Module: SquareEvent::Webhook::Signature
- Defined in:
- lib/square_event/webhook.rb
Class Method Summary collapse
-
.verify_header(payload, signature, secret, notification_url) ⇒ Object
Computes a webhook signature given payload, and a signing secret.
Class Method Details
.verify_header(payload, signature, secret, notification_url) ⇒ Object
Computes a webhook signature given payload, and a signing secret
18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
# File 'lib/square_event/webhook.rb', line 18 def self.verify_header(payload, signature, secret, notification_url) combined_payload = notification_url + payload digest = OpenSSL::Digest.new('sha1') hmac = OpenSSL::HMAC.digest(digest, secret, combined_payload) # stripping the newline off the end found_signature = Base64.encode64(hmac).strip if found_signature != signature raise SignatureVerificationError.new( "Signature was incorrect for webhook at #{notification_url}", http_body: payload ) end end |