Closed mjc-gh closed 6 years ago
- Add deprecation errors and/or warnings for removal of
StripeEvent.authentication_secret
Let's keep things focused. Please don't remove or or change the behavior of the authentication_secret
as part of this pull-request. Let's only consider deprecating it after we get signature verification fully working and released. The deprecation deserves to be part of a separate PR later.
Sounds good. Had only included it in this PR cause the original issue mentioned that authentication_secret
can be deprecated. I will remove that portion of the PR and keep both features in place.
Need to get the specs running locally so I can add some for this feature. Was having bundler version issues when I tried to run them initially.
Thanks for making the adjustments to this PR. Looks clean. Have you tried this branch against a live Stripe endpoint yet?
My only critique is that I'd prefer the tests to pass an actual HMAC signature header instead of mocking the call to Stripe::Webhook::Signature.verify_header
(I prefer a classical style of testing where possible vs a mockist style), but there's no need for that to hold up this PR.
I can merge and release a new version later today if no one else objects.
Good work @mikeycgto!
Thanks!
Yeah I do agree with you and prefer to avoid mocking when possible. My concern there was the specs would become to specific to actual the HMAC implementation in Stripe. Figured mocks would just be quicker to write and more future-proof if their verification process changes (assuming the API doesn't change :smiley:).
@rmm5t @mikeycgto Nice! I'd +1 trying to go a level deeper than the mock if possible. What you can do in this case is to call Stripe::Webhook::Signature.compute_signature(payload, secret)
to generate a valid signature before validating it.
That way you can test more deeply than the mock and you don't have to rely on any particular crypto implementation — if we update to something beyond HMAC-SHA256, we'll be updating .compute_signature
as well .verify_header
within stripe-ruby.
@brandur this was more involved than I thought it would be (have to include a timestamp and version scheme). I do agree it's better to use real signatures here though. Thanks for the feedback!
Refactored the specs some to hopefully make more sense. Thanks again for the feedback!
@mikeycgto Looks good to me. Are you done with your refactoring? I'm happy to merge now when ready.
I'm good with merging. Thanks.
Closes #83.
This to do for this PR: