Last active
August 29, 2015 13:57
-
-
Save flavioheleno/9767787 to your computer and use it in GitHub Desktop.
Sample Hook Handshake/Callback implementation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Script Setup | |
* CLIENT_KEY and API_VERSION can be used for the PHP SDK (https://github.com/veridu/veridu-php). | |
* CLIENT_SECRET is used for checking Hook's signature | |
* | |
* CLIENT_KEY: API Key from https://dashboard.veridu.com | |
* CLIENT_SECRET: API Secret from https://dashboard.veridu.com | |
* API_VERSION: one of the available versions at https://veridu.com/wiki/Version | |
**/ | |
define('CLIENT_KEY', ''); | |
define('CLIENT_SECRET', ''); | |
define('API_VERSION', ''); | |
//Simple signature check based on https://veridu.com/wiki/Introduction#HMAC_Signatures | |
function checkSignature(array $payload, $signature, $hash) { | |
ksort($payload); | |
$data = http_build_query($payload, '', '&'); | |
return $signature === hash_hmac($hash, $data, CLIENT_SECRET); | |
} | |
//Hook Handling | |
switch (strtoupper($_SERVER['REQUEST_METHOD'])) { | |
case 'GET': | |
//Hook Setup (handshake) | |
http_response_code(204); | |
break; | |
case 'POST': | |
//Hook Callback | |
if (!isset($_POST['signature'], $_POST['hash'], $_POST['trigger'], $_POST['username'])) { | |
//add some type of logging here | |
echo 'Invalid hook payload'; | |
http_response_code(400); | |
exit; | |
} | |
$signature = $_POST['signature']; | |
unset($_POST['signature']); | |
$hash = $_POST['hash']; | |
unset($_POST['hash']); | |
if (!checkSignature($_POST, $signature, $hash)) { | |
//add some type of logging here | |
echo 'Failed to check hook signature'; | |
//inform Veridu's API about this unhandled (due to an invalid payload signature) hook so it can be logged | |
http_response_code(400); | |
exit; | |
} | |
switch ($_POST['trigger']) { | |
case 'check.create': | |
//handle a check.create trigger | |
//more info: https://veridu.com/wiki/Check.create | |
//inform Veridu's API about this trigger being handled as expected | |
http_response_code(200); | |
break; | |
case 'check.update': | |
//handle a check.update trigger | |
//mode info: https://veridu.com/wiki/Check.update | |
//inform Veridu's API about this trigger being handled as expected | |
http_response_code(200); | |
break; | |
case 'cpr.create': | |
//handle a cpr.create trigger | |
//mode info: https://veridu.com/wiki/Cpr.create | |
//inform Veridu's API about this trigger being handled as expected | |
http_response_code(200); | |
break; | |
case 'nemid.create': | |
//handle a nemid.create trigger | |
//more info: https://veridu.com/wiki/Nemid.create | |
//inform Veridu's API about this trigger being handled as expected | |
http_response_code(200); | |
break; | |
case 'kba.create': | |
//handle a kba.create trigger | |
//mode info: https://veridu.com/wiki/Kba.create | |
//inform Veridu's API about this trigger being handled as expected | |
http_response_code(200); | |
break; | |
case 'kba.update': | |
//handle a kba.update trigger | |
//more info: https://veridu.com/wiki/Kba.update | |
//inform Veridu's API about this trigger being handled as expected | |
http_response_code(200); | |
break; | |
case 'otp.create': | |
//handle a otp.create trigger | |
//more info: https://veridu.com/wiki/Otp.create | |
//inform Veridu's API about this trigger being handled as expected | |
http_response_code(200); | |
break; | |
case 'otp.update': | |
//handle a otp.update trigger | |
//more info: https://veridu.com/wiki/Otp.update | |
//inform Veridu's API about this trigger being handled as expected | |
http_response_code(200); | |
break; | |
case 'provider.create': | |
//handle a provider.create trigger | |
//more info: https://veridu.com/wiki/Provider.create | |
//inform Veridu's API about this trigger being handled as expected | |
http_response_code(200); | |
break; | |
case 'request.create': | |
//handle a request.create trigger | |
//more info: https://veridu.com/wiki/Request.create | |
//inform Veridu's API about this trigger being handled as expected | |
http_response_code(200); | |
break; | |
case 'request.update': | |
//handle a request.update trigger | |
//more info: https://veridu.com/wiki/Request.update | |
//inform Veridu's API about this trigger being handled as expected | |
http_response_code(200); | |
break; | |
case 'task.change': | |
//handle a task.change trigger | |
//more info: https://veridu.com/wiki/Task.change | |
//inform Veridu's API about this trigger being handled as expected | |
http_response_code(200); | |
break; | |
case 'user.change': | |
//handle a user.change trigger | |
//more info: https://veridu.com/wiki/User.change | |
//inform Veridu's API about this trigger being handled as expected | |
http_response_code(200); | |
break; | |
case 'personal.create': | |
//handle a personal.create trigger | |
//more info: https://veridu.com/wiki/Personal.create | |
//inform Veridu's API about this trigger being handled as expected | |
http_response_code(200); | |
break; | |
case 'personal.update': | |
//handle a personal.update trigger | |
//more info: https://veridu.com/wiki/Personal.update | |
//inform Veridu's API about this trigger being handled as expected | |
http_response_code(200); | |
break; | |
default: | |
//add some type of logging here | |
echo 'Unhandled trigger'; | |
//inform Veridu's API about this unhandled (due to an unexpected trigger) hook so it can be logged | |
http_response_code(404); | |
} | |
break; | |
default: | |
//add some type of logging here | |
echo 'Invalid request method'; | |
http_response_code(400); | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment