module CoinbaseCommerce::Webhook::WebhookSignature
Public Class Methods
verify_header(payload, sig_header, secret)
click to toggle source
# File lib/coinbase_commerce/webhooks.rb, line 18 def self.verify_header(payload, sig_header, secret) unless [payload, sig_header, secret].all? raise CoinbaseCommerce::Errors::WebhookInvalidPayload.new( "Missing payload or signature", sig_header, http_body: payload) end expected_sig = compute_signature(payload, secret) unless secure_compare(expected_sig, sig_header) raise CoinbaseCommerce::Errors::SignatureVerificationError.new( "No signatures found matching the expected signature for payload", sig_header, http_body: payload ) end true end
Private Class Methods
compute_signature(payload, secret)
click to toggle source
# File lib/coinbase_commerce/webhooks.rb, line 45 def self.compute_signature(payload, secret) OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new("sha256"), secret, payload) end
secure_compare(a, b)
click to toggle source
# File lib/coinbase_commerce/webhooks.rb, line 34 def self.secure_compare(a, b) return false unless a.bytesize == b.bytesize l = a.unpack "C#{a.bytesize}" res = 0 b.each_byte {|byte| res |= byte ^ l.shift} res.zero? end