Skip to content
Browse files

validate_signature error

  • Loading branch information...
1 parent ab8820e commit abe2df9e06d0165c1e6e1caf04fd8efdf23d2f6a @trico trico committed Jan 27, 2014
Showing with 12 additions and 1 deletion.
  1. +1 −0 lib/shopify_api/session.rb
  2. +11 −1 test/session_test.rb
View
1 lib/shopify_api/session.rb
@@ -39,6 +39,7 @@ def prepare_url(url)
end
def validate_signature(params)
+ params = params.with_indifferent_access
return false unless signature = params[:signature]
sorted_params = params.except(:signature, :action, :controller).collect{|k,v|"#{k}=#{v}"}.sort.join
View
12 test/session_test.rb
@@ -148,10 +148,20 @@ class SessionTest < Test::Unit::TestCase
end
end
+ should "return true when the signature is valid and the keys of params are strings" do
+ now = Time.now
+ params = {"code" => "any-code", "timestamp" => now}
+ sorted_params = make_sorted_params(params)
+ signature = Digest::MD5.hexdigest(ShopifyAPI::Session.secret + sorted_params)
+ params = {"code" => "any-code", "timestamp" => now, "signature" => signature}
+
+ assert_equal true, ShopifyAPI::Session.validate_signature(params)
+ end
+
private
def make_sorted_params(params)
- sorted_params = params.except(:signature, :action, :controller).collect{|k,v|"#{k}=#{v}"}.sort.join
+ sorted_params = params.with_indifferent_access.except(:signature, :action, :controller).collect{|k,v|"#{k}=#{v}"}.sort.join
end
end

0 comments on commit abe2df9

Please sign in to comment.
Something went wrong with that request. Please try again.