Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update dependencies and no longer depend on javax #78

Closed
wants to merge 1 commit into from
Closed
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
update dependencies and no longer depend on javax
phelps-sg committed Mar 3, 2024
commit c462da60a44d547329de855f7e2d79edc475eafc
8 changes: 4 additions & 4 deletions project/Dependencies.scala
Original file line number Diff line number Diff line change
@@ -5,12 +5,12 @@ import sbt.plugins.JvmPlugin
object Dependencies extends AutoPlugin {

object Version {
val scala212 = "2.12.18"
val scala213 = "2.13.12"
val scala212 = "2.12.19"
val scala213 = "2.13.13"

val play = "2.8.21"
val play = "2.9.2"
val guice = "7.0.0"
val jackson = "2.13.4"
val jackson = "2.16.1"

val scalatic = "3.2.17"
val scalaMock = "5.2.0"
Original file line number Diff line number Diff line change
@@ -6,12 +6,21 @@ package com.mesonomics.playhmacsignatures

import akka.util.ByteString
import com.google.inject.Inject
import com.mesonomics.playhmacsignatures.SlackSignatureVerifyAction.convertBytesToHex
import play.api.Configuration
import play.api.mvc.BodyParsers

import javax.xml.bind.DatatypeConverter
import scala.concurrent.ExecutionContext

object SlackSignatureVerifyAction {
def convertBytesToHex(bytes: Seq[Byte]): String = {
val sb = new StringBuilder
for (b <- bytes) {
sb.append(String.format("%02x", Byte.box(b)))
}
sb.toString
}
}
/** This class can be used to validate signatures in
* [[https://api.slack.com/authentication/verifying-requests-from-slack#verifying-requests-from-slack-using-signing-secrets__a-recipe-for-security__step-by-step-walk-through-for-validating-a-request Slack requests]].
*
@@ -39,8 +48,9 @@ class SlackSignatureVerifyAction @Inject() (
s"v0:${timestamp.value}:${body.utf8String}"
}

override def expectedSignature(macBytes: Array[Byte]): HmacSignature =
override def expectedSignature(macBytes: Array[Byte]): HmacSignature = {
HmacSignature(
s"v0=${DatatypeConverter.printHexBinary(macBytes).toLowerCase}"
s"v0=${convertBytesToHex(macBytes)}"
)
}
}
4 changes: 2 additions & 2 deletions src/test/scala/ServiceTests.scala
Original file line number Diff line number Diff line change
@@ -3,14 +3,14 @@
*/

import akka.util.ByteString
import com.mesonomics.playhmacsignatures.SlackSignatureVerifyAction.convertBytesToHex
import com.mesonomics.playhmacsignatures._
import org.scalatest.matchers.should
import org.scalatest.wordspec.AnyWordSpecLike

import java.time.{Clock, OffsetDateTime}
import javax.crypto.Mac
import javax.crypto.spec.SecretKeySpec
import javax.xml.bind.DatatypeConverter
import scala.concurrent.duration.{DurationInt, FiniteDuration}
import scala.util.{Failure, Success}

@@ -35,7 +35,7 @@ class ServiceTests extends AnyWordSpecLike with should.Matchers {
def expectedSignature(macBytes: Array[Byte]): HmacSignature = {
HmacSignature(
ByteString(
s"v0=${DatatypeConverter.printHexBinary(macBytes).toLowerCase}"
s"v0=${convertBytesToHex(macBytes)}"
)
)
}