Skip to content

Commit

Permalink
Adds signature_verifier_spec.
Browse files Browse the repository at this point in the history
  • Loading branch information
ashfurrow committed Jul 3, 2016
1 parent bf3af10 commit 611f221
Show file tree
Hide file tree
Showing 3 changed files with 32 additions and 3 deletions.
2 changes: 0 additions & 2 deletions spec/api_spec.rb
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
require File.expand_path('../spec_helper', __FILE__)

describe 'API' do
include Rack::Test::Methods

let(:api) { API.new(github_client) }
let(:github_client) { double(Octokit::Client) }

Expand Down
30 changes: 30 additions & 0 deletions spec/signature_verifier_spec.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
require File.expand_path('../spec_helper', __FILE__)

describe 'SignatureVerifier' do
let(:signature_verifier) { SignatureVerifier.new }
let(:payload) { '{"some_data": "awesome json"}' }

it 'returns false with a missing header' do
result = signature_verifier.verify_signature(payload, nil)

expect(result).to be_falsey
end

it 'returns false with an invalid signature' do
result = signature_verifier.verify_signature(payload, 'some_invalid_signature')

expect(result).to be_falsey
end

it 'returns true with a valid signature' do
valid_signature = 'sha1=' + OpenSSL::HMAC.hexdigest(
OpenSSL::Digest.new('sha1'),
ENV['WEBHOOK_SECRET_TOKEN'],
payload
)

result = signature_verifier.verify_signature(payload, valid_signature)

expect(result).to be_truthy
end
end
3 changes: 2 additions & 1 deletion spec/spec_helper.rb
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,8 @@
ENV['WEBHOOK_ENDPOINT'] = '/payload'
ENV['CONTRIBUTOR_TEAM_ID'] = '1234567'
ENV['INVITATION_MESSAGE'] = 'Thanks!'
ENV['GITHUB_TOKEN'] = '12jove8hgowbuv'
ENV['GITHUB_TOKEN'] = '12jove8hgowbuvf3rw' # random string
ENV['WEBHOOK_SECRET_TOKEN'] = 'n3iv9aj3v0' # this too

require 'octokit'
require 'sinatra'
Expand Down

0 comments on commit 611f221

Please sign in to comment.