ahmedengu/index.js

## index.js
/*
 1- Install(using npm): Express, body-parser, php-serialize, crypto
    * npm install --save express body-parser php-serialize crypto
 2- read Paddle docs: https://paddle.com/docs/reference-verifying-webhooks
 3- GoTo line 32 to set your public key, available here: https://vendors.paddle.com/account
 4- Run it
 5- Send post request to http://localhost:8080/paddleWebhook
    * you can use https://requestb.in to get the payload from paddle request simulator
    * paddle simulator (Webhook Alert Testing) : https://vendors.paddle.com/webhook-alert-test
 6- Testing result should be like this:
    * valid payload: result: ok , status code 200
    * else: error: invalid signature , status code 500
 7- GoTo line 44 to write your business logic
 */

express = require('express');
app = express();
app.use(require('body-parser').urlencoded({extended: true}));
Serialize = require('php-serialize');
crypto = require('crypto');

app.post('/paddleWebhook', function (req, res) {
    let params = req.body;
    let signature = params.p_signature;
    delete params.p_signature;
    let serialize = Serialize.serialize(Object.keys(params).sort().reduce((r, k) => (r[k] = params[k], r), {}));
    let verify = crypto.createVerify('RSA-SHA1');
    verify.write(serialize);
    verify.end();

    // YOUR public key here
    let publicKey = `-----BEGIN PUBLIC KEY-----
-----END PUBLIC KEY-----`;

    if (!verify.verify(publicKey, signature, 'base64')) {
        // in case of invalid signature return a 500 status code
        res.status(500).send({
            "error": "invalid signature"
        });
        return;
    }

    /*
     * Your Logic
     */

    // return ok , status code 200
    res.send({result: 'ok'});
});

app.get('/', function (req, res) {
    res.status(200).send(`
<ol>
<li>Install(using npm): Express, body-parser, php-serialize, crypto


<ul>
<li>npm install --save express body-parser php-serialize crypto</li></ul>
</li>

<li>read Paddle docs: https://paddle.com/docs/reference-verifying-webhooks</li>

<li>GoTo line 32 to set your public key, available here: https://vendors.paddle.com/account</li>

<li>Run it</li>

<li>Send post request to http://localhost:8080/paddleWebhook


<ul>
<li>you can use https://requestb.in to get the payload from paddle request simulator</li>

<li>paddle simulator (Webhook Alert Testing) : https://vendors.paddle.com/webhook-alert-test</li></ul>
</li>

<li>Testing result should be like this:


<ul>
<li>valid payload: result: ok , status code 200</li>

<li>else: error: invalid signature , status code 500</li></ul>
</li>

<li>GoTo line 44 to write your business logic</li>
</ol>
`);
});

port = 8080;
app.listen(port, function () {
    console.log('Your app listening to port: ' + port);
});
	/*
	1- Install(using npm): Express, body-parser, php-serialize, crypto
	* npm install --save express body-parser php-serialize crypto
	2- read Paddle docs: https://paddle.com/docs/reference-verifying-webhooks
	3- GoTo line 32 to set your public key, available here: https://vendors.paddle.com/account
	4- Run it
	5- Send post request to http://localhost:8080/paddleWebhook
	* you can use https://requestb.in to get the payload from paddle request simulator
	* paddle simulator (Webhook Alert Testing) : https://vendors.paddle.com/webhook-alert-test
	6- Testing result should be like this:
	* valid payload: result: ok , status code 200
	* else: error: invalid signature , status code 500
	7- GoTo line 44 to write your business logic
	*/

	express = require('express');
	app = express();
	app.use(require('body-parser').urlencoded({extended: true}));
	Serialize = require('php-serialize');
	crypto = require('crypto');

	app.post('/paddleWebhook', function (req, res) {
	let params = req.body;
	let signature = params.p_signature;
	delete params.p_signature;
	let serialize = Serialize.serialize(Object.keys(params).sort().reduce((r, k) => (r[k] = params[k], r), {}));
	let verify = crypto.createVerify('RSA-SHA1');
	verify.write(serialize);
	verify.end();

	// YOUR public key here
	let publicKey = `-----BEGIN PUBLIC KEY-----
	-----END PUBLIC KEY-----`;

	if (!verify.verify(publicKey, signature, 'base64')) {
	// in case of invalid signature return a 500 status code
	res.status(500).send({
	"error": "invalid signature"
	});
	return;
	}

	/*
	* Your Logic
	*/

	// return ok , status code 200
	res.send({result: 'ok'});
	});

	app.get('/', function (req, res) {
	res.status(200).send(`
	<ol>
	<li>Install(using npm): Express, body-parser, php-serialize, crypto


	<ul>
	<li>npm install --save express body-parser php-serialize crypto</li></ul>
	</li>

	<li>read Paddle docs: https://paddle.com/docs/reference-verifying-webhooks</li>

	<li>GoTo line 32 to set your public key, available here: https://vendors.paddle.com/account</li>

	<li>Run it</li>

	<li>Send post request to http://localhost:8080/paddleWebhook


	<ul>
	<li>you can use https://requestb.in to get the payload from paddle request simulator</li>

	<li>paddle simulator (Webhook Alert Testing) : https://vendors.paddle.com/webhook-alert-test</li></ul>
	</li>

	<li>Testing result should be like this:


	<ul>
	<li>valid payload: result: ok , status code 200</li>

	<li>else: error: invalid signature , status code 500</li></ul>
	</li>

	<li>GoTo line 44 to write your business logic</li>
	</ol>
	`);
	});

	port = 8080;
	app.listen(port, function () {
	console.log('Your app listening to port: ' + port);
	});