This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'active_support/core_ext/hash/indifferent_access' | |
def send_admin_notification(changes = previous_changes) | |
case changes | |
in ends_at: [Time, _] | |
:resubscribed | |
in ends_at: [nil, Time] | |
:churned | |
in processor_plan: [nil, String] | |
:subscribed |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$now: | |
timezone: "America/Chicago" | |
format: "MM-DD" | |
$in: | |
- "01-01" # New Years | |
- "12-25" # Christmas | |
# ... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Verify this actually came from our vendor | |
const signature = _.toString(req.headers['x-${BRAND}-signature']); | |
const timestamp = _.toString(req.headers['x-${BRAND}-timestamp']); | |
if(!signature || !timestamp || !_.parseInt(timestamp) || !moment.unix(_.parseInt(timestamp)).isBetween(moment().add(-5, 'm'), moment().add(1, 'm'))){ | |
res.status(httpStatusCodes.BAD_REQUEST).send(); | |
return; | |
} | |
// The initial required fields are there and they are within the time flex range, compute the expected hash | |
const hmac = crypto.createHmac('sha256', config.SIGNING_SECRET); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# A webhook signing algorythim, generally based off slacks https://api.slack.com/authentication/verifying-requests-from-slack | |
# I think I used this as the template: https://github.com/slack-ruby/slack-ruby-client/blob/master/lib/slack/events/request.rb#L51 | |
# sign_and_send is what is being sent by the service providing the outgoing webhook service | |
# verify_and_process is what a recieving server would to to process the incoming webhook, you can also see a nodejs implementation here https://gist.github.com/armiiller/72e4729372036cd43536f4f799dd2b22 | |
BRAND = "acme-inc" # TODO, your brand | |
def sign_and_send | |
# sign the request with the customers auth token | |
# the customers auth token is a shared secret, you can use a has_secure_token on the model |
NewerOlder