forked from integrallis/stripe_event
-
Notifications
You must be signed in to change notification settings - Fork 0
/
webhook_controller.rb
45 lines (39 loc) · 1.14 KB
/
webhook_controller.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
module StripeEvent
class WebhookController < ActionController::Base
if respond_to?(:before_action)
before_action :request_authentication
before_action :verify_signature
else
before_filter :request_authentication
before_filter :verify_signature
end
def event
StripeEvent.instrument(params)
head :ok
rescue StripeEvent::UnauthorizedError => e
log_error(e)
head :unauthorized
end
private
def log_error(e)
logger.error e.message
e.backtrace.each { |line| logger.error " #{line}" }
end
def request_authentication
if StripeEvent.authentication_secret
authenticate_or_request_with_http_basic do |username, password|
password == StripeEvent.authentication_secret
end
end
end
def verify_signature
if StripeEvent.signing_secret
payload = request.body.read
signature = request.headers['Stripe-Signature']
Stripe::Webhook::Signature.verify_header payload, signature, StripeEvent.signing_secret
end
rescue Stripe::SignatureVerificationError
head :bad_request
end
end
end