class Restforce::SignedRequest
Attributes
client_secret[R]
payload[R]
signature[R]
Public Class Methods
decode(signed_request, client_secret)
click to toggle source
Public: Initializes and decodes the signed request
signed_request - The POST message containing the signed request from Salesforce. client_secret
- The oauth client secret used to encrypt the signed request.
Returns the parsed JSON context.
# File lib/restforce/signed_request.rb, line 15 def self.decode(signed_request, client_secret) new(signed_request, client_secret).decode end
new(signed_request, client_secret)
click to toggle source
# File lib/restforce/signed_request.rb, line 19 def initialize(signed_request, client_secret) @client_secret = client_secret split_components(signed_request) end
Public Instance Methods
decode()
click to toggle source
Public: Decode the signed request.
Returns the parsed JSON context. Returns nil if the signed request is invalid.
# File lib/restforce/signed_request.rb, line 28 def decode return nil if signature != hmac JSON.parse(Base64.decode64(payload)) end
Private Instance Methods
digest()
click to toggle source
# File lib/restforce/signed_request.rb, line 47 def digest digest_class.new('sha256') end
digest_class()
click to toggle source
# File lib/restforce/signed_request.rb, line 51 def digest_class if RUBY_VERSION < '2.1' OpenSSL::Digest::Digest else OpenSSL::Digest end end
hmac()
click to toggle source
# File lib/restforce/signed_request.rb, line 43 def hmac OpenSSL::HMAC.digest(digest, client_secret, payload) end
split_components(signed_request)
click to toggle source
# File lib/restforce/signed_request.rb, line 38 def split_components(signed_request) @signature, @payload = signed_request.split('.') @signature = Base64.decode64(@signature) end