RubyGems - sinatra-github_webhooks - Versions diffs - 0.1.0 → 0.2.0 - Mend

sinatra-github_webhooks 0.1.0 → 0.2.0

Files changed (6) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 56010d2a9cbff41596e593d634adbed94fe02088
-  data.tar.gz: f5da5c357924b92044f9d84f88f3d337f7c18483
+  metadata.gz: 95672e1171e1f3205042fca7f7ff8a6de76a71b1
+  data.tar.gz: f0a285d54e3a6d5e496f21e0c29809c1915b3f7b
 SHA512:
-  metadata.gz: 6e079d957e8078f40c0e75dcb47f2fff990147f28eb13abaaef21eed4dcf7d7e8a71edbde7515ea4c1ac58ac62971111eb0da430701a7df17715b5f8f4a83170
-  data.tar.gz: c2c3fcd954ddfe92756678d8a9ca86eca37443b7acb1f019af2e2fd45af5e22ade24ed9bf30ed7e85bdd8899393c7489ab2d92da4e40c9546078ba319ce67930
+  metadata.gz: a7a62b8579cccb4add386d7bfa847fdf033aefe9ba478d0d56e35dbac8da517433b4eea7614d76e5f2feccda49e4baa9fcba12d81d88f23977cc5e38961238dd
+  data.tar.gz: 0001659f2e011ca76535efdd8472e2459ee43443935809d38acf32580face50a57db41a8f97ce4bff167bb7ea452c6453901f12680186e2e3a7edf5fb5fb7156

data/CHANGELOG.md CHANGED Viewed

@@ -3,9 +3,17 @@
 All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
-## 0.0.1 - 2015-11-29
+## [0.2.0] - 2015-11-29
+### Changed
+- Internal refactor to use signature verification logic from `rack-github_webhooks`
+## 0.1.0 - 2015-11-29
 ### Added
 - `github_event` method for getting the value of the `X-Github-Event`
 - `payload` method which returns a Hash of the request body after verifying the request signature.
+[0.2.0]: https://github.com/chrismytton/rack-github_webhooks/compare/v0.1.0...v0.2.0

data/lib/sinatra/github_webhooks.rb CHANGED Viewed

@@ -1,13 +1,11 @@
 require 'sinatra/github_webhooks/version'
 require 'sinatra/base'
-require 'openssl'
+require 'rack/github_webhooks'
 require 'json'
 module Sinatra
   module GithubWebhooks
-    HMAC_DIGEST = OpenSSL::Digest.new('sha1')
     def github_event
       request.env['HTTP_X_GITHUB_EVENT']
     end
@@ -31,16 +29,12 @@ module Sinatra
         logger.warn "No :github_webhook_secret setting found, skipping signature verification"
         return
       end
-      signature = 'sha1=' + OpenSSL::HMAC.hexdigest(
-        HMAC_DIGEST,
+      signature = Rack::GithubWebhooks::Signature.new(
         settings.github_webhook_secret,
+        request.env['HTTP_X_HUB_SIGNATURE'],
         payload_body
       )
-      signatures_match = Rack::Utils.secure_compare(
-        signature,
-        request.env['HTTP_X_HUB_SIGNATURE']
-      )
-      return halt 500, "Signatures didn't match!" unless signatures_match
+      return halt 500, "Signatures didn't match!" unless signature.valid?
     end
   end

data/lib/sinatra/github_webhooks/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Sinatra
   module GithubWebhooks
-    VERSION = '0.1.0'
+    VERSION = '0.2.0'
   end
 end

data/sinatra-github_webhooks.gemspec CHANGED Viewed

@@ -19,6 +19,7 @@ Gem::Specification.new do |spec|
   spec.require_paths = ['lib']
   spec.add_dependency 'sinatra'
+  spec.add_dependency 'rack-github_webhooks', '>= 0.3.0'
   spec.add_development_dependency 'bundler', '~> 1.10'
   spec.add_development_dependency 'rake', '~> 10.0'

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sinatra-github_webhooks
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Chris Mytton
@@ -24,6 +24,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: rack-github_webhooks
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.3.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.3.0
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement