Class: DiscoApp::ProxyService

Inherits:

Object

• Object
• DiscoApp::ProxyService

Defined in:

app/services/disco_app/proxy_service.rb

Class Method Summary

• .calculated_signature(query_hash, secret) ⇒ Object

  Return the calculated signature for the given query hash and secret.

• .proxy_signature_is_valid?(query_string, secret) ⇒ Boolean

  Return true iff the signature provided in the given query string matches that calculated from the remaining query parameters and the given secret.

Class Method Details

.calculated_signature(query_hash, secret) ⇒ Object

Return the calculated signature for the given query hash and secret.

# File 'app/services/disco_app/proxy_service.rb', line 12

def self.calculated_signature(query_hash, secret)
  sorted_params = query_hash.map{ |k, v| "#{k}=#{Array(v).join(',')}" }.sort.join
  OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), secret, sorted_params)
end

.proxy_signature_is_valid?(query_string, secret) ⇒ Boolean

Return true iff the signature provided in the given query string matches that calculated from the remaining query parameters and the given secret.

Returns:

• (Boolean)

# File 'app/services/disco_app/proxy_service.rb', line 5

def self.proxy_signature_is_valid?(query_string, secret)
  query_hash = Rack::Utils.parse_query(query_string)
  signature = query_hash.delete('signature').to_s
  ActiveSupport::SecurityUtils.secure_compare(calculated_signature(query_hash, secret), signature)
end