webhook

package
v24.1.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 18, 2017 License: MIT Imports: 10 Imported by: 28

Documentation

Overview

Example
http.HandleFunc("/webhook", func(w http.ResponseWriter, req *http.Request) {

	body, err := ioutil.ReadAll(req.Body)
	if err != nil {
		w.WriteHeader(http.StatusBadRequest)
		return
	}

	// Pass the request body & Stripe-Signature header to ConstructEvent, along with the webhook signing key
	event, err := webhook.ConstructEvent(body, req.Header.Get("Stripe-Signature"), "whsec_DaLRHCRs35vEXqOE8uTEAXGLGUOnyaFf")

	if err != nil {
		w.WriteHeader(http.StatusBadRequest) // Return a 400 error on a bad signature
		fmt.Fprintf(w, "%v", err)
		return
	}

	defer req.Body.Close()
	fmt.Fprintf(w, "Received signed event: %t", event)
})
log.Fatal(http.ListenAndServe(":8080", nil))
Output:

Index

Examples

Constants

View Source
const (
	// Signatures older than this will be rejected by ConstructEvent
	DefaultTolerance time.Duration = 300 * time.Second
)

Variables

View Source
var (
	ErrNotSigned        error = errors.New("Webhook has no Stripe-Signature header")
	ErrInvalidHeader    error = errors.New("Webhook has invalid Stripe-Signature header")
	ErrTooOld           error = errors.New("Timestamp wasn't within tolerance")
	ErrNoValidSignature error = errors.New("Webhook had no valid signature")
)

Functions

func ConstructEvent

func ConstructEvent(payload []byte, header string, secret string) (stripe.Event, error)

Initializes an Event object from a JSON webhook payload, validating the Stripe-Signature header using the specified signing secret. Returns an error if the body or Stripe-Signature header provided are unreadable, if the signature doesn't match, or if the timestamp for the signature is older than DefaultTolerance.

NOTE: Stripe will only send Webhook signing headers after you have retrieved your signing secret from the Stripe dashboard: https://dashboard.stripe.com/webhooks

func ConstructEventIgnoringTolerance

func ConstructEventIgnoringTolerance(payload []byte, header string, secret string) (stripe.Event, error)

Initializes an Event object from a JSON webhook payload, validating the Stripe-Signature header using the specified signing secret. Returns an error if the body or Stripe-Signature header provided are unreadable or if the signature doesn't match. Does not check the signature's timestamp.

NOTE: Stripe will only send Webhook signing headers after you have retrieved your signing secret from the Stripe dashboard: https://dashboard.stripe.com/webhooks

func ConstructEventWithTolerance

func ConstructEventWithTolerance(payload []byte, header string, secret string, tolerance time.Duration) (stripe.Event, error)

Initializes an Event object from a JSON webhook payload, validating the signature in the Stripe-Signature header using the specified signing secret and tolerance window. Returns an error if the body or Stripe-Signature header provided are unreadable, if the signature doesn't match, or if the timestamp for the signature is older than the specified tolerance.

NOTE: Stripe will only send Webhook signing headers after you have retrieved your signing secret from the Stripe dashboard: https://dashboard.stripe.com/webhooks

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL