sendgrid-ruby 6.2.1 → 6.3.5

data/examples/trackingsettings/trackingsettings.rb

@@ -1,9 +1,7 @@
 require 'sendgrid-ruby'
 
-
 sg = SendGrid::API.new(api_key: ENV['SENDGRID_API_KEY'])
 
-
 ##################################################
 # Retrieve Tracking Settings #
 # GET /tracking_settings #
@@ -30,7 +28,7 @@ puts response.headers
 # Retrieve Click Track Settings #
 # GET /tracking_settings/click #
 
-response = sg.client.tracking_settings.click.get()
+response = sg.client.tracking_settings.click.get
 puts response.status_code
 puts response.body
 puts response.headers
@@ -40,11 +38,11 @@ puts response.headers
 # PATCH /tracking_settings/google_analytics #
 
 data = JSON.parse('{
-  "enabled": true, 
-  "utm_campaign": "website", 
-  "utm_content": "", 
-  "utm_medium": "email", 
-  "utm_source": "sendgrid.com", 
+  "enabled": true,
+  "utm_campaign": "website",
+  "utm_content": "",
+  "utm_medium": "email",
+  "utm_source": "sendgrid.com",
   "utm_term": ""
 }')
 response = sg.client.tracking_settings.google_analytics.patch(request_body: data)
@@ -56,7 +54,7 @@ puts response.headers
 # Retrieve Google Analytics Settings #
 # GET /tracking_settings/google_analytics #
 
-response = sg.client.tracking_settings.google_analytics.get()
+response = sg.client.tracking_settings.google_analytics.get
 puts response.status_code
 puts response.body
 puts response.headers
@@ -77,7 +75,7 @@ puts response.headers
 # Get Open Tracking Settings #
 # GET /tracking_settings/open #
 
-response = sg.client.tracking_settings.open.get()
+response = sg.client.tracking_settings.open.get
 puts response.status_code
 puts response.body
 puts response.headers
@@ -87,11 +85,11 @@ puts response.headers
 # PATCH /tracking_settings/subscription #
 
 data = JSON.parse('{
-  "enabled": true, 
-  "html_content": "html content", 
-  "landing": "landing page html", 
-  "plain_content": "text content", 
-  "replace": "replacement tag", 
+  "enabled": true,
+  "html_content": "html content",
+  "landing": "landing page html",
+  "plain_content": "text content",
+  "replace": "replacement tag",
   "url": "url"
 }')
 response = sg.client.tracking_settings.subscription.patch(request_body: data)
@@ -103,8 +101,7 @@ puts response.headers
 # Retrieve Subscription Tracking Settings #
 # GET /tracking_settings/subscription #
 
-response = sg.client.tracking_settings.subscription.get()
+response = sg.client.tracking_settings.subscription.get
 puts response.status_code
 puts response.body
 puts response.headers
-

data/examples/user/user.rb

@@ -1,14 +1,12 @@
 require 'sendgrid-ruby'
 
-
 sg = SendGrid::API.new(api_key: ENV['SENDGRID_API_KEY'])
 
-
 ##################################################
 # Get a user's account information. #
 # GET /user/account #
 
-response = sg.client.user.account.get()
+response = sg.client.user.account.get
 puts response.status_code
 puts response.body
 puts response.headers
@@ -17,7 +15,7 @@ puts response.headers
 # Retrieve your credit balance #
 # GET /user/credits #
 
-response = sg.client.user.credits.get()
+response = sg.client.user.credits.get
 puts response.status_code
 puts response.body
 puts response.headers
@@ -38,7 +36,7 @@ puts response.headers
 # Retrieve your account email address #
 # GET /user/email #
 
-response = sg.client.user.email.get()
+response = sg.client.user.email.get
 puts response.status_code
 puts response.body
 puts response.headers
@@ -48,7 +46,7 @@ puts response.headers
 # PUT /user/password #
 
 data = JSON.parse('{
-  "new_password": "new_password", 
+  "new_password": "new_password",
   "old_password": "old_password"
 }')
 response = sg.client.user.password.put(request_body: data)
@@ -61,8 +59,8 @@ puts response.headers
 # PATCH /user/profile #
 
 data = JSON.parse('{
-  "city": "Orange", 
-  "first_name": "Example", 
+  "city": "Orange",
+  "first_name": "Example",
   "last_name": "User"
 }')
 response = sg.client.user.profile.patch(request_body: data)
@@ -74,7 +72,7 @@ puts response.headers
 # Get a user's profile #
 # GET /user/profile #
 
-response = sg.client.user.profile.get()
+response = sg.client.user.profile.get
 puts response.status_code
 puts response.body
 puts response.headers
@@ -84,7 +82,7 @@ puts response.headers
 # POST /user/scheduled_sends #
 
 data = JSON.parse('{
-  "batch_id": "YOUR_BATCH_ID", 
+  "batch_id": "YOUR_BATCH_ID",
   "status": "pause"
 }')
 response = sg.client.user.scheduled_sends.post(request_body: data)
@@ -96,7 +94,7 @@ puts response.headers
 # Retrieve all scheduled sends #
 # GET /user/scheduled_sends #
 
-response = sg.client.user.scheduled_sends.get()
+response = sg.client.user.scheduled_sends.get
 puts response.status_code
 puts response.body
 puts response.headers
@@ -108,7 +106,7 @@ puts response.headers
 data = JSON.parse('{
   "status": "pause"
 }')
-batch_id = "test_url_param"
+batch_id = 'test_url_param'
 response = sg.client.user.scheduled_sends._(batch_id).patch(request_body: data)
 puts response.status_code
 puts response.body
@@ -118,8 +116,8 @@ puts response.headers
 # Retrieve scheduled send #
 # GET /user/scheduled_sends/{batch_id} #
 
-batch_id = "test_url_param"
-response = sg.client.user.scheduled_sends._(batch_id).get()
+batch_id = 'test_url_param'
+response = sg.client.user.scheduled_sends._(batch_id).get
 puts response.status_code
 puts response.body
 puts response.headers
@@ -128,8 +126,8 @@ puts response.headers
 # Delete a cancellation or pause of a scheduled send #
 # DELETE /user/scheduled_sends/{batch_id} #
 
-batch_id = "test_url_param"
-response = sg.client.user.scheduled_sends._(batch_id).delete()
+batch_id = 'test_url_param'
+response = sg.client.user.scheduled_sends._(batch_id).delete
 puts response.status_code
 puts response.body
 puts response.headers
@@ -139,7 +137,7 @@ puts response.headers
 # PATCH /user/settings/enforced_tls #
 
 data = JSON.parse('{
-  "require_tls": true, 
+  "require_tls": true,
   "require_valid_cert": false
 }')
 response = sg.client.user.settings.enforced_tls.patch(request_body: data)
@@ -151,7 +149,7 @@ puts response.headers
 # Retrieve current Enforced TLS settings. #
 # GET /user/settings/enforced_tls #
 
-response = sg.client.user.settings.enforced_tls.get()
+response = sg.client.user.settings.enforced_tls.get
 puts response.status_code
 puts response.body
 puts response.headers
@@ -172,7 +170,7 @@ puts response.headers
 # Retrieve your username #
 # GET /user/username #
 
-response = sg.client.user.username.get()
+response = sg.client.user.username.get
 puts response.status_code
 puts response.body
 puts response.headers
@@ -182,18 +180,18 @@ puts response.headers
 # PATCH /user/webhooks/event/settings #
 
 data = JSON.parse('{
-  "bounce": true, 
-  "click": true, 
-  "deferred": true, 
-  "delivered": true, 
-  "dropped": true, 
-  "enabled": true, 
-  "group_resubscribe": true, 
-  "group_unsubscribe": true, 
-  "open": true, 
-  "processed": true, 
-  "spam_report": true, 
-  "unsubscribe": true, 
+  "bounce": true,
+  "click": true,
+  "deferred": true,
+  "delivered": true,
+  "dropped": true,
+  "enabled": true,
+  "group_resubscribe": true,
+  "group_unsubscribe": true,
+  "open": true,
+  "processed": true,
+  "spam_report": true,
+  "unsubscribe": true,
   "url": "url"
 }')
 response = sg.client.user.webhooks.event.settings.patch(request_body: data)
@@ -205,7 +203,7 @@ puts response.headers
 # Retrieve Event Webhook settings #
 # GET /user/webhooks/event/settings #
 
-response = sg.client.user.webhooks.event.settings.get()
+response = sg.client.user.webhooks.event.settings.get
 puts response.status_code
 puts response.body
 puts response.headers
@@ -227,9 +225,9 @@ puts response.headers
 # POST /user/webhooks/parse/settings #
 
 data = JSON.parse('{
-  "hostname": "myhostname.com", 
-  "send_raw": false, 
-  "spam_check": true, 
+  "hostname": "myhostname.com",
+  "send_raw": false,
+  "spam_check": true,
   "url": "http://email.myhosthame.com"
 }')
 response = sg.client.user.webhooks.parse.settings.post(request_body: data)
@@ -241,7 +239,7 @@ puts response.headers
 # Retrieve all parse settings #
 # GET /user/webhooks/parse/settings #
 
-response = sg.client.user.webhooks.parse.settings.get()
+response = sg.client.user.webhooks.parse.settings.get
 puts response.status_code
 puts response.body
 puts response.headers
@@ -251,11 +249,11 @@ puts response.headers
 # PATCH /user/webhooks/parse/settings/{hostname} #
 
 data = JSON.parse('{
-  "send_raw": true, 
-  "spam_check": false, 
+  "send_raw": true,
+  "spam_check": false,
   "url": "http://newdomain.com/parse"
 }')
-hostname = "test_url_param"
+hostname = 'test_url_param'
 response = sg.client.user.webhooks.parse.settings._(hostname).patch(request_body: data)
 puts response.status_code
 puts response.body
@@ -265,8 +263,8 @@ puts response.headers
 # Retrieve a specific parse setting #
 # GET /user/webhooks/parse/settings/{hostname} #
 
-hostname = "test_url_param"
-response = sg.client.user.webhooks.parse.settings._(hostname).get()
+hostname = 'test_url_param'
+response = sg.client.user.webhooks.parse.settings._(hostname).get
 puts response.status_code
 puts response.body
 puts response.headers
@@ -275,8 +273,8 @@ puts response.headers
 # Delete a parse setting #
 # DELETE /user/webhooks/parse/settings/{hostname} #
 
-hostname = "test_url_param"
-response = sg.client.user.webhooks.parse.settings._(hostname).delete()
+hostname = 'test_url_param'
+response = sg.client.user.webhooks.parse.settings._(hostname).delete
 puts response.status_code
 puts response.body
 puts response.headers
@@ -290,4 +288,3 @@ response = sg.client.user.webhooks.parse.stats.get(query_params: params)
 puts response.status_code
 puts response.body
 puts response.headers
-

data/lib/rack/sendgrid_webhook_verification.rb

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+
+module Rack
+  # Middleware that verifies webhooks from SendGrid using the EventWebhook
+  # verifier.
+  #
+  # The middleware takes a public key with which to set up the request
+  # validator and any number of paths. When a path matches the incoming request
+  # path, the request will be verified using the signature and timestamp of the
+  # request.
+  #
+  # Example:
+  #
+  # require 'rack'
+  # use Rack::SendGridWebhookVerification, ENV['PUBLIC_KEY'], /\/emails/
+  #
+  # The above appends this middleware to the stack, using a public key saved in
+  # the ENV and only against paths that match /\/emails/. If the request
+  # validates then it gets passed on to the action as normal. If the request
+  # doesn't validate then the middleware responds immediately with a 403 status.
+  class SendGridWebhookVerification
+    def initialize(app, public_key, *paths)
+      @app = app
+      @public_key = public_key
+      @path_regex = Regexp.union(paths)
+    end
+
+    def call(env)
+      return @app.call(env) unless env['PATH_INFO'].match(@path_regex)
+
+      request = Rack::Request.new(env)
+
+      event_webhook = SendGrid::EventWebhook.new
+      ec_public_key = event_webhook.convert_public_key_to_ecdsa(@public_key)
+      verified = event_webhook.verify_signature(
+        ec_public_key,
+        request.body.read,
+        request.env[SendGrid::EventWebhookHeader::SIGNATURE],
+        request.env[SendGrid::EventWebhookHeader::TIMESTAMP]
+      )
+
+      if verified
+        @app.call(env)
+      else
+        [
+          403,
+          { 'Content-Type' => 'text/plain' },
+          ['SendGrid Request Verification Failed.']
+        ]
+      end
+    end
+  end
+end

data/lib/sendgrid-ruby.rb

@@ -2,6 +2,7 @@ require_relative 'sendgrid/base_interface'
 require_relative 'sendgrid/sendgrid'
 require_relative 'sendgrid/twilio_email'
 require_relative 'sendgrid/version'
+require_relative 'sendgrid/helpers/eventwebhook/eventwebhook'
 require_relative 'sendgrid/helpers/ip_management/ip_management'
 require_relative 'sendgrid/helpers/mail/asm'
 require_relative 'sendgrid/helpers/mail/attachment'
@@ -29,3 +30,4 @@ require_relative 'sendgrid/helpers/stats/email_stats'
 require_relative 'sendgrid/helpers/stats/stats_response'
 require_relative 'sendgrid/helpers/stats/metrics'
 require_relative 'sendgrid/helpers/permissions/scope'
+require_relative 'rack/sendgrid_webhook_verification'

data/lib/sendgrid/base_interface.rb

@@ -17,7 +17,7 @@ class BaseInterface
   def initialize(auth:, host:, request_headers: nil, version: nil, impersonate_subuser: nil)
     @auth = auth
     @host = host
-    @version = version ? version : 'v3'
+    @version = version || 'v3'
     @impersonate_subuser = impersonate_subuser
     @user_agent = "sendgrid/#{SendGrid::VERSION};ruby"
     @request_headers = JSON.parse('

