trello_webhook 0.1.0 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +1 -0
  3. data/README.md +2 -2
  4. data/lib/trello_webhook/processor.rb +13 -5
  5. data/lib/trello_webhook/version.rb +1 -1
  6. data/spec/trello_webhook/processor_spec.rb +16 -9
  7. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 4b516b3bbf281076131e7425b83785c805ee142c
4
- data.tar.gz: ffd3fe3ca304c6bb3838c953e8f54a7648e3d939
3
+ metadata.gz: cf5d4536a072b5daee10b7d6af1afda4b6716deb
4
+ data.tar.gz: 5a3fdb95d69b3f963ee45c288e29083adbb64008
5
5
  SHA512:
6
- metadata.gz: b67b80ba9683a4112430f15214baa95c0e803126e713add3d1c2f65110d103b9fcc676610ad42c06e358e33c642a059053b07be8a754e6bef4a2e66ffa86f19f
7
- data.tar.gz: 4391bf738eefe3787fa7bfd7c2dd4f737b865c3b6b8f84893db1a41fffc866df1af0797395c81ff8e4ae540a3a7af9f3e59d811c30e047ae5fc9a3f33212bf0c
6
+ metadata.gz: 9fea62229a954721c3d2bd0714e4899a72904494c4e6e2602af9de4f6233706ee9eae48e832e7d16dd547f8ee267ec098f970741db41391b818c84c7bc699ad0
7
+ data.tar.gz: fe088550c5ddd8f90a8283f3b14ac729f55dda1e13d397e88360fee68ae3da4e6096a496f3e124e3dc7482d60f9e57d39b35cf907fbd56200c5cb05d828ae47c
data/.travis.yml CHANGED
@@ -3,3 +3,4 @@ rvm:
3
3
  - 2.2.0
4
4
  - 2.1.0
5
5
  - 2.0.0
6
+ - 1.9.3
data/README.md CHANGED
@@ -18,7 +18,7 @@ gem 'trello_webhook'
18
18
  And then execute:
19
19
 
20
20
  ```bash
21
- $ bundle install
21
+ bundle install
22
22
  ```
23
23
 
24
24
  ## Configuration
@@ -59,4 +59,4 @@ webhook.description = "The webhook description"
59
59
  webhook.id_model = "The board model id" # Run `Trello::Board.all` to find it.
60
60
  webhook.callback_url = "#{ENV['BASE_URL']}/trello_webhooks" # BASE_URL is your website's url. Use ngrok in dev.
61
61
  webhook.save
62
- ```
62
+ ```
data/lib/trello_webhook/processor.rb CHANGED
@@ -1,8 +1,11 @@
1
+ require 'openssl'
2
+ require 'base64'
3
+
1
4
  module TrelloWebhook::Processor
2
5
  extend ActiveSupport::Concern
3
6
 
4
7
  included do
5
- before_filter :authenticate_trello_request!, :only => :create
8
+ before_action :authenticate_trello_request!, only: :create
6
9
  end
7
10
 
8
11
  class SignatureError < StandardError; end
@@ -33,14 +36,19 @@ module TrelloWebhook::Processor
33
36
  def authenticate_trello_request!
34
37
  raise UnspecifiedWebhookSecretError.new unless respond_to?(:webhook_secret)
35
38
 
36
- normalized_payload = "#{request_body}#{request_url}".unpack('U*').pack('c*')
37
- expected_signature = Base64.strict_encode64(OpenSSL::HMAC.digest(HMAC_DIGEST, webhook_secret, normalized_payload))
39
+ expected = base64digest(base64digest(request_body + request_url))
40
+ actual = base64digest(signature_header)
38
41
 
39
- if signature_header != expected_signature
40
- raise SignatureError.new "Actual: #{signature_header}, Expected: #{expected_signature}"
42
+ if actual != expected
43
+ raise SignatureError.new "Actual: #{actual}, Expected: #{expected}"
41
44
  end
42
45
  end
43
46
 
