module IntercomApp::WebhookVerification
Private Instance Methods
hmac_valid?(payload_body)
click to toggle source
# File lib/intercom-app/webhook_verification.rb, line 15 def hmac_valid?(payload_body) secret = IntercomApp.configuration.hub_secret signature = 'sha1=' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha1'), secret, payload_body) Rack::Utils.secure_compare(signature, intercom_hmac) end
intercom_hmac()
click to toggle source
# File lib/intercom-app/webhook_verification.rb, line 21 def intercom_hmac request.headers['X-Hub-Signature'] end
verify_request()
click to toggle source
# File lib/intercom-app/webhook_verification.rb, line 10 def verify_request body = request.body.read return head :unauthorized unless hmac_valid?(body) end