metikularTo generate a signed URL:
verifier = ActiveSupport::MessageVerifier.new(ENV['SIGNATURE_SECRET_KEY'])
signed_param = verifier.generate("my-url-param-to-sign", expires_in: 1.hour)
url = callback_url(signed_order_id: signed_param)To parse the signed URL:
verifier = ActiveSupport::MessageVerifier.new(ENV['SIGNATURE_SECRET_KEY'])
begin do
order_id = verifier.verify(params[:signed_order_id])
rescue ActiveSupport::MessageVerifier::InvalidSignature
head :not_found
endverifier.verify(params[:signed_order_id]) returns nil when signature is invalid (instead of throwing an exception).