Module: Webhookdb::Plivo

Includes:
Appydays::Configurable, Appydays::Loggable
Defined in:
lib/webhookdb/plivo.rb

Class Method Summary collapse

Class Method Details

._valid_signature?(uri, nonce, signature, auth_token) ⇒ Boolean

Returns:

  • (Boolean)


43
44
45
46
47
48
49
50
51
# File 'lib/webhookdb/plivo.rb', line 43

def self._valid_signature?(uri, nonce, signature, auth_token)
  parsed_uri = URI.parse(uri)
  uri_details = {host: parsed_uri.host, path: parsed_uri.path}
  uri_builder_module = parsed_uri.scheme == "https" ? URI::HTTPS : URI::HTTP
  data_to_sign = uri_builder_module.build(uri_details).to_s + nonce
  sha256_digest = OpenSSL::Digest.new("sha256")
  encoded_digest = Base64.encode64(OpenSSL::HMAC.digest(sha256_digest, auth_token, data_to_sign)).strip
  return ActiveSupport::SecurityUtils.secure_compare(encoded_digest, signature)
end

.request(method, tail, auth_id:, auth_token:, body: nil, **options) ⇒ Object



14
15
16
17
18
19
20
21
22
23
24
25
# File 'lib/webhookdb/plivo.rb', line 14

def self.request(method, tail, auth_id:, auth_token:, body: nil, **options)
  tail = tail.delete_suffix("/")
  url = "https://api.plivo.com/v1/Account/#{auth_id}#{tail}/"
  options[:basic_auth] = {username: auth_id, password: auth_token}
  options[:logger] = self.logger
  if body
    options[:headers] = {"Content-Type" => "application/json"}
    options[:body] = body.to_json
  end
  options[:method] = method if method != :get
  return Webhookdb::Http.send(method, url, **options)
end

.webhook_response(request, auth_token) ⇒ Object



27
28
29
30
31
32
33
34
35
36
37
38
39
# File 'lib/webhookdb/plivo.rb', line 27

def self.webhook_response(request, auth_token)
  raise Webhookdb::InvalidPrecondition, "auth_token cannot be nil/blank" if auth_token.blank?
  # See https://www.plivo.com/docs/sms/xml/request#validation
  # See https://www.plivo.com/docs/sms/concepts/signature-validation#code
  (signature = request.env["HTTP_X_PLIVO_SIGNATURE_V2"]) or
    return Webhookdb::WebhookResponse.error("missing signature")
  (nonce = request.env["HTTP_X_PLIVO_SIGNATURE_V2_NONCE"]) or
    return Webhookdb::WebhookResponse.error("missing nonce")
  url = request.url
  uri = url.split("?")[0]
  ok = self._valid_signature?(uri, nonce, signature, auth_token)
  return ok ? Webhookdb::WebhookResponse.ok : Webhookdb::WebhookResponse.error("invalid signature")
end