate, flipper.boolean)
+    adapter.enable(feature, boolean_gate, Flipper::Types::Boolean.new)
     adapter.enable(feature, group_gate, flipper.group(:admins))
-    adapter.enable(feature, actor_gate, flipper.actor(actor22))
-    adapter.enable(feature, actors_gate, flipper.actors(25))
-    adapter.enable(feature, time_gate, flipper.time(45))
+    adapter.enable(feature, actor_gate, Flipper::Types::Actor.new(actor22))
+    adapter.enable(feature, actors_gate, Flipper::Types::PercentageOfActors.new(25))
+    adapter.enable(feature, time_gate, Flipper::Types::PercentageOfTime.new(45))
     expect(subject.get(feature)).to eq(boolean: 'true',
                                        groups: Set['admins'],
@@ -74,12 +74,12 @@ RSpec.describe Flipper::Adapters::ReadOnly do
   end
   it 'raises error on enable' do
-    expect { subject.enable(feature, boolean_gate, flipper.boolean) }
+    expect { subject.enable(feature, boolean_gate, Flipper::Types::Boolean.new) }
       .to raise_error(Flipper::Adapters::ReadOnly::WriteAttempted)
   end
   it 'raises error on disable' do
-    expect { subject.disable(feature, boolean_gate, flipper.boolean) }
+    expect { subject.disable(feature, boolean_gate, Flipper::Types::Boolean.new) }
       .to raise_error(Flipper::Adapters::ReadOnly::WriteAttempted)
   end
 end

data/spec/flipper/cloud/configuration_spec.rb ADDED Viewed

@@ -0,0 +1,269 @@
+require 'flipper/cloud/configuration'
+require 'flipper/adapters/instrumented'
+RSpec.describe Flipper::Cloud::Configuration do
+  let(:required_options) do
+    { token: "asdf" }
+  end
+  it "can set token" do
+    instance = described_class.new(required_options)
+    expect(instance.token).to eq(required_options[:token])
+  end
+  it "can set token from ENV var" do
+    with_env "FLIPPER_CLOUD_TOKEN" => "from_env" do
+      instance = described_class.new(required_options.reject { |k, v| k == :token })
+      expect(instance.token).to eq("from_env")
+    end
+  end
+  it "can set instrumenter" do
+    instrumenter = Object.new
+    instance = described_class.new(required_options.merge(instrumenter: instrumenter))
+    expect(instance.instrumenter).to be(instrumenter)
+  end
+  it "can set read_timeout" do
+    instance = described_class.new(required_options.merge(read_timeout: 5))
+    expect(instance.read_timeout).to eq(5)
+  end
+  it "can set read_timeout from ENV var" do
+    with_env "FLIPPER_CLOUD_READ_TIMEOUT" => "9" do
+      instance = described_class.new(required_options.reject { |k, v| k == :read_timeout })
+      expect(instance.read_timeout).to eq(9)
+    end
+  end
+  it "can set open_timeout" do
+    instance = described_class.new(required_options.merge(open_timeout: 5))
+    expect(instance.open_timeout).to eq(5)
+  end
+  it "can set open_timeout from ENV var" do
+    with_env "FLIPPER_CLOUD_OPEN_TIMEOUT" => "9" do
+      instance = described_class.new(required_options.reject { |k, v| k == :open_timeout })
+      expect(instance.open_timeout).to eq(9)
+    end
+  end
+  it "can set write_timeout" do
+    instance = described_class.new(required_options.merge(write_timeout: 5))
+    expect(instance.write_timeout).to eq(5)
+  end
+  it "can set write_timeout from ENV var" do
+    with_env "FLIPPER_CLOUD_WRITE_TIMEOUT" => "9" do
+      instance = described_class.new(required_options.reject { |k, v| k == :write_timeout })
+      expect(instance.write_timeout).to eq(9)
+    end
+  end
+  it "can set sync_interval" do
+    instance = described_class.new(required_options.merge(sync_interval: 1))
+    expect(instance.sync_interval).to eq(1)
+  end
+  it "can set sync_interval from ENV var" do
+    with_env "FLIPPER_CLOUD_SYNC_INTERVAL" => "5" do
+      instance = described_class.new(required_options.reject { |k, v| k == :sync_interval })
+      expect(instance.sync_interval).to eq(5)
+    end
+  end
+  it "passes sync_interval into sync adapter" do
+    # The initial sync of http to local invokes this web request.
