class StraightServer::SignatureValidator

Constants

InvalidNonce
InvalidSignature
SignatureValidatorError

Attributes

env[R]
gateway[R]

Public Class Methods

new(gateway, env) click to toggle source
# File lib/straight-server/signature_validator.rb, line 14
def initialize(gateway, env)
  @gateway = gateway
  @env     = env
end
signature(nonce:, body:, method:, request_uri:, secret:) click to toggle source

Should mirror StraightServerKit.signature

# File lib/straight-server/signature_validator.rb, line 63
def self.signature(nonce:, body:, method:, request_uri:, secret:)
  sha512  = OpenSSL::Digest::SHA512.new
  request = "#{method.to_s.upcase}#{request_uri}#{sha512.digest("#{nonce}#{body}")}"
  Base64.strict_encode64 OpenSSL::HMAC.digest(sha512, secret.to_s, request)
end

Public Instance Methods

last_nonce_key() click to toggle source
# File lib/straight-server/signature_validator.rb, line 48
def last_nonce_key
  "#{Config[:'redis.prefix']}:LastNonce:#{gateway.id}"
end
signature() click to toggle source
# File lib/straight-server/signature_validator.rb, line 52
def signature
  self.class.signature(
    nonce:       env["#{HTTP_PREFIX}X_NONCE"],
    body:        env[RACK_INPUT].kind_of?(StringIO) ? env[RACK_INPUT].string : env[RACK_INPUT].to_s,
    method:      env[REQUEST_METHOD],
    request_uri: env[REQUEST_URI],
    secret:      gateway.secret,
  )
end
valid_nonce?() click to toggle source
# File lib/straight-server/signature_validator.rb, line 25
def valid_nonce?
  nonce = env["#{HTTP_PREFIX}X_NONCE"].to_i
  redis = StraightServer.redis_connection
  loop do
    redis.watch last_nonce_key do
      last_nonce = redis.get(last_nonce_key).to_i
      if last_nonce < nonce
        result = redis.multi do |multi|
          multi.set last_nonce_key, nonce
        end
        return true if result[0] == 'OK'
      else
        redis.unwatch
        return false
      end
    end
  end
end
valid_signature?() click to toggle source
# File lib/straight-server/signature_validator.rb, line 44
def valid_signature?
  signature == env["#{HTTP_PREFIX}X_SIGNATURE"]
end
validate!() click to toggle source
# File lib/straight-server/signature_validator.rb, line 19
def validate!
  raise InvalidNonce unless valid_nonce?
  raise InvalidSignature unless valid_signature?
  true
end