Verify ChatWork webhook signature
Add this line to your application's Gemfile:
gem 'chatwork_webhook_verify'And then execute:
$ bundleOr install it yourself as:
$ gem install chatwork_webhook_verifyChatworkWebhookVerify.verify?(token: token, body: body, signature: signature)
#=> true | falseor
ChatworkWebhookVerify.verify!(token: token, body: body, signature: signature)
#=> raise ChatworkWebhookVerify::InvalidSignatureError if signature is invalidtoken: webhook token (default:ChatworkWebhookVerify.config.token)- Either
tokenorChatworkWebhookVerify.config.tokenis required
- Either
body: request body from webhooksignature:chatwork_webhook_signature(query string) orX-ChatWorkWebhookSignature(request header)
call verify_chatwork_webhook_signature! in your controller
# config/initializers/chatwork_webhook_verify.rb
ChatworkWebhookVerify.config.token = ENV["CHATWORK_WEBHOOK_TOKEN"]# app/controllers/webhook_controller.rb
class WebhookController < ApplicationController
# `ChatworkWebhookVerify.config.token` is used
before_action :verify_chatwork_webhook_signature!
end# app/controllers/webhook_controller.rb
class WebhookController < ApplicationController
before_action :verify_chatwork_webhook_signature_with_own_token!
def verify_chatwork_webhook_signature_with_own_token!
verify_chatwork_webhook_signature!("another_token")
end
end# app.rb
class App < Sinatra::Base
before "/webhook" do
token = ENV["CHATWORK_WEBHOOK_TOKEN"]
body = request.body.read
signature = request.env["HTTP_X_CHATWORKWEBHOOKSIGNATURE"]
ChatworkWebhookVerify.verify!(token: token, body: body, signature: signature)
end
post "/webhook" do
"ok"
end
endChatworkWebhookVerify.config.token = ENV["CHATWORK_WEBHOOK_TOKEN"]token: default webhook token
Contribution directions go here.
The gem is available as open source under the terms of the MIT License.