method
authenticated?
v6.1.7.7 -
Show latest stable
-
0 notes -
Class: InboundEmailsController
- 1.0.0
- 1.1.6
- 1.2.6
- 2.0.3
- 2.1.0
- 2.2.1
- 2.3.8
- 3.0.0
- 3.0.9
- 3.1.0
- 3.2.1
- 3.2.8
- 3.2.13
- 4.0.2
- 4.1.8
- 4.2.1
- 4.2.7
- 4.2.9
- 5.0.0.1
- 5.1.7
- 5.2.3
- 6.0.0 (0)
- 6.1.3.1 (0)
- 6.1.7.7 (0)
- 7.0.0 (0)
- 7.1.3.2 (0)
- 7.1.3.4 (0)
- What's this?
authenticated?()
private
Hide source
# File actionmailbox/app/controllers/action_mailbox/ingresses/mandrill/inbound_emails_controller.rb, line 46 def authenticated? if key.present? Authenticator.new(request, key).authenticated? else raise ArgumentError, <<~MESSAGE.squish Missing required Mandrill API key. Set action_mailbox.mandrill_api_key in your application's encrypted credentials or provide the MANDRILL_INGRESS_API_KEY environment variable. MESSAGE end end def key Rails.application.credentials.dig(:action_mailbox, :mandrill_api_key) || ENV["MANDRILL_INGRESS_API_KEY"] end class Authenticator attr_reader :request, :key def initialize(request, key) @request, @key = request, key end def authenticated? ActiveSupport::SecurityUtils.secure_compare given_signature, expected_signature end private def given_signature request.headers["X-Mandrill-Signature"] end def expected_signature Base64.strict_encode64 OpenSSL::HMAC.digest(OpenSSL::Digest::SHA1.new, key, message) end def message request.url + request.POST.sort.flatten.join end end end end