+    stub_request(:get, /flippercloud\.io/).to_return(status: 200, body: "{}")
+    instance = described_class.new(required_options.merge(sync_interval: 1))
+    poller = instance.send(:poller)
+    expect(poller.interval).to eq(1)
+  end
+  it "can set debug_output" do
+    instance = described_class.new(required_options.merge(debug_output: STDOUT))
+    expect(instance.debug_output).to eq(STDOUT)
+  end
+  it "defaults adapter block" do
+    # The initial sync of http to local invokes this web request.
+    stub_request(:get, /flippercloud\.io/).to_return(status: 200, body: "{}")
+    instance = described_class.new(required_options)
+    expect(instance.adapter).to be_instance_of(Flipper::Adapters::DualWrite)
+  end
+  it "can override adapter block" do
+    # The initial sync of http to local invokes this web request.
+    stub_request(:get, /flippercloud\.io/).to_return(status: 200, body: "{}")
+    instance = described_class.new(required_options)
+    instance.adapter do |adapter|
+      Flipper::Adapters::Instrumented.new(adapter)
+    end
+    expect(instance.adapter).to be_instance_of(Flipper::Adapters::Instrumented)
+  end
+  it "defaults url" do
+    instance = described_class.new(required_options.reject { |k, v| k == :url })
+    expect(instance.url).to eq("https://www.flippercloud.io/adapter")
+  end
+  it "can override url using options" do
+    options = required_options.merge(url: "http://localhost:5000/adapter")
+    instance = described_class.new(options)
+    expect(instance.url).to eq("http://localhost:5000/adapter")
+    instance = described_class.new(required_options)
+    instance.url = "http://localhost:5000/adapter"
+    expect(instance.url).to eq("http://localhost:5000/adapter")
+  end
+  it "can override URL using ENV var" do
+    with_env "FLIPPER_CLOUD_URL" => "https://example.com" do
+      instance = described_class.new(required_options.reject { |k, v| k == :url })
+      expect(instance.url).to eq("https://example.com")
+    end
+  end
+  it "defaults sync_method to :poll" do
+    instance = described_class.new(required_options)
+    expect(instance.sync_method).to eq(:poll)
+  end
+  it "sets sync_method to :webhook if sync_secret provided" do
+    instance = described_class.new(required_options.merge({
+      sync_secret: "secret",
+    }))
+    expect(instance.sync_method).to eq(:webhook)
+    expect(instance.adapter).to be_instance_of(Flipper::Adapters::DualWrite)
+  end
+  it "sets sync_method to :webhook if FLIPPER_CLOUD_SYNC_SECRET set" do
+    with_env "FLIPPER_CLOUD_SYNC_SECRET" => "abc" do
+      instance = described_class.new(required_options)
+      expect(instance.sync_method).to eq(:webhook)
+      expect(instance.adapter).to be_instance_of(Flipper::Adapters::DualWrite)
+    end
+  end
+  it "can set sync_secret" do
+    instance = described_class.new(required_options.merge(sync_secret: "from_config"))
+      expect(instance.sync_secret).to eq("from_config")
+  end
+  it "can override sync_secret using ENV var" do
+    with_env "FLIPPER_CLOUD_SYNC_SECRET" => "from_env" do
+      instance = described_class.new(required_options.reject { |k, v| k == :sync_secret })
+      expect(instance.sync_secret).to eq("from_env")
+    end
+  end
+  it "can sync with cloud" do
+    body = JSON.generate({
+      "features": [
+        {
+          "key": "search",
+          "state": "on",
+          "gates": [
+            {
+              "key": "boolean",
+              "name": "boolean",
+              "value": true
+            },
+            {
+              "key": "groups",
+              "name": "group",
+              "value": []
+            },
+            {
+              "key": "actors",
+              "name": "actor",
+              "value": []
+            },
+            {
+              "key": "percentage_of_actors",
+              "name": "percentage_of_actors",
+              "value": 0
+            },
+            {
+              "key": "percentage_of_time",
+              "name": "percentage_of_time",
+              "value": 0
+            }
+          ]
+        },
+        {
+          "key": "history",
+          "state": "off",
+          "gates": [
+            {
+              "key": "boolean",
+              "name": "boolean",
+              "value": false
+            },
+            {
+              "key": "groups",
+              "name": "group",
+              "value": []
+            },
+            {
+              "key": "actors",
+              "name": "actor",
+              "value": []
+            },
+            {
+              "key": "percentage_of_actors",
+              "name": "percentage_of_actors",
+              "value": 0
+            },
+            {
+              "key": "percentage_of_time",
+              "name": "percentage_of_time",
+              "value": 0
+            }
+          ]
+        }
+      ]
+    })
+    stub = stub_request(:get, "https://www.flippercloud.io/adapter/features?exclude_gate_names=true").
