trello_webhook 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +1 -0
  3. data/README.md +2 -2
  4. data/lib/trello_webhook/processor.rb +13 -5
  5. data/lib/trello_webhook/version.rb +1 -1
  6. data/spec/trello_webhook/processor_spec.rb +16 -9
  7. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 4b516b3bbf281076131e7425b83785c805ee142c
4
- data.tar.gz: ffd3fe3ca304c6bb3838c953e8f54a7648e3d939
3
+ metadata.gz: cf5d4536a072b5daee10b7d6af1afda4b6716deb
4
+ data.tar.gz: 5a3fdb95d69b3f963ee45c288e29083adbb64008
5
5
  SHA512:
6
- metadata.gz: b67b80ba9683a4112430f15214baa95c0e803126e713add3d1c2f65110d103b9fcc676610ad42c06e358e33c642a059053b07be8a754e6bef4a2e66ffa86f19f
7
- data.tar.gz: 4391bf738eefe3787fa7bfd7c2dd4f737b865c3b6b8f84893db1a41fffc866df1af0797395c81ff8e4ae540a3a7af9f3e59d811c30e047ae5fc9a3f33212bf0c
6
+ metadata.gz: 9fea62229a954721c3d2bd0714e4899a72904494c4e6e2602af9de4f6233706ee9eae48e832e7d16dd547f8ee267ec098f970741db41391b818c84c7bc699ad0
7
+ data.tar.gz: fe088550c5ddd8f90a8283f3b14ac729f55dda1e13d397e88360fee68ae3da4e6096a496f3e124e3dc7482d60f9e57d39b35cf907fbd56200c5cb05d828ae47c
data/.travis.yml CHANGED
@@ -3,3 +3,4 @@ rvm:
3
3
  - 2.2.0
4
4
  - 2.1.0
5
5
  - 2.0.0
6
+ - 1.9.3
data/README.md CHANGED
@@ -18,7 +18,7 @@ gem 'trello_webhook'
18
18
  And then execute:
19
19
 
20
20
  ```bash
21
- $ bundle install
21
+ bundle install
22
22
  ```
23
23
 
24
24
  ## Configuration
@@ -59,4 +59,4 @@ webhook.description = "The webhook description"
59
59
  webhook.id_model = "The board model id" # Run `Trello::Board.all` to find it.
60
60
  webhook.callback_url = "#{ENV['BASE_URL']}/trello_webhooks" # BASE_URL is your website's url. Use ngrok in dev.
61
61
  webhook.save
62
- ```
62
+ ```
data/lib/trello_webhook/processor.rb CHANGED
@@ -1,8 +1,11 @@
1
+ require 'openssl'
2
+ require 'base64'
3
+
1
4
  module TrelloWebhook::Processor
2
5
  extend ActiveSupport::Concern
3
6
 
4
7
  included do
5
- before_filter :authenticate_trello_request!, :only => :create
8
+ before_action :authenticate_trello_request!, only: :create
6
9
  end
7
10
 
8
11
  class SignatureError < StandardError; end
@@ -33,14 +36,19 @@ module TrelloWebhook::Processor
33
36
  def authenticate_trello_request!
34
37
  raise UnspecifiedWebhookSecretError.new unless respond_to?(:webhook_secret)
35
38
 
36
- normalized_payload = "#{request_body}#{request_url}".unpack('U*').pack('c*')
37
- expected_signature = Base64.strict_encode64(OpenSSL::HMAC.digest(HMAC_DIGEST, webhook_secret, normalized_payload))
39
+ expected = base64digest(base64digest(request_body + request_url))
40
+ actual = base64digest(signature_header)
38
41
 
39
- if signature_header != expected_signature
40
- raise SignatureError.new "Actual: #{signature_header}, Expected: #{expected_signature}"
42
+ if actual != expected
43
+ raise SignatureError.new "Actual: #{actual}, Expected: #{expected}"
41
44
  end
42
45
  end
43
46
 
47
+ def base64digest(message)
48
+ hash = OpenSSL::HMAC.digest('sha1', webhook_secret, message)
49
+ Base64.strict_encode64(hash)
50
+ end
51
+
44
52
  def request_body
45
53
  @request_body ||= (
46
54
  request.body.rewind
data/lib/trello_webhook/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module TrelloWebhook
2
- VERSION = "0.1.0"
2
+ VERSION = "0.2.0"
3
3
  end
data/spec/trello_webhook/processor_spec.rb CHANGED
@@ -16,17 +16,19 @@ module TrelloWebhook
16
16
  end
17
17
  end
18
18
 
19
- class ControllerWithoutSecret
19
+ class ControllerWithoutImplementedCallback
20
20
  ### Helpers to mock ActionController::Base behavior
21
21
  attr_accessor :request, :updated
22
22
 
23
- def self.skip_before_filter(*args); end
24
- def self.before_filter(*args); end
23
+ def self.skip_before_action(*args); end
24
+ def self.before_action(*args); end
25
25
  def head(*args); end
26
26
  ###
27
27
 
28
28
  include TrelloWebhook::Processor
29
+ end
29
30
 
31
+ class ControllerWithoutSecret < ControllerWithoutImplementedCallback
30
32
  def update_card(payload)
31
33
  @updated = payload[:foo]
32
34
  end
@@ -45,18 +47,20 @@ module TrelloWebhook
45
47
  end
46
48
 
47
49
  let(:controller_without_secret) do
48
- ControllerWithoutSecret.new
50
+ controller = ControllerWithoutSecret.new
51
+ controller.request = Request.new
52
+ controller
49
53
  end
50
54
 
51
55
  describe "#create" do
52
56
  it "raises an error when secret is not defined" do
53
- expect { controller_without_secret.send :authenticate_trello_request! }.to raise_error
57
+ expect { controller_without_secret.send :authenticate_trello_request! }.to raise_error(Processor::UnspecifiedWebhookSecretError)
54
58
  end
55
59
 
56
60
  it "calls the #update_card method in controller" do
57
61
  controller.request.body = StringIO.new({ :foo => "bar", :action => { type: 'updateCard' } }.to_json.to_s)
58
62
  controller.request.headers['X-Trello-Webhook'] = "3YUv3UBpzV8IbZrOnIpRC+Cf+Nk="
59
- controller.send :authenticate_trello_request! # Manually as we don't have the before_filter logic in our Mock object
63
+ controller.send :authenticate_trello_request! # Manually as we don't have the before_action logic in our Mock object
60
64
  controller.create
61
65
  expect(controller.updated).to eq "bar"
62
66
  end
@@ -64,12 +68,15 @@ module TrelloWebhook
64
68
  it "raises an error when signature does not match" do
65
69
  controller.request.body = StringIO.new({ :foo => "bar" }.to_json.to_s)
66
70
  controller.request.headers['X-Trello-Webhook'] = "thatsnotrightgeorge"
67
- expect { controller_without_secret.send :authenticate_trello_request! }.to raise_error
71
+ expect { controller_without_secret.send :authenticate_trello_request! }.to raise_error(Processor::UnspecifiedWebhookSecretError)
68
72
  end
69
73
 
70
74
  it "raises an error when the trello event method is not implemented" do
71
- expect { controller_without_secret.create }.to raise_error
75
+ controller = ControllerWithoutImplementedCallback.new
76
+ controller.request = Request.new
77
+ controller.request.body = StringIO.new({ :foo => "bar", :action => { type: 'updateCard' } }.to_json.to_s)
78
+ expect { controller.create }.to raise_error(Processor::CallbackNotImplementedError)
72
79
  end
73
80
  end
74
81
  end
75
- end
82
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: trello_webhook
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sebastien Saunier
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-02-21 00:00:00.000000000 Z
11
+ date: 2016-09-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -106,7 +106,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
106
106
  version: '0'
107
107
  requirements: []
108
108
  rubyforge_project:
109
- rubygems_version: 2.4.5
109
+ rubygems_version: 2.6.6
110
110
  signing_key:
111
111
  specification_version: 4
112
112
  summary: Process Trello Webhooks in your Rails app (Controller mixin)