ibanity 2.2 → 2.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 566ef8be5eb38fe424c373b242d9599a780bc9f7acb52e1106002969d87dce6f
-  data.tar.gz: 96370ccdebf5f1cca9da24543826b068f43f9db4217899b48ce9380c20741258
+  metadata.gz: 319589bf55ec8cd48ca771266da34bc5374f8ebfa9ec4894c6b9b6ef7c8ca1bf
+  data.tar.gz: 5f7c0cc44590541555d51dfc96e1f1e70eabd54b19dbb14b66ffdb40f967a87d
 SHA512:
-  metadata.gz: 684c30e120f52414fb02b63613efef9e304a0369761ab0c2db6dc69e9aa78380ee0c7a0cad516a2451c02a65aac7abd9dd2d89c986fda8cb1d9d1e1ed8512b56
-  data.tar.gz: 1fb66ae09cbf094012640875cc24e17f604225c3d60de7af36f59d5de8b4d07702539b9a088d7893359b97302566d9944943add5176e89239d483d5d73880813
+  metadata.gz: 31ec94ee483bc7926d7a66dbb59a34d8bfcdec5e27daedcd7599a53b54c80611ff4d829a1f634b6d6c3c033592e321ab1faf9638c2e52fa00a7664aeac996250
+  data.tar.gz: 6f8bd1c3ff75e41c7e32178e9f060896de45245ec6fb8261cd406432eae62653071b4babbf5dd93d976978d63d3dab70e51f4bd3ade1afbcfbd22c753a567179

data/.github/workflows/gem-push.yml

@@ -12,7 +12,7 @@ jobs:
     steps:
       - uses: actions/checkout@v2
       - name: Set up Ruby 2.6
-        uses: actions/setup-ruby@v1
+        uses: ruby/setup-ruby@v1
         with:
           ruby-version: 2.6
 

data/CHANGELOG.md

@@ -1,5 +1,18 @@
 # Changelog
 
+## 2.3.1
+
+* Migrate from Jose to JWT gem following incompatibly with OpenSSL 3. Only used in webhooks signature validation.
+
+## 2.3
+
+* [Ponto Connect] Add IntegrationAccount
+* [XS2A] Add PendingTransaction
+* [XS2A] Add additional webhooks event
+
+  * `Ibanity::Webhooks::Xs2a::Account::PendingTransactionsCreated`
+  * `Ibanity::Webhooks::Xs2a::Account::PendingTransactionsUpdated`
+
 ## 2.2
 
 * [Ponto Connect] Add additional webhook events

data/ibanity.gemspec

@@ -19,6 +19,6 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_dependency "rest-client", ">= 1.8.0"
-  spec.add_dependency "jose", ">= 1.1.3"
+  spec.add_dependency "jwt", ">= 2.0.0"
   spec.add_development_dependency "rspec", "3.9.0"
 end