+      with({
+        headers: {
+          'Flipper-Cloud-Token'=>'asdf',
+        },
+      }).to_return(status: 200, body: body, headers: {})
+    instance = described_class.new(required_options)
+    instance.sync
+    # Check that remote was fetched.
+    expect(stub).to have_been_requested
+    # Check that local adapter really did sync.
+    local_adapter = instance.local_adapter
+    all = local_adapter.get_all
+    expect(all.keys).to eq(["search", "history"])
+    expect(all["search"][:boolean]).to eq("true")
+    expect(all["history"][:boolean]).to eq(nil)
+  end
+  it "can setup brow to report events to cloud" do
+    # skip logging brow
+    Brow.logger = Logger.new(File::NULL)
+    brow = described_class.new(required_options).brow
+    stub = stub_request(:post, "https://www.flippercloud.io/adapter/events")
+      .with { |request|
+        data = JSON.parse(request.body)
+        data.keys == ["uuid", "messages"] && data["messages"] == [{"n" => 1}]
+      }
+      .to_return(status: 201, body: "{}", headers: {})
+    brow.push({"n" => 1})
+    brow.worker.stop
+    expect(stub).to have_been_requested.times(1)
+  end
+end

data/spec/flipper/cloud/dsl_spec.rb ADDED Viewed

@@ -0,0 +1,82 @@
+require 'flipper/cloud/configuration'
+require 'flipper/cloud/dsl'
+require 'flipper/adapters/operation_logger'
+require 'flipper/adapters/instrumented'
+RSpec.describe Flipper::Cloud::DSL do
+  it 'delegates everything to flipper instance' do
+    cloud_configuration = Flipper::Cloud::Configuration.new({
+      token: "asdf",
+      sync_secret: "tasty",
+    })
+    dsl = described_class.new(cloud_configuration)
+    expect(dsl.features).to eq(Set.new)
+    expect(dsl.enabled?(:foo)).to be(false)
+  end
+  it 'delegates sync to cloud configuration' do
+    stub = stub_request(:get, "https://www.flippercloud.io/adapter/features?exclude_gate_names=true").
+      with({
+        headers: {
+          'Flipper-Cloud-Token'=>'asdf',
+        },
+      }).to_return(status: 200, body: '{"features": {}}', headers: {})
+    cloud_configuration = Flipper::Cloud::Configuration.new({
+      token: "asdf",
+      sync_secret: "tasty",
+    })
+    dsl = described_class.new(cloud_configuration)
+    dsl.sync
+    expect(stub).to have_been_requested
+  end
+  it 'delegates sync_secret to cloud configuration' do
+    cloud_configuration = Flipper::Cloud::Configuration.new({
+      token: "asdf",
+      sync_secret: "tasty",
+    })
+    dsl = described_class.new(cloud_configuration)
+    expect(dsl.sync_secret).to eq("tasty")
+  end
+  context "when sync_method is webhook" do
+    let(:local_adapter) do
+      Flipper::Adapters::OperationLogger.new Flipper::Adapters::Memory.new
+    end
+    let(:cloud_configuration) do
+      cloud_configuration = Flipper::Cloud::Configuration.new({
+        token: "asdf",
+        sync_secret: "tasty",
+        local_adapter: local_adapter
+      })
+    end
+    subject do
+      described_class.new(cloud_configuration)
+    end
+    it "sends reads to local adapter" do
+      subject.features
+      subject.enabled?(:foo)
+      expect(local_adapter.count(:features)).to be(1)
+      expect(local_adapter.count(:get)).to be(1)
+    end
+    it "sends writes to cloud and local" do
+      add_stub = stub_request(:post, "https://www.flippercloud.io/adapter/features").
+        with({headers: {'Flipper-Cloud-Token'=>'asdf'}}).
+        to_return(status: 200, body: '{}', headers: {})
+      enable_stub = stub_request(:post, "https://www.flippercloud.io/adapter/features/foo/boolean").
+        with(headers: {'Flipper-Cloud-Token'=>'asdf'}).
