workos 2.1.0 → 2.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +2 -2
- data/lib/workos/version.rb +1 -1
- data/lib/workos/webhooks.rb +8 -6
- data/spec/lib/workos/webhooks_spec.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e98cbe7f34c4d550972ac7b4dc734e17ed9b2390b08898d2b20fdf5e69da71ea
|
|
4
|
+
data.tar.gz: c998bf772be7cc75e1730debd7efefa764d87676c62b325daf45784846ce3a12
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 01d4bcee2864d6a8b58e8cd3ffef78d77e11028bfbcd9005c4a2cecafaabe0cec97856f94b70aa9391dee50d08502ed8d7afa9456763d16a44f0fcc78a912694
|
|
7
|
+
data.tar.gz: ae83d9e5e204771f3d261a2f3135e077cc8b19d700ccf7984447e5536297ba65fba3779c3988daf612ce2c9624c9a825b8dd9b0e633e47c8839f3466a6837440
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
workos (2.1.
|
|
4
|
+
workos (2.1.1)
|
|
5
5
|
sorbet-runtime (~> 0.5)
|
|
6
6
|
|
|
7
7
|
GEM
|
|
@@ -60,7 +60,7 @@ GEM
|
|
|
60
60
|
simplecov_json_formatter (0.1.2)
|
|
61
61
|
sorbet (0.5.6388)
|
|
62
62
|
sorbet-static (= 0.5.6388)
|
|
63
|
-
sorbet-runtime (0.5.
|
|
63
|
+
sorbet-runtime (0.5.9528)
|
|
64
64
|
sorbet-static (0.5.6388-universal-darwin-14)
|
|
65
65
|
sorbet-static (0.5.6388-universal-darwin-15)
|
|
66
66
|
sorbet-static (0.5.6388-universal-darwin-16)
|
data/lib/workos/version.rb
CHANGED
data/lib/workos/webhooks.rb
CHANGED
|
@@ -65,7 +65,7 @@ module WorkOS
|
|
|
65
65
|
tolerance: Integer,
|
|
66
66
|
).returns(T::Boolean)
|
|
67
67
|
end
|
|
68
|
-
# rubocop:disable Metrics/MethodLength
|
|
68
|
+
# rubocop:disable Metrics/MethodLength, Metrics/AbcSize
|
|
69
69
|
def verify_header(
|
|
70
70
|
payload:,
|
|
71
71
|
sig_header:,
|
|
@@ -86,7 +86,9 @@ module WorkOS
|
|
|
86
86
|
)
|
|
87
87
|
end
|
|
88
88
|
|
|
89
|
-
|
|
89
|
+
timestamp_to_time = Time.at(timestamp.to_i / 1000)
|
|
90
|
+
|
|
91
|
+
if timestamp_to_time < Time.now - tolerance
|
|
90
92
|
raise WorkOS::SignatureVerificationError.new(
|
|
91
93
|
message: 'Timestamp outside the tolerance zone',
|
|
92
94
|
)
|
|
@@ -101,7 +103,7 @@ module WorkOS
|
|
|
101
103
|
|
|
102
104
|
true
|
|
103
105
|
end
|
|
104
|
-
# rubocop:enable Metrics/MethodLength
|
|
106
|
+
# rubocop:enable Metrics/MethodLength, Metrics/AbcSize
|
|
105
107
|
|
|
106
108
|
sig do
|
|
107
109
|
params(
|
|
@@ -122,12 +124,12 @@ module WorkOS
|
|
|
122
124
|
timestamp = timestamp.sub('t=', '')
|
|
123
125
|
signature_hash = signature_hash.sub('v1=', '')
|
|
124
126
|
|
|
125
|
-
[
|
|
127
|
+
[timestamp, signature_hash]
|
|
126
128
|
end
|
|
127
129
|
|
|
128
130
|
sig do
|
|
129
131
|
params(
|
|
130
|
-
timestamp:
|
|
132
|
+
timestamp: String,
|
|
131
133
|
payload: String,
|
|
132
134
|
secret: String,
|
|
133
135
|
).returns(String)
|
|
@@ -137,7 +139,7 @@ module WorkOS
|
|
|
137
139
|
payload:,
|
|
138
140
|
secret:
|
|
139
141
|
)
|
|
140
|
-
unhashed_string = "#{timestamp
|
|
142
|
+
unhashed_string = "#{timestamp}.#{payload}"
|
|
141
143
|
digest = OpenSSL::Digest.new('sha256')
|
|
142
144
|
OpenSSL::HMAC.hexdigest(digest, secret, unhashed_string)
|
|
143
145
|
end
|
|
@@ -177,7 +177,7 @@ describe WorkOS::Webhooks do
|
|
|
177
177
|
expect do
|
|
178
178
|
described_class.construct_event(
|
|
179
179
|
payload: @payload,
|
|
180
|
-
sig_header: "t
|
|
180
|
+
sig_header: "t=#{@timestamp.to_i - (200 * 1000)}, v1=#{@signature_hash}",
|
|
181
181
|
secret: @secret,
|
|
182
182
|
)
|
|
183
183
|
end.to raise_error(
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: workos
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.1.
|
|
4
|
+
version: 2.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- WorkOS
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-01-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: sorbet-runtime
|
|
@@ -364,7 +364,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
364
364
|
- !ruby/object:Gem::Version
|
|
365
365
|
version: '0'
|
|
366
366
|
requirements: []
|
|
367
|
-
rubygems_version: 3.
|
|
367
|
+
rubygems_version: 3.3.5
|
|
368
368
|
signing_key:
|
|
369
369
|
specification_version: 4
|
|
370
370
|
summary: API client for WorkOS
|