nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-04 09:32:48 -05:00
Code Activity

added stripe webhook signature checking

Browse Source
This commit is contained in:
Kyle Spearrin
2017-08-12 22:30:44 -04:00
parent 680d7b2bed
commit c2df445ac2
4 changed files with 14 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/Billing/Controllers/StripeController.cs
View File

@ -5,6 +5,7 @@ using Microsoft.Extensions.Options;
using Stripe;
using System;
using System.Collections.Generic;
using System.IO;
using System.Threading.Tasks;
namespace Bit.Billing.Controllers
@ -30,14 +31,21 @@ namespace Bit.Billing.Controllers
}
[HttpPost("webhook")]
public async Task<IActionResult> PostWebhook([FromBody]dynamic body, [FromQuery] string key)
public async Task<IActionResult> PostWebhook([FromQuery] string key)
{
if(body == null || key != _billingSettings.StripeWebhookKey)
if(key != _billingSettings.StripeWebhookKey)
{
return new BadRequestResult();
}
StripeEvent parsedEvent = StripeEventUtility.ParseEventDataItem<StripeEvent>(body);
StripeEvent parsedEvent;
using(var sr = new StreamReader(HttpContext.Request.Body))
{
var json = await sr.ReadToEndAsync();
parsedEvent = StripeEventUtility.ConstructEvent(json, Request.Headers["Stripe-Signature"],
_billingSettings.StripeWebhookSecret);
}
if(string.IsNullOrWhiteSpace(parsedEvent?.Id))
{
return new BadRequestResult();