workos 2.1.0 → 2.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +2 -2
- data/lib/workos/version.rb +1 -1
- data/lib/workos/webhooks.rb +8 -6
- data/spec/lib/workos/webhooks_spec.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e98cbe7f34c4d550972ac7b4dc734e17ed9b2390b08898d2b20fdf5e69da71ea
|
|
4
|
+
data.tar.gz: c998bf772be7cc75e1730debd7efefa764d87676c62b325daf45784846ce3a12
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 01d4bcee2864d6a8b58e8cd3ffef78d77e11028bfbcd9005c4a2cecafaabe0cec97856f94b70aa9391dee50d08502ed8d7afa9456763d16a44f0fcc78a912694
|
|
7
|
+
data.tar.gz: ae83d9e5e204771f3d261a2f3135e077cc8b19d700ccf7984447e5536297ba65fba3779c3988daf612ce2c9624c9a825b8dd9b0e633e47c8839f3466a6837440
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
workos (2.1.
|
|
4
|
+
workos (2.1.1)
|
|
5
5
|
sorbet-runtime (~> 0.5)
|
|
6
6
|
|
|
7
7
|
GEM
|
|
@@ -60,7 +60,7 @@ GEM
|
|
|
60
60
|
simplecov_json_formatter (0.1.2)
|
|
61
61
|
sorbet (0.5.6388)
|
|
62
62
|
sorbet-static (= 0.5.6388)
|
|
63
|
-
sorbet-runtime (0.5.
|
|
63
|
+
sorbet-runtime (0.5.9528)
|
|
64
64
|
sorbet-static (0.5.6388-universal-darwin-14)
|
|
65
65
|
sorbet-static (0.5.6388-universal-darwin-15)
|
|
66
66
|
sorbet-static (0.5.6388-universal-darwin-16)
|
data/lib/workos/version.rb
CHANGED
data/lib/workos/webhooks.rb
CHANGED
|
@@ -65,7 +65,7 @@ module WorkOS
|
|
|
65
65
|
tolerance: Integer,
|
|
66
66
|
).returns(T::Boolean)
|
|
67
67
|
end
|
|
68
|
-
# rubocop:disable Metrics/MethodLength
|
|
68
|
+
# rubocop:disable Metrics/MethodLength, Metrics/AbcSize
|
|
69
69
|
def verify_header(
|
|
70
70
|
payload:,
|
|
71
71
|
sig_header:,
|
|
@@ -86,7 +86,9 @@ module WorkOS
|
|
|
86
86
|
)
|
|
87
87
|
end
|
|
88
88
|
|
|
89
|
-
|
|
89
|
+
timestamp_to_time = Time.at(timestamp.to_i / 1000)
|
|
90
|
+
|
|
91
|
+
if timestamp_to_time < Time.now - tolerance
|
|
90
92
|
raise WorkOS::SignatureVerificationError.new(
|
|
91
93
|
message: 'Timestamp outside the tolerance zone',
|
|
92
94
|
)
|
|
@@ -101,7 +103,7 @@ module WorkOS
|
|
|
101
103
|
|
|
102
104
|
true
|
|
103
105
|
end
|
|
104
|
-
# rubocop:enable Metrics/MethodLength
|
|
106
|
+
# rubocop:enable Metrics/MethodLength, Metrics/AbcSize
|
|
105
107
|
|
|
106
108
|
sig do
|
|
107
109
|
params(
|
|
@@ -122,12 +124,12 @@ module WorkOS
|
|
|
122
124
|
timestamp = timestamp.sub('t=', '')
|
|
123
125
|
signature_hash = signature_hash.sub('v1=', '')
|
|
124
126
|
|
|
125
|
-
[
|
|
127
|
+
[timestamp, signature_hash]
|
|
126
128
|
end
|
|
127
129
|
|
|
128
130
|
sig do
|
|
129
131
|
params(
|
|
130
|
-
timestamp:
|
|
132
|
+
timestamp: String,
|
|
131
133
|
payload: String,
|
|
132
134
|
secret: String,
|
|
133
135
|
).returns(String)
|
|
@@ -137,7 +139,7 @@ module WorkOS
|
|
|
137
139
|
payload:,
|
|
138
140
|
secret:
|
|
139
141
|
)
|
|
140
|
-
unhashed_string = "#{timestamp
|
|
142
|
+
unhashed_string = "#{timestamp}.#{payload}"
|
|
141
143
|
digest = OpenSSL::Digest.new('sha256')
|
|
142
144
|
OpenSSL::HMAC.hexdigest(digest, secret, unhashed_string)
|
|
143
145
|
end
|
|
@@ -177,7 +177,7 @@ describe WorkOS::Webhooks do
|
|
|
177
177
|
expect do
|
|
178
178
|
described_class.construct_event(
|
|
179
179
|
payload: @payload,
|
|
180
|
-
sig_header: "t
|
|
180
|
+
sig_header: "t=#{@timestamp.to_i - (200 * 1000)}, v1=#{@signature_hash}",
|
|
181
181
|
secret: @secret,
|
|
182
182
|
)
|
|
183
183
|
end.to raise_error(
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: workos
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.1.
|
|
4
|
+
version: 2.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- WorkOS
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-01-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: sorbet-runtime
|
|
@@ -364,7 +364,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
364
364
|
- !ruby/object:Gem::Version
|
|
365
365
|
version: '0'
|
|
366
366
|
requirements: []
|
|
367
|
-
rubygems_version: 3.
|
|
367
|
+
rubygems_version: 3.3.5
|
|
368
368
|
signing_key:
|
|
369
369
|
specification_version: 4
|
|
370
370
|
summary: API client for WorkOS
|