@tomhughes commented on this pull request.


> +      create(:user, :auth_provider => "facebook", :auth_uid => "12345")
+
+      payload = Base64.urlsafe_encode64(
+        JSON.generate(
+          :algorithm => "HMAC-SHA256",
+          :expires => Time.now.to_i + 3600,
+          :issued_at => Time.now.to_i,
+          :user_id => "12345"
+        )
+      )
+      signature = OpenSSL::HMAC.digest("SHA256", "invalid secret", payload)
+      encoded_signature = Base64.urlsafe_encode64(signature)
+      signed_request = [encoded_signature, payload].join(".")
+
+      post auth_delete_path(:provider => "facebook"), :params => { 
:signed_request => signed_request }
+      assert_response :bad_request

Good idea, now done.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/7093#discussion_r3493285424
You are receiving this because you are subscribed to this thread.

Message ID: 
<openstreetmap/openstreetmap-website/pull/7093/review/[email protected]>
_______________________________________________
rails-dev mailing list
[email protected]
https://lists.openstreetmap.org/listinfo/rails-dev

Reply via email to