Skip to content

Latest commit

 

History

History

ruby

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
app.rb
app.rb
 
 

README.md

Ruby Request Verification

This example demonstrates how to verify webhook, app event, and app action requests from Contentful using HMAC-SHA256 in Ruby with Sinatra. The server computes a signature from the request's method, path, headers, and body, then compares it to the signature provided by Contentful.

Requirements

  • Ruby
  • Sinatra

Setup

  1. Install Sinatra:
gem install sinatra
  1. Set the CONTENTFUL_SIGNING_SECRET environment variable:
export CONTENTFUL_SIGNING_SECRET="your_contentful_signing_secret_here"
  1. Run the application:
ruby app.rb -o 0.0.0.0 -p 8080

The server will start on http://0.0.0.0:8080.

Code Overview

  • verify_request: Verifies the incoming request's signature.
  • build_canonical_string: Constructs the canonical string from the request method, path, signed headers, and body.
  • calculate_signature: Computes the HMAC SHA256 signature from the canonical string and secret.