+        to_return(status: 200, body: '{}', headers: {})
+      subject.enable(:foo)
+      expect(local_adapter.count(:add)).to be(1)
+      expect(local_adapter.count(:enable)).to be(1)
+      expect(add_stub).to have_been_requested
+      expect(enable_stub).to have_been_requested
+    end
+  end
+end

data/spec/flipper/cloud/message_verifier_spec.rb ADDED Viewed

@@ -0,0 +1,104 @@
+require 'flipper/cloud/message_verifier'
+RSpec.describe Flipper::Cloud::MessageVerifier do
+  let(:payload) { "some payload" }
+  let(:secret) { "secret" }
+  let(:timestamp) { Time.now }
+  describe "#generate" do
+    it "generates signature that can be verified" do
+      message_verifier = Flipper::Cloud::MessageVerifier.new(secret: secret)
+      signature = message_verifier.generate(payload, timestamp)
+      header = generate_header(timestamp: timestamp, signature: signature)
+      expect(message_verifier.verify(payload, header)).to be(true)
+    end
+  end
+  describe "#header" do
+    it "generates a header in valid format" do
+      version = "v1"
+      message_verifier = Flipper::Cloud::MessageVerifier.new(secret: secret, version: version)
+      signature = message_verifier.generate(payload, timestamp)
+      header = message_verifier.header(signature, timestamp)
+      expect(header).to eq("t=#{timestamp.to_i},#{version}=#{signature}")
+    end
+  end
+  describe ".header" do
+    it "generates a header in valid format" do
+      version = "v1"
+      message_verifier = Flipper::Cloud::MessageVerifier.new(secret: secret, version: version)
+      signature = message_verifier.generate(payload, timestamp)
+      header = Flipper::Cloud::MessageVerifier.header(signature, timestamp, version)
+      expect(header).to eq("t=#{timestamp.to_i},#{version}=#{signature}")
+    end
+  end
+  describe "#verify" do
+    it "raises a InvalidSignature when the header does not have the expected format" do
+      header = "i'm not even a real signature header"
+      expect {
+        message_verifier = Flipper::Cloud::MessageVerifier.new(secret: "secret")
+        message_verifier.verify(payload, header)
+      }.to raise_error(Flipper::Cloud::MessageVerifier::InvalidSignature, "Unable to extract timestamp and signatures from header")
+    end
+    it "raises a InvalidSignature when there are no signatures with the expected version" do
+      header = generate_header(version: "v0")
+      expect {
+        message_verifier = Flipper::Cloud::MessageVerifier.new(secret: "secret")
+        message_verifier.verify(payload, header)
+      }.to raise_error(Flipper::Cloud::MessageVerifier::InvalidSignature, /No signatures found with expected version/)
+    end
+    it "raises a InvalidSignature when there are no valid signatures for the payload" do
+      header = generate_header(signature: "bad_signature")
+      expect {
+        message_verifier = Flipper::Cloud::MessageVerifier.new(secret: "secret")
+        message_verifier.verify(payload, header)
+      }.to raise_error(Flipper::Cloud::MessageVerifier::InvalidSignature, "No signatures found matching the expected signature for payload")
+    end
+    it "raises a InvalidSignature when the timestamp is not within the tolerance" do
+      header = generate_header(timestamp: Time.now - 15)
+      expect {
+        message_verifier = Flipper::Cloud::MessageVerifier.new(secret: secret)
+        message_verifier.verify(payload, header, tolerance: 10)
+      }.to raise_error(Flipper::Cloud::MessageVerifier::InvalidSignature, /Timestamp outside the tolerance zone/)
+    end
+    it "returns true when the header contains a valid signature and the timestamp is within the tolerance" do
+      header = generate_header
+      message_verifier = Flipper::Cloud::MessageVerifier.new(secret: "secret")
+      expect(message_verifier.verify(payload, header, tolerance: 10)).to be(true)
+    end
+    it "returns true when the header contains at least one valid signature" do
+      header = generate_header + ",v1=bad_signature"
+      message_verifier = Flipper::Cloud::MessageVerifier.new(secret: secret)
+      expect(message_verifier.verify(payload, header, tolerance: 10)).to be(true)
+    end
+    it "returns true when the header contains a valid signature and the timestamp is off but no tolerance is provided" do
+      header = generate_header(timestamp: Time.at(12_345))
+      message_verifier = Flipper::Cloud::MessageVerifier.new(secret: secret)
+      expect(message_verifier.verify(payload, header)).to be(true)
+    end
+  end
+  private
+  def generate_header(options = {})
+    options[:secret] ||= secret
+    options[:version] ||= "v1"
+    message_verifier = Flipper::Cloud::MessageVerifier.new(secret: options[:secret], version: options[:version])
+    options[:timestamp] ||= timestamp
+    options[:payload] ||= payload
+    options[:signature] ||= message_verifier.generate(options[:payload], options[:timestamp])
+    Flipper::Cloud::MessageVerifier.header(options[:signature], options[:timestamp], options[:version])
+  end
+end