flavioheleno/gist:9767787

## gistfile1.php
<?php

/**
 * Script Setup
 * CLIENT_KEY and API_VERSION can be used for the PHP SDK (https://github.com/veridu/veridu-php).
 * CLIENT_SECRET is used for checking Hook's signature
 *
 * CLIENT_KEY: API Key from https://dashboard.veridu.com
 * CLIENT_SECRET: API Secret from https://dashboard.veridu.com
 * API_VERSION: one of the available versions at https://veridu.com/wiki/Version
 **/
define('CLIENT_KEY', '');
define('CLIENT_SECRET', '');
define('API_VERSION', '');

//Simple signature check based on https://veridu.com/wiki/Introduction#HMAC_Signatures
function checkSignature(array $payload, $signature, $hash) {
	ksort($payload);
	$data = http_build_query($payload, '', '&');
	return $signature === hash_hmac($hash, $data, CLIENT_SECRET);
}

//Hook Handling
switch (strtoupper($_SERVER['REQUEST_METHOD'])) {
	case 'GET':
		//Hook Setup (handshake)
		http_response_code(204);
		break;
	case 'POST':
		//Hook Callback
		if (!isset($_POST['signature'], $_POST['hash'], $_POST['trigger'], $_POST['username'])) {
			//add some type of logging here
			echo 'Invalid hook payload';
			http_response_code(400);
			exit;
		}
		$signature = $_POST['signature'];
		unset($_POST['signature']);
		$hash = $_POST['hash'];
		unset($_POST['hash']);
		if (!checkSignature($_POST, $signature, $hash)) {
			//add some type of logging here
			echo 'Failed to check hook signature';
			//inform Veridu's API about this unhandled (due to an invalid payload signature) hook so it can be logged
			http_response_code(400);
			exit;
		}
		switch ($_POST['trigger']) {
			case 'check.create':
				//handle a check.create trigger
				//more info: https://veridu.com/wiki/Check.create
				//inform Veridu's API about this trigger being handled as expected
				http_response_code(200);
				break;
			case 'check.update':
				//handle a check.update trigger
				//mode info: https://veridu.com/wiki/Check.update
				//inform Veridu's API about this trigger being handled as expected
				http_response_code(200);
				break;
			case 'cpr.create':
				//handle a cpr.create trigger
				//mode info: https://veridu.com/wiki/Cpr.create
				//inform Veridu's API about this trigger being handled as expected
				http_response_code(200);
				break;
			case 'nemid.create':
				//handle a nemid.create trigger
				//more info: https://veridu.com/wiki/Nemid.create
				//inform Veridu's API about this trigger being handled as expected
				http_response_code(200);
				break;
			case 'kba.create':
				//handle a kba.create trigger
				//mode info: https://veridu.com/wiki/Kba.create
				//inform Veridu's API about this trigger being handled as expected
				http_response_code(200);
				break;
			case 'kba.update':
				//handle a kba.update trigger
				//more info: https://veridu.com/wiki/Kba.update
				//inform Veridu's API about this trigger being handled as expected
				http_response_code(200);
				break;
			case 'otp.create':
				//handle a otp.create trigger
				//more info: https://veridu.com/wiki/Otp.create
				//inform Veridu's API about this trigger being handled as expected
				http_response_code(200);
				break;
			case 'otp.update':
				//handle a otp.update trigger
				//more info: https://veridu.com/wiki/Otp.update
				//inform Veridu's API about this trigger being handled as expected
				http_response_code(200);
				break;
			case 'provider.create':
				//handle a provider.create trigger
				//more info: https://veridu.com/wiki/Provider.create
				//inform Veridu's API about this trigger being handled as expected
				http_response_code(200);
				break;
			case 'request.create':
				//handle a request.create trigger
				//more info: https://veridu.com/wiki/Request.create
				//inform Veridu's API about this trigger being handled as expected
				http_response_code(200);
				break;
			case 'request.update':
				//handle a request.update trigger
				//more info: https://veridu.com/wiki/Request.update
				//inform Veridu's API about this trigger being handled as expected
				http_response_code(200);
				break;
			case 'task.change':
				//handle a task.change trigger
				//more info: https://veridu.com/wiki/Task.change
				//inform Veridu's API about this trigger being handled as expected
				http_response_code(200);
				break;
			case 'user.change':
				//handle a user.change trigger
				//more info: https://veridu.com/wiki/User.change
				//inform Veridu's API about this trigger being handled as expected
				http_response_code(200);
				break;
			case 'personal.create':
				//handle a personal.create trigger
				//more info: https://veridu.com/wiki/Personal.create
				//inform Veridu's API about this trigger being handled as expected
				http_response_code(200);
				break;
			case 'personal.update':
				//handle a personal.update trigger
				//more info: https://veridu.com/wiki/Personal.update
				//inform Veridu's API about this trigger being handled as expected
				http_response_code(200);
				break;
			default:
				//add some type of logging here
				echo 'Unhandled trigger';
				//inform Veridu's API about this unhandled (due to an unexpected trigger) hook so it can be logged
				http_response_code(404);
		}
		break;
	default:
		//add some type of logging here
		echo 'Invalid request method';
		http_response_code(400);
}
	<?php

