trello_webhook 0.1.0 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +1 -0
- data/README.md +2 -2
- data/lib/trello_webhook/processor.rb +13 -5
- data/lib/trello_webhook/version.rb +1 -1
- data/spec/trello_webhook/processor_spec.rb +16 -9
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: cf5d4536a072b5daee10b7d6af1afda4b6716deb
|
4
|
+
data.tar.gz: 5a3fdb95d69b3f963ee45c288e29083adbb64008
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9fea62229a954721c3d2bd0714e4899a72904494c4e6e2602af9de4f6233706ee9eae48e832e7d16dd547f8ee267ec098f970741db41391b818c84c7bc699ad0
|
7
|
+
data.tar.gz: fe088550c5ddd8f90a8283f3b14ac729f55dda1e13d397e88360fee68ae3da4e6096a496f3e124e3dc7482d60f9e57d39b35cf907fbd56200c5cb05d828ae47c
|
data/.travis.yml
CHANGED
data/README.md
CHANGED
@@ -18,7 +18,7 @@ gem 'trello_webhook'
|
|
18
18
|
And then execute:
|
19
19
|
|
20
20
|
```bash
|
21
|
-
|
21
|
+
bundle install
|
22
22
|
```
|
23
23
|
|
24
24
|
## Configuration
|
@@ -59,4 +59,4 @@ webhook.description = "The webhook description"
|
|
59
59
|
webhook.id_model = "The board model id" # Run `Trello::Board.all` to find it.
|
60
60
|
webhook.callback_url = "#{ENV['BASE_URL']}/trello_webhooks" # BASE_URL is your website's url. Use ngrok in dev.
|
61
61
|
webhook.save
|
62
|
-
```
|
62
|
+
```
|
@@ -1,8 +1,11 @@
|
|
1
|
+
require 'openssl'
|
2
|
+
require 'base64'
|
3
|
+
|
1
4
|
module TrelloWebhook::Processor
|
2
5
|
extend ActiveSupport::Concern
|
3
6
|
|
4
7
|
included do
|
5
|
-
|
8
|
+
before_action :authenticate_trello_request!, only: :create
|
6
9
|
end
|
7
10
|
|
8
11
|
class SignatureError < StandardError; end
|
@@ -33,14 +36,19 @@ module TrelloWebhook::Processor
|
|
33
36
|
def authenticate_trello_request!
|
34
37
|
raise UnspecifiedWebhookSecretError.new unless respond_to?(:webhook_secret)
|
35
38
|
|
36
|
-
|
37
|
-
|
39
|
+
expected = base64digest(base64digest(request_body + request_url))
|
40
|
+
actual = base64digest(signature_header)
|
38
41
|
|
39
|
-
if
|
40
|
-
raise SignatureError.new "Actual: #{
|
42
|
+
if actual != expected
|
43
|
+
raise SignatureError.new "Actual: #{actual}, Expected: #{expected}"
|
41
44
|
end
|
42
45
|
end
|
43
46
|
|
47
|
+
def base64digest(message)
|
48
|
+
hash = OpenSSL::HMAC.digest('sha1', webhook_secret, message)
|
49
|
+
Base64.strict_encode64(hash)
|
50
|
+
end
|
51
|
+
|
44
52
|
def request_body
|
45
53
|
@request_body ||= (
|
46
54
|
request.body.rewind
|
@@ -16,17 +16,19 @@ module TrelloWebhook
|
|
16
16
|
end
|
17
17
|
end
|
18
18
|
|
19
|
-
class
|
19
|
+
class ControllerWithoutImplementedCallback
|
20
20
|
### Helpers to mock ActionController::Base behavior
|
21
21
|
attr_accessor :request, :updated
|
22
22
|
|
23
|
-
def self.
|
24
|
-
def self.
|
23
|
+
def self.skip_before_action(*args); end
|
24
|
+
def self.before_action(*args); end
|
25
25
|
def head(*args); end
|
26
26
|
###
|
27
27
|
|
28
28
|
include TrelloWebhook::Processor
|
29
|
+
end
|
29
30
|
|
31
|
+
class ControllerWithoutSecret < ControllerWithoutImplementedCallback
|
30
32
|
def update_card(payload)
|
31
33
|
@updated = payload[:foo]
|
32
34
|
end
|
@@ -45,18 +47,20 @@ module TrelloWebhook
|
|
45
47
|
end
|
46
48
|
|
47
49
|
let(:controller_without_secret) do
|
48
|
-
ControllerWithoutSecret.new
|
50
|
+
controller = ControllerWithoutSecret.new
|
51
|
+
controller.request = Request.new
|
52
|
+
controller
|
49
53
|
end
|
50
54
|
|
51
55
|
describe "#create" do
|
52
56
|
it "raises an error when secret is not defined" do
|
53
|
-
expect { controller_without_secret.send :authenticate_trello_request! }.to raise_error
|
57
|
+
expect { controller_without_secret.send :authenticate_trello_request! }.to raise_error(Processor::UnspecifiedWebhookSecretError)
|
54
58
|
end
|
55
59
|
|
56
60
|
it "calls the #update_card method in controller" do
|
57
61
|
controller.request.body = StringIO.new({ :foo => "bar", :action => { type: 'updateCard' } }.to_json.to_s)
|
58
62
|
controller.request.headers['X-Trello-Webhook'] = "3YUv3UBpzV8IbZrOnIpRC+Cf+Nk="
|
59
|
-
controller.send :authenticate_trello_request! # Manually as we don't have the
|
63
|
+
controller.send :authenticate_trello_request! # Manually as we don't have the before_action logic in our Mock object
|
60
64
|
controller.create
|
61
65
|
expect(controller.updated).to eq "bar"
|
62
66
|
end
|
@@ -64,12 +68,15 @@ module TrelloWebhook
|
|
64
68
|
it "raises an error when signature does not match" do
|
65
69
|
controller.request.body = StringIO.new({ :foo => "bar" }.to_json.to_s)
|
66
70
|
controller.request.headers['X-Trello-Webhook'] = "thatsnotrightgeorge"
|
67
|
-
expect { controller_without_secret.send :authenticate_trello_request! }.to raise_error
|
71
|
+
expect { controller_without_secret.send :authenticate_trello_request! }.to raise_error(Processor::UnspecifiedWebhookSecretError)
|
68
72
|
end
|
69
73
|
|
70
74
|
it "raises an error when the trello event method is not implemented" do
|
71
|
-
|
75
|
+
controller = ControllerWithoutImplementedCallback.new
|
76
|
+
controller.request = Request.new
|
77
|
+
controller.request.body = StringIO.new({ :foo => "bar", :action => { type: 'updateCard' } }.to_json.to_s)
|
78
|
+
expect { controller.create }.to raise_error(Processor::CallbackNotImplementedError)
|
72
79
|
end
|
73
80
|
end
|
74
81
|
end
|
75
|
-
end
|
82
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: trello_webhook
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sebastien Saunier
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2016-09-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -106,7 +106,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
106
106
|
version: '0'
|
107
107
|
requirements: []
|
108
108
|
rubyforge_project:
|
109
|
-
rubygems_version: 2.
|
109
|
+
rubygems_version: 2.6.6
|
110
110
|
signing_key:
|
111
111
|
specification_version: 4
|
112
112
|
summary: Process Trello Webhooks in your Rails app (Controller mixin)
|