pingpp 2.0.12 → 2.0.13

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 26b7444660ab3e97df833ae4fc0766ed14324d5d
-  data.tar.gz: b3b63f1b2ee7da4fa8b9a7d651f7b7dcfdbd814f
+  metadata.gz: 4901e3a0163e5b216c8cce33945c13402861e950
+  data.tar.gz: fcc83f40b5a5e3339aba2aec78ad293c86a49bc4
 SHA512:
-  metadata.gz: 06a3cd154b77c56de7bdd802458b2de575b3709f73f2d798b61ca6fdc5aaf1498b05ee7dfc13c13ea56b3af4aca460c2663f575c206e3fea86c3fb3da60d583d
-  data.tar.gz: 48e2fab5eddb99e0e29560cd2d664cb3dae836e4b79fa45e6c6fa84eb4edc46110ac4d0ab34317771f4592e2b4173bab334c791991defc40e50a21fc3f47780a
+  metadata.gz: 192646866f5dd099cf788da0a679d6fe1dede640464435b6f28f2da6331525405a61d44eba5166bb233982f4a273dd4cd40a5a05b1617572f7f557efc7c45190
+  data.tar.gz: 19a5b627b6f985528febad6634cb9a7092c3df9ea9ab7ba2096c8db1413bf5844b4e6c5fe35ff91fde55c4f29e52e0e0309f506ed4d33a454f30ff29f249b46c

data/lib/pingpp/util.rb

@@ -19,7 +19,10 @@ module Pingpp
       @object_classes ||= {
         'charge' => Charge,
         'list' => ListObject,
-        'refund' => Refund
+        'refund' => Refund,
+        'red_envelope' => RedEnvelope,
+        'transfer' => Transfer,
+        'event' => Event
       }
     end
 
@@ -96,5 +99,33 @@ module Pingpp
       end
       result
     end
+
+    def self.format_headers(original_headers)
+      new_headers = {}
+      if !original_headers.respond_to?("each")
+        return nil
+      end
+
+      original_headers.each do |k, h|
+        if k.is_a?(Symbol)
+          k = k.to_s
+        end
+        k = k[0, 5] == 'HTTP_' ? k[5..-1] : k
+        new_k = k.gsub(/-/, '_').downcase.to_sym
+
+        header = nil
+        if h.is_a?(Array) && h.length > 0
+          header = h[0]
+        elsif h.is_a?(String)
+          header = h
+        end
+
+        if header
+          new_headers[new_k] = header
+        end
+      end
+
+      return new_headers
+    end
   end
 end

data/lib/pingpp/version.rb

@@ -1,3 +1,3 @@
 module Pingpp
-  VERSION = '2.0.12'
+  VERSION = '2.0.13'
 end

data/lib/pingpp/webhook.rb

@@ -0,0 +1,34 @@
+module Pingpp
+  module Webhook
+    def self.verify?(request)
+      if !Pingpp.pub_key
+        return false
+      end
+
+      raw_data = nil
+      if request.respond_to?('raw_post')
+        raw_data = request.raw_post
+      elsif request.respond_to?('body')
+        raw_data = request.body
+      else
+        return false
+      end
+
+      headers = nil
+      if request.respond_to?('headers')
+        headers = request.headers
+      elsif request.respond_to?('header')
+        headers = request.header
+      else
+        return false
+      end
+
+      formated_headers = Util.format_headers(headers)
+      return false if !formated_headers.has_key?(:x_pingplusplus_signature)
+
+      signature = formated_headers[:x_pingplusplus_signature]
+      rsa_public_key = OpenSSL::PKey.read(Pingpp.pub_key)
+      return rsa_public_key.verify(OpenSSL::Digest::SHA256.new, Base64.decode64(signature), raw_data)
+    end
+  end
+end

data/lib/pingpp.rb

@@ -27,6 +27,7 @@ require 'pingpp/refund'
 require 'pingpp/red_envelope'
 require 'pingpp/event'
 require 'pingpp/transfer'
+require 'pingpp/webhook'
 
 # Errors
 require 'pingpp/errors/pingpp_error'
@@ -51,7 +52,7 @@ module Pingpp
   HEADERS_TO_PARSE = [:pingpp_one_version, :pingpp_sdk_version]
 
   class << self
-    attr_accessor :api_key, :api_base, :verify_ssl_certs, :api_version, :parsed_headers, :private_key
+    attr_accessor :api_key, :api_base, :verify_ssl_certs, :api_version, :parsed_headers, :private_key, :pub_key
   end
 
   def self.api_url(url='')
@@ -218,6 +219,10 @@ module Pingpp
     @private_key = File.read(private_key_path)
   end
 
+  def self.pub_key_path=(pub_key_path)
+    @pub_key = File.read(pub_key_path)
+  end
+
   def self.sign_request(data, pri_key)
     pkey = OpenSSL::PKey.read(pri_key)
     return Base64.strict_encode64(pkey.sign(OpenSSL::Digest::SHA256.new, data))

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pingpp
 version: !ruby/object:Gem::Version
-  version: 2.0.12
+  version: 2.0.13
 platform: ruby
 authors:
 - Xufeng Weng
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-04-24 00:00:00.000000000 Z
+date: 2016-07-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -33,7 +33,7 @@ dependencies:
         version: '1.25'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '4.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -43,7 +43,7 @@ dependencies:
         version: '1.25'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '4.0'
 - !ruby/object:Gem::Dependency
   name: json
   requirement: !ruby/object:Gem::Requirement
@@ -98,34 +98,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 3.4.0
-- !ruby/object:Gem::Dependency
-  name: test-unit
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 description: PingPlusPlus is the easiest way to accept payments online.  See https://pingxx.com
   for details.
 email:
@@ -157,6 +129,7 @@ files:
 - lib/pingpp/transfer.rb
 - lib/pingpp/util.rb
 - lib/pingpp/version.rb
+- lib/pingpp/webhook.rb
 - lib/pingpp/wx_pub_oauth.rb
 homepage: https://pingxx.com/document/api
 licenses: