phelps-sg · phelps-sg · Mar 3, 2024
diff --git a/project/Dependencies.scala b/project/Dependencies.scala
@@ -5,12 +5,12 @@ import sbt.plugins.JvmPlugin
 object Dependencies extends AutoPlugin {
 
   object Version {
-    val scala212 = "2.12.18"
-    val scala213 = "2.13.12"
+    val scala212 = "2.12.19"
+    val scala213 = "2.13.13"
 
-    val play = "2.8.21"
+    val play = "2.9.2"
     val guice = "7.0.0"
-    val jackson = "2.13.4"
+    val jackson = "2.16.1"
 
     val scalatic = "3.2.17"
     val scalaMock = "5.2.0"

diff --git a/src/main/scala/com/mesonomics/playhmacsignatures/SlackSignatureVerifyAction.scala b/src/main/scala/com/mesonomics/playhmacsignatures/SlackSignatureVerifyAction.scala
@@ -6,12 +6,21 @@ package com.mesonomics.playhmacsignatures
 
 import akka.util.ByteString
 import com.google.inject.Inject
+import com.mesonomics.playhmacsignatures.SlackSignatureVerifyAction.convertBytesToHex
 import play.api.Configuration
 import play.api.mvc.BodyParsers
 
-import javax.xml.bind.DatatypeConverter
 import scala.concurrent.ExecutionContext
 
+object SlackSignatureVerifyAction {
+    def convertBytesToHex(bytes: Seq[Byte]): String = {
+      val sb = new StringBuilder
+      for (b <- bytes) {
+        sb.append(String.format("%02x", Byte.box(b)))
+      }
+      sb.toString
+    }
+}
 /** This class can be used to validate signatures in
   * [[https://api.slack.com/authentication/verifying-requests-from-slack#verifying-requests-from-slack-using-signing-secrets__a-recipe-for-security__step-by-step-walk-through-for-validating-a-request Slack requests]].
   *
@@ -39,8 +48,9 @@ class SlackSignatureVerifyAction @Inject() (
     s"v0:${timestamp.value}:${body.utf8String}"
   }
 
-  override def expectedSignature(macBytes: Array[Byte]): HmacSignature =
+  override def expectedSignature(macBytes: Array[Byte]): HmacSignature = {
     HmacSignature(
-      s"v0=${DatatypeConverter.printHexBinary(macBytes).toLowerCase}"
+      s"v0=${convertBytesToHex(macBytes)}"
     )
+  }
 }
diff --git a/src/test/scala/ServiceTests.scala b/src/test/scala/ServiceTests.scala
@@ -3,14 +3,14 @@
  */
 
 import akka.util.ByteString
+import com.mesonomics.playhmacsignatures.SlackSignatureVerifyAction.convertBytesToHex
 import com.mesonomics.playhmacsignatures._
 import org.scalatest.matchers.should
 import org.scalatest.wordspec.AnyWordSpecLike
 
 import java.time.{Clock, OffsetDateTime}
 import javax.crypto.Mac
 import javax.crypto.spec.SecretKeySpec
-import javax.xml.bind.DatatypeConverter
 import scala.concurrent.duration.{DurationInt, FiniteDuration}
 import scala.util.{Failure, Success}
 
@@ -35,7 +35,7 @@ class ServiceTests extends AnyWordSpecLike with should.Matchers {
   def expectedSignature(macBytes: Array[Byte]): HmacSignature = {
     HmacSignature(
       ByteString(
-        s"v0=${DatatypeConverter.printHexBinary(macBytes).toLowerCase}"
+        s"v0=${convertBytesToHex(macBytes)}"
       )
     )
   }