webhook_system 1.0.4 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ab92b0226e4fcb3e5fd0b51f7c263671a26a872d
-  data.tar.gz: ebec116d1079659ad550232957c62c365ac30784
+  metadata.gz: d120e25bddd3b90b7f79a51f5ee17aaf9e161336
+  data.tar.gz: e872d6ca6dad0879a5c71b9ca0ace3c129bc33c1
 SHA512:
-  metadata.gz: 7d78db773737cac39123362eb472dbdbb53f2e7c8b5f157836532f023fe48d7ddc454be64f74fe9bad27c21d86afcda9dae1f9f8d5f8436b808d259a8a4faaf3
-  data.tar.gz: c5aa162d977732bfe5eaa91cc185643cc1db22987fbcc6afa2492e0c1a437a402acfd1b7e118f0832bf40305da911e64f5de4125cfd041c8fbe762c88bcdaa24
+  metadata.gz: 793b9a205d0244f79aad3fad61ffd2aadbde2f65b16545acebb7c9192859a85d1f6aec764371905baf373eeaa8950e1cd31c8906f9a47a4a27370b550e672733
+  data.tar.gz: fb7a2493ef2d3a666162c9eb3b4d1ce1b9cc8b1b58261869ec11a672514eb83b06458a874701dd602bdedf696df3cecdb87e5e2f510038884b578faddffaff3b

data/.codeclimate.yml

@@ -1,4 +1,9 @@
 engines:
+  duplication:
+    enabled: true
+    config:
+      languages:
+        - ruby
   rubocop:
     enabled: true
 ratings:

data/CHANGELOG.md

@@ -1,5 +1,10 @@
 # Change Log
 
+## [v1.0.4](https://github.com/payrollhero/webhook_system/tree/v1.0.4) (2016-02-19)
+[Full Changelog](https://github.com/payrollhero/webhook_system/compare/v1.0.3...v1.0.4)
+
+- Log any exception which occurs while we submit data to the webhook url. [\#8](https://github.com/payrollhero/webhook_system/pull/8) ([mykola-kyryk](https://github.com/mykola-kyryk))
+
 ## [v1.0.3](https://github.com/payrollhero/webhook_system/tree/v1.0.3) (2016-02-18)
 [Full Changelog](https://github.com/payrollhero/webhook_system/compare/v1.0.2...v1.0.3)
 

data/README.md

@@ -29,37 +29,39 @@ tables first:
 ```ruby
 create_table :webhook_subscriptions do |t|
   t.string :url, null: false
-  t.boolean :active, null: false
+  t.boolean :active, null: false, index: true
+  t.boolean :encrypt, null: false, default: false
   t.text :secret
-
-  t.index :active
 end
 
 create_table :webhook_subscription_topics do |t|
-  t.string :name, null: false
-  t.belongs_to :subscription, null: false
-
-  t.index :subscription_id
-  t.index :name
+  t.string :name, null: false, index: true
+  t.belongs_to :subscription, null: false, index: true
 end
 
 create_table :webhook_event_logs do |t|
-  t.belongs_to :subscription, null: false
+  t.belongs_to :subscription, null: false, index: true
 
-  t.string :event_name, null: false
-  t.string :event_id, null: false
-  t.integer :status, null: false
+  t.string :event_name, null: false, index: true
+  t.string :event_id, null: false, index: true
+  t.integer :status, null: false, index: true
 
   t.text :request, limit: 64_000, null: false
   t.text :response, limit: 64_000, null: false
 
-  t.datetime :created_at, null: false
+  t.datetime :created_at, null: false, index: true
+end
+```
 
-  t.index :created_at
-  t.index :event_name
-  t.index :status
-  t.index :subscription_id
-  t.index :event_id
+### Migrating from version 1.x
+
+The main new change is the addition of a new 'encrypt' column on subscriptions
+
+Add this migration to get this added (and retain original behavior)
+
+```ruby
+def change
+  add_column :webhook_subscriptions, :encrypt, :boolean, default: true, null: false, after: :active
 end
 ```
 
@@ -207,9 +209,22 @@ WebhookSystem.dispatch(event_object)
 This is meant to be fairly fire and forget. Internally this will create an ActiveJob for each subscription
 interested in the event.
 