data/lib/ibanity/api/base_resource.rb

@@ -114,32 +114,40 @@ module Ibanity
       if relationship["data"]
         resource = relationship.dig("data", "type") || key
         klass = relationship_klass(resource)
-        method_name = Ibanity::Util.underscore(key)
-        define_singleton_method(method_name) do |headers: nil|
-          klass.find_by_uri(uri: url, headers: headers, customer_access_token: customer_access_token)
+        unless klass.nil?
+          method_name = Ibanity::Util.underscore(key)
+          define_singleton_method(method_name) do |headers: nil|
+            klass.find_by_uri(uri: url, headers: headers, customer_access_token: customer_access_token)
+          end
+          self[Ibanity::Util.underscore("#{key}_id")] = relationship.dig("data", "id")
         end
-        self[Ibanity::Util.underscore("#{key}_id")] = relationship.dig("data", "id")
       elsif relationship["meta"]
         resource = relationship.dig("meta", "type")
         klass = relationship_klass(resource)
-        method_name = Ibanity::Util.underscore(key)
-        define_singleton_method(method_name) do |headers: nil|
-          klass.find_by_uri(uri: url, headers: headers, customer_access_token: customer_access_token)
+        unless klass.nil?
+          method_name = Ibanity::Util.underscore(key)
+          define_singleton_method(method_name) do |headers: nil|
+            klass.find_by_uri(uri: url, headers: headers, customer_access_token: customer_access_token)
+          end
         end
       elsif relationship.dig("links", "meta", "type")
         resource = relationship.dig("links", "meta", "type")
         klass = relationship_klass(resource)
-        method_name = Ibanity::Util.underscore(key)
-        define_singleton_method(method_name) do |headers: nil, **query_params|
-          klass.list_by_uri(uri: url, headers: headers, query_params: query_params, customer_access_token: customer_access_token)
+        unless klass.nil?
+          method_name = Ibanity::Util.underscore(key)
+          define_singleton_method(method_name) do |headers: nil, **query_params|
+            klass.list_by_uri(uri: url, headers: headers, query_params: query_params, customer_access_token: customer_access_token)
+          end
         end
       else
         resource = key
         singular_resource = resource[0..-2]
         klass = relationship_klass(singular_resource)
-        method_name = Ibanity::Util.underscore(resource)
-        define_singleton_method(method_name) do |headers: nil, **query_params|
-          klass.list_by_uri(uri: url, headers: headers, query_params: query_params, customer_access_token: customer_access_token)
+        unless klass.nil?
+          method_name = Ibanity::Util.underscore(resource)
+          define_singleton_method(method_name) do |headers: nil, **query_params|
+            klass.list_by_uri(uri: url, headers: headers, query_params: query_params, customer_access_token: customer_access_token)
+          end
         end
       end
     end
@@ -159,7 +167,11 @@ module Ibanity
           Object.const_get(self.class.to_s.split("::")[0...-1].join("::"))
         end
 
-      enclosing_module.const_get(camelized_name)
+      begin
+        enclosing_module.const_get(camelized_name)
+      rescue => e
+        nil
+      end
     end
   end
 end

data/lib/ibanity/api/ponto_connect/integration_account.rb

@@ -0,0 +1,10 @@
+module Ibanity
+  module PontoConnect
+    class IntegrationAccount < Ibanity::BaseResource
+      def self.list(client_access_token:, **query_params)
+        uri = Ibanity.ponto_connect_api_schema["integrationAccounts"].sub("{integrationAccountId}", "")
+        list_by_uri(uri: uri, query_params: query_params, customer_access_token: client_access_token)
+      end
+    end
+  end
+end

data/lib/ibanity/api/webhooks/xs2a.rb

@@ -18,6 +18,12 @@ module Ibanity
 
         class TransactionsUpdated < Ibanity::BaseResource
         end
+
+        class PendingTransactionsCreated < Ibanity::BaseResource
+        end
+
+        class PendingTransactionsUpdated < Ibanity::BaseResource
+        end
       end
     end
   end

data/lib/ibanity/api/xs2a/pending_transaction.rb

@@ -0,0 +1,27 @@
+module Ibanity
+  module Xs2a
+    class PendingTransaction < Ibanity::BaseResource
+      def self.list(financial_institution_id: nil, account_id: nil, synchronization_id: nil, customer_access_token:, headers: nil,  **query_params)
+        uri = if synchronization_id
+          Ibanity.xs2a_api_schema["customer"]["synchronization"]["updatedPendingTransactions"]
+          .sub("{synchronizationId}", synchronization_id)
+        else
+          Ibanity.xs2a_api_schema["customer"]["financialInstitution"]["pendingTransactions"]
+            .sub("{financialInstitutionId}", financial_institution_id)
+            .sub("{accountId}", account_id)
+            .sub("{pendingTransactionId}", "")
+        end
+
+        list_by_uri(uri: uri, query_params: query_params, customer_access_token: customer_access_token, headers: headers)
+      end
+
+      def self.find(id:, financial_institution_id:, account_id:, customer_access_token:)
+        uri = Ibanity.xs2a_api_schema["customer"]["financialInstitution"]["pendingTransactions"]
+          .sub("{financialInstitutionId}", financial_institution_id)
+          .sub("{accountId}", account_id)
+          .sub("{pendingTransactionId}", id)
+        find_by_uri(uri: uri, customer_access_token: customer_access_token)
+      end
+    end
+  end
+end

data/lib/ibanity/version.rb

@@ -1,3 +1,3 @@
 module Ibanity
-  VERSION = "2.2"
+  VERSION = "2.3.1"
 end

data/lib/ibanity/webhook.rb

@@ -26,66 +26,56 @@ module Ibanity
       #
       # Returns true otherwise
       def self.verify!(payload, signature_header, tolerance)
-        begin
-          key_details = JOSE::JWT.peek_protected(signature_header).to_hash
-          raise unless key_details["alg"] == SIGNING_ALGORITHM && key_details["kid"]
-        rescue
-          raise Ibanity::Error.new("Key details could not be parsed from the header", nil)
-        end
-
-        key = Ibanity.webhook_keys.find { |key| key.kid == key_details["kid"] }
+        jwks_loader = ->(options) do
+          raise Ibanity::Error.new("The key id from the header didn't match an available signing key", nil) if options[:kid_not_found]
 