47
+ def base64digest(message)
48
+ hash = OpenSSL::HMAC.digest('sha1', webhook_secret, message)
49
+ Base64.strict_encode64(hash)
50
+ end
51
+
44
52
  def request_body
45
53
  @request_body ||= (
46
54
  request.body.rewind
data/lib/trello_webhook/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module TrelloWebhook
2
- VERSION = "0.1.0"
2
+ VERSION = "0.2.0"
3
3
  end
data/spec/trello_webhook/processor_spec.rb CHANGED
@@ -16,17 +16,19 @@ module TrelloWebhook
16
16
  end
17
17
  end
18
18
 
19
- class ControllerWithoutSecret
19
+ class ControllerWithoutImplementedCallback
20
20
  ### Helpers to mock ActionController::Base behavior
21
21
  attr_accessor :request, :updated
22
22
 
23
- def self.skip_before_filter(*args); end
24
- def self.before_filter(*args); end
23
+ def self.skip_before_action(*args); end
24
+ def self.before_action(*args); end
25
25
  def head(*args); end
26
26
  ###
27
27
 
28
28
  include TrelloWebhook::Processor
29
+ end
29
30
 
31
+ class ControllerWithoutSecret < ControllerWithoutImplementedCallback
30
32
  def update_card(payload)
31
33
  @updated = payload[:foo]
32
34
  end
@@ -45,18 +47,20 @@ module TrelloWebhook
45
47
  end
46
48
 
47
49
  let(:controller_without_secret) do
48
- ControllerWithoutSecret.new
50
+ controller = ControllerWithoutSecret.new
51
+ controller.request = Request.new
52
+ controller
49
53
  end
50
54
 
51
55
  describe "#create" do
52
56
  it "raises an error when secret is not defined" do
53
- expect { controller_without_secret.send :authenticate_trello_request! }.to raise_error
57
+ expect { controller_without_secret.send :authenticate_trello_request! }.to raise_error(Processor::UnspecifiedWebhookSecretError)
54
58
  end
55
59
 
56
60
  it "calls the #update_card method in controller" do
57
61
  controller.request.body = StringIO.new({ :foo => "bar", :action => { type: 'updateCard' } }.to_json.to_s)
58
62
  controller.request.headers['X-Trello-Webhook'] = "3YUv3UBpzV8IbZrOnIpRC+Cf+Nk="
59
- controller.send :authenticate_trello_request! # Manually as we don't have the before_filter logic in our Mock object
63
+ controller.send :authenticate_trello_request! # Manually as we don't have the before_action logic in our Mock object
60
64
  controller.create
61
65
  expect(controller.updated).to eq "bar"
62
66
  end
@@ -64,12 +68,15 @@ module TrelloWebhook
64
68
  it "raises an error when signature does not match" do
65
69
  controller.request.body = StringIO.new({ :foo => "bar" }.to_json.to_s)
66
70
  controller.request.headers['X-Trello-Webhook'] = "thatsnotrightgeorge"
67
- expect { controller_without_secret.send :authenticate_trello_request! }.to raise_error
71
+ expect { controller_without_secret.send :authenticate_trello_request! }.to raise_error(Processor::UnspecifiedWebhookSecretError)
68
72
  end
69
73
 
70
74
  it "raises an error when the trello event method is not implemented" do
71
- expect { controller_without_secret.create }.to raise_error
75
+ controller = ControllerWithoutImplementedCallback.new
76
+ controller.request = Request.new
77
+ controller.request.body = StringIO.new({ :foo => "bar", :action => { type: 'updateCard' } }.to_json.to_s)
78
+ expect { controller.create }.to raise_error(Processor::CallbackNotImplementedError)
72
79
  end
73
80
  end
74
81
  end
75
- end
82
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: trello_webhook
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sebastien Saunier
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-02-21 00:00:00.000000000 Z
11
+ date: 2016-09-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -106,7 +106,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
106
106
  version: '0'
107
107
  requirements: []
108
108
  rubyforge_project:
109
- rubygems_version: 2.4.5
109
+ rubygems_version: 2.6.6
110
110
  signing_key:
111
111
  specification_version: 4
112
112
  summary: Process Trello Webhooks in your Rails app (Controller mixin)