+# Payload Format
+
+Payloads can either be plain json or encrypted. On top of that, they're also signed. The format for the signature
+follows GitHub's own format: [https://developer.github.com/webhooks/securing/](https://developer.github.com/webhooks/securing/).
+The subscription's secret is used to create the signature.
+
+The payload can be encrypted based on the `encrypt` boolean column of a subscription.
+
+## Payload Verification
+
+This library can be used as a helper to decode and verify the payloads as well. The same usage as the Decryption below
+will also verify the signature if present in the headers passed.
+
 ## Payload Encryption
 
-The payload is encrypted using AES-256. Each subscription is meant to have the recipient's shared secret on it.
+The payload can be encrypted using AES-256. Each subscription is meant to have the recipient's shared secret on it.
 This secret is then used to encrypt the payload, so the other side needs that same secret again to open it.
 
 The payload then will be a json post body, with the Base64 encoded payload inside it.
@@ -221,7 +236,7 @@ There is a utility function available to decode the entire POST body of the webh
 Example use would be:
 
 ```ruby
-payload = WebhookSystem::Encoder.decode(secret_string, request.body)
+payload = WebhookSystem::Encoder.decode(secret_string, request.body, request.headers)
 ```
 
 You will need your webhook secret, and you get back a Hash of the event's data.

data/Rakefile

@@ -8,7 +8,6 @@ RSpec::Core::RakeTask.new
 
 task :test do
   sh "rspec"
-  sh "reek"
   sh "rubocop"
 end
 
@@ -22,7 +21,6 @@ task :styleguide do
   files = %w{
     .rubocop.hound.yml
     .rubocop.yml
-    .reek
     .codeclimate.yml
   }
   files.each do |file|

data/lib/webhook_system/encoder.rb

@@ -8,60 +8,115 @@ module WebhookSystem
     # @param [String] secret_string some secret string
     # @param [Object#to_json] payload Any object that responds to to_json
     # @return [String] The encoded string payload (its a JSON string)
-    def self.encode(secret_string, payload)
-      cipher = OpenSSL::Cipher::AES256.new(:CBC)
-      cipher.encrypt
-      iv = cipher.random_iv
-      cipher.key = key_from_secret(iv, secret_string)
-      encoded = cipher.update(payload.to_json) + cipher.final
-      Payload.encode(encoded, iv)
+    def self.encode(secret_string, payload, format:)
+      response_hash = Payload.encode(payload, secret: secret_string, format: format)
+      payload_string = JSON.generate(response_hash)
+      signature = hub_signature(payload_string, secret_string)
+      [payload_string, { 'X-Hub-Signature' => signature, 'Content-Type' => content_type_for_format(format) }]
     end
 
     # Given a secret string, and an encrypted payload, unwrap it, bas64 decode it
     # decrypt it, and JSON decode it
     #
     # @param [String] secret_string some secret string
-    # @param [String] payload String as returned from #encode
+    # @param [String] payload_string String as returned from #encode
     # @return [Object] return the JSON decode of the encrypted payload
-    def self.decode(secret_string, payload)
-      encoded, iv = Payload.decode(payload)
-      cipher = OpenSSL::Cipher::AES256.new(:CBC)
-      cipher.decrypt
-      cipher.iv = iv
-      cipher.key = key_from_secret(iv, secret_string)
-      decoded = cipher.update(encoded) + cipher.final
-      JSON.load(decoded)
-    rescue OpenSSL::Cipher::CipherError
-      raise DecodingError, 'Decoding Failed, probably mismatched secret'
+    def self.decode(secret_string, payload_string, headers = {})
+      signature = headers['X-Hub-Signature']
+      format = format_for_content_type(headers.fetch('Content-Type'))
+
+      payload_signature = hub_signature(payload_string, secret_string)
+      if signature && signature != payload_signature
+        raise DecodingError, 'signature mismatch'
+      end
+
+      Payload.decode(payload_string, secret: secret_string, format: format)
     end
 