-        if key.nil?
-          raise Ibanity::Error.new("The key id from the header didn't match an available signing key", nil)
+          keys = Ibanity.webhook_keys.select { |key| key.use == "sig" }
+                                     .map { |key| JWT::JWK.new(key.to_h {|key, value| [key.to_s, value] }) }
+          JWT::JWK::Set.new(keys)
         end
-        signer = JOSE::JWK.from(key.to_h {|key, value| [key.to_s, value] })
-        verified, claims_string, _jws = JOSE::JWT.verify_strict(signer, [SIGNING_ALGORITHM], signature_header)
-
-        raise Ibanity::Error.new("The signature verification failed", nil) unless verified
 
-        jwt = JOSE::JWT.from(claims_string)
+        options = {
+          aud: Ibanity.client.application_id,
+          algorithm: SIGNING_ALGORITHM,
+          exp_leeway: tolerance,
+          iss: Ibanity.client.base_uri,
+          jwks: jwks_loader,
+          verify_aud: true,
+          verify_iss: true
+        }
+        jwts = JWT.decode(signature_header, nil, true, options)
+        jwt = jwts.first
 
         validate_digest!(jwt, payload)
         validate_issued_at!(jwt, tolerance)
-        validate_expiration!(jwt, tolerance)
-        validate_issuer!(jwt)
-        validate_audience!(jwt)
 
         true
+      rescue JWT::ExpiredSignature
+        raise_invalid_signature_error!("exp")
+      rescue JWT::IncorrectAlgorithm
+        raise Ibanity::Error.new("Incorrect algorithm for signature", nil)
+      rescue JWT::InvalidAudError
+        raise_invalid_signature_error!("aud")
+      rescue JWT::InvalidIssuerError
+        raise_invalid_signature_error!("iss")
+      rescue JWT::DecodeError
+        raise Ibanity::Error.new("The signature verification failed", nil)
       end
 
       private
 
       def self.validate_digest!(jwt, payload)
-        unless Digest::SHA512.base64digest(payload) == jwt.fields["digest"]
+        unless Digest::SHA512.base64digest(payload) == jwt["digest"]
           raise_invalid_signature_error!("digest")
         end
       end
 
       def self.validate_issued_at!(jwt, tolerance)
-        unless jwt.fields["iat"] <= Time.now.to_i + tolerance
+        unless jwt["iat"] <= Time.now.to_i + tolerance
           raise_invalid_signature_error!("iat")
         end
       end
 
-      def self.validate_expiration!(jwt, tolerance)
-        unless jwt.fields["exp"] >= Time.now.to_i - tolerance
-          raise_invalid_signature_error!("exp")
-        end
-      end
-
-      def self.validate_issuer!(jwt)
-        unless jwt.fields["iss"] == Ibanity.client.base_uri
-          raise_invalid_signature_error!("iss")
-        end
-      end
-
-      def self.validate_audience!(jwt)
-        unless jwt.fields["aud"] == Ibanity.client.application_id
-          raise_invalid_signature_error!("aud")
-        end
-      end
-
       def self.raise_invalid_signature_error!(field)
         raise Ibanity::Error.new("The signature #{field} is invalid", nil)
       end

data/lib/ibanity.rb

@@ -4,7 +4,7 @@ require "uri"
 require "rest_client"
 require "json"
 require "securerandom"
-require "jose"
+require "jwt"
 
