Class: TxghServer::TransifexRequestAuth

Inherits:

Object

Object
TxghServer::TransifexRequestAuth

Defined in:: lib/txgh-server/transifex_request_auth.rb

Constant Summary collapse

HMAC_DIGEST =

OpenSSL::Digest.new('sha256')

RACK_HEADER =

'HTTP_X_TX_SIGNATURE_V2'

TRANSIFEX_HEADER =

'X-TX-Signature-V2'

Class Method Summary collapse

Class Method Details

.authentic_request?(request, secret) ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/txgh-server/transifex_request_auth.rb', line 12

def authentic_request?(request, secret)
  request.body.rewind

  expected_signature = compute_signature(
    http_verb: request.request_method,
    date_str: request.env['HTTP_DATE'],
    url: request.env['HTTP_X_TX_URL'],
    content: request.body.read,
    secret: secret
  )

  actual_signature = signature_from(request)
  actual_signature == expected_signature
end

.compute_signature(http_verb: 'POST', url:, date_str:, content:, secret:) ⇒ `Object`

# File 'lib/txgh-server/transifex_request_auth.rb', line 27

def compute_signature(http_verb: 'POST', url:, date_str:, content:, secret:)
  data = [http_verb, url, date_str, Digest::MD5.hexdigest(content)]
  digest(data.join("\n"), secret)
end

.signature_from(request) ⇒ `Object`



32
33
34

# File 'lib/txgh-server/transifex_request_auth.rb', line 32

def signature_from(request)
  request.env[RACK_HEADER]
end

Class: TxghServer::TransifexRequestAuth

Constant Summary collapse

Class Method Summary collapse

Class Method Details

.authentic_request?(request, secret) ⇒ Boolean

.compute_signature(http_verb: 'POST', url:, date_str:, content:, secret:) ⇒ Object

.signature_from(request) ⇒ Object

.authentic_request?(request, secret) ⇒ `Boolean`

.compute_signature(http_verb: 'POST', url:, date_str:, content:, secret:) ⇒ `Object`

.signature_from(request) ⇒ `Object`