rack-slack_request_verification 1.0.0.pre → 1.0.0.pre2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/README.md +6 -6
  4. data/lib/rack/slack_request_verification/computed_signature.rb +2 -2
  5. data/lib/rack/slack_request_verification/configuration.rb +7 -7
  6. data/lib/rack/slack_request_verification/version.rb +1 -1
  7. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b6e156fb4a05f816479e935037c56af58d079f706da577c5d7935cc952195784
4
- data.tar.gz: e5f5ccc958eb4458935bfb5ac405381ba7723097aec1206d3287741b4f899f61
3
+ metadata.gz: 611a7a94c26a77aa4271271bc7ec8c2f0687b67ed9a7d2285f3eacae307aec37
4
+ data.tar.gz: 78d01fc1898076ebc9a3884fcc683753c073a89f593c26c3171963c0a821f9e2
5
5
  SHA512:
6
- metadata.gz: 67664cd0e4d1b6a22c316a2c6189d075de516cad1616cae2f46ca4131c9e6965c82a907b61130915a1e244d50a17dbf5be20499df2d9ce211cf5813f4bbe7d6d
7
- data.tar.gz: bfbda6a18fbdd5990e25eb881223b2f45a0538cae8aefe342f1e44290be8b23f515f7138472db16b04789d4a363fb1173e86d67758b1ecbf18b30636a00032de
6
+ metadata.gz: ef98e09441fac16dfd696e220de7b72b3904f8d069c1c683a720f6a76ca95136f9a491ffe92e168158f4ab3f61c559a04d2a98f45be2682611b19bd0b3ae5234
7
+ data.tar.gz: 780f5340ca7a852fd29482a1b8927500feb02b047b9f0bc9a602e3543030cc7b6099bb38e4870b4bb44b7fad88eecb7715d6619ba3bd9892211a26c8f96e7787
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- rack-slack_request_verification (1.0.0.pre)
4
+ rack-slack_request_verification (1.0.0.pre2)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
data/README.md CHANGED
@@ -28,12 +28,12 @@ use Rack::SlackRequestVerification, path_pattern: %{^/slack/}
28
28
  run MyApp
29
29
  ```
30
30
 
31
- Will use a `SLACK_SIGNING_KEY` environment variable by default.
31
+ Will use a `SLACK_SIGNING_SECRET` environment variable by default.
32
32
 
33
33
  You can override this with:
34
34
 
35
35
  ```ruby
36
- use Rack::SlackRequestVerification, path_pattern: %{^/slack/}, signing_key: '...'
36
+ use Rack::SlackRequestVerification, path_pattern: %{^/slack/}, signing_secret: '...'
37
37
  ```
38
38
 
39
39
  A **401 Not Authorized** is returned in the following circumstances:
@@ -51,10 +51,10 @@ use Rack::SlackRequestVerification, {
51
51
  # A regular expression used to determine which requests to verify
52
52
  path_pattern: %r{^/slack/},
53
53
 
54
- # You can provide a signing key directly, set a SLACK_SIGNING_KEY env var
55
- # or customise the env var to something else
56
- signing_key: nil,
57
- signing_key_env_var: 'SLACK_SIGNING_KEY',
54
+ # You can provide a signing secret directly, set a SLACK_SIGNING_SECRET
55
+ # env var or customise the env var to something else
56
+ signing_secret: nil,
57
+ signing_secret_env_var: 'SLACK_SIGNING_SECRET',
58
58
 
59
59
  # Mitigates replay attacks by verifying the request was sent recently –
60
60
  # a better strategy is to record the signature header to ensure you only
data/lib/rack/slack_request_verification/computed_signature.rb CHANGED
@@ -4,7 +4,7 @@ require 'forwardable'
4
4
  module Rack::SlackRequestVerification
5
5
  class ComputedSignature
6
6
  extend Forwardable
7
- def_delegators :@config, :signing_key, :signing_version
7
+ def_delegators :@config, :signing_secret, :signing_version
8
8
  def_delegators :@request, :body, :timestamp
9
9
 
10
10
  def initialize(request)
@@ -27,7 +27,7 @@ module Rack::SlackRequestVerification
27
27
  end
28
28
 
29
29
  def digest
30
- OpenSSL::HMAC.hexdigest("SHA256", signing_key, signature_base_string)
30
+ OpenSSL::HMAC.hexdigest("SHA256", signing_secret, signature_base_string)
31
31
  end
32
32
  end
33
33
  end
data/lib/rack/slack_request_verification/configuration.rb CHANGED
@@ -3,7 +3,7 @@ require 'logger'
3
3
  module Rack::SlackRequestVerification
4
4
  class Configuration
5
5
  attr_reader *%i(
6
- signing_key
6
+ signing_secret
7
7
  path_pattern
8
8
  signing_version
9
9
  timestamp_header
@@ -17,10 +17,10 @@ module Rack::SlackRequestVerification
17
17
  # A regular expression used to determine which requests to verify
18
18
  path_pattern:,
19
19
 
20
- # You can provide a signing key directly, set a SLACK_SIGNING_KEY env var
21
- # or customise the env var to something else
22
- signing_key: nil,
23
- signing_key_env_var: 'SLACK_SIGNING_KEY',
20
+ # You can provide a signing secret directly, set a SLACK_SIGNING_SECRET
21
+ # env var or customise the env var to something else
22
+ signing_secret: nil,
23
+ signing_secret_env_var: 'SLACK_SIGNING_SECRET',
24
24
 
25
25
  # Mitigates replay attacks by verifying the request was sent recently –
26
26
  # a better strategy is to record the signature header to ensure you only
@@ -46,8 +46,8 @@ module Rack::SlackRequestVerification
46
46
  @max_staleness_in_secs = max_staleness_in_secs
47
47
  @request_body_limit_in_bytes = request_body_limit_in_bytes
48
48
 
49
- @signing_key = signing_key || ENV.fetch(signing_key_env_var) do
50
- fail Error, "#{signing_key_env_var} env var not set, please configure a signing key"
49
+ @signing_secret = signing_secret || ENV.fetch(signing_secret_env_var) do
50
+ fail Error, "#{signing_secret_env_var} env var not set, please configure a signing secret"
51
51
  end
52
52
  end
53
53
 
data/lib/rack/slack_request_verification/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Rack
2
2
  module SlackRequestVerification
3
- VERSION = "1.0.0.pre"
3
+ VERSION = "1.0.0.pre2"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-slack_request_verification
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0.pre
4
+ version: 1.0.0.pre2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Pete Nicholls