Fixes sig verification.

Author: ashfurrow

lib/server.rb

@@ -31,7 +31,7 @@ def initialize(
     logger.info 'Parsed JSON payload.'
 
     is_ping = ping_checker.ping?(push)
-    is_valid_sig = signature_verifier.verify_signature(payload_body, request)
+    is_valid_sig = signature_verifier.verify_signature(payload_body, request.env['HTTP_X_HUB_SIGNATURE'])
 
     if is_ping
       logger.info 'Received ping.'

lib/signature_verifier.rb

@@ -1,14 +1,14 @@
 require 'sinatra'
 
 class SignatureVerifier
-  def verify_signature(payload_body, request)
+  def verify_signature(payload_body, header)
+    return false unless header
+
     signature = 'sha1=' + OpenSSL::HMAC.hexdigest(
       OpenSSL::Digest.new('sha1'),
       ENV['WEBHOOK_SECRET_TOKEN'],
       payload_body
     )
-    header = request.env['HTTP_X_HUB_SIGNATURE']
-    return false unless header
-    return false unless Rack::Utils.secure_compare(signature, header)
+    Rack::Utils.secure_compare(signature, header)
   end
 end