Module: Adyen::Signature

Extended by:

Signature

Included in:

Signature

Defined in:

lib/adyen/signature.rb

Overview

The Signature module generic to sign and verify HMAC SHA-256 signatures

Instance Method Summary

• #sign(params, type = :hpp) ⇒ String

  Sign the parameters with the given shared secret.

• #verify(params, hmacSignature, type = :hpp) ⇒ Boolean

  Compare a signature calculated with anoter HMAC Signature.

Instance Method Details

#sign(params, type = :hpp) ⇒ String

Sign the parameters with the given shared secret

Parameters:

• params (Hash) —

  The set of parameters to verify. Must include a ‘shared_secret` param for signing/verification

• type (String) (defaults to: :hpp) —

  The type to sign (:hpp or :rest). Default is :hpp

Returns:

• (String) —

  The signature

Raises:

• (ArgumentError)

# File 'lib/adyen/signature.rb', line 14

def sign(params, type = :hpp)
  shared_secret = params.delete('sharedSecret')
  raise ArgumentError, "Cannot sign parameters without a shared secret" unless shared_secret
  sig = OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), Array(shared_secret).pack("H*"), string_to_sign(params, type))
  Base64.encode64(sig).strip
end

#verify(params, hmacSignature, type = :hpp) ⇒ Boolean

Compare a signature calculated with anoter HMAC Signature

Parameters:

• params (Hash) —

  The set of parameters to verify. Must include a ‘shared_secret` param for signing/verification

• hmacSignature (String) —

  will be compared to the signature calculated.

Returns:

• (Boolean) —

  true if the ‘hmacSignature` matches our calculated signature

Raises:

• (ArgumentError)

# File 'lib/adyen/signature.rb', line 26

def verify(params, hmacSignature, type = :hpp)
  raise ArgumentError,"hmacSignature cannot be empty for verification" if hmacSignature.empty?
  our_sig = sign(params, type)
  secure_compare(hmacSignature, our_sig)
end