The highest tagged major version is v72.

webhook

package

v70.15.0+incompatible Latest Latest Go to latest Published: Apr 14, 2020 License: MIT Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Capchase/stripe-go

Documentation ¶

Overview ¶

Example ¶

package main

import (
	"fmt"
	"io/ioutil"
	"log"
	"net/http"

	"github.com/stripe/stripe-go/webhook"
)

func main() {
	http.HandleFunc("/webhook", func(w http.ResponseWriter, req *http.Request) {
		// Protects against a malicious client streaming us an endless request
		// body
		const MaxBodyBytes = int64(65536)
		req.Body = http.MaxBytesReader(w, req.Body, MaxBodyBytes)

		body, err := ioutil.ReadAll(req.Body)
		if err != nil {
			w.WriteHeader(http.StatusBadRequest)
			return
		}

		// Pass the request body & Stripe-Signature header to ConstructEvent, along with the webhook signing key
		event, err := webhook.ConstructEvent(body, req.Header.Get("Stripe-Signature"), "whsec_DaLRHCRs35vEXqOE8uTEAXGLGUOnyaFf")

		if err != nil {
			w.WriteHeader(http.StatusBadRequest) // Return a 400 error on a bad signature
			fmt.Fprintf(w, "%v", err)
			return
		}

		fmt.Fprintf(w, "Received signed event: %v", event)
	})
	log.Fatal(http.ListenAndServe(":8080", nil))
}

Output:

Index ¶

Constants
Variables
func ComputeSignature(t time.Time, payload []byte, secret string) []byte
func ConstructEvent(payload []byte, header string, secret string) (stripe.Event, error)
func ConstructEventIgnoringTolerance(payload []byte, header string, secret string) (stripe.Event, error)
func ConstructEventWithTolerance(payload []byte, header string, secret string, tolerance time.Duration) (stripe.Event, error)
func ValidatePayload(payload []byte, header string, secret string) error
func ValidatePayloadIgnoringTolerance(payload []byte, header string, secret string) error
func ValidatePayloadWithTolerance(payload []byte, header string, secret string, tolerance time.Duration) error

Examples ¶

Package

Constants ¶

View Source

const (
	// DefaultTolerance indicates that signatures older than this will be rejected by ConstructEvent.
	DefaultTolerance time.Duration = 300 * time.Second
)

Variables ¶

View Source

var (
	ErrInvalidHeader    = errors.New("webhook has invalid Stripe-Signature header")
	ErrNoValidSignature = errors.New("webhook had no valid signature")
	ErrNotSigned        = errors.New("webhook has no Stripe-Signature header")
	ErrTooOld           = errors.New("timestamp wasn't within tolerance")
)

This block represents the list of errors that could be raised when using the webhook package.

Functions ¶

func ComputeSignature ¶

func ComputeSignature(t time.Time, payload []byte, secret string) []byte

ComputeSignature computes a webhook signature using Stripe's v1 signing method.

See https://stripe.com/docs/webhooks#signatures for more information.

func ConstructEvent ¶

func ConstructEvent(payload []byte, header string, secret string) (stripe.Event, error)

ConstructEvent initializes an Event object from a JSON webhook payload, validating the Stripe-Signature header using the specified signing secret. Returns an error if the body or Stripe-Signature header provided are unreadable, if the signature doesn't match, or if the timestamp for the signature is older than DefaultTolerance.