From 9182bbd1ebc88699ff101d7a0a304f387b091140 Mon Sep 17 00:00:00 2001 From: George Claghorn Date: Fri, 19 Oct 2018 22:56:31 -0400 Subject: Inline --- .../ingresses/mailgun/inbound_emails_controller.rb | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb b/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb index 10af57c58f..46b0977592 100644 --- a/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb +++ b/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb @@ -11,13 +11,11 @@ class ActionMailbox::Ingresses::Mailgun::InboundEmailsController < ActionMailbox end def authenticated? - Authenticator.new(authentication_params).authenticated? - rescue ArgumentError - false - end - - def authentication_params - params.permit(:timestamp, :token, :signature).to_h.symbolize_keys + Authenticator.new( + timestamp: params.require(:timestamp), + token: params.require(:token), + signature: params.require(:signature) + ).authenticated? end class Authenticator @@ -25,7 +23,7 @@ class ActionMailbox::Ingresses::Mailgun::InboundEmailsController < ActionMailbox attr_reader :timestamp, :token, :signature def initialize(timestamp:, token:, signature:) - @timestamp, @token, @signature = timestamp, token, signature + @timestamp, @token, @signature = Integer(timestamp), token, signature end def authenticated? @@ -39,15 +37,11 @@ class ActionMailbox::Ingresses::Mailgun::InboundEmailsController < ActionMailbox # Allow for 2 minutes of drift between Mailgun time and local server time. def recent? - time >= 2.minutes.ago + Time.at(timestamp) >= 2.minutes.ago end def expected_signature OpenSSL::HMAC.hexdigest OpenSSL::Digest::SHA256.new, key, "#{timestamp}#{token}" end - - def time - Time.at Integer(timestamp) - end end end -- cgit v1.2.3