diff options
author | George Claghorn <george@basecamp.com> | 2018-11-05 09:11:01 -0500 |
---|---|---|
committer | George Claghorn <george@basecamp.com> | 2018-11-05 09:11:01 -0500 |
commit | 7755f9b381c007ce98e0858473a9f29f1cd25311 (patch) | |
tree | 9130fccc00bf2602cdcf92eda572deec911f6302 /app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb | |
parent | cb041ddc7e94da15e2db72188545f78da6cadb53 (diff) | |
download | rails-7755f9b381c007ce98e0858473a9f29f1cd25311.tar.gz rails-7755f9b381c007ce98e0858473a9f29f1cd25311.tar.bz2 rails-7755f9b381c007ce98e0858473a9f29f1cd25311.zip |
Read ingress passwords/API keys from encrypted credentials
Fall back to ENV for people who prefer that approach.
Diffstat (limited to 'app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb')
-rw-r--r-- | app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb | 38 |
1 files changed, 20 insertions, 18 deletions
diff --git a/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb b/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb index c7e53b07f4..0b763dcf18 100644 --- a/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb +++ b/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb @@ -11,21 +11,30 @@ class ActionMailbox::Ingresses::Mailgun::InboundEmailsController < ActionMailbox end def authenticated? - Authenticator.new( - timestamp: params.require(:timestamp), - token: params.require(:token), - signature: params.require(:signature) - ).authenticated? + if key.present? + Authenticator.new( + key: key, + timestamp: params.require(:timestamp), + token: params.require(:token), + signature: params.require(:signature) + ).authenticated? + else + raise ArgumentError, <<~MESSAGE.squish + Missing required Mailgun API key. Set action_mailbox.mailgun_api_key in your application's + encrypted credentials or provide the MAILGUN_INGRESS_API_KEY environment variable. + MESSAGE + end end - class Authenticator - cattr_accessor :key - attr_reader :timestamp, :token, :signature + def key + Rails.application.credentials.dig(:action_mailbox, :mailgun_api_key) || ENV["MAILGUN_INGRESS_API_KEY"] + end - def initialize(timestamp:, token:, signature:) - @timestamp, @token, @signature = Integer(timestamp), token, signature + class Authenticator + attr_reader :key, :timestamp, :token, :signature - ensure_presence_of_key + def initialize(key:, timestamp:, token:, signature:) + @key, @timestamp, @token, @signature = key, Integer(timestamp), token, signature end def authenticated? @@ -33,13 +42,6 @@ class ActionMailbox::Ingresses::Mailgun::InboundEmailsController < ActionMailbox end private - def ensure_presence_of_key - unless key.present? - raise ArgumentError, "Missing required Mailgun API key" - end - end - - def signed? ActiveSupport::SecurityUtils.secure_compare signature, expected_signature end |