payu_api 0.1.1 → 0.1.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +11 -0
  3. data/lib/payu_api.rb +7 -0
  4. data/lib/payu_api/build_signature.rb +13 -0
  5. data/lib/payu_api/version.rb +1 -1
  6. metadata +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: f03e3bb9b1d9013eabac126fb67bca990a2c81ee
4
- data.tar.gz: 4694854d9e6ca75a321db2d8149803e44f415874
3
+ metadata.gz: 63ece19e8382a4ffc71ae575a9209746b3c70c3b
4
+ data.tar.gz: d2228eeb439fd3981fbd0e28a7c2ccc41799d7fd
5
5
  SHA512:
6
- metadata.gz: f2c394eeb1ab1d44aac453984ffda95e2085a0f9a353d5180db20633fe3b1f6cb880b758384da8aa0532b291db9a16010b9aa01c65233fd5336a094220ba4af7
7
- data.tar.gz: d935e7aa2f10f1406ca61c808b38ea36b257acf2dd20d83375bb82f057abc6a0271abf4c7fdb267e5f81867d80dc492fbb283a8b9e12c3ff86fc914a2bc53c2c
6
+ metadata.gz: ce27bd08cf451a1b88ec0f3fab5ddeba2f9ab6e649dcbb83b8ee47c16f2e3c3eb97aba8183ecb107c23d2526aca84eeb88790c77cb8132b8e3369c9bf67ccb89
7
+ data.tar.gz: cba3a104818e15dce63c1c59d1e3977ce9c168e5ea448fdfa5366633e6ffbd98ba960187468836a472910c538619f4d701a8977024e878eb71aec06b0c294e5c
data/README.md CHANGED
@@ -168,6 +168,17 @@ response.order
168
168
  # }
169
169
  ```
170
170
 
171
+ Verify notification signature:
172
+
173
+ ```ruby
174
+ PayuAPI.signature_valid?(
175
+ body: request.raw_post,
176
+ headers: request.headers,
177
+ second_key: '17d24f...'
178
+ )
179
+ # => true
180
+ ```
181
+
171
182
  ## Contributing
172
183
 
173
184
  Bug reports and pull requests are welcome on GitHub at https://github.com/busfor/payu_api. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
data/lib/payu_api.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  require 'json'
2
+ require 'digest'
2
3
  require 'faraday'
3
4
  require 'dry-initializer'
4
5
 
@@ -12,6 +13,7 @@ require 'payu_api/responses/auth_response'
12
13
  require 'payu_api/responses/get_response'
13
14
  require 'payu_api/responses/create_response'
14
15
  require 'payu_api/responses/refund_response'
16
+ require 'payu_api/build_signature'
15
17
  require 'payu_api/order'
16
18
  require 'payu_api/client'
17
19
 
@@ -20,4 +22,9 @@ module PayuAPI
20
22
  request = AuthRequest.new(pos_id: pos_id, key: key, sandbox: sandbox)
21
23
  AuthResponse.new(http_response: request.call)
22
24
  end
25
+
26
+ def self.signature_valid?(body:, headers:, second_key:)
27
+ signature = BuildSignature(body: body, second_key: second_key).call
28
+ headers['OpenPayU-Signature'] == signature
29
+ end
23
30
  end
data/lib/payu_api/build_signature.rb ADDED
@@ -0,0 +1,13 @@
1
+ module PayuAPI
2
+ class BuildSignature
3
+ extend Dry::Initializer::Mixin
4
+
5
+ option :body
6
+ option :second_key
7
+
8
+ def call
9
+ signature = Digest::MD5.hexdigest("#{body}#{second_key}")
10
+ "sender=checkout;signature=#{signature};algorithm=MD5;content=DOCUMENT"
11
+ end
12
+ end
13
+ end
data/lib/payu_api/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module PayuAPI
2
- VERSION = '0.1.1'.freeze
2
+ VERSION = '0.1.2'.freeze
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: payu_api
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.1.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Roman Khrebtov
@@ -155,6 +155,7 @@ files:
155
155
  - lib/payu_api.rb
156
156
  - lib/payu_api/api_request.rb
157
157
  - lib/payu_api/auth_request.rb
158
+ - lib/payu_api/build_signature.rb
158
159
  - lib/payu_api/client.rb
159
160
  - lib/payu_api/errors.rb
160
161
  - lib/payu_api/order.rb