Class: PayPro::Signature

Inherits:
Object
  • Object
show all
Defined in:
lib/pay_pro/signature.rb

Constant Summary collapse

DEFAULT_TOLERANCE =

Default timestamp tolerance is 10 minutes

600

Instance Method Summary collapse

Constructor Details

#initialize(payload:, timestamp:, secret:, tolerance: DEFAULT_TOLERANCE) ⇒ Signature

Returns a new instance of Signature.

Raises:

  • (ArgumentError) 


8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
 
# File 'lib/pay_pro/signature.rb', line 8

def initialize(
  payload:,
  timestamp:,
  secret:,
  tolerance: DEFAULT_TOLERANCE
)
  raise ArgumentError, 'timestamp must be an instance of Time' unless timestamp.is_a?(Time)
  raise ArgumentError, 'payload must be a String' unless payload.is_a?(String)
  raise ArgumentError, 'secret must be a String' unless secret.is_a?(String)
  raise ArgumentError, 'tolerance must be an Integer' unless tolerance.is_a?(Integer)

  @payload = payload
  @timestamp = timestamp.utc
  @secret = secret
  @tolerance = tolerance
end

Instance Method Details

#generate_signatureObject 



25
26
27
28
29
30
31
 
# File 'lib/pay_pro/signature.rb', line 25

def generate_signature
  OpenSSL::HMAC.hexdigest(
    OpenSSL::Digest.new('sha256'),
    @secret,
    signature_string
  )
end

#verify(signature:) ⇒ Object 



33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
 
# File 'lib/pay_pro/signature.rb', line 33

def verify(signature:)
  unless OpenSSL.secure_compare(signature, generate_signature)
    raise SignatureVerificationError.new(
      message: 'Signature does not match',
      http_body: @payload
    )
  end

  if @timestamp < Time.now.utc - @tolerance
    formatted_timestamp = @timestamp.strftime('%F %T')

    raise SignatureVerificationError.new(
      message: "Timestamp is outside the tolerance zone: #{formatted_timestamp}",
      http_body: @payload
    )
  end

  true
end