Module: Recurly::JS

Defined in:
lib/recurly/js.rb

Overview

A collection of helper methods to use to verify Recurly.js callbacks.

Defined Under Namespace

Classes: RequestForgery, RequestTooOld

Class Attribute Summary collapse

Class Method Summary collapse

Class Attribute Details

.private_keyString

Returns A private key for Recurly.js.

Returns:

  • (String)

    A private key for Recurly.js.

Raises:



19
20
21
22
23
 
# File 'lib/recurly/js.rb', line 19

def private_key
  defined? @private_key and @private_key or raise(
    ConfigurationError, "private_key not configured"
  )
end

Class Method Details

.fetch(token) ⇒ BillingInfo, ...

Fetches a record using a token provided by Recurly.js.

Examples:

begin
  Recurly.js.fetch params[:token]
rescue Recurly::API::NotFound
  # Handle potential tampering here.
end

Parameters:

  • Token (String)

    to look up

Returns:

Raises:

  • (API::NotFound)

    No record was found for the token provided.



56
57
58
 
# File 'lib/recurly/js.rb', line 56

def fetch token
  Resource.from_response API.get "recurly_js/result/#{token}"
end

.inspectString

Returns:

  • (String) 


61
62
63
 
# File 'lib/recurly/js.rb', line 61

def inspect
  'Recurly.js'
end

.sign(*records) ⇒ Object

Create a signature for a given hash for Recurly.js

Parameters:

  • Array

    of objects and hash of data to sign



28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
 
# File 'lib/recurly/js.rb', line 28

def sign *records
  data = records.last.is_a?(Hash) ? records.pop.dup : {}
  records.each do |record|
    data[record.class.member_name] = record.signable_attributes
  end
  Helper.stringify_keys! data
  data['timestamp'] ||= Time.now.to_i
  data['nonce'] ||= Base64.encode64(
    OpenSSL::Random.random_bytes(32)
  ).gsub(/\W/, '')
  unsigned = to_query data
  signed = OpenSSL::HMAC.hexdigest 'sha1', private_key, unsigned
  signature = [signed, unsigned].join '|'
  signature = signature.html_safe if signature.respond_to? :html_safe
  signature
end