module Pingpp::Webhook

Public Class Methods

verify?(request, pub_key=Pingpp.pub_key) click to toggle source
# File lib/pingpp/webhook.rb, line 3
def self.verify?(request, pub_key=Pingpp.pub_key)
  if !pub_key
    return false
  end

  raw_data = nil
  if request.respond_to?('raw_post')
    raw_data = request.raw_post
  elsif request.respond_to?('body')
    raw_data = request.body
  else
    return false
  end

  headers = nil
  if request.respond_to?('headers')
    headers = request.headers
  elsif request.respond_to?('header')
    headers = request.header
  else
    return false
  end

  formated_headers = Util.format_headers(headers)
  return false if !formated_headers.has_key?(:x_pingplusplus_signature)

  signature = formated_headers[:x_pingplusplus_signature]
  rsa_public_key = OpenSSL::PKey.read(pub_key)
  return rsa_public_key.verify(OpenSSL::Digest::SHA256.new, Base64.decode64(signature), raw_data)
end