Merge pull request #15 from skylab-tech/SCR-3-hmac

kev-le · web-flow · commit b350b151b14b · 2024-04-08T13:31:39.000-07:00
Scr 3 hmac
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -19,7 +19,7 @@ jobs:
           ruby-version: 2.7
 
       - name: Install libvips
-        run: sudo apt install libvips-dev --no-install-recommends
+        run: sudo apt-get install --fix-missing -qq -o Acquire::Retries=3 libvips
 
       - name: Install Bundler
         run: gem install bundler -v '~>2.4.22'
diff --git a/README.md b/README.md
@@ -273,6 +273,24 @@ client.download_photo(photo_id, "/output/folder/path") # download photo with ori
 client.download_photo(photo_id, "/output/folder/test.jpg") # download photo with new filename to a directory
 ```
 
+#### Validate hmac headers
+
+Applicable if you utilize the job callback url. Use to validate the job payload integrity.
+
+- secret_key (string): Obtain from Skylab
+
+- job_json_string (string): Raw json string obtained from callback PATCH request body
+
+- request_timestamp (string): Obtained from callback PATCH request header 'X-Skylab-Timestamp'
+
+- signature (string): Signature generated by Skylab to compare. Obtained from callback PATCH request header 'X-Skylab-Signature'
+
+Returns **True** or **False** based on whether or not the signatures match.
+
+```ruby
+api.validate_hmac_headers(secret_key, job_json_string, request_timestamp, signature)
+```
+
 ## Errors
 
 The following errors may be generated:
diff --git a/lib/skylab_studio/client.rb b/lib/skylab_studio/client.rb
@@ -229,6 +229,17 @@ def download_all_photos(photos_list, profile, output_path)
       end
     end
 
+    def validate_hmac_headers(secret_key, job_json_string, request_timestamp, signature)
+      message = "#{request_timestamp}:#{job_json_string}".encode('utf-8')
+    
+      # Create the HMAC signature using SHA-256
+      hmac_digest = OpenSSL::HMAC.digest('sha256', secret_key.encode('utf-8'), message)
+      generated_sig = Base64.strict_encode64(hmac_digest).force_encoding('utf-8')
+    
+      # Compare the provided signature with the generated signature
+      signature == generated_sig
+    end
+
     private
 
     def get_upload_url(options = { use_cache_upload: false })
diff --git a/lib/skylab_studio/version.rb b/lib/skylab_studio/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module SkylabStudio
-  VERSION = '1.0.7'
+  VERSION = '1.0.8'
 end
