Skip to content

Instantly share code, notes, and snippets.

@theshaun
Forked from ryansch/hooks_controller.rb
Created March 31, 2016 12:03
Show Gist options
  • Save theshaun/6c151da1d6c4e0370ca742f122d8bcd6 to your computer and use it in GitHub Desktop.
Save theshaun/6c151da1d6c4e0370ca742f122d8bcd6 to your computer and use it in GitHub Desktop.
Rails Controller for Chargify Webhooks with support for HMAC-SHA-256 signatures and all current possible events
class Chargify::HooksController < ApplicationController
protect_from_forgery :except => :dispatch_handler
before_filter :verify, :only => :dispatch_handler
EVENTS = %w[ test signup_success signup_failure renewal_success renewal_failure payment_success payment_failure billing_date_change subscription_state_change subscription_product_change subscription_card_update expiring_card customer_update component_allocation_change metered_usage upcoming_renewal_notice end_of_trial_notice statement_closed statement_settled upgrade_downgrade_success upgrade_downgrade_failure refund_success refund_failure expiration_date_change ].freeze
SHARED_KEY = 'Chargify Shared Key Here'
def dispatch_handler
event = params[:event]
unless EVENTS.include? event
render :nothing => true, :status => 404 and return
end
begin
convert_payload
self.send event
rescue Exception => e
render :nothing => true, :status => 422 and return
end
end
def test
Rails.logger.debug "Chargify Webhook test!"
render :nothing => true, :status => 200
end
def signup_success
render :nothing => true, :status => 200
end
def signup_failure
render :nothing => true, :status => 200
end
def renewal_success
render :nothing => true, :status => 200
end
def renewal_failure
render :nothing => true, :status => 200
end
def payment_success
render :nothing => true, :status => 200
end
def payment_failure
render :nothing => true, :status => 200
end
def billing_date_change
render :nothing => true, :status => 200
end
def subscription_state_change
render :nothing => true, :status => 200
end
def subscription_product_change
render :nothing => true, :status => 200
end
def subscription_card_update
render :nothing => true, :status => 200
end
def expiring_card
render :nothing => true, :status => 200
end
def customer_update
render :nothing => true, :status => 200
end
def component_allocation_change
render :nothing => true, :status => 200
end
def metered_usage
render :nothing => true, :status => 200
end
def upcoming_renewal_notice
render :nothing => true, :status => 200
end
def end_of_trial_notice
render :nothing => true, :status => 200
end
def statement_closed
render :nothing => true, :status => 200
end
def statement_settled
render :nothing => true, :status => 200
end
def upgrade_downgrade_success
render :nothing => true, :status => 200
end
def upgrade_downgrade_failure
render :nothing => true, :status => 200
end
def refund_success
render :nothing => true, :status => 200
end
def refund_failure
render :nothing => true, :status => 200
end
def expiration_date_change
render :nothing => true, :status => 200
end
protected
def verify
if params[:signature_hmac_sha_256].nil?
params[:signature_hmac_sha_256] = request.headers["HTTP_X_CHARGIFY_WEBHOOK_SIGNATURE_HMAC_SHA_256"]
end
unless OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), SHARED_KEY, request.body.read) == params[:signature_hmac_sha_256]
render :nothing => true, :status => :forbidden
end
end
def convert_payload
if params[:payload].has_key? :transaction
@transaction = Chargify::Transaction.new params[:payload][:transaction]
end
if params[:payload].has_key? :subscription
@subscription = Chargify::Subscription.new params[:payload][:subscription]
end
end
end
# route
#map.chargify_hooks '/chargify/hooks', :controller => 'chargify/hooks', :action => "dispatch", :conditions => { :method => :post }
@theshaun
Copy link
Author

Updated to support HMAC_SHA_256 based signatures and full set of events from Chargify webhooks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment