grape-slack-bot 1.7.1 → 1.7.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/slack_bot/grape_extension.rb +7 -3
- data/lib/slack_bot.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 92616381f617b332e3c87bff1078c1039fa1fb15b9e6b6c1cc536be3e4a4d7fb
|
|
4
|
+
data.tar.gz: e9d7d54737d837adfde2df90d79446ba92a8db469c04156c9b16e608bd272b0c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3c6a8d172c58244862bd8724db7a329a827e13a57b527daaecb21545f63f2a8ea5003a3f4800bd63d014b2c4a4c60c0d34b729bcd84325e7541015e56db03b4f
|
|
7
|
+
data.tar.gz: da94c5ffcb89090fdc79addf066d24f7cbc5643e7e729556f660806b430781fb25a4086dc64aa4efbf1eb257e99e210d0199d626172638b6361a4143d99d7f65
|
|
@@ -12,8 +12,13 @@ module SlackBot
|
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
def verify_slack_signature!
|
|
15
|
-
slack_signing_secret = ENV
|
|
16
|
-
timestamp = request.headers
|
|
15
|
+
slack_signing_secret = ENV["SLACK_SIGNING_SECRET"]
|
|
16
|
+
timestamp = request.headers["x-slack-request-timestamp"] || request.headers["X-Slack-Request-Timestamp"]
|
|
17
|
+
slack_signature = request.headers["x-slack-signature"] || request.headers["X-Slack-Signature"]
|
|
18
|
+
if slack_signing_secret.blank? || timestamp.blank? || slack_signature.blank?
|
|
19
|
+
raise SlackBot::Errors::SignatureAuthenticationError.new("Missing signature headers")
|
|
20
|
+
end
|
|
21
|
+
|
|
17
22
|
request_body = request.body.read
|
|
18
23
|
sig_basestring = "v0:#{timestamp}:#{request_body}"
|
|
19
24
|
my_signature =
|
|
@@ -23,7 +28,6 @@ module SlackBot
|
|
|
23
28
|
slack_signing_secret,
|
|
24
29
|
sig_basestring
|
|
25
30
|
)
|
|
26
|
-
slack_signature = request.headers.fetch("x-slack-signature")
|
|
27
31
|
if ActiveSupport::SecurityUtils.secure_compare(
|
|
28
32
|
my_signature,
|
|
29
33
|
slack_signature
|
data/lib/slack_bot.rb
CHANGED