Sha256: 856f362cfad54bdf43d8541327b0976ec43eb9c19588e883bde84cb4fe5b64e2

Contents?: true

Size: 1.4 KB

Versions: 16

Compression:

Stored size: 1.4 KB

Contents

module Pay
  module Webhooks
    class StripeController < Pay::ApplicationController
      if Rails.application.config.action_controller.default_protect_from_forgery
        skip_before_action :verify_authenticity_token
      end

      def create
        delegate_event(verified_event)
        head :ok
      rescue ::Stripe::SignatureVerificationError => e
        log_error(e)
        head :bad_request
      end

      private

      def delegate_event(event)
        Pay::Webhooks.instrument type: "stripe.#{event.type}", event: event
      end

      def verified_event
        payload = request.body.read
        signature = request.headers["Stripe-Signature"]
        possible_secrets = secrets(payload, signature)

        possible_secrets.each_with_index do |secret, i|
          return ::Stripe::Webhook.construct_event(payload, signature, secret.to_s)
        rescue ::Stripe::SignatureVerificationError
          raise if i == possible_secrets.length - 1
          next
        end
      end

      def secrets(payload, signature)
        secret = Pay::Stripe.signing_secret
        return Array.wrap(secret) if secret
        raise ::Stripe::SignatureVerificationError.new("Cannot verify signature without a Stripe signing secret", signature, http_body: payload)
      end

      def log_error(e)
        logger.error e.message
        e.backtrace.each { |line| logger.error "  #{line}" }
      end
    end
  end
end

Version data entries

16 entries across 16 versions & 1 rubygems

Version Path
pay-2.7.2 app/controllers/pay/webhooks/stripe_controller.rb
pay-2.7.1 app/controllers/pay/webhooks/stripe_controller.rb
pay-2.7.0 app/controllers/pay/webhooks/stripe_controller.rb
pay-2.6.11 app/controllers/pay/webhooks/stripe_controller.rb
pay-2.6.10 app/controllers/pay/webhooks/stripe_controller.rb
pay-2.6.9 app/controllers/pay/webhooks/stripe_controller.rb
pay-2.6.8 app/controllers/pay/webhooks/stripe_controller.rb
pay-2.6.7 app/controllers/pay/webhooks/stripe_controller.rb
pay-2.6.6 app/controllers/pay/webhooks/stripe_controller.rb
pay-2.6.5 app/controllers/pay/webhooks/stripe_controller.rb
pay-2.6.4 app/controllers/pay/webhooks/stripe_controller.rb
pay-2.6.3 app/controllers/pay/webhooks/stripe_controller.rb
pay-2.6.2 app/controllers/pay/webhooks/stripe_controller.rb
pay-2.6.1 app/controllers/pay/webhooks/stripe_controller.rb
pay-2.6.0 app/controllers/pay/webhooks/stripe_controller.rb
pay-2.5.0 app/controllers/pay/webhooks/stripe_controller.rb