intercom-rails 0.2.6 → 0.2.7
Sign up to get free protection for your applications and to get access to all the features.
@@ -16,8 +16,8 @@ module IntercomRails
|
|
16
16
|
self.secret = options[:secret] || Config.api_secret
|
17
17
|
self.widget_options = widget_options_from_config.merge(options[:widget] || {})
|
18
18
|
self.controller = options[:controller]
|
19
|
-
self.user_details = options[:find_current_user_details] ? find_current_user_details : options[:user_details]
|
20
|
-
self.company_details = if options[:find_current_company_details]
|
19
|
+
self.user_details = options[:find_current_user_details] ? find_current_user_details : options[:user_details]
|
20
|
+
self.company_details = if options[:find_current_company_details]
|
21
21
|
find_current_company_details
|
22
22
|
elsif options[:user_details]
|
23
23
|
options[:user_details].delete(:company) if options[:user_details]
|
@@ -35,7 +35,7 @@ module IntercomRails
|
|
35
35
|
hsh
|
36
36
|
end
|
37
37
|
|
38
|
-
def output
|
38
|
+
def output
|
39
39
|
str = <<-INTERCOM_SCRIPT
|
40
40
|
<script id="IntercomSettingsScriptTag">
|
41
41
|
var intercomSettings = #{ActiveSupport::JSON.encode(intercom_settings)};
|
@@ -75,7 +75,7 @@ module IntercomRails
|
|
75
75
|
def find_current_user_details
|
76
76
|
return {} unless controller.present?
|
77
77
|
Proxy::User.current_in_context(controller).to_hash
|
78
|
-
rescue NoUserFoundError
|
78
|
+
rescue NoUserFoundError
|
79
79
|
{}
|
80
80
|
end
|
81
81
|
|
@@ -94,8 +94,7 @@ module IntercomRails
|
|
94
94
|
end
|
95
95
|
|
96
96
|
def user_hash
|
97
|
-
|
98
|
-
Digest::SHA1.hexdigest(components.join)
|
97
|
+
OpenSSL::HMAC.hexdigest("sha256", secret, (user_details[:user_id] || user_details[:email]))
|
99
98
|
end
|
100
99
|
|
101
100
|
def app_id
|
@@ -105,7 +104,7 @@ module IntercomRails
|
|
105
104
|
nil
|
106
105
|
end
|
107
106
|
|
108
|
-
def widget_options_from_config
|
107
|
+
def widget_options_from_config
|
109
108
|
config = {}
|
110
109
|
|
111
110
|
activator = case Config.inbox.style
|
@@ -125,7 +125,7 @@ class AutoIncludeFilterTest < ActionController::TestCase
|
|
125
125
|
|
126
126
|
assert_includes @response.body, "<script>"
|
127
127
|
assert_includes @response.body, "user_hash"
|
128
|
-
assert_includes @response.body,
|
128
|
+
assert_includes @response.body, OpenSSL::HMAC.hexdigest("sha256", 'abcd', @controller.current_user.email)
|
129
129
|
end
|
130
130
|
|
131
131
|
def test_no_app_id_present
|
@@ -40,29 +40,29 @@ class ScriptTagTest < MiniTest::Unit::TestCase
|
|
40
40
|
|
41
41
|
def test_secure_mode_with_email
|
42
42
|
script_tag = ScriptTag.new(:user_details => {:email => 'ciaran@intercom.io'}, :secret => 'abcdefgh')
|
43
|
-
assert_equal
|
43
|
+
assert_equal OpenSSL::HMAC.hexdigest("sha256", 'abcdefgh', 'ciaran@intercom.io'), script_tag.intercom_settings[:user_hash]
|
44
44
|
end
|
45
45
|
|
46
46
|
def test_secure_mode_with_user_id
|
47
47
|
script_tag = ScriptTag.new(:user_details => {:user_id => '1234'}, :secret => 'abcdefgh')
|
48
|
-
assert_equal
|
48
|
+
assert_equal OpenSSL::HMAC.hexdigest("sha256", 'abcdefgh', '1234'), script_tag.intercom_settings[:user_hash]
|
49
49
|
end
|
50
50
|
|
51
51
|
def test_secure_mode_with_email_and_user_id
|
52
52
|
script_tag = ScriptTag.new(:user_details => {:user_id => '1234', :email => 'ciaran@intercom.io'}, :secret => 'abcdefgh')
|
53
|
-
assert_equal
|
53
|
+
assert_equal OpenSSL::HMAC.hexdigest("sha256", 'abcdefgh', '1234'), script_tag.intercom_settings[:user_hash]
|
54
54
|
end
|
55
55
|
|
56
56
|
def test_secure_mode_with_secret_from_config
|
57
57
|
IntercomRails.config.api_secret = 'abcd'
|
58
58
|
script_tag = ScriptTag.new(:user_details => {:email => 'ben@intercom.io'})
|
59
|
-
assert_equal
|
59
|
+
assert_equal OpenSSL::HMAC.hexdigest("sha256", 'abcd', 'ben@intercom.io'), script_tag.intercom_settings[:user_hash]
|
60
60
|
end
|
61
61
|
|
62
62
|
def test_secure_mode_chooses_passed_secret_over_config
|
63
63
|
IntercomRails.config.api_secret = 'abcd'
|
64
64
|
script_tag = ScriptTag.new(:user_details => {:email => 'ben@intercom.io'}, :secret => '1234')
|
65
|
-
assert_equal
|
65
|
+
assert_equal OpenSSL::HMAC.hexdigest("sha256", '1234', 'ben@intercom.io'), script_tag.intercom_settings[:user_hash]
|
66
66
|
end
|
67
67
|
|
68
68
|
def test_inbox_default_style
|