Minor bug fix and code cleanup

Inbal Tako · Inbal Tako · commit 02d0150a00fd · 2020-06-22T11:47:20.000+03:00
diff --git a/lib/securenative.rb b/lib/securenative.rb
@@ -1,4 +1,5 @@
 require_relative 'logger'
+require_relative 'utils/signature_utils'
 
 class SecureNative
   attr_reader :options
@@ -71,8 +72,10 @@ def self._flush
     @securenative = nil
   end
 
-  # TODO!
   def verify_request_payload(request)
-    # code here
+    request_signature = request.header[SignatureUtils.SIGNATURE_HEADER]
+    body = request.body
+
+    SignatureUtils.valid_signature?(@options.api_key, body, request_signature)
   end
 end
diff --git a/lib/utils/signature_utils.rb b/lib/utils/signature_utils.rb
@@ -1,6 +1,8 @@
 require 'openssl'
 
 class SignatureUtils
+  SIGNATURE_HEADER = 'x-securenative'.freeze
+
   def self.valid_signature?(api_key, payload, header_signature)
     key = api_key.encode('utf-8')
     body = payload.encode('utf-8')
diff --git a/spec/spec_configuration_manager.rb b/spec/spec_configuration_manager.rb
diff --git a/spec/spec_context_builder.rb b/spec/spec_context_builder.rb
@@ -1,7 +1,16 @@
+# frozen_string_literal: true
+
+require 'webmock/rspec'
+
 describe ContextBuilder do
   it 'creates context from request' do
-    # TODO: code here
+    stub_request(:any, 'www.example.com')
+      .to_return(body: nil, status: 200,
+                 headers: { 'x-securenative': '71532c1fad2c7f56118f7969e401f3cf080239140d208e7934e6a530818c37e544a0c2330a487bcc6fe4f662a57f265a3ed9f37871e80529128a5e4f2ca02db0fb975ded401398f698f19bb0cafd68a239c6caff99f6f105286ab695eaf3477365bdef524f5d70d9be1d1d474506b433aed05d7ed9a435eeca357de57817b37c638b6bb417ffb101eaf856987615a77a' },
+                 remote_ip: '', uri: 'www.securenative.com', method: 'Post', ip: '51.68.201.122',
+                 client_token: '71532c1fad2c7f56118f7969e401f3cf080239140d208e7934e6a530818c37e544a0c2330a487bcc6fe4f662a57f265a3ed9f37871e80529128a5e4f2ca02db0fb975ded401398f698f19bb0cafd68a239c6caff99f6f105286ab695eaf3477365bdef524f5d70d9be1d1d474506b433aed05d7ed9a435eeca357de57817b37c638b6bb417ffb101eaf856987615a77a')
 
+    request = Net::HTTP.get('www.example.com', '/')
     context = ContextBuilder.from_http_request(request).build
 
     expect(context.client_token).to eq('71532c1fad2c7f56118f7969e401f3cf080239140d208e7934e6a530818c37e544a0c2330a487bcc6fe4f662a57f265a3ed9f37871e80529128a5e4f2ca02db0fb975ded401398f698f19bb0cafd68a239c6caff99f6f105286ab695eaf3477365bdef524f5d70d9be1d1d474506b433aed05d7ed9a435eeca357de57817b37c638b6bb417ffb101eaf856987615a77a')
@@ -14,8 +23,13 @@
   end
 
   it 'creates context from request with cookie' do
-    # TODO: code here
+    stub_request(:any, 'www.example.com')
+      .to_return(body: nil, status: 200,
+                 cookies: { '_sn': '71532c1fad2c7f56118f7969e401f3cf080239140d208e7934e6a530818c37e544a0c2330a487bcc6fe4f662a57f265a3ed9f37871e80529128a5e4f2ca02db0fb975ded401398f698f19bb0cafd68a239c6caff99f6f105286ab695eaf3477365bdef524f5d70d9be1d1d474506b433aed05d7ed9a435eeca357de57817b37c638b6bb417ffb101eaf856987615a77a' },
+                 remote_ip: '', uri: 'www.securenative.com', method: 'Post', ip: '51.68.201.122',
+                 client_token: '71532c1fad2c7f56118f7969e401f3cf080239140d208e7934e6a530818c37e544a0c2330a487bcc6fe4f662a57f265a3ed9f37871e80529128a5e4f2ca02db0fb975ded401398f698f19bb0cafd68a239c6caff99f6f105286ab695eaf3477365bdef524f5d70d9be1d1d474506b433aed05d7ed9a435eeca357de57817b37c638b6bb417ffb101eaf856987615a77a')
 
+    request = Net::HTTP.get('www.example.com', '/')
     context = ContextBuilder.from_http_request(request).build
 
     expect(context.client_token).to eq('71532c1fad2c7f56118f7969e401f3cf080239140d208e7934e6a530818c37e544a0c2330a487bcc6fe4f662a57f265a3ed9f37871e80529128a5e4f2ca02db0fb975ded401398f698f19bb0cafd68a239c6caff99f6f105286ab695eaf3477365bdef524f5d70d9be1d1d474506b433aed05d7ed9a435eeca357de57817b37c638b6bb417ffb101eaf856987615a77a')