	/**
	* Script Setup
	* CLIENT_KEY and API_VERSION can be used for the PHP SDK (https://github.com/veridu/veridu-php).
	* CLIENT_SECRET is used for checking Hook's signature
	*
	* CLIENT_KEY: API Key from https://dashboard.veridu.com
	* CLIENT_SECRET: API Secret from https://dashboard.veridu.com
	* API_VERSION: one of the available versions at https://veridu.com/wiki/Version
	**/
	define('CLIENT_KEY', '');
	define('CLIENT_SECRET', '');
	define('API_VERSION', '');

	//Simple signature check based on https://veridu.com/wiki/Introduction#HMAC_Signatures
	function checkSignature(array $payload, $signature, $hash) {
	ksort($payload);
	$data = http_build_query($payload, '', '&');
	return $signature === hash_hmac($hash, $data, CLIENT_SECRET);
	}

	//Hook Handling
	switch (strtoupper($_SERVER['REQUEST_METHOD'])) {
	case 'GET':
	//Hook Setup (handshake)
	http_response_code(204);
	break;
	case 'POST':
	//Hook Callback
	if (!isset($_POST['signature'], $_POST['hash'], $_POST['trigger'], $_POST['username'])) {
	//add some type of logging here
	echo 'Invalid hook payload';
	http_response_code(400);
	exit;
	}
	$signature = $_POST['signature'];
	unset($_POST['signature']);
	$hash = $_POST['hash'];
	unset($_POST['hash']);
	if (!checkSignature($_POST, $signature, $hash)) {
	//add some type of logging here
	echo 'Failed to check hook signature';
	//inform Veridu's API about this unhandled (due to an invalid payload signature) hook so it can be logged
	http_response_code(400);
	exit;
	}
	switch ($_POST['trigger']) {
	case 'check.create':
	//handle a check.create trigger
	//more info: https://veridu.com/wiki/Check.create
	//inform Veridu's API about this trigger being handled as expected
	http_response_code(200);
	break;
	case 'check.update':
	//handle a check.update trigger
	//mode info: https://veridu.com/wiki/Check.update
	//inform Veridu's API about this trigger being handled as expected
	http_response_code(200);
	break;
	case 'cpr.create':
	//handle a cpr.create trigger
	//mode info: https://veridu.com/wiki/Cpr.create
	//inform Veridu's API about this trigger being handled as expected
	http_response_code(200);
	break;
	case 'nemid.create':
	//handle a nemid.create trigger
	//more info: https://veridu.com/wiki/Nemid.create
	//inform Veridu's API about this trigger being handled as expected
	http_response_code(200);
	break;
	case 'kba.create':
	//handle a kba.create trigger
	//mode info: https://veridu.com/wiki/Kba.create
	//inform Veridu's API about this trigger being handled as expected
	http_response_code(200);
	break;
	case 'kba.update':
	//handle a kba.update trigger
	//more info: https://veridu.com/wiki/Kba.update
	//inform Veridu's API about this trigger being handled as expected
	http_response_code(200);
	break;
	case 'otp.create':
	//handle a otp.create trigger
	//more info: https://veridu.com/wiki/Otp.create
	//inform Veridu's API about this trigger being handled as expected
	http_response_code(200);
	break;
	case 'otp.update':
	//handle a otp.update trigger
	//more info: https://veridu.com/wiki/Otp.update
	//inform Veridu's API about this trigger being handled as expected
	http_response_code(200);
	break;
	case 'provider.create':
	//handle a provider.create trigger
	//more info: https://veridu.com/wiki/Provider.create
	//inform Veridu's API about this trigger being handled as expected
	http_response_code(200);
	break;
	case 'request.create':
	//handle a request.create trigger
	//more info: https://veridu.com/wiki/Request.create
	//inform Veridu's API about this trigger being handled as expected
	http_response_code(200);
	break;
	case 'request.update':
	//handle a request.update trigger
	//more info: https://veridu.com/wiki/Request.update
	//inform Veridu's API about this trigger being handled as expected
	http_response_code(200);
	break;
	case 'task.change':
	//handle a task.change trigger
	//more info: https://veridu.com/wiki/Task.change
	//inform Veridu's API about this trigger being handled as expected
	http_response_code(200);
	break;
	case 'user.change':
	//handle a user.change trigger
	//more info: https://veridu.com/wiki/User.change
	//inform Veridu's API about this trigger being handled as expected
	http_response_code(200);
	break;
	case 'personal.create':
	//handle a personal.create trigger
	//more info: https://veridu.com/wiki/Personal.create
	//inform Veridu's API about this trigger being handled as expected
	http_response_code(200);
	break;
	case 'personal.update':
	//handle a personal.update trigger
	//more info: https://veridu.com/wiki/Personal.update
	//inform Veridu's API about this trigger being handled as expected
	http_response_code(200);
	break;
	default:
	//add some type of logging here
	echo 'Unhandled trigger';
	//inform Veridu's API about this unhandled (due to an unexpected trigger) hook so it can be logged
	http_response_code(404);
	}
	break;
	default:
	//add some type of logging here
	echo 'Invalid request method';
	http_response_code(400);
	}