remit2 0.0.8 → 0.0.9

data/lib/remit2.rb

@@ -46,6 +46,7 @@ require 'remit2/operations/reserve'
 require 'remit2/operations/retry_transaction'
 require 'remit2/operations/settle'
 require 'remit2/operations/settle_debt'
+require 'remit2/operations/verify_signature'
 require 'remit2/operations/write_off_debt'
 
 module Remit
@@ -78,6 +79,7 @@ module Remit
     include RetryTransaction
     include Settle
     include SettleDebt
+    include VerifySignature
     include WriteOffDebt
 
     API_ENDPOINT = 'https://fps.amazonaws.com/'

data/lib/remit2/ipn_request.rb

@@ -3,21 +3,33 @@ module Remit
   #
   # This should probably be updated to support the VerifySignature function now provided.
   class IpnRequest
-    # Signature key name used by AmazonFPS IPNs
-    SIGNATURE_KEY = 'signature'
-
     # +params+ should be your controllers request parameters.
-    def initialize(params, secret_key)
+    # +url_endpoint+ should be the URL where you received the IPN
+    # +remit_api+ should be a Remit::API object, initialized with your credentials
+    def initialize(params, url_endpoint, remit_api)
       raise ArgumentError, "Expected the request params hash, received: #{params.inspect}" unless params.kind_of?(Hash)
       @params             = strip_keys_from(params, 'action', 'controller')
-      @supplied_signature = @params.delete(SIGNATURE_KEY)
-      @secret_key         = secret_key
+      @url_endpoint       = url_endpoint
+      @remit_api          = remit_api
     end
-
+    
     def valid?
-      return false unless @supplied_signature
-      generate_signature_for(@params) == @supplied_signature
+      resp = verify_signature
+      resp.successful? && resp.verification_status == "Success"
+    end
+    
+    def verify_signature
+      req = Remit::VerifySignature::Request.new(
+        :url_end_point => @url_endpoint,
+        :http_parameters => @params.collect {|k,v| "#{k}=#{v}"}.join("&")
+      )
+      
+      puts "=== REQ ==="
+      puts req.inspect
+      
+      @remit_api.verify_signature(req)
     end
+      
 
     def method_missing(method, *args) #:nodoc:
       if @params.has_key?(method.to_s)
@@ -26,20 +38,13 @@ module Remit
         super(method, *args)
       end
     end
-
-    def generate_signature_for(params)
-      query   = params.sort_by { |k,v| k.downcase }
-      digest  = OpenSSL::Digest::Digest.new('sha1')
-      hmac    = OpenSSL::HMAC.digest(digest, @secret_key, query.to_s)
-      encoded = Base64.encode64(hmac).chomp
-    end
-    private :generate_signature_for
-
+    
     def strip_keys_from(params, *ignore_keys)
       parsed = params.dup
       ignore_keys.each { |key| parsed.delete(key) }
       parsed
     end
     private :strip_keys_from
+    
   end
 end

data/lib/remit2/operations/verify_signature.rb

@@ -0,0 +1,23 @@
+# Updated for API Version 2008-09-17
+module Remit
+  module VerifySignature
+    class Request < Remit::Request
+      action :VerifySignature
+      parameter :url_end_point, :required => true
+      parameter :http_parameters, :require => true
+    end
+    
+    class InnerResponse < Remit::BaseResponse
+      parameter :verification_status
+    end
+    
+    class Response < Remit::Response
+      parameter :inner, :element => "VerifySignatureResult", :type => InnerResponse
+      inner_parameters :verification_status
+    end
+
+    def verify_signature(request = Request.new)
+      call(request, Response)
+    end
+  end
+end

metadata

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments: 
   - 0
   - 0
-  - 8
-  version: 0.0.8
+  - 9
+  version: 0.0.9
 platform: ruby
 authors: 
 - Micah Wedemeyer
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-06-06 00:00:00 -04:00
+date: 2011-01-16 00:00:00 -05:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -72,6 +72,7 @@ files:
 - lib/remit2/operations/retry_transaction.rb
 - lib/remit2/operations/settle.rb
 - lib/remit2/operations/settle_debt.rb
+- lib/remit2/operations/verify_signature.rb
 - lib/remit2/operations/write_off_debt.rb
 - lib/remit2/pipeline_response.rb
 - lib/remit2/request.rb