Class: Pay::Paddle::Webhooks::SignatureVerifier

Inherits:
Object
  • Object
show all
Defined in:
lib/pay/paddle/webhooks/signature_verifier.rb

Instance Method Summary collapse

Constructor Details

#initialize(data) ⇒ SignatureVerifier

Returns a new instance of SignatureVerifier.


9
10
11
12
13
14
# File 'lib/pay/paddle/webhooks/signature_verifier.rb', line 9

def initialize(data)
  @data = data
  @public_key_file = Pay::Paddle.public_key_file
  @public_key = Pay::Paddle.public_key
  @public_key_base64 = Pay::Paddle.public_key_base64
end

Instance Method Details

#verifyObject


16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
# File 'lib/pay/paddle/webhooks/signature_verifier.rb', line 16

def verify
  data = @data
  public_key = @public_key if @public_key
  public_key = File.read(@public_key_file) if @public_key_file
  public_key = Base64.decode64(@public_key_base64) if @public_key_base64
  return false unless data && data["p_signature"] && public_key

  # 'data' represents all of the POST fields sent with the request.
  # Get the p_signature parameter & base64 decode it.
  signature = Base64.decode64(data["p_signature"])

  # Remove the p_signature parameter
  data.delete("p_signature")

  # Ensure all the data fields are strings
  data.each { |key, value| data[key] = String(value) }

  # Sort the data
  data_sorted = data.sort_by { |key, value| key }

  # and serialize the fields
  # serialization library is available here: https://github.com/jqr/php-serialize
  data_serialized = serialize(data_sorted, true)

  # verify the data
  digest = OpenSSL::Digest.new("SHA1")
  pub_key = OpenSSL::PKey::RSA.new(public_key)
  pub_key.verify(digest, signature, data_serialized)
end