The ShippingEasy API will hit a callback URL when an order, or a part of an order, has been shipped. The request to the callback URL will be also signed with the same shared secret found in the store's API settings.

This gem provides an Authenticator to handle verifying the signed request from ShippingEasy. Here's an example of how to use it (after you configured the library with your credentials in the step above):

ShippingEasy::Authenticator.new(method: :post, path: "/callback", params: {"api_signature" => "asdsadsad"}, body: "{\"shipment\":{\"id\":\"1234\"}}").signatures_match?
# => true

The arguments for the method are:

  • method - The method of the http request. E.g. "post" or "get".
  • path - The path of the request's uri. E.g. "/orders/callback"
  • params - An associative array of the request's query string parameters. E.g.{"api_signature" => "asdsadsad", "api_timestamp" => "1234567899"}
  • body - The request body as a JSON string.
  • api_secret - Optional. The ShippingEasy API secret for the customer account. Defaults to the global configuration if set.