data/lib/sendgrid/helpers/eventwebhook/eventwebhook.rb

@@ -0,0 +1,50 @@
+require 'base64'
+require 'digest'
+require 'openssl'
+
+module SendGrid
+  # This class allows you to use the Event Webhook feature. Read the docs for
+  # more details: https://sendgrid.com/docs/for-developers/tracking-events/event
+  class EventWebhook
+    # * *Args* :
+    #   - +public_key+ -> verification key under Mail Settings
+    #
+    def convert_public_key_to_ecdsa(public_key)
+      verify_engine
+      OpenSSL::PKey::EC.new(Base64.decode64(public_key))
+    end
+
+    # * *Args* :
+    #   - +public_key+ -> elliptic curve public key
+    #   - +payload+ -> event payload in the request body
+    #   - +signature+ -> signature value obtained from the 'X-Twilio-Email-Event-Webhook-Signature' header
+    #   - +timestamp+ -> timestamp value obtained from the 'X-Twilio-Email-Event-Webhook-Timestamp' header
+    def verify_signature(public_key, payload, signature, timestamp)
+      verify_engine
+      timestamped_playload = "#{timestamp}#{payload}"
+      payload_digest = Digest::SHA256.digest(timestamped_playload)
+      decoded_signature = Base64.decode64(signature)
+      public_key.dsa_verify_asn1(payload_digest, decoded_signature)
+    rescue StandardError
+      false
+    end
+
+    def verify_engine
+      # JRuby does not fully support ECDSA: https://github.com/jruby/jruby-openssl/issues/193
+      raise NotSupportedError, "Event Webhook verification is not supported by JRuby" if RUBY_PLATFORM == "java"
+    end
+
+    class Error < ::RuntimeError
+    end
+
+    class NotSupportedError < Error
+    end
+  end
+
+  # This class lists headers that get posted to the webhook. Read the docs for
+  # more details: https://sendgrid.com/docs/for-developers/tracking-events/event
+  class EventWebhookHeader
+    SIGNATURE = "HTTP_X_TWILIO_EMAIL_EVENT_WEBHOOK_SIGNATURE".freeze
+    TIMESTAMP = "HTTP_X_TWILIO_EMAIL_EVENT_WEBHOOK_TIMESTAMP".freeze
+  end
+end

data/lib/sendgrid/helpers/inbound/README.md

@@ -17,7 +17,7 @@
 # Installation
 
 In addition to the installation instructions in
-[the main readme](https://github.com/sendgrid/sendgrid-ruby/tree/master/#installation),
+[the main readme](../../../../README.md#installation),
 you must also add sinatra to your Gemfile:
 
 ```
@@ -47,7 +47,7 @@ bundle install
 ruby ./lib/sendgrid/helpers/inbound/send.rb ./lib/sendgrid/helpers/inbound/sample_data/default_data.txt
 ```
 
-More sample data can be found [here](https://github.com/sendgrid/sendgrid-ruby/tree/master/lib/sendgrid/helpers/inbound/sample_data).
+More sample data can be found [here](sample_data).
 
 View the results in the first terminal.
 
@@ -82,11 +82,11 @@ Next, send an email to [anything]@inbound.yourdomain.com, then look at the termi
 
 ## app.rb
 
-This module runs a [Sinatra](http://www.sinatrarb.com/) server, that by default (you can change those settings [here](https://github.com/sendgrid/sendgrid-ruby/blob/master/sendgrid/helpers/inbound/config.yml)), listens for POSTs on http://localhost:9292. When the server receives the POST, it parses and prints the key/value data.
+This module runs a [Sinatra](http://www.sinatrarb.com/) server, that by default (you can change those settings [here](config.yml)), listens for POSTs on http://localhost:9292. When the server receives the POST, it parses and prints the key/value data.
 
 ## config.yml
 
-This module loads application environment variables (located in [config.yml](https://github.com/sendgrid/sendgrid-ruby/blob/master/sendgrid/helpers/inbound/config.yml)).
+This module loads application environment variables (located in [config.yml](config.yml)).
 
 ## send.rb & /sample_data
 
@@ -95,4 +95,4 @@ This module is used to send sample test data. It is useful for testing and devel
 <a name="contributing"></a>
 # Contributing
 
-If you would like to contribute to this project, please see our [contributing guide](https://github.com/sendgrid/sendgrid-ruby/blob/master/CONTRIBUTING.md). Thanks!
+If you would like to contribute to this project, please see our [contributing guide](../../../../CONTRIBUTING.md). Thanks!