Explicitly format timestamp in SignatureVerificationError message (#1262

) When interpolating a Time object in a String, Ruby calls `to_s` under the hood. For Rails applications defining a `default` string format, this triggers deprecation warnings as of v7.0.7: rails/rails#48555 This change fixes that by explicitly formatting the timestamp (using the same `YYYY-MM-DD HH:mm:ss` format currently implicitly used).
stripe · Aug 22, 2023 · 79463b2 · 79463b2
1 parent 011f312
commit 79463b2
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/lib/stripe/webhook.rb b/lib/stripe/webhook.rb
@@ -108,8 +108,9 @@ def self.verify_header(payload, header, secret, tolerance: nil)
         end
 
         if tolerance && timestamp < Time.now - tolerance
+          formatted_timestamp = Time.at(timestamp).strftime("%F %T")
           raise SignatureVerificationError.new(
-            "Timestamp outside the tolerance zone (#{Time.at(timestamp)})",
+            "Timestamp outside the tolerance zone (#{formatted_timestamp})",
             header, http_body: payload
           )
         end