 require_relative "ibanity/util"
 require_relative "ibanity/error"
@@ -15,6 +15,7 @@ require_relative "ibanity/api/base_resource"
 require_relative "ibanity/api/flat_resource"
 require_relative "ibanity/webhook"
 require_relative "ibanity/api/xs2a/account"
+require_relative "ibanity/api/xs2a/pending_transaction"
 require_relative "ibanity/api/xs2a/transaction"
 require_relative "ibanity/api/xs2a/holding"
 require_relative "ibanity/api/xs2a/batch_synchronization"
@@ -62,6 +63,7 @@ require_relative "ibanity/api/ponto_connect/sandbox/financial_institution_transa
 require_relative "ibanity/api/ponto_connect/onboarding_details"
 require_relative "ibanity/api/ponto_connect/reauthorization_request"
 require_relative "ibanity/api/ponto_connect/payment_activation_request"
+require_relative "ibanity/api/ponto_connect/integration_account"
 require_relative "ibanity/api/webhooks/key"
 require_relative "ibanity/api/webhooks/xs2a"
 require_relative "ibanity/api/webhooks/ponto_connect"

data/spec/lib/ibanity/webhook_signature_spec.rb

@@ -0,0 +1,75 @@
+require 'ibanity'
+
+RSpec.describe Ibanity::Webhook::Signature do
+  subject(:signature_module) { described_class }
+
+  let(:client) { instance_double("Ibanity::Client") }
+
+  before do
+    allow(Ibanity).to receive(:client).and_return(client)
+    allow(Ibanity).to receive(:webhook_keys).and_return(
+      [
+        Ibanity::Webhooks::Key.new(
+          alg: "RS512",
+          e: "AQAB",
+          kid: "sandbox_events_signature_1",
+          kty: "RSA",
+          n: "v9qVZmotpil47Pw2NOmP11bpE5B_GtG6ICfqtm13Uusa4asf4FWedclr-kQTV2Ly5rSItq2f3RGRNyove_4TiTIbx21rwM5HP0iFhlVaqHjkr1iSmKzCFojOnTM4UwKQNROhDVDC6TWIzSafZkBacUrCX5l0PLSh2aEK8aiopu5ajYpOr8Ipjw_mbKXxBfcxtjgskbXPyEcf6xlB_Dygl9-btAvRTKiuie4qAWANTdVAgSnddjZMJxFnndZMCH1h-z4ISwphBYbwG2aZrZ7RfHnoIROxsdmKeostYtHy3gMR4_poufzFRR8lpvODd3m7lzdXKBTCvzlQYBNpmf6gmG9p08laE-h67F1GoqvuqspcvRlVpGZEzEwRIbPMAaS4_omCSj4HFZyo58PLUsAp--AD8GGFfVMyBdFhTEkr2235O5AP4UMdHuvyP-NPFCsqibqKK1GIl_Hy0UXnqg7-MCGqs4jX1k4IZZ3wDwza30f1O6tUtaOT8YXzZ2ZWnVWyMLcNx6gep8t3A7gTzEXcselrJgO6SLFRhYA0QmtIRtTwnl-8OmjEi5AJVzO0e-yiRj7g_JLEmgG3pDwmvbiXzEqkY5mPqJMB9G5qcd0SWgvvZs02_1tRRhvw0D5BTKfcEcLW9PKm8Nts1_BGSXKOhTSeQgxuw4iC63ST3dtpl-0=",
+          status: "ACTIVE",
+          use: "sig"
+        )
+      ]
+    )
+    allow(client).to receive(:application_id).and_return("e643b5be-ccb1-4a38-b7b6-36689853bef5")
+    allow(client).to receive(:base_uri).and_return("https://api.ibanity.com")
+  end
+
+  describe ".verify!" do
+    let(:payload) { Fixture.load_unparsed_json("webhooks/example_payload.json") }
+    let(:signature) { Fixture.load_signature("webhooks/example_signature.sig") }
+    let(:tolerance) { Time.now.to_i + 10 - 1691670985 }
+
+    it "returns true for a correct signature" do
+      expect(signature_module.verify!(payload, signature, tolerance)).to be_truthy
+    end
+
+    it "raises an error if the contents are altered" do
+      expect do
+        signature_module.verify!(payload + "altered", signature, tolerance)
+      end.to raise_error(Ibanity::Error, /The signature digest is invalid/)
+    end
+
+    it "raises an error if the signature is expired" do
+      expect do
+        signature_module.verify!(payload, signature, 0)
+      end.to raise_error(Ibanity::Error, /The signature exp is invalid/)
+    end
+
+    it "raises an error if the audience is invalid" do
+      allow(client).to receive(:application_id).and_return("invalid")
+      expect do
+        signature_module.verify!(payload, signature, tolerance)
+      end.to raise_error(Ibanity::Error, /The signature aud is invalid/)
+    end
+
+    it "raises an error if the issuer is invalid" do
+      allow(client).to receive(:base_uri).and_return("invalid")
+      expect do
+        signature_module.verify!(payload, signature, tolerance)
+      end.to raise_error(Ibanity::Error, /The signature iss is invalid/)
+    end
+
+    it "raises an error if the signing key is unavailable" do
+      allow(Ibanity).to receive(:webhook_keys).and_return([])
+      expect do
+        signature_module.verify!(payload, signature, tolerance)
+      end.to raise_error(Ibanity::Error, /The key id from the header didn't match an available signing key/)
+    end
+
+    it "raises an error if the signature is altered" do
+      expect do
+        signature_module.verify!(payload, signature + "altered", tolerance)
+      end.to raise_error(Ibanity::Error, /The signature verification failed/)
+    end
+  end
+end

