grape-slack-bot 1.7.1 → 1.8.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/slack_bot/grape_extension.rb +10 -3
  3. data/lib/slack_bot.rb +1 -1
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2af9ee1dcca9101aaf2fb823f45ce1609c591024ab1e9084d3add79fad87d243
4
- data.tar.gz: d83d3790de38c03b5f0cf6757ac7fc66334793a76d07fc9e0d82b2cb110306a5
3
+ metadata.gz: 14a99557c3003723987fd3dc625947edbbfffce3148f54d96936e215b6e72109
4
+ data.tar.gz: 985a1643aa6ce06348f43ddd03a072769a800025ddb56f608ed180de7cc881bf
5
5
  SHA512:
6
- metadata.gz: 26b539c209daf44688511578754ebc222a919728a2694bca0d11a737cc0222d219bc61b382974cd10d8ff9d0f31222d0b97e61074ae5a7210516f3a003806dd9
7
- data.tar.gz: '04719c66bec6569d1cf2dc99351bffc55cb6826d53fb3e07678e803bda60c5f69f590b952f6a7468b795777a2c6c79fcff48f9ec1f03241574f5b6ce7598d6ac'
6
+ metadata.gz: 5ef98824c8057203c4fd1256c3f45b215182b4590e956cad718ee64f89fe4d5ed2bb39845f0eef390556b6f25456953bd07600f364613358a31edfdbaf8b4e60
7
+ data.tar.gz: 8f480e83107bb51bacd21ff4211877d37ebb367336243484b99c0a87973f615bab6af7b1b90083dc43b8671d7a7f796be99433dd36ae82986dd3ec1c4d2e581c
data/lib/slack_bot/grape_extension.rb CHANGED
@@ -12,9 +12,17 @@ module SlackBot
12
12
  end
13
13
 
14
14
  def verify_slack_signature!
15
- slack_signing_secret = ENV.fetch("SLACK_SIGNING_SECRET")
16
- timestamp = request.headers.fetch("x-slack-request-timestamp")
15
+ slack_signing_secret = ENV["SLACK_SIGNING_SECRET"]
16
+ timestamp = request.headers["x-slack-request-timestamp"] || request.headers["X-Slack-Request-Timestamp"]
17
+ slack_signature = request.headers["x-slack-signature"] || request.headers["X-Slack-Signature"]
18
+ if slack_signing_secret.blank? || timestamp.blank? || slack_signature.blank?
19
+ raise SlackBot::Errors::SignatureAuthenticationError.new("Missing signature headers")
20
+ end
21
+
22
+ request.body.rewind
17
23
  request_body = request.body.read
24
+ request.body.rewind
25
+
18
26
  sig_basestring = "v0:#{timestamp}:#{request_body}"
19
27
  my_signature =
20
28
  "v0=" +
@@ -23,7 +31,6 @@ module SlackBot
23
31
  slack_signing_secret,
24
32
  sig_basestring
25
33
  )
26
- slack_signature = request.headers.fetch("x-slack-signature")
27
34
  if ActiveSupport::SecurityUtils.secure_compare(
28
35
  my_signature,
29
36
  slack_signature
data/lib/slack_bot.rb CHANGED
@@ -22,5 +22,5 @@ require "slack_bot/pager"
22
22
  require "slack_bot/grape_extension"
23
23
 
24
24
  module SlackBot
25
- VERSION = "1.7.1".freeze
25
+ VERSION = "1.8.0".freeze
26
26
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: grape-slack-bot
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.7.1
4
+ version: 1.8.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrei Makarov
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-05-16 00:00:00.000000000 Z
11
+ date: 2024-05-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack