feat: default to SHA-384 for signature authentication (#69)

* feat: default to SHA-384 for signature authentication * Prepend algorithm to signature * Update test fixtures --------- Co-authored-by: Marius Kleidl <marius@transloadit.com>
transloadit · Mar 1, 2024 · 79cb079 · 79cb079
1 parent 87e199e
commit 79cb079
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/lib/transloadit/request.rb b/lib/transloadit/request.rb
@@ -16,7 +16,7 @@ class Transloadit::Request
   API_HEADERS = {"Transloadit-Client" => "ruby-sdk:#{Transloadit::VERSION}"}
 
   # The HMAC algorithm used for calculation request signatures.
-  HMAC_ALGORITHM = OpenSSL::Digest.new("sha1")
+  HMAC_ALGORITHM = OpenSSL::Digest.new("sha384")
 
   # @return [String] the API endpoint for the request
   attr_reader :url
@@ -203,6 +203,6 @@ def request!(&request)
   # @return [String] the HMAC signature for the params
   #
   def signature(params)
-    self.class._hmac(secret, params) if secret.to_s.length > 0
+    "sha384:" + self.class._hmac(secret, params) if secret.to_s.length > 0
   end
 end
diff --git a/test/fixtures/cassettes/fetch_root.yml b/test/fixtures/cassettes/fetch_root.yml