data/spec/support/fixture.rb

@@ -5,4 +5,14 @@ module Fixture
     path = Pathname([File.dirname(__FILE__ ), "fixtures", "json", filename].join("/"))
     JSON.parse(File.read(path))
   end
+
+  def self.load_unparsed_json(filename)
+    path = Pathname([File.dirname(__FILE__ ), "fixtures", "json", filename].join("/"))
+    File.read(path)
+  end
+
+  def self.load_signature(filename)
+    path = Pathname([File.dirname(__FILE__ ), "fixtures", "signature", filename].join("/"))
+    File.read(path)
+  end
 end

data/spec/support/fixtures/json/webhooks/example_payload.json

@@ -0,0 +1 @@
+{"data":{"attributes":{"createdAt":"2023-08-10T12:24:42.224Z","synchronizationSubtype":"accountTransactions"},"id":"3465fd2f-6c9a-484e-971e-56bf44c9181a","relationships":{"account":{"data":{"id":"1d89d411-e310-4802-bbb7-aad7d98371e7","type":"account"}},"organization":{"data":{"id":"9315d6b3-129a-481a-9604-e2a95e0f967d","type":"organization"}},"synchronization":{"data":{"id":"178b59a6-679f-43d4-b5ad-28caea0bc08b","type":"synchronization"}}},"type":"pontoConnect.synchronization.succeededWithoutChange"}}

data/spec/support/fixtures/signature/webhooks/example_signature.sig

@@ -0,0 +1 @@
+eyJhbGciOiJSUzUxMiIsImtpZCI6InNhbmRib3hfZXZlbnRzX3NpZ25hdHVyZV8xIn0.eyJhdWQiOiJlNjQzYjViZS1jY2IxLTRhMzgtYjdiNi0zNjY4OTg1M2JlZjUiLCJkaWdlc3QiOiJDZEJPWGwzMGsyM0lsVVdkM2JPL1FtazhXek5lN1NERjVCV3FUQnIyVzQ0VjlqRnhjZW4wSEFHVGsra0Nka0NjWVZsRW9PYmtZM0JCc2lPRnNFV0hIUT09IiwiZXhwIjoxNjkxNjcwOTg1LCJpYXQiOjE2OTE2NzA5MjUsImlzcyI6Imh0dHBzOi8vYXBpLmliYW5pdHkuY29tIiwianRpIjoiMWMyOTNkNTYtOTk1Yi00NDg5LTlhODMtMDEzZTg2ZTk4NjQ2In0.ooEZQDTfGmfYr5DmD7wVxdIN_0YXDBiwwL1_fFwSlTiIcr8vehAbDtcsyf3XrycySkUbWvtZYbhYXJw1BH4eDKdhCd2MnrxNX8BzxEjbAKzsGTT4l1YnrbBEIfcL_Z3qCzxJOzWErkSAgIi1XbiNFbw1YTU0c_Y0bBwxY6EEZgQVpG0-OXbzxhT7GRnsdSmYCAEkbLUzhRDj37fOz0oTfuimn04ANqVNJbTrOnQ2md_lOIS1XWl_WaDrk8pExUQ5JQii7dIxnzaHLB5J6U8zAOUchNLYJW1tcJmpVE_3baO_W6MvsWfEG9wY5Jud55WsnSHOOA4ak0KQJx3owqXt3uzlKH0MjPe6UeuJagZo1nXPW8IV6QCyvqtJ6TMwXqN67GHzh2YTS-Ct7qFxgHKFutlSfBfV4PaTTRd0ywqgTIVXY9P_hQmTSL_J0WiTg_2Di0ty10ehCau9rF1Bmpf2ZnSMK2Rr4JRPIMnFQsU-W5jZbZNF_tDaECzzkDoZgMDRrQT1TsdfSWU-XWG2f0ytiHKVcFJE9mMd25b2SJ6rx2e-TZaQwb5jO61uL1Q8zjvPWqofWZ5emiby9FWNFS-0fqF0UUJdlb7XU1fo_cQi0q4pYGgN2_2sgNETXr99zcTT2vpCf9x9RZGUzXne_WhZP_gp49m0kTX1W0s8O_2g2Do

