Remove dependency on chrono

jwiesler · Feb 13, 2021 · e462ae4 · e462ae4
1 parent 6685be5
commit e462ae4
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 11 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -77,7 +77,6 @@ runtime-async-std-surf = ["async-std", "surf", "async"]
 
 [dependencies]
 async-std = { version = "1.9", optional = true }
-chrono = { version = "0.4", features = ["serde"] }
 http = "0.2"
 hyper = { version = "0.13", default-features = false, features = ["tcp"], optional = true }
 hyper-tls = { version = "0.4", optional = true }

diff --git a/src/error.rs b/src/error.rs
@@ -289,7 +289,7 @@ pub enum WebhookError {
     /// The event signature could not be verified.
     BadSignature,
     /// The event signature's timestamp was too old.
-    BadTimestamp(i64),
+    BadTimestamp(u64),
     /// An error deserializing an event received from stripe.
     BadParse(serde_json::Error),
 }

diff --git a/src/resources/event.rs b/src/resources/event.rs
@@ -2,12 +2,12 @@ use crate::error::WebhookError;
 use crate::ids::EventId;
 use crate::resources::*;
 
-use chrono::Utc;
 #[cfg(feature = "webhook-events")]
 use hmac::{Hmac, Mac};
 use serde_derive::{Deserialize, Serialize};
 #[cfg(feature = "webhook-events")]
 use sha2::Sha256;
+use std::time::{SystemTime, UNIX_EPOCH};
 
 #[derive(Copy, Clone, Debug, Deserialize, Serialize, Eq, PartialEq, Hash)]
 pub enum EventType {
@@ -237,13 +237,14 @@ pub enum EventObject {
 
 #[cfg(feature = "webhook-events")]
 pub struct Webhook {
-    current_timestamp: i64,
+    current_timestamp: u64,
 }
 
 #[cfg(feature = "webhook-events")]
 impl Webhook {
     pub fn construct_event(payload: &str, sig: &str, secret: &str) -> Result<Event, WebhookError> {
-        Self { current_timestamp: Utc::now().timestamp() }.do_construct_event(payload, sig, secret)
+        Self { current_timestamp: SystemTime::now().duration_since(UNIX_EPOCH).unwrap().as_secs() }
+            .do_construct_event(payload, sig, secret)
     }
 
     fn do_construct_event(
@@ -268,11 +269,17 @@ impl Webhook {
         }
 
         // Get current timestamp to compare to signature timestamp
-        if (self.current_timestamp - signature.t).abs() > 300 {
-            return Err(WebhookError::BadTimestamp(signature.t));
-        }
+        let diff = if self.current_timestamp > signature.t {
+            self.current_timestamp - signature.t
+        } else {
+            signature.t - self.current_timestamp
+        };
 
-        serde_json::from_str(&payload).map_err(WebhookError::BadParse)
+        if diff > 300 {
+            Err(WebhookError::BadTimestamp(signature.t))
+        } else {
+            serde_json::from_str(&payload).map_err(WebhookError::BadParse)
+        }
     }
 }
 
@@ -292,7 +299,7 @@ fn to_hex(bytes: &[u8]) -> String {
 #[cfg(feature = "webhook-events")]
 #[derive(Debug)]
 struct Signature<'r> {
-    t: i64,
+    t: u64,
     v1: &'r str,
     v0: Option<&'r str>,
 }
@@ -317,7 +324,7 @@ impl<'r> Signature<'r> {
         let t = headers.get("t").ok_or(WebhookError::BadSignature)?;
         let v1 = headers.get("v1").ok_or(WebhookError::BadSignature)?;
         let v0 = headers.get("v0").map(|r| *r);
-        Ok(Signature { t: t.parse::<i64>().map_err(WebhookError::BadHeader)?, v1, v0 })
+        Ok(Signature { t: t.parse::<u64>().map_err(WebhookError::BadHeader)?, v1, v0 })
     }
 }