module OffsitePayments::Integrations::Dwolla::Common

Public Instance Methods

verify_signature(checkoutId, amount, notification_signature, secret) click to toggle source
# File lib/offsite_payments/integrations/dwolla.rb, line 16
def verify_signature(checkoutId, amount, notification_signature, secret)
  if secret.nil?
    raise ArgumentError, "You need to provide the Application secret as the option :credential3 to verify that the notification originated from Dwolla"
  end

  expected_signature = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA1.new, secret, "%s&%.2f" % [checkoutId, amount])

  if notification_signature != expected_signature
    raise StandardError, "Dwolla signature verification failed."
  end
end