Class: Adyen::Utils::HmacValidator

Inherits:

Object

• Object
• Adyen::Utils::HmacValidator

Defined in:

lib/adyen/utils/hmac_validator.rb

Constant Summary

HMAC_ALGORITHM =

'sha256'.freeze

DATA_SEPARATOR =

':'.freeze

WEBHOOK_VALIDATION_KEYS =

%w[
  pspReference originalReference merchantAccountCode merchantReference
  amount.value amount.currency eventCode success
].freeze

Instance Method Summary

• #calculate_notification_hmac(notification_request_item, hmac_key) ⇒ Object

  DEPRECATED: Please use calculate_webhook_hmac() instead.

• #calculate_webhook_hmac(webhook_request_item, hmac_key) ⇒ Object
• #data_to_sign(webhook_request_item) ⇒ Object
• #valid_notification_hmac?(notification_request_item, hmac_key) ⇒ Boolean

  DEPRECATED: Please use valid_webhook_hmac?() instead.

• #valid_webhook_hmac?(webhook_request_item, hmac_key) ⇒ Boolean

Instance Method Details

#calculate_notification_hmac(notification_request_item, hmac_key) ⇒ Object

DEPRECATED: Please use calculate_webhook_hmac() instead.

# File 'lib/adyen/utils/hmac_validator.rb', line 24

def calculate_notification_hmac(notification_request_item, hmac_key)
  calculate_webhook_hmac(notification_request_item, hmac_key)
end

#calculate_webhook_hmac(webhook_request_item, hmac_key) ⇒ Object

# File 'lib/adyen/utils/hmac_validator.rb', line 29

def calculate_webhook_hmac(webhook_request_item, hmac_key)
  data = data_to_sign(webhook_request_item)

  Base64.strict_encode64(OpenSSL::HMAC.digest(HMAC_ALGORITHM, [hmac_key].pack('H*'), data))
end

#data_to_sign(webhook_request_item) ⇒ Object

# File 'lib/adyen/utils/hmac_validator.rb', line 36

def data_to_sign(webhook_request_item)
  data = WEBHOOK_VALIDATION_KEYS.map { |key| fetch(webhook_request_item, key).to_s }
                              .join(DATA_SEPARATOR)
end

#valid_notification_hmac?(notification_request_item, hmac_key) ⇒ Boolean

DEPRECATED: Please use valid_webhook_hmac?() instead.

Returns:

• (Boolean)

# File 'lib/adyen/utils/hmac_validator.rb', line 12

def valid_notification_hmac?(notification_request_item, hmac_key)
  valid_webhook_hmac?(notification_request_item, hmac_key)
end

#valid_webhook_hmac?(webhook_request_item, hmac_key) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/adyen/utils/hmac_validator.rb', line 16

def valid_webhook_hmac?(webhook_request_item, hmac_key)
  expected_sign = calculate_webhook_hmac(webhook_request_item, hmac_key)
  merchant_sign = fetch(webhook_request_item, 'additionalData.hmacSignature')

  expected_sign == merchant_sign
end