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ibanity
 version: !ruby/object:Gem::Version
-  version: '2.2'
+  version: 2.3.1
 platform: ruby
 authors:
 - Ibanity
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-10-06 00:00:00.000000000 Z
+date: 2023-08-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -25,19 +25,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 1.8.0
 - !ruby/object:Gem::Dependency
-  name: jose
+  name: jwt
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.1.3
+        version: 2.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.1.3
+        version: 2.0.0
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -89,6 +89,7 @@ files:
 - lib/ibanity/api/ponto_connect/bulk_payment.rb
 - lib/ibanity/api/ponto_connect/financial_institution.rb
 - lib/ibanity/api/ponto_connect/integration.rb
+- lib/ibanity/api/ponto_connect/integration_account.rb
 - lib/ibanity/api/ponto_connect/onboarding_details.rb
 - lib/ibanity/api/ponto_connect/payment.rb
 - lib/ibanity/api/ponto_connect/payment_activation_request.rb
@@ -120,6 +121,7 @@ files:
 - lib/ibanity/api/xs2a/holding.rb
 - lib/ibanity/api/xs2a/payment_initiation_request.rb
 - lib/ibanity/api/xs2a/payment_initiation_request_authorization.rb
+- lib/ibanity/api/xs2a/pending_transaction.rb
 - lib/ibanity/api/xs2a/periodic_payment_initiation_request.rb
 - lib/ibanity/api/xs2a/periodic_payment_initiation_request_authorization.rb
 - lib/ibanity/api/xs2a/synchronization.rb
@@ -134,6 +136,7 @@ files:
 - spec/lib/ibanity/base_resource_spec.rb
 - spec/lib/ibanity/http_signature_spec.rb
 - spec/lib/ibanity/util_spec.rb
+- spec/lib/ibanity/webhook_signature_spec.rb
 - spec/spec_helper.rb
 - spec/support/crypto_helper.rb
 - spec/support/fixture.rb
@@ -141,9 +144,11 @@ files:
 - spec/support/fixtures/json/relationships/data_without_type.json
 - spec/support/fixtures/json/relationships/meta_with_type.json
 - spec/support/fixtures/json/relationships/no_links_related.json
+- spec/support/fixtures/json/webhooks/example_payload.json
 - spec/support/fixtures/signature/test-certificate.pem
 - spec/support/fixtures/signature/test-private_key.pem
 - spec/support/fixtures/signature/test-public_key.pem
+- spec/support/fixtures/signature/webhooks/example_signature.sig
 homepage: https://documentation.ibanity.com/api/ruby
 licenses:
 - MIT
@@ -171,6 +176,7 @@ test_files:
 - spec/lib/ibanity/base_resource_spec.rb
 - spec/lib/ibanity/http_signature_spec.rb
 - spec/lib/ibanity/util_spec.rb
+- spec/lib/ibanity/webhook_signature_spec.rb
 - spec/spec_helper.rb
 - spec/support/crypto_helper.rb
 - spec/support/fixture.rb
@@ -178,6 +184,8 @@ test_files:
 - spec/support/fixtures/json/relationships/data_without_type.json
 - spec/support/fixtures/json/relationships/meta_with_type.json
 - spec/support/fixtures/json/relationships/no_links_related.json
+- spec/support/fixtures/json/webhooks/example_payload.json
 - spec/support/fixtures/signature/test-certificate.pem
 - spec/support/fixtures/signature/test-private_key.pem
 - spec/support/fixtures/signature/test-public_key.pem
+- spec/support/fixtures/signature/webhooks/example_signature.sig