diff options
author | George Claghorn <george@basecamp.com> | 2018-10-19 22:56:31 -0400 |
---|---|---|
committer | George Claghorn <george@basecamp.com> | 2018-10-19 23:01:47 -0400 |
commit | 9182bbd1ebc88699ff101d7a0a304f387b091140 (patch) | |
tree | 10c1bdc0a325cb106a6a11a4be6e8264aaba759a /app/controllers/action_mailbox | |
parent | 8b419e6d627c458782aaf9e887c35e428907f389 (diff) | |
download | rails-9182bbd1ebc88699ff101d7a0a304f387b091140.tar.gz rails-9182bbd1ebc88699ff101d7a0a304f387b091140.tar.bz2 rails-9182bbd1ebc88699ff101d7a0a304f387b091140.zip |
Inline
Diffstat (limited to 'app/controllers/action_mailbox')
-rw-r--r-- | app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb | 20 |
1 files changed, 7 insertions, 13 deletions
diff --git a/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb b/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb index 10af57c58f..46b0977592 100644 --- a/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb +++ b/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb @@ -11,13 +11,11 @@ class ActionMailbox::Ingresses::Mailgun::InboundEmailsController < ActionMailbox end def authenticated? - Authenticator.new(authentication_params).authenticated? - rescue ArgumentError - false - end - - def authentication_params - params.permit(:timestamp, :token, :signature).to_h.symbolize_keys + Authenticator.new( + timestamp: params.require(:timestamp), + token: params.require(:token), + signature: params.require(:signature) + ).authenticated? end class Authenticator @@ -25,7 +23,7 @@ class ActionMailbox::Ingresses::Mailgun::InboundEmailsController < ActionMailbox attr_reader :timestamp, :token, :signature def initialize(timestamp:, token:, signature:) - @timestamp, @token, @signature = timestamp, token, signature + @timestamp, @token, @signature = Integer(timestamp), token, signature end def authenticated? @@ -39,15 +37,11 @@ class ActionMailbox::Ingresses::Mailgun::InboundEmailsController < ActionMailbox # Allow for 2 minutes of drift between Mailgun time and local server time. def recent? - time >= 2.minutes.ago + Time.at(timestamp) >= 2.minutes.ago end def expected_signature OpenSSL::HMAC.hexdigest OpenSSL::Digest::SHA256.new, key, "#{timestamp}#{token}" end - - def time - Time.at Integer(timestamp) - end end end |