grape-slack-bot 1.7.1 → 1.8.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/slack_bot/grape_extension.rb +10 -3
- data/lib/slack_bot.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 14a99557c3003723987fd3dc625947edbbfffce3148f54d96936e215b6e72109
|
4
|
+
data.tar.gz: 985a1643aa6ce06348f43ddd03a072769a800025ddb56f608ed180de7cc881bf
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5ef98824c8057203c4fd1256c3f45b215182b4590e956cad718ee64f89fe4d5ed2bb39845f0eef390556b6f25456953bd07600f364613358a31edfdbaf8b4e60
|
7
|
+
data.tar.gz: 8f480e83107bb51bacd21ff4211877d37ebb367336243484b99c0a87973f615bab6af7b1b90083dc43b8671d7a7f796be99433dd36ae82986dd3ec1c4d2e581c
|
@@ -12,9 +12,17 @@ module SlackBot
|
|
12
12
|
end
|
13
13
|
|
14
14
|
def verify_slack_signature!
|
15
|
-
slack_signing_secret = ENV
|
16
|
-
timestamp = request.headers
|
15
|
+
slack_signing_secret = ENV["SLACK_SIGNING_SECRET"]
|
16
|
+
timestamp = request.headers["x-slack-request-timestamp"] || request.headers["X-Slack-Request-Timestamp"]
|
17
|
+
slack_signature = request.headers["x-slack-signature"] || request.headers["X-Slack-Signature"]
|
18
|
+
if slack_signing_secret.blank? || timestamp.blank? || slack_signature.blank?
|
19
|
+
raise SlackBot::Errors::SignatureAuthenticationError.new("Missing signature headers")
|
20
|
+
end
|
21
|
+
|
22
|
+
request.body.rewind
|
17
23
|
request_body = request.body.read
|
24
|
+
request.body.rewind
|
25
|
+
|
18
26
|
sig_basestring = "v0:#{timestamp}:#{request_body}"
|
19
27
|
my_signature =
|
20
28
|
"v0=" +
|
@@ -23,7 +31,6 @@ module SlackBot
|
|
23
31
|
slack_signing_secret,
|
24
32
|
sig_basestring
|
25
33
|
)
|
26
|
-
slack_signature = request.headers.fetch("x-slack-signature")
|
27
34
|
if ActiveSupport::SecurityUtils.secure_compare(
|
28
35
|
my_signature,
|
29
36
|
slack_signature
|
data/lib/slack_bot.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: grape-slack-bot
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.8.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andrei Makarov
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-05-
|
11
|
+
date: 2024-05-24 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rack
|