     class << self
       private
 
-      def key_from_secret(iv, secret_string)
-        OpenSSL::PKCS5.pbkdf2_hmac(secret_string, iv, 100_000, 256 / 8, 'SHA256')
+      def content_type_format_map
+        {
+          'base64+aes256' => 'application/json; base64+aes256',
+          'json' => 'application/json'
+        }
+      end
+
+      def format_for_content_type(content_type)
+        content_type_format_map.invert.fetch(content_type)
+      end
+
+      def content_type_for_format(format)
+        content_type_format_map.fetch(format)
+      end
+
+      def hub_signature(payload_string, secret)
+        'sha1=' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha1'), secret, payload_string)
       end
     end
   end
 
-  # private class to just wrap the outer wrapping of the response format
-  # not exposed to the outside
-  # :nodoc:
   module Payload
-    def self.encode(raw_encrypted_data, iv)
-      JSON.pretty_generate(
-        'format' => 'base64+aes256',
-        'payload' => Base64.encode64(raw_encrypted_data),
-        'iv' => Base64.encode64(iv)
-      )
-    end
+    class << self
+      def encode(payload, secret:, format:)
+        case format
+        when 'base64+aes256'
+          encode_aes(payload, secret)
+        when 'json'
+          payload
+        else
+          raise ArgumentError, "don't know how to handle: #{payload['format']} payload"
+        end
+      end
 
-    def self.decode(payload_string)
-      payload = JSON.load(payload_string)
-      unless payload['format'] == 'base64+aes256'
-        raise ArgumentError, 'only know how to handle base64+aes256 payloads'
+      def decode(response_body, secret:, format:)
+        payload = JSON.load(response_body)
+
+        case format
+        when 'base64+aes256'
+          decode_aes(payload, secret)
+        when 'json'
+          payload
+        else
+          raise ArgumentError, "don't know how to handle: #{payload['format']} payload"
+        end
+      end
+
+      private
+
+      def encode_aes(payload, secret)
+        cipher = OpenSSL::Cipher::AES256.new(:CBC)
+        cipher.encrypt
+        iv = cipher.random_iv
+        cipher.key = key_from_secret(iv, secret)
+        encoded = cipher.update(payload.to_json) + cipher.final
+
+        {
+          format: 'base64+aes256',
+          payload: Base64.encode64(encoded),
+          iv: Base64.encode64(iv),
+        }
+      end
+
+      def decode_aes(payload, secret)
+        encoded = Base64.decode64(payload['payload'])
+        iv = Base64.decode64(payload['iv'])
+
+        cipher = OpenSSL::Cipher::AES256.new(:CBC)
+        cipher.decrypt
+        cipher.iv = iv
+        cipher.key = key_from_secret(iv, secret)
+        decoded = cipher.update(encoded) + cipher.final
+
+        JSON.load(decoded)
+      rescue OpenSSL::Cipher::CipherError
+        raise DecodingError, 'Decoding Failed, probably mismatched secret'
+      end
+
+      def key_from_secret(iv, secret_string)
+        OpenSSL::PKCS5.pbkdf2_hmac(secret_string, iv, 100_000, 256 / 8, 'SHA256')
       end
-      [Base64.decode64(payload['payload']), Base64.decode64(payload['iv'])]
     end
   end
 end

data/lib/webhook_system/job.rb

@@ -41,7 +41,7 @@ module WebhookSystem
       response =
         begin
           client.builder.build_response(client, request)
-        rescue Exception => exception # we do want to catch all exceptions
+        rescue RuntimeError => exception
           ErrorResponse.new(exception)
         end
 
@@ -57,14 +57,18 @@ module WebhookSystem
     end
 
     def self.build_request(client, subscription, event)
-      payload = Encoder.encode(subscription.secret, event)
+      payload, headers = Encoder.encode(subscription.secret, event, format: format_for_subscription(subscription))
       client.build_request(:post) do |req|
         req.url subscription.url
-        req.headers['Content-Type'] = 'application/json; base64+aes256'
+        req.headers.merge!(headers)
         req.body = payload.to_s
       end
     end
 
+    def self.format_for_subscription(subscription)
+      subscription.encrypt ? 'base64+aes256' : 'json'
+    end
+
     def self.log_response(subscription, event, request, response)
       event_log = EventLog.construct(subscription, event, request, response)
 

data/lib/webhook_system/version.rb

@@ -1,3 +1,3 @@
 module WebhookSystem
-  VERSION = '1.0.4'
+  VERSION = '2.0.0'
 end

data/webhook_system.gemspec

@@ -18,8 +18,8 @@ Gem::Specification.new do |gem|
   gem.executables = gem.files.grep(%r{^bin/}).map { |f| File.basename(f) }
   gem.require_paths = ['lib']
 
-  gem.add_runtime_dependency 'activesupport', '> 3.2'
-  gem.add_runtime_dependency 'activerecord', '> 3.2'
+  gem.add_runtime_dependency 'activesupport', '> 3.2', '< 5.0' # have to drop support for ruby 2.1 if we enable 5.0
+  gem.add_runtime_dependency 'activerecord', '> 3.2', '< 5.0' # have to drop support for ruby 2.1 if we enable 5.0
   gem.add_runtime_dependency 'activejob'
   gem.add_runtime_dependency 'faraday', '~> 0.9'
   gem.add_runtime_dependency 'faraday-encoding', '>= 0.0.2', '< 1.0'
@@ -37,6 +37,5 @@ Gem::Specification.new do |gem|
   gem.add_development_dependency 'webmock'
 
   # static analysis gems
-  gem.add_development_dependency 'rubocop', '~> 0.37.1'
-  gem.add_development_dependency 'reek', '~> 3.7'
+  gem.add_development_dependency 'rubocop', '~> 0.41.2'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: webhook_system
 version: !ruby/object:Gem::Version
-  version: 1.0.4
+  version: 2.0.0
 platform: ruby
 authors:
 - Piotr Banasik
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2016-02-19 00:00:00.000000000 Z
+date: 2016-07-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -18,6 +18,9 @@ dependencies:
     - - ">"
       - !ruby/object:Gem::Version
         version: '3.2'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '5.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -25,6 +28,9 @@ dependencies:
     - - ">"
       - !ruby/object:Gem::Version
         version: '3.2'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '5.0'
 - !ruby/object:Gem::Dependency
   name: activerecord
   requirement: !ruby/object:Gem::Requirement
@@ -32,6 +38,9 @@ dependencies:
     - - ">"
       - !ruby/object:Gem::Version
         version: '3.2'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '5.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -39,6 +48,9 @@ dependencies:
     - - ">"
       - !ruby/object:Gem::Version
         version: '3.2'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '5.0'
 - !ruby/object:Gem::Dependency
   name: activejob
   requirement: !ruby/object:Gem::Requirement
@@ -247,28 +259,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.37.1
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.37.1
-- !ruby/object:Gem::Dependency
-  name: reek
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.7'
+        version: 0.41.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.7'
+        version: 0.41.2
 description: A pluggable webhook subscription system
 email: piotr@payrollhero.com
 executables: []
@@ -277,8 +275,6 @@ extra_rdoc_files: []
 files:
 - ".codeclimate.yml"
 - ".gitignore"
-- ".hound.yml"
-- ".reek"
 - ".rubocop.hound.yml"
 - ".rubocop.yml"
 - ".travis.yml"
@@ -318,7 +314,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.5
+rubygems_version: 2.5.1
 signing_key: 
 specification_version: 4
 summary: Webhook system

data/.hound.yml

@@ -1,2 +0,0 @@
-ruby:
-  config_file: .rubocop.yml

data/.reek

@@ -1,13 +0,0 @@
-DuplicateMethodCall:
-  max_calls: 2
-TooManyStatements:
-  max_statements: 8
-NestedIterators:
-  max_allowed_nesting: 3
-DataClump:
-  max_copies: 4
-LongParameterList:
-  max_params: 8
-
-exclude_paths:
-  - spec/support