This adds a class that can be used to verify requests with a public key in rack applications like Rails or Sinatra. This was based on my work on the twilio-ruby rack middleware here.
This also changed the class to fail verification if an error was thrown. In the case where a signature was missing, OpenSSL would throw an error instead of returning false for a invalid signature. I think it's more appropriate for the verification to fail than to throw an error at this point, especially since the error came from OpenSSL and wasn't otherwise clear.
Checklist
[x] I acknowledge that all my contributions will be made under the project's license
[x] I have made a material change to the repo (functionality, testing, spelling, grammar)
This adds a class that can be used to verify requests with a public key in rack applications like Rails or Sinatra. This was based on my work on the
twilio-ruby
rack middleware here.This also changed the class to fail verification if an error was thrown. In the case where a signature was missing, OpenSSL would throw an error instead of returning false for a invalid signature. I think it's more appropriate for the verification to fail than to throw an error at this point, especially since the error came from OpenSSL and wasn't otherwise clear.
Checklist