rack-slack_request_verification 1.0.0.pre → 1.0.0.pre2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/README.md +6 -6
  4. data/lib/rack/slack_request_verification/computed_signature.rb +2 -2
  5. data/lib/rack/slack_request_verification/configuration.rb +7 -7
  6. data/lib/rack/slack_request_verification/version.rb +1 -1
  7. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b6e156fb4a05f816479e935037c56af58d079f706da577c5d7935cc952195784
4
- data.tar.gz: e5f5ccc958eb4458935bfb5ac405381ba7723097aec1206d3287741b4f899f61
3
+ metadata.gz: 611a7a94c26a77aa4271271bc7ec8c2f0687b67ed9a7d2285f3eacae307aec37
4
+ data.tar.gz: 78d01fc1898076ebc9a3884fcc683753c073a89f593c26c3171963c0a821f9e2
5
5
  SHA512:
6
- metadata.gz: 67664cd0e4d1b6a22c316a2c6189d075de516cad1616cae2f46ca4131c9e6965c82a907b61130915a1e244d50a17dbf5be20499df2d9ce211cf5813f4bbe7d6d
7
- data.tar.gz: bfbda6a18fbdd5990e25eb881223b2f45a0538cae8aefe342f1e44290be8b23f515f7138472db16b04789d4a363fb1173e86d67758b1ecbf18b30636a00032de
6
+ metadata.gz: ef98e09441fac16dfd696e220de7b72b3904f8d069c1c683a720f6a76ca95136f9a491ffe92e168158f4ab3f61c559a04d2a98f45be2682611b19bd0b3ae5234
7
+ data.tar.gz: 780f5340ca7a852fd29482a1b8927500feb02b047b9f0bc9a602e3543030cc7b6099bb38e4870b4bb44b7fad88eecb7715d6619ba3bd9892211a26c8f96e7787
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- rack-slack_request_verification (1.0.0.pre)
4
+ rack-slack_request_verification (1.0.0.pre2)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
data/README.md CHANGED
@@ -28,12 +28,12 @@ use Rack::SlackRequestVerification, path_pattern: %{^/slack/}
28
28
  run MyApp
29
29
  ```
30
30
 
31
- Will use a `SLACK_SIGNING_KEY` environment variable by default.
31
+ Will use a `SLACK_SIGNING_SECRET` environment variable by default.
32
32
 
33
33
  You can override this with:
34
34
 
35
35
  ```ruby
36
- use Rack::SlackRequestVerification, path_pattern: %{^/slack/}, signing_key: '...'
36
+ use Rack::SlackRequestVerification, path_pattern: %{^/slack/}, signing_secret: '...'
37
37
  ```
38
38
 
39
39
  A **401 Not Authorized** is returned in the following circumstances:
@@ -51,10 +51,10 @@ use Rack::SlackRequestVerification, {
51
51
  # A regular expression used to determine which requests to verify
52
52
  path_pattern: %r{^/slack/},
53
53
 
54
- # You can provide a signing key directly, set a SLACK_SIGNING_KEY env var
55
- # or customise the env var to something else
56
- signing_key: nil,
57
- signing_key_env_var: 'SLACK_SIGNING_KEY',
54
+ # You can provide a signing secret directly, set a SLACK_SIGNING_SECRET
55
+ # env var or customise the env var to something else
56
+ signing_secret: nil,
57
+ signing_secret_env_var: 'SLACK_SIGNING_SECRET',
58
58
 
59
59
  # Mitigates replay attacks by verifying the request was sent recently –
60
60
  # a better strategy is to record the signature header to ensure you only
data/lib/rack/slack_request_verification/computed_signature.rb CHANGED
@@ -4,7 +4,7 @@ require 'forwardable'
4
4
  module Rack::SlackRequestVerification
5
5
  class ComputedSignature
6
6
  extend Forwardable
7
- def_delegators :@config, :signing_key, :signing_version
7
+ def_delegators :@config, :signing_secret, :signing_version
8
8
  def_delegators :@request, :body, :timestamp
9
9
 
10
10
  def initialize(request)
@@ -27,7 +27,7 @@ module Rack::SlackRequestVerification
27
27
  end
28
28
 
29
29
  def digest
30
- OpenSSL::HMAC.hexdigest("SHA256", signing_key, signature_base_string)
30
+ OpenSSL::HMAC.hexdigest("SHA256", signing_secret, signature_base_string)
31
31
  end
32
32
  end
33
33
  end
data/lib/rack/slack_request_verification/configuration.rb CHANGED
@@ -3,7 +3,7 @@ require 'logger'
3
3
  module Rack::SlackRequestVerification
4
4
  class Configuration
5
5
  attr_reader *%i(
6
- signing_key
6
+ signing_secret
7
7
  path_pattern
8
8
  signing_version
9
9
  timestamp_header
@@ -17,10 +17,10 @@ module Rack::SlackRequestVerification
17
17
  # A regular expression used to determine which requests to verify
18
18
  path_pattern:,
19
19
 
20
- # You can provide a signing key directly, set a SLACK_SIGNING_KEY env var
21
- # or customise the env var to something else
22
- signing_key: nil,
23
- signing_key_env_var: 'SLACK_SIGNING_KEY',
20
+ # You can provide a signing secret directly, set a SLACK_SIGNING_SECRET
21
+ # env var or customise the env var to something else
22
+ signing_secret: nil,
23
+ signing_secret_env_var: 'SLACK_SIGNING_SECRET',
24
24
 
25
25
  # Mitigates replay attacks by verifying the request was sent recently –
26
26
  # a better strategy is to record the signature header to ensure you only
@@ -46,8 +46,8 @@ module Rack::SlackRequestVerification
46
46
  @max_staleness_in_secs = max_staleness_in_secs
47
47
  @request_body_limit_in_bytes = request_body_limit_in_bytes
48
48
 
49
- @signing_key = signing_key || ENV.fetch(signing_key_env_var) do
50
- fail Error, "#{signing_key_env_var} env var not set, please configure a signing key"
49
+ @signing_secret = signing_secret || ENV.fetch(signing_secret_env_var) do
50
+ fail Error, "#{signing_secret_env_var} env var not set, please configure a signing secret"
51
51
  end
52
52
  end
53
53
 
data/lib/rack/slack_request_verification/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Rack
2
2
  module SlackRequestVerification
3
- VERSION = "1.0.0.pre"
3
+ VERSION = "1.0.0.pre2"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-slack_request_verification
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0.pre
4
+ version: 1.0.0.pre2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